Répondre à : Rapport usbfix 2016-09-08T13:11:44+00:00
groownsfeld
Post count: 0

Erreur de ma part, le voici: [spoiler:2962bvg8]~ Rapport de ZHPDiag v2013.10.27.68 – Nicolas Coolman (27/10/2013)
~ Lancé par Lucas (27/10/2013 18:53:12)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
MFIE: Mozilla Firefox 12.0
GCIE: Google Chrome v30.0.1599.101 (Defaut)
OPIE: Opera v12.16
OBIE: Safari v5.34.57.2

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

—\ Logiciels d'optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2 – Français

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4063 MB (41% free)
System Restore: Activé (Enable)
System drive C: has 19 GB (4%) free of 455 GB

—\ Mode de connexion au système
~ Computer Name: VAIO
~ User Name: Lucas
~ All Users Names: Lucas, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d'environnement
~ System Unit : C:
~ %AppZHP% : C:UsersLucasAppDataRoamingZHP
~ %AppData% : C:UsersLucasAppDataRoaming
~ %Desktop% : C:UsersLucasDesktop
~ %Favorites% : C:UsersLucasFavorites
~ %LocalAppData% : C:UsersLucasAppDataLocal
~ %StartMenu% : C:UsersLucasAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 19 Go of 455 Go)
D: Floppy drive, Flash card reader, USB Key (Not Inserted)
E: Floppy drive, Flash card reader, USB Key (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: CD-ROM drive (Not Inserted)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Free 2 Go of 4 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem] EnableLUA: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/09/2013 – 23:55:10.) — C:WindowsSystem32wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 14:25:30.) — C:WindowsSystem32Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 14:27:26.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.314C17917AC8523EC77A710215012A65] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 02:10:19.) — C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 10:19:21.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 10:26:32.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 11:43:43.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 10:23:20.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:45:08.) — C:Windowssystem32Driversntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.20/11/2010 – 11:52:35.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 10:21:56.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 14:34:02.) — C:Windowssystem32Driversvolsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/935
~ Mes musiques (My Musics) : 1/31956
~ Mes Videos (My Videos) : 1/19
~ Mes Favoris (My Favorites) : 1/50
~ Mes Documents (My Documents) : 2/10974
~ Mon Bureau (My Desktop) : 1/1307
~ Menu demarrer (Programs) : 1/53
~ Hidden Files: Scanned in 00mn 27s

—\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamgui.exe [532040] [PID.4480]
[MD5.5AF1E9600E3FF841E522703A4993ED0C] – (.Intel Corporation – Event Monitor User Notification Tool.) — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAAnotif.exe [186904] [PID.4620]
[MD5.D1AE166A53427B55EDDB332099CCCEC3] – (…) — C:Windowsadapter.exe [353847] [PID.4652]
[MD5.23C2FCAA50C4F80F7D1B8A0771D45328] – (.Apple Inc. – iCloud.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe [59720] [PID.4748]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] – (.Apple Inc. – Apple Photostreams Uploader Executable.) — C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe [59720] [PID.4824]
[MD5.E89028D8068170E606AA0996D457AAA3] – (.Intel Corporation – Intel Corporation.) — C:UsersPubliciAStorIcon.exe [85470352] [PID.4884]
[MD5.E89028D8068170E606AA0996D457AAA3] – (.Intel Corporation – Intel Corporation.) — C:UsersLucasAppDataRoamingMicrosoftWindowsStart MenuProgramsStartupjusched.exe [85470352] [PID.4272]
[MD5.47833576F0BEE0AD7B45109982B769BD] – (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleInternet ServicesAPSDaemon.exe [59720] [PID.5540]
[MD5.237A6C6BAAD638608F1B38EDA9E480B6] – (.OpenOffice.org – OpenOffice.org Writer.) — C:Program Files (x86)OpenOffice.org 3programswriter.exe [307200] [PID.1452]
[MD5.11E8D8272FDBE213ADE3DAD91427CE35] – (.OpenOffice.org – OpenOffice.org 3.3.) — C:Program Files (x86)OpenOffice.org 3programsoffice.exe [11322880] [PID.5180]
[MD5.2337EC951C4AF6E1AF65D10BD9615BEB] – (.OpenOffice.org – OpenOffice.org 3.3.) — C:Program Files (x86)OpenOffice.org 3programsoffice.bin [11314688] [PID.5228]
[MD5.D6B7DDB68436F13C3CAE2B92524F1FEC] – (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet ExplorerIEXPLORE.exe [770648] [PID.3036]
[MD5.084D14D1283EC4D78A1D0B8C3D0187DD] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8137728] [PID.4528]
[MD5.6D9FC1E7EA3C548F4D3455F0C3FEEF8C] – (.Adobe Systems Incorporated – Adobe Photoshop Elements 7.0 (component).) — C:Program Files (x86)AdobePhotoshop Elements 7.0PhotoshopElementsFileAgent.exe [169312] [PID.1396]
[MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1608]
[MD5.831883B107684301F48ACE752C963984] – (…) — C:WindowsSysWOW64PnkBstrA.exe [66872] [PID.2068]
[MD5.442A13F395546F4564C377296D43B564] – (.Sony Corporation – VAIO Media plus Database Manager.) — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe [70952] [PID.2188]
[MD5.63F6D08C54D5B3C1B12A6172032055C7] – (.ArcSoft, Inc. – MgiSvr.) — C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe [104960] [PID.2300]
[MD5.D4197CF0C8567046FD4AF28FF47AF528] – (.Sony Corporation – VAIO Event Service (Service Module).) — C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe [204648] [PID.2356]
[MD5.06FE5BEDDADB158D84E6DE33CBE19F3E] – (.Sony Corporation – VAIO Content Folder Watcher.) — C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe [642920] [PID.2428]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] – (.Microsoft Corporation – COM Surrogate.) — C:WindowsSysWOW64DllHost.exe [7168] [PID.2456]
[MD5.34063C0B842E73662067F9B03947C55C] – (.Sony Corporation – VCM Intelligent Analyzing Manager.) — C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe [468264] [PID.2472]
[MD5.D8BEF4AC1EAC809DBDBD441D6CFF6C4C] – (.Sony Corporation – VAIO Entertainment Database Service.) — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe [206336] [PID.2552]
[MD5.A787A567B3470C91C487ECE90CF7509C] – (.Pas de propriétaire – WD File Management Engine.) — C:Program Files (x86)Western DigitalWD SmartwareFront ParlorWDFMEWDFME.exe [1034752] [PID.2684]
[MD5.7CD368DFF5D7D4BA9F8F46F31EA8877D] – (.Sony Corporation – VAIO Event Service(Service Sub Module).) — C:Program Files (x86)SonyVAIO Event ServiceVESMgrSub.exe [112488] [PID.2760]
[MD5.7548066DF68A8A1A56B043359F915F37] – (.Intel Corporation – RAID Monitor.) — C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe [354840] [PID.1228]
[MD5.72B46103E4111439109ACF5882627C24] – (.Sony Corporation – VAIO Media plus Device Searcher.) — C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe [75048] [PID.3176]
[MD5.725B6E9CD1959271AC993DC035E1606D] – (.Sony Corporation – VAIO Media plus Playlist Manager.) — C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe [91432] [PID.3240]
[MD5.98886C88A1CB13D61672AE2C638B7E1C] – (.Sony Corporation – VAIO Media plus Content Importer.) — C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe [120104] [PID.3472]
[MD5.313CE91F1B734E2E02F0F4465B52115A] – (.Sony Corporation – VAIO Entertainment UPnP Client Adapter.) — C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe [313264] [PID.3744]
[MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe [418376] [PID.4184]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe [701512] [PID.4400]
~ Processes Running: Scanned in 00mn 06s

—\ Opera, Plugins,Démarrage,Recherche (P1,B0,B1)
B1 – OSP: search.ini [Lucas] URL=http://www.astroburn-search.com/search?q=%s
B1 – OSP: search.ini [Lucas] URL=http://start.mysearchdial.com/?f=4&q=%s =>Adware.MyWebSearch
~ Opera Browser: 13 Legitimates Filtered in 00mn 00s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersLucasAppDataLocalGoogleChromeUser DataDefaultPreferences
~ Google Browser: 6 Legitimates Filtered in 00mn 08s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:UsersLucasAppDataRoamingMozillaFirefoxProfilesys6h2fs0.defaultprefs.js
M3 – MFPP: Plugins – [Lucas] — C:UsersLucasAppDataRoamingMozillaFirefoxProfilesys6h2fs0.defaultsearchpluginsabsearch-search.xml
M2 – MFEP: prefs.js [Lucas – ys6h2fs0.defaultjid1-yZwVFzbsyfMrqQ@jetpack] [] Lavasoft Search Plugin v0.6 (..)
~ Firefox Browser: 25 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 17

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: (no name) [64Bits] – [HKLM]{EFEED92A-A33D-4873-BA8F-32BAA631E54D} Clé orpheline
O3 – ToolbarWebBrowser: (no name) [64Bits] – [HKCU]{EF79F67A-6AD7-4715-A0F8-932FCA442023} Clé orpheline
O3 – ToolbarWebBrowser: (no name) [64Bits] – [HKCU]{EFEED92A-A33D-4873-BA8F-32BAA631E54D} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: Astroburn Lite.lnk . (.DT Soft Ltd – Astroburn Lite.) — C:Program Files (x86)Astroburn LiteAstroburnLite.exe
O4 – GSDesktop [Public]: Opera.lnk . (.Opera Software – Opera Internet Browser.) — C:Program Files (x86)Operaopera.exe
O4 – GSDesktop [Public]: Safari.lnk . (…) — C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
O4 – GSProgram [Public]: Click to Disc Editor.lnk . (.Sony Corporation – ctdEditor.) — C:Program Files (x86)SonyClick to Disc EditorctdEditor.exe
O4 – GSProgram [Public]: Click to Disc.lnk . (.Sony Corporation – AutoModeEntrance.) — C:Program Files (x86)SonyVAIO VP UtilitiesVCAutoModeEntrance.exe
O4 – GSProgram [Public]: Dolby Control Center.lnk . (…) — C:WindowsInstaller{D035FBF6-FDEF-487D-89CA-6F9DD07B783F}_DF30B6672BAD027FB62666.exe
O4 – GSProgram [Public]: Installation du Contrôle Parental.lnk . (.InstallShield Software Corporation – InstallShield (R) Setup Launcher.) — C:Program Files (x86)SecuritooControle ParentalControle_parental.exe
O4 – GSProgram [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O4 – GSProgram [Public]: Nerf.lnk . (.studioP – Nerf (version avec commentaires).) — C:Program Files (x86)NerfnerfC.exe
O4 – GSProgram [Public]: Opera.lnk . (.Opera Software – Opera Internet Browser.) — C:Program Files (x86)Operaopera.exe
O4 – GSProgram [Public]: Safari.lnk . (…) — C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
O4 – GSQuickLaunch [Lucas]: Apple Safari.lnk . (…) — C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
O4 – GSQuickLaunch [Lucas]: BitTorrent.lnk . (.BitTorrent Inc. – BitTorrent.) — C:UsersLucasAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
O4 – GSQuickLaunch [Lucas]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Lucas]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSQuickLaunch [Lucas]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O4 – GSQuickLaunch [Lucas]: PartyPoker.fr.lnk . (…) — C:ProgramsPartyFrancePartyFrance.exe (.not file.)
O4 – GSTaskBar [Lucas]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSTaskBar [Lucas]: Opera.lnk . (.Opera Software – Opera Internet Browser.) — C:Program Files (x86)Operaopera.exe
O4 – GSProgram [Lucas]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSSystemTools [Lucas]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSDesktop [Lucas]: BitTorrent.lnk . (.BitTorrent Inc. – BitTorrent.) — C:UsersLucasAppDataRoamingBitTorrentBitTorrent.exe =>P2P.BitTorrent
O4 – GSDesktop [Lucas]: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersLucasAppDataRoamingDropboxbinDropbox.exe
O4 – GSDesktop [Lucas]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSDesktop [Lucas]: MediaCoder iPod Edition.lnk . (.Broad Intelligence – MediaCoder.) — C:Program Files (x86)MediaCoder iPod Editionmediacoder.exe
O4 – GSDesktop [Lucas]: RegCleaner.lnk . (…) — C:Program Files (x86)RegCleanerRegCleanr.exe
O4 – GSDesktop [Lucas]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe https://www.sosvirus.net” onclick=”window.open(this.href);return false;
O4 – GSDesktop [Lucas]: SosVirus sur Facebook.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe http://www.facebook.com” onclick=”window.open(this.href);return false;
~ Global Startup: 104 Legitimates Filtered in 00mn 03s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSStartup [Lucas]: 5z1z.lnk . (.Intel Corporation – Intel Corporation.) — C:UsersPubliciAStorIcon.exe
O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – HD Audio Control Panel.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [Skytel] . (.Realtek Semiconductor Corp. – Realtek Voice Manager.) — C:Program FilesRealtekAudioHDASkytel.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [NvCplDaemon] . (.NVIDIA Corporation – NVIDIA Display Properties Extension.) — C:Windowssystem32NvCpl.dll =>.NVIDIA Corporation
O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
O4 – HKLM..Run: [IAAnotif] . (.Intel Corporation – Event Monitor User Notification Tool.) — C:Program Files (x86)IntelIntel Matrix Storage Manageriaanotif.exe
O4 – HKLM..Run: [iTunesHelper] . (.Microsoft Corporation – Microsoft ® Windows Based Script Host.) — C:WindowsSystem32wscript.exe
O4 – HKCU..Run: [adapter] . (…) — C:Windowsadapter.exe
O4 – HKCU..Run: [iCloudServices] . (.Apple Inc. – iCloud.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
O4 – HKCU..Run: [ApplePhotoStreams] . (.Apple Inc. – Apple Photostreams Uploader Executable.) — C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
O4 – HKCU..Run: [8jusched] . (.Intel Corporation – Intel Corporation.) — C:UsersLucasAppDataRoamingPublicjusched.exe
O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Wow6432NodeRun: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program Files (x86)QuickTimeQTTask.exe
O4 – HKLM..Wow6432NodeRun: [jusched7] . (.Intel Corporation – Intel Corporation.) — C:UsersLucasAppDataRoamingPublicjusched.exe
O4 – HKLM..policiesExplorerRun: [37364] C:PROGRA~3LOCALS~1Tempmscuiu.exe (.not file.)
O4 – HKCU..policiesExplorerRun: [jusched9] . (.Intel Corporation – Intel Corporation.) — C:UsersLucasAppDataRoamingPublicjusched.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2381913200-3018708405-1333756505-1000..Run: [adapter] . (…) — C:Windowsadapter.exe
O4 – HKUSS-1-5-21-2381913200-3018708405-1333756505-1000..Run: [iCloudServices] . (.Apple Inc. – iCloud.) — C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe
O4 – HKUSS-1-5-21-2381913200-3018708405-1333756505-1000..Run: [ApplePhotoStreams] . (.Apple Inc. – Apple Photostreams Uploader Executable.) — C:Program Files (x86)Common FilesAppleInternet ServicesApplePhotoStreams.exe
O4 – HKUSS-1-5-21-2381913200-3018708405-1333756505-1000..Run: [8jusched] . (.Intel Corporation – Intel Corporation.) — C:UsersLucasAppDataRoamingPublicjusched.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 – Extra button: @C:Program FilesWIDCOMMBluetooth Softwarebtrez.dll,-12650 [64Bits] – {CCA281CA-C863-46ef-9331-5C8D4460577F} . (…) — C:Program FilesWIDCOMMBluetooth Softwarebt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{145BE677-2E36-44BF-B092-52AACB9B8504}: DhcpNameServer = 62.201.142.102
O17 – HKLMSystemCCSServicesTcpip..{3E20B541-6D19-439E-BCAA-21986777F650}: DhcpNameServer = 62.201.129.202 62.201.129.203
O17 – HKLMSystemCCSServicesTcpip..{578A9BB9-3BCA-44D7-8FAA-BEA8EE7D5FFC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 – HKLMSystemCCSServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCCSServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpDomain = lan
O17 – HKLMSystemCS1ServicesTcpip..{145BE677-2E36-44BF-B092-52AACB9B8504}: DhcpNameServer = 62.201.142.102
O17 – HKLMSystemCS1ServicesTcpip..{3E20B541-6D19-439E-BCAA-21986777F650}: DhcpNameServer = 62.201.129.202 62.201.129.203
O17 – HKLMSystemCS1ServicesTcpip..{578A9BB9-3BCA-44D7-8FAA-BEA8EE7D5FFC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCS1ServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpDomain = lan
O17 – HKLMSystemCS2ServicesTcpip..{145BE677-2E36-44BF-B092-52AACB9B8504}: DhcpNameServer = 62.201.142.102
O17 – HKLMSystemCS2ServicesTcpip..{3E20B541-6D19-439E-BCAA-21986777F650}: DhcpNameServer = 62.201.129.202 62.201.129.203
O17 – HKLMSystemCS2ServicesTcpip..{578A9BB9-3BCA-44D7-8FAA-BEA8EE7D5FFC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpNameServer = 192.168.1.254
O17 – HKLMSystemCS2ServicesTcpip..{884C8AAB-6FBC-4045-8586-16AC978A3177}: DhcpDomain = lan
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlmailhtml [64Bits] – {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Tâches planifiées en automatique (O39)
O39 – APT:Automatic Planified Task – C:WindowsTasksDMEPeriodicTask.job [312]
[MD5.00000000000000000000000000000000] [APT] [{06924568-028C-4A89-B1E2-AFA7F26231BA}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{095BADCC-B05C-4916-818E-E301CD65906D}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{097F1524-453B-4A15-B8BE-6FCFDE384470}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{15060F2D-7848-4AE6-BE64-DC81A5793F28}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{15856E54-D16A-435A-BFA7-9CE8E8FFA90F}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{1B05568A-5B14-4F63-B4CD-C0E885D89C8E}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{2F26486B-AC12-480E-B456-6C6BC0E72991}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{3E95CAFE-BC19-4BE0-9FCF-7049787B2F8E}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{55A51F8A-7CDD-4300-B00C-189309D0327D}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{57A210FB-771E-4115-A28B-A5C98AAA7625}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{5C96A891-EF38-493A-8372-232ADB10C7BA}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{646B2996-F75C-47DA-99AC-4FB351345A88}] (…) — F:setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6744F725-5A39-48A9-BC64-44CBCE3FBCF5}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{693B4173-D1A2-4351-88E0-EF61F889CC21}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{724D6EB8-4CD8-481B-AAF4-C305FE597B96}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{7B20C59B-8C27-43A8-AF50-9A5891E129BB}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{8141494F-DBA0-418A-8C94-AC3706C0EECC}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{8A2BD78E-99CC-4CDF-9F4E-47A2636E90C2}] (…) — C:UsersLucasDesktopRegCleaner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9A1664D6-5B9F-484E-B04B-0D8E0677F085}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{AC2E3301-6C11-47E7-9C54-0FD15FE3E050}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{BB697069-36FB-4FC7-855B-809A47597113}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{C2D8B57B-CB3D-4A5C-B60D-A3F41F0D20B2}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{C4782DDD-7AED-40CB-8300-259553868E30}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{C493C542-3B13-4AA7-9AA8-AD06233F4879}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{D10C5DB9-1941-495F-8AFC-8F1BD63C199E}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{E63BB57A-576C-4454-A8C8-225A996C33E6}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{EE8FAA9D-9ECB-45C9-A443-CFDA8BFD7056}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
[MD5.00000000000000000000000000000000] [APT] [{F7EA5910-2B1D-4A61-B578-869639B458D8}] (…) — G:ProgrammesBitTorrent-6.3c.exe (.not file.) [0] =>P2P.BitTorrent
~ Scheduled Task: 44 Legitimates Filtered in 00mn 04s

—\ Logiciels installés (O42)
O42 – Logiciel: Eufloria – (…) [HKLM][64Bits] — Steam App 41210
O42 – Logiciel: Mini Ninjas – Demo – (.IO Interactive.) [HKLM][64Bits] — Steam App 35050
O42 – Logiciel: Nerf version 2.0.0.C – (…) [HKLM][64Bits] — Codage du message nerveux_is1
O42 – Logiciel: Nuclear Coffee – VideoGet – (.Nuclear Coffee.) [HKLM][64Bits] — VideoGet_is1
~ Logic: 179 Legitimates Filtered in 00mn 01s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareNuclear Coffee]
[HKCUSoftwarePartyFrance]
[HKCUSoftwareTotem]
[HKCUSoftwareÀ classé]
[HKLMSoftwareWow6432NodeDicomWorks]
[HKLMSoftwareWow6432NodeNuclear Coffee]
[HKLMSoftwareWow6432NodejSugLyCC]
[HKLMSoftwarejSugLyCC]
~ Key Software: 292 Legitimates Filtered in 00mn 01s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 27/10/2013 – 16:16:31 – [0,002] —-D C:Program Files (x86)DicomWorks
O43 – CFD: 18/09/2010 – 12:53:08 – [2,491] —-D C:Program Files (x86)Nerf
O43 – CFD: 14/03/2010 – 19:03:30 – [40,195] —-D C:Program Files (x86)Nuclear Coffee
O43 – CFD: 11/02/2010 – 13:28:23 – [1098,722] —-D C:Program Files (x86)Soldier of Fortune II – Double Helix
O43 – CFD: 27/10/2013 – 18:24:32 – [0,004] –H-D C:UsersLucasAppDataRoamingD48191F4
O43 – CFD: 15/10/2010 – 18:34:56 – [0,396] —-D C:UsersLucasAppDataRoamingLumen
O43 – CFD: 27/10/2013 – 18:12:59 – [81,511] —-D C:UsersLucasAppDataRoamingPublic
O43 – CFD: 20/03/2013 – 18:28:51 – [0,032] —-D C:UsersLucasAppDataRoamingwam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 – CFD: 15/10/2010 – 18:37:31 – [0] —-D C:UsersLucasAppDataLocal._Revolution_
O43 – CFD: 14/10/2013 – 08:36:53 – [0,877] —-D C:UsersLucasAppDataLocal1A62F342-73E8-4C21-A008-7954B7852C7E.aplzod
O43 – CFD: 03/10/2010 – 16:33:18 – [0] —-D C:UsersLucasAppDataRoamingMicrosoftWindowsStart MenuProgramsPartyPoker.fr
~ 136 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 408 Legitimates Filtered in 00mn 50s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.4BF30D0522594A29026DA744D1996BD0] – 27/10/2013 – 16:52:26


. (…) — C:UsbFix [Scan 1] VAIO.txt [13784]
O44 – LFC:[MD5.4BFEEEF6B0DD8F523C4BE04A5A820680] – 27/10/2013 – 17:04:53 —A- . (…) — C:UsbFix [Clean 1] VAIO.txt [12586]
~ Files: 24 Legitimates Filtered in 00mn 02s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.090A2F8516E2C523DA220FEF13B5597F] – 12/10/2013 – 15:49:18 —A- – C:WindowsPrefetchUTT3A8B.TMP.EXE-CC0BFBE8.pf
O45 – LFCP:[MD5.66187024CD7AAA977B25753917FE826B] – 12/10/2013 – 15:49:59 —A- – C:WindowsPrefetchUTT15AE.TMP.EXE-1C4AD986.pf
O45 – LFCP:[MD5.0E3268D769E6EB8D5BFD8053B4701B13] – 12/10/2013 – 15:50:01 —A- – C:WindowsPrefetchNSB1DD8.EXE-284B1E4A.pf
O45 – LFCP:[MD5.8D466283FBB09762015A3701FDBF3E95] – 12/10/2013 – 15:50:18 —A- – C:WindowsPrefetchNSC296D.EXE-A7209F3B.pf
O45 – LFCP:[MD5.E9307D900BC7FF79F2078C0980B73614] – 12/10/2013 – 15:51:19 —A- – C:WindowsPrefetchNSH2B05.EXE-E2767F58.pf
O45 – LFCP:[MD5.70F6828539AB6A825F0FED46AC2C351F] – 12/10/2013 – 15:51:19 —A- – C:WindowsPrefetchNSH364C.EXE-519A9383.pf
O45 – LFCP:[MD5.76DA36F20E0EED2027A1CBEA138E9189] – 12/10/2013 – 15:51:19 —A- – C:WindowsPrefetchNSS279B.EXE-2561EDCE.pf
O45 – LFCP:[MD5.CC1D063B0992BED4672564B4418D2D85] – 12/10/2013 – 15:51:27 —A- – C:WindowsPrefetchCLTMNG.EXE-67B8F8A7.pf
O45 – LFCP:[MD5.3CFB672D6B6FE2F53A8724A62DED1C5A] – 12/10/2013 – 15:51:27 —A- – C:WindowsPrefetchCLTMNGUI.EXE-E74F72C8.pf
O45 – LFCP:[MD5.8FA2EFA255568709BF74E9A89ECEDA63] – 12/10/2013 – 15:51:43 —A- – C:WindowsPrefetchNSSBF5A.EXE-7588F940.pf
O45 – LFCP:[MD5.731AD4760FCC62298AAB2F4723BF7138] – 12/10/2013 – 15:51:44 —A- – C:WindowsPrefetchNSSC747.EXE-9668AD23.pf
O45 – LFCP:[MD5.C54A40F5ACBE0E36050A21BCBED19710] – 12/10/2013 – 15:51:44 —A- – C:WindowsPrefetchNSXCE1B.EXE-7DC89E82.pf
O45 – LFCP:[MD5.1E4667CC19F9B958208E242D92E62D86] – 12/10/2013 – 16:07:40 —A- – C:WindowsPrefetchTU_RMDIR.EXE-59985335.pf
O45 – LFCP:[MD5.87CC610182E9193A0DD93E0B12FC1C96] – 12/10/2013 – 16:24:14 —A- – C:WindowsPrefetchSYSLOG.EXE-FBEE0F3C.pf
O45 – LFCP:[MD5.8A50CF9705021D6E114C1078B1E4D546] – 12/10/2013 – 16:24:32 —A- – C:WindowsPrefetchKILLDIR.EXE-4EF1286E.pf
O45 – LFCP:[MD5.711F1E57C75A96C09BD04A1A15FF23ED] – 12/10/2013 – 16:24:34 —A- – C:WindowsPrefetchTU_CLEARSTATE.EXE-AFF6C1AF.pf
O45 – LFCP:[MD5.FDFDCA7C202C4CE46DBA34EE2C5531BF] – 12/10/2013 – 16:24:41 —A- – C:WindowsPrefetchLATESTDLMGR.EXE-2FEC99AA.pf =>Adware.OpenCandy
O45 – LFCP:[MD5.7D943866EA0817819E20C4DF709208EB] – 12/10/2013 – 16:24:59 —A- – C:WindowsPrefetchTU_PREFS.EXE-3FFBD38F.pf
O45 – LFCP:[MD5.DF36E68F76A3438CE517C6739FC1CE42] – 12/10/2013 – 16:25:00 —A- – C:WindowsPrefetchHIDE.EXE-384945B1.pf
O45 – LFCP:[MD5.EA6352F5723E887ACD47C140EADF1923] – 12/10/2013 – 16:25:01 —A- – C:WindowsPrefetchALL_ACCESS.EXE-0019D471.pf
O45 – LFCP:[MD5.E2D88F2F126F7BCDC8195B77887B560C] – 12/10/2013 – 16:25:17 —A- – C:WindowsPrefetchTU_RAD.EXE-DFC393BA.pf
O45 – LFCP:[MD5.50A7AD2513865FA1BD7290DC1B1B6606] – 12/10/2013 – 17:34:04 —A- – C:WindowsPrefetchNSX7B3B.EXE-B5F4F641.pf
O45 – LFCP:[MD5.A9B11554E7F27BC171A7786C29B87423] – 12/10/2013 – 17:34:14 —A- – C:WindowsPrefetchCLTMNGSVC.EXE-DB1AC051.pf
O45 – LFCP:[MD5.59F2A2480FEE5360548996EE896E4539] – 13/10/2013 – 15:44:09 —A- – C:WindowsPrefetchICLOUD.EXE-907CF11D.pf
O45 – LFCP:[MD5.4C5FBAAB5A83CF9F19305B80894DFE89] – 21/10/2013 – 19:38:33 —A- – C:WindowsPrefetchNODE.EXE-89050794.pf
O45 – LFCP:[MD5.568EBE6ECFC0C35271AD69592FC667B9] – 22/10/2013 – 20:03:57 —A- – C:WindowsPrefetchLOGROTATE.EXE-420D9660.pf
O45 – LFCP:[MD5.15C88B5E15892D8700B1F1BDCEB6464F] – 22/10/2013 – 20:04:10 —A- – C:WindowsPrefetchJSONRPCBROKER.EXE-6CED2B67.pf
O45 – LFCP:[MD5.472A0515ACE5BF925995C301D12A6042] – 23/10/2013 – 06:34:44 —A- – C:WindowsPrefetchVCSW.EXE-5899050E.pf
O45 – LFCP:[MD5.C743D064CA802286E7E701C0669D1E0C] – 25/10/2013 – 11:41:14 —A- – C:WindowsPrefetchSETUPADMIN.EXE-AE0501A8.pf
O45 – LFCP:[MD5.4AEF978C7D18BE0771FB139DA0F835BA] – 25/10/2013 – 11:47:14 —A- – C:WindowsPrefetchBITTORRENT.EXE-7EBE59A4.pf =>P2P.BitTorrent
O45 – LFCP:[MD5.0CE60A081219B76EB879D10BB818C8FC] – 25/10/2013 – 11:49:14 —A- – C:WindowsPrefetchDIFXINST64.EXE-1F7CE36D.pf
O45 – LFCP:[MD5.32ED6B0724EC330F9C52DB432D6E8BCF] – 27/10/2013 – 16:23:17 —A- – C:WindowsPrefetchVDAU.EXE-0151EFFE.pf
O45 – LFCP:[MD5.9D3D30096A013D93A678C07807D24631] – 27/10/2013 – 16:35:49 —A- – C:WindowsPrefetchROXIOUPNPSERVICE10.EXE-F36925CD.pf
O45 – LFCP:[MD5.BB7041472816B00AE1CB63803AEE59FA] – 27/10/2013 – 18:22:31 —A- – C:WindowsPrefetchGETPOPUPINFO.EXE-B860C564.pf
~ Prefetcher: 142 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 – SMSR:HKLM…startupregInternet Download Accelerator [Key] . (…) — C:Program Files (x86)IDAida.exe (.not file.)
~ SMSR Keys: 18 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
~ MWPE Keys: 7 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] – 14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
~ Drivers: 18 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediacookies.sqlite-shm [32768]
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediacookies.sqlite-wal [524704]
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediaparent.lock [0]
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediaplaces.sqlite [10485760]
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediaplaces.sqlite-shm [32768]
O61 – LFC: 26/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingMozillaTuneUpMediaplaces.sqlite-wal [787040]
O61 – LFC: 26/10/2013 – 18:55:43 R–A- . (…) — C:UsersLucasDownloadsWarm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9Warm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9.nfo [614]
O61 – LFC: 26/10/2013 – 18:55:43 R–A- . (…) — C:UsersLucasDownloadsWarm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9Warm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9Warm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9.iso [8108191744]
O61 – LFC: 26/10/2013 – 18:55:43 R–A- . (…) — C:UsersLucasDownloadsWarm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9Warm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9Warm Bodies (2013) DD5.1 Fr NL Subs PAL DVDR9.mds [4314]
O61 – LFC: 27/10/2013 – 18:55:25 —A- . (…) — C:UsersLucasAppDataLocalGDIPFONTCACHEV1.DAT [128440]
O61 – LFC: 27/10/2013 – 18:55:29 —A- . (…) — C:UsersLucasAppDataLocalGoogleChromeUser DataLocal State [43452]
O61 – LFC: 27/10/2013 – 18:55:36 —A- . (…) — C:UsersLucasAppDataRoamingMedia Player Classicdefault.mpcpl [106]
O61 – LFC: 27/10/2013 – 18:55:36 –H– . (…) — C:UsersLucasAppDataRoamingD48191F427-10-2013 [3692]
O61 – LFC: 27/10/2013 – 18:55:36 –H– . (…) — C:UsersLucasAppDataRoamingLucas-wchelper.dll [154283]
O61 – LFC: 27/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingZHPLog.txt [18187] =>.Nicolas Coolman
O61 – LFC: 27/10/2013 – 18:55:37 —A- . (…) — C:UsersLucasAppDataRoamingZHPTestsZHPDiag.txt [2858] =>.Nicolas Coolman
O61 – LFC: 27/10/2013 – 18:55:44 —A- . (…) — C:UsersLucasLinksPhotos iCloud.lnk [160]
~ 33 Fichiers temporaires (Temporary files)
~ Files: 379 Legitimates Filtered in 00mn 30s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.)” onclick=”window.open(this.href);return false; [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program Files (x86)Mozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Opera Software – Opera Internet Browser.) — C:Program Files (x86)OperaOpera.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Apple Inc. – Safari.) — C:Program Files (x86)SafariSafari.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {1BA9D07A-1FDB-4C68-81F3-BA1735A92E23} [DefaultScope] – (Google) – http://www.google.fr” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:UsersLucasAppDataRoamingBitTorrentAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-Deantjah.rar.1.torrent =>P2P.BitTorrent
C:UsersLucasAppDataRoamingBitTorrentAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-Deantjah.rar.torrent =>P2P.BitTorrent
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenBattlefield_2_keygen.exe
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenBF2.exe
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenFichiers OriginauxBF2 – Original.exe
C:UsersLucasDocumentsJeuxCall of Duty4-Razor1911+Keygen and Crackiw3sp.exe
C:UsersLucasDownloadsAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-DeantjahAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-DeantjahKeygenembrace.rar
C:UsersLucasAppDataRoamingBitTorrentAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-Deantjah.rar.1.torrent =>P2P.BitTorrent
C:UsersLucasAppDataRoamingBitTorrentAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-Deantjah.rar.torrent =>P2P.BitTorrent
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenBattlefield_2_keygen.exe
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenBF2.exe
C:UsersLucasDocumentsJeuxBattlefield 2A Crack & KeygenFichiers OriginauxBF2 – Original.exe
C:UsersLucasDocumentsJeuxCall of Duty4-Razor1911+Keygen and Crackiw3sp.exe
C:UsersLucasDownloadsAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-DeantjahAdobe.Photoshop.CS5.Extended.v12.Keygen.Only.EMBRACE-DeantjahKeygenembrace.rar
~ Files: Scanned in 00mn 36s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnsh2B05.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnsh364C.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnss279B.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnssBF5A.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnssC747.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnsx7B3B.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit – SP Usage Sender.) — C:UsersLucasAppDataLocalTempnsxCE1B.exe [167812] =>Toolbar.Conduit
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][19/10/2013] (…) — C:UsersLucasAppDataLocalTempQuarantine.exe [344355]
[MD5.617E5F409B524E69A8892D7DA516DB64] [SPRF][24/05/2013] (…) — C:UsersLucasAppDataLocalTemputt4B72.tmp.bat [95]
[MD5.4D6AD791776F16834671898E31796C0A] [SPRF][22/04/2013] (…) — C:UsersLucasAppDataLocalTemputt57E2.tmp.bat [95]
[MD5.7ECE1BEF537B32F34B18012DB14501E0] [SPRF][12/10/2013] (…) — C:UsersLucasAppDataLocalTemputt7BFD.tmp.bat [95]
[MD5.CF43D0F929AE3335692D014F4DF05E6D] [SPRF][27/10/2013] (…) — C:UsersLucasAppDataRoamingLucas-wchelper.dll [154283]
[MD5.AC1318D2E9FE1BC78EEC4EC308B15E9E] [SPRF][18/04/2010] (…) — C:UsersLucasAppDataRoamingwklnhst.dat [190]
[MD5.30FADBA93E9430A63F19DA9935DE4369] [SPRF][14/02/2010] (.Gabest – Media Player Classic.) — C:UsersLucasDesktopmplayerc.exe [4411392]
~ Files: 17 Legitimates Filtered in 00mn 00s

—\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 – FAEL: “{D3544EBE-D088-4DE0-882C-38C6C613622F}” |In – Public – P6 – TRUE | .(…) — C:Program Files (x86)adawaretbdtUser.exe (.not file.) =>Toolbar.Adaware
O87 – FAEL: “{9EABBF6E-3556-4823-A34E-8E60DDB44B88}” |In – Public – P17 – TRUE | .(…) — C:Program Files (x86)adawaretbdtUser.exe (.not file.) =>Toolbar.Adaware
~ Firewall: 181 Legitimates Filtered in 00mn 00s

—\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 – MNS: Photos iCloud – {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A41930FA9C4EC2090BEC28131EEEA1C4] [WIS][17/10/2010] (.Mobipocket.com – eBook Reader.) — C:WindowsInstaller1ada703.msi [5606400]
[MD5.EC37C69FC4DB82A4070EB540177852C6] [WIS][07/04/2010] (.Adobe – Blank Project Template.) — C:WindowsInstallerad18e.msi [9998336]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][13/05/2009] (.Builds the Destinations MSI – Builds the Destinations MSI.) — C:WindowsInstallerb9a68.msi [459264]
~ WIS: 166 Legitimates Filtered in 00mn 25s

—\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) – C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
SR – | Auto 08/12/2008 169312 | (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) – C:Program Files (x86)AdobePhotoshop Elements 7.0PhotoshopElementsFileAgent.exe
SS – | Demand 10/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SR – | Auto 01/07/2009 864032 | (btwdins) . (.Broadcom Corporation..) – C:Program FilesWIDCOMMBluetooth Softwarebtwdins.exe
SS – | Demand 08/09/2009 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) – C:Program Files (x86)Common FilesMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
SS – | Auto 11/12/2007 65536 | C:Program Files (x86)COMMON~1France TelecomShared ModulesFTRTSVCFTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) – C:Program Files (x86)Common FilesFrance TelecomShared ModulesFTRTSVCFTRTSVC.exe
SS – | Auto 09/09/2010 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 09/09/2010 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SR – | Demand 14/07/2009 27136 | C:Program Files (x86)HPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)HPDigital Imagingbinhpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)HPDigital ImagingbinHPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) – C:WindowsSystem32svchost.exe
SR – | Auto 04/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel Matrix Storage ManagerIAANTMon.exe
SS – | Demand 23/10/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes' Anti-Malwarembamscheduler.exe
SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes' Anti-Malwarembamservice.exe
SS – | Demand 14/07/2012 129976 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe
SR – | Auto 14/07/2009 27136 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SS – | Demand 10/07/1658 0 | (npggsvc) . (.INCA Internet Co., Ltd..) – C:Windowssystem32GameMon.des
SR – | Auto 29/07/2009 382496 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
SR – | Auto 14/07/2009 27136 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (PnkBstrA) . (…) – C:Windowssystem32PnkBstrA.exe
SS – | Demand 26/06/2009 313840 | (Roxio UPnP Renderer 10) . (.Sonic Solutions.) – C:Program Files (x86)RoxioDigital Home 10RoxioUPnPRenderer10.exe
SS – | Auto 26/06/2009 362992 | (Roxio Upnp Server 10) . (.Sonic Solutions.) – C:Program Files (x86)RoxioDigital Home 10RoxioUpnpService10.exe
SS – | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
SR – | Auto 27/07/2009 120104 | (SOHCImp) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedSOHLibSOHCImp.exe
SR – | Auto 27/07/2009 70952 | (SOHDBSvr) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedSOHLibSOHDBSvr.exe
SS – | Auto 27/07/2009 427304 | (SOHDms) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedSOHLibSOHDms.exe
SR – | Auto 27/07/2009 75048 | (SOHDs) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedSOHLibSOHDs.exe
SR – | Auto 27/07/2009 91432 | (SOHPlMgr) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedSOHLibSOHPlMgr.exe
SS – | Demand 04/05/2013 543656 | (Steam Client Service) . (.Valve Corporation.) – C:Program Files (x86)Common FilesSteamSteamService.exe
SS – | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe
SR – | Auto 18/09/2008 104960 | (uCamMonitor) . (.ArcSoft, Inc..) – C:Program Files (x86)ArcSoftMagic-i Visual Effects 2uCamMonitor.exe
SS – | Demand 23/07/2009 69632 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzHardwareResourceManagerVzHardwareResourceManagerVzHardwareResourceManager.exe
SR – | Auto 01/07/2009 204648 | (VAIO Event Service) . (.Sony Corporation.) – C:Program Files (x86)SonyVAIO Event ServiceVESMgr.exe
SR – | Auto 16/07/2009 411496 | (VAIO Power Management) . (.Sony Corporation.) – C:Program FilesSonyVAIO Power ManagementSPMService.exe
SR – | Auto 22/07/2009 642920 | (VCFw) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedVAIO Content Folder WatcherVCFw.exe
SR – | Auto 26/06/2009 468264 | (VcmIAlzMgr) . (.Sony Corporation.) – C:Program FilesSonyVCM Intelligent Analyzing ManagerVcmIAlzMgr.exe
SS – | Demand 26/06/2009 357672 | (VcmINSMgr) . (.Sony Corporation.) – C:Program FilesSonyVCM Intelligent Network Service ManagerVcmINSMgr.exe
SS – | Demand 17/06/2009 110888 | (VcmXmlIfHelper) . (.Sony Corporation.) – C:Program FilesCommon FilesSony SharedVcmXmlVcmXmlIfHelper64.exe
SR – | Demand 23/07/2009 313264 | (Vcsw) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe
SR – | Auto 12/08/2009 522240 | (VSNService) . (.Sony Corporation.) – C:Program FilesSonyVAIO Smart NetworkVSNService.exe
SR – | Auto 23/07/2009 206336 | (VzCdbSvc) . (.Sony Corporation.) – C:Program Files (x86)Common FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe
SR – | Auto 08/09/2010 288256 | (WDDMService) . (.WDC.) – C:Program FilesWestern DigitalWD SmartWareWD Drive ManagerWDDMService.exe
SR – | Auto 08/09/2010 1034752 | (WDFME) . (…) – C:Program Files (x86)Western DigitalWD SmartwareFront ParlorWDFMEWDFME.exe
SR – | Auto 08/09/2010 485376 | (WDSC) . (…) – C:Program Files (x86)Western DigitalWD SmartwareFront ParlorWDSC.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32yk62x64.dll (yksvc) . (.Marvell.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 27s

—\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Lucas at 27/10/2013 18:57:06
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s

—\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by Lucas at 27/10/2013 18:57:08

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

—\ Scan Additionnel (O88)
Database Version : 12960 – (27/10/2013)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 14

[HKCUSoftwarePartyFrance] =>Casino.OnlineGames
[HKCUSoftwareTotem] =>Adware.VirtualGirl
C:UsersLucasAppDataLocalLowBittorrentBar_FR =>Toolbar.Conduit
C:UsersLucasAppDataLocalTempnsh2B05.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnsh364C.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnss279B.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnssBF5A.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnssC747.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnsx7B3B.exe =>Toolbar.Conduit^
C:UsersLucasAppDataLocalTempnsxCE1B.exe =>Toolbar.Conduit^
~ Additionnel Scan: 476513 Items scanned in 00mn 31s

—\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch” onclick=”window.open(this.href);return false; =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy” onclick=”window.open(this.href);return false; =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/28346035-adware-virtualgirl” onclick=”window.open(this.href);return false; =>Adware.VirtualGirl
~ MSI: 4 link(s) detected in 00mn 31s

~ 2060 Legitimates filtered by white list
End of the scan (676 lines in 04mn 28s)(14)[/spoiler:2962bvg8]