Plantu
Participant
Nombre d'articles : 12

Et voila le dernier rapport ;)

—\ Navigateurs Internet
MSIE: Internet Explorer v6.0.2900.5512
MFIE: Mozilla Firefox 25.0.1 (Defaut)
GCIE: Google Chrome v31.0.1650.57

—\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client FR-FR Language Pack v2.0.0657.0
McAfee Security Scan Plus v3.8.130.10

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X

—\ Informations sur le système
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1791 MB (50% free)
System Restore: Activé (Enable)
System drive C: has 5 GB (3%) free of 146 GB

—\ Mode de connexion au système
~ Computer Name: ADMIN-732D4ABFF
~ User Name: Admin
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Administrateur, Admin,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:Documents and SettingsAdminApplication DataZHP
~ %AppData% : C:Documents and SettingsAdminApplication Data
~ %Desktop% : C:Documents and SettingsAdminBureau
~ %Favorites% : C:Documents and SettingsAdminFavoris
~ %LocalAppData% : C:Documents and SettingsAdminLocal SettingsApplication Data
~ %StartMenu% : C:Documents and SettingsAdminMenu Démarrer
~ %Windir% : C:WINDOWS
~ %System% : C:WINDOWSsystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 5 Go of 146 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
E: Hard drive, Flash drive, Thumb drive (Free 12 Go of 152 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)

—\ Etat du Centre de Sécurité Windows
~ Security Center: 38 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] – (.Microsoft Corporation – Explorateur Windows.) (.14/04/2008 – 13:00:00.) — C:WINDOWSExplorer.exe [1037824]
[MD5.ACDDE3874BF2BEDB91B334307C68CA53] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/10/2013 – 15:53:59.) — C:WINDOWSsystem32wininet.dll [672768]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] – (.Microsoft Corporation – Application d’ouverture de session Windows NT.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.17/08/2011 – 14:49:54.) — C:WINDOWSsystem32DriversAFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] – (.Microsoft Corporation – IDE/ATAPI Port Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32Driversatapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversCdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversCdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] – (.Microsoft Corporation – Pilote de cryptographie FIPS.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversFips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] – (.Windows (R) Server 2003 DDK provider – High Definition Audio Bus Driver v1.0a.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversHDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] – (.Microsoft Corporation – Pilote de port i8042.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32Driversi8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] – (.Microsoft Corporation – IMAPI Kernel Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversImapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] – (.Microsoft Corporation – IP Network Address Translator.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversIpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] – (.Microsoft Corporation – IPSec Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversIPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.15/07/2011 – 14:29:31.) — C:WINDOWSsystem32DriversMRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] – (.Microsoft Corporation – MBT Transport driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversnetBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] – (.Microsoft Corporation – NT File System Driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32Driversntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversParport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32DriversRasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] – (.Microsoft Corporation – Microsoft RDP Device redirector.) (.13/04/2008 – 10:32:52.) — C:WINDOWSsystem32Driversrdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] – (.Microsoft Corporation – Pilote de filtre audio Livre rouge.) (.13/04/2008 – 19:57:36.) — C:WINDOWSsystem32Driversredbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.14/04/2008 – 13:00:00.) — C:WINDOWSsystem32Driversvolsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/10227
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 2/4
~ Mes Favoris (My Favorites) : 1/9
~ Mes Documents (My Documents) : 2/22973
~ Mon Bureau (My Desktop) : 2/6938
~ Menu demarrer (Programs) : 1/33
~ Hidden Files: Scanned in 00mn 23s

—\ Processus lancés
[MD5.90DC23D940551DB35367FB1E40575B25] – (.Microsoft Corporation – Antimalware Service Executable.) — C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe [11736] [PID.980]
[MD5.CF7B0E597C1F34E528285495721DEEE9] – (.Google Inc. – Google Crash Handler.) — C:Program FilesGoogleUpdate1.3.21.165GoogleCrashHandler.exe [237960] [PID.288]
[MD5.B9F4E7FC374ED524A7564124B20F8C99] – (.VIA Technologies, Inc. – HDeck MFC Application.) — C:Program FilesVIAVIAudioiHDADeckHDeck.exe [33624064] [PID.1768]
[MD5.F8D427DAE2984A4968E2D1CB53634784] – (.Nuance Communications, Inc. – OCR Aware.) — C:Program FilesScanSoftOmniPageSE4OpwareSE4.exe [79400] [PID.1860]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] – (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe [958576] [PID.1872]
[MD5.5BA8A7DA5D0573F7923E02B260AAD2F1] – (.Logitech Inc. – LVCom Server.) — C:WINDOWSsystem32LVCOMSX.exe [221184] [PID.1884]
[MD5.2D3BCCA5C7CA55FEDD60E3336D3A92AF] – (.Logitech Inc. – ImageStudio Tray Application.) — C:Program FilesLogitechVideoLogiTray.exe [217088] [PID.1708]
[MD5.BE7B7CA2067F597AFFBC4A557167681E] – (.Dassault Systèmes SolidWorks Corp. – sldIM.) — C:Program FilesFichiers communsGestionnaire d’installation SolidWorksSchedulersldIMScheduler.exe [7218472] [PID.360]
[MD5.640609646D2E6F805E89238F0ADD3A1A] – (.Brother Industries, Ltd. – Brother Status Monitor Application.) — C:Program FilesBrowny02BrotherBrStMonW.exe [2621440] [PID.508]
[MD5.36E5CA5DCE72A831A3F7C7ED8AEA83AE] – (.Brother Industries, Ltd. – Control Center 3 Main Program.) — C:Program FilesBrotherControlCenter3brccMCtl.exe [872448] [PID.540]
[MD5.F773D2886EDF879860F220EB59C4552B] – (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe [1263512] [PID.1188]
[MD5.7771618E69C8CC7AE91830F6F0B9D356] – (.UnH Solutions – IE Privacy Keeper.) — C:Program FilesUnH SolutionsIE Privacy KeeperIEPrivacyKeeper.exe [1015808] [PID.1704]
[MD5.EA7E57F87D6FEE5FD6C5F813C04E8CD2] – (.Brother Industries, Ltd. – BrYNCSvc.) — C:Program FilesBrowny02BrYNSvc.exe [245760] [PID.2072]
[MD5.D3D4BD94434A9CB4B35E82283EAE8EFB] – (.McAfee, Inc. – McAfee Security Scanner Scheduler.) — C:Program FilesMcAfee Security Scan3.8.130SSScheduler.exe [273296] [PID.2408]
[MD5.9B385494F9FEC11696435F0466186A70] – (.Dassault Systèmes SolidWorks Corp. – swBOEngine.) — C:Program FilesSolidWorks CorpSolidWorksswSchedulerswBOEngine.exe [841000] [PID.2420]
[MD5.1B11C113DC4383C6C07A45BFFBDC7D63] – (.Logitech Inc. – QuickCam Framework Server.) — C:Program FilesLogitechVideoFxSvr2.exe [192512] [PID.2828]
[MD5.59588AA5DDCB31B8155D49FE11987A69] – (.Microsoft Corporation – Microsoft Office Word.) — C:Program FilesMicrosoft OfficeOffice12WINWORD.exe [409776] [PID.2992]
[MD5.077D59BA0FD4007E841B6C670862B065] – (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe [275568] [PID.3912]
[MD5.2E0B0A051FFAA86E358465BB0880D453] – (.Microsoft Corporation – Windows Update.) — C:WINDOWSsystem32wuauclt.exe [53784] [PID.2096]
[MD5.DBA0C529D62F6E2F59C6F4367A0A5543] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8256512] [PID.2140]
~ Processes Running: Scanned in 00mn 04s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultPreferences
~ Google Browser: 16 Legitimates Filtered in 00mn 19s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultprefs.js
M2 – MFEP: prefs.js [Admin – kutfpq8i.defaultjid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
P2 – FPN:Firefox Plugin Navigator . (…) — C:Program FilesMozilla FirefoxPluginsNPSibelius.dll
P2 – FPN:Firefox Plugin Navigator . (…) — C:Program FilesMozilla FirefoxPluginsScorchAxPlugin.dll
P2 – FPN:Firefox Plugin Navigator . (…) — C:Program FilesMozilla FirefoxPluginsScorchPDFWrapper.dll
P2 – FPN: [HKLM] [@Sibelius.com/Scorch Plugin,version=6.2.0.88] – (…) — C:Program FilesSibelius SoftwareScorchnpsibelius.dll
~ Firefox Browser: 29 Legitimates Filtered in 00mn 01s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:WINDOWSsystem32userinit.exe,
F2 – REG:system.ini: Shell=C:WINDOWSexplorer.exe
F2 – REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL « sysdm.cpl »
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20

—\ Internet Explorer Toolbars (O3)
O3 – ToolbarWebBrowser: (no name) – [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 – ToolbarWebBrowser: (no name) – [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSProgram [AllUsers]: HD ADeck.lnk . (.VIA Technologies, Inc. – HDeck MFC Application.) — C:Program FilesVIAVIAudioiHDADeckHDeck.exe
O4 – GSProgram [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O4 – GSProgram [Admin]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet ExplorerIEXPLORE.exe
~ Global Startup: 16 Legitimates Filtered in 00mn 01s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSProgram [AllUsers]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. – McAfee Security Scanner Scheduler.) — C:Program FilesMcAfee Security Scan3.8.130SSScheduler.exe
O4 – GSProgram [Admin]: Moteur du Planificateur de tâches SolidWorks.lnk . (.Dassault Systèmes SolidWorks Corp. – swBOEngine.) — C:Program FilesSolidWorks CorpSolidWorksswSchedulerswBOEngine.exe
O4 – HKLM..Run: [HDAudDeck] . (.VIA Technologies, Inc. – HDeck MFC Application.) — C:Program FilesVIAVIAudioiHDADeckHDeck.exe
O4 – HKLM..Run: [NeroFilterCheck] . (.Ahead Software Gmbh – NeroCheck.) — C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [CanonSolutionMenu] . (.CANON INC. – CNSLMAIN.) — C:Program FilesCanonSolutionMenuCNSLMAIN.exe
O4 – HKLM..Run: [CanonMyPrinter] . (.CANON INC. – Canon My Printer.) — C:Program FilesCanonMyPrinterBJMyPrt.exe
O4 – HKLM..Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. – SSBkgdUpdate.) — C:Program FilesFichiers communsScansoft SharedSSBkgdUpdateSSBkgdupdate.exe
O4 – HKLM..Run: [OpwareSE4] . (.Nuance Communications, Inc. – OCR Aware.) — C:Program FilesScanSoftOmniPageSE4OpwareSE4.exe =>.ScanSoft, Inc
O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesFichiers communsAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [LVCOMSX] . (.Logitech Inc. – LVCom Server.) — C:WINDOWSsystem32LVCOMSX.exe
O4 – HKLM..Run: [LogitechVideoRepair] . (.Logitech Inc. – Logitech QuickCam Startup Application.) — C:Program FilesLogitechVideoISStart.exe
O4 – HKLM..Run: [LogitechVideoTray] . (.Logitech Inc. – ImageStudio Tray Application.) — C:Program FilesLogitechVideoLogiTray.exe
O4 – HKLM..Run: [SolidWorks_CheckForUpdates] . (.Dassault Systèmes SolidWorks Corp. – sldIM.) — C:Program FilesFichiers communsGestionnaire d’installation SolidWorksSchedulersldIMScheduler.exe
O4 – HKLM..Run: [BigDogPath] C:WINDOWSVM_STI.exe (.not file.)
O4 – HKLM..Run: [ControlCenter3] . (.Brother Industries, Ltd. – ControlCenter Program.) — C:Program FilesBrotherControlCenter3brctrcen.exe
O4 – HKLM..Run: [BrStsMon00] . (.Brother Industries, Ltd. – Brother Status Monitor Application.) — C:Program FilesBrowny02BrotherBrStMonW.exe
O4 – HKLM..Run: [MSC] . (.Microsoft Corporation – Microsoft Security Client User Interface.) — C:Program FilesMicrosoft Security Clientmsseces.exe
O4 – HKLM..Run: [DivXMediaServer] . (.Pas de propriétaire – DivX DLNA Media Server.) — C:Program FilesDivXDivX Media ServerDivXMediaServer.exe
O4 – HKLM..Run: [DivXUpdate] . (.Pas de propriétaire – DivX Update.) — C:Program FilesDivXDivX UpdateDivXUpdate.exe
O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesFichiers communsAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
O4 – HKCU..Run: [IE Privacy Keeper] . (.UnH Solutions – IE Privacy Keeper.) — C:Program FilesUnH SolutionsIE Privacy KeeperIEPrivacyKeeper.exe
O4 – HKCU..Run: [ctfmon.exe] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32ctfmon.exe
O4 – HKCU..Run: [LogitechSoftwareUpdate] . (.Logitech Inc. – Logitech Software Update.) — C:Program FilesLogitechVideoManifestEngine.exe
O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:Documents and SettingsAdminLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe
O4 – HKCU..Run: [NBJ] . (.Ahead Software AG – Nero BackItUp Scheduler Application.) — C:Program FilesAheadNero BackItUpNBJ.exe
O4 – HKCU..Run: [Google Update] . (.Google Inc. – Programme d’installation de Google.) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe =>.Google Inc
O4 – HKUSS-1-5-18..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-18..Run: [DWQueuedReporting] . (.Microsoft Corporation – Watson Subscriber for SENS Network Notifica.) — C:Program FilesFichiers communsMicrosoft SharedDWDWTRIG20.exe
O4 – HKUSS-1-5-19..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-20..Run: [CTFMON.EXE] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32CTFMON.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [IE Privacy Keeper] . (.UnH Solutions – IE Privacy Keeper.) — C:Program FilesUnH SolutionsIE Privacy KeeperIEPrivacyKeeper.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [ctfmon.exe] . (.Microsoft Corporation – CTF Loader.) — C:WINDOWSsystem32ctfmon.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [LogitechSoftwareUpdate] . (.Logitech Inc. – Logitech Software Update.) — C:Program FilesLogitechVideoManifestEngine.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:Documents and SettingsAdminLocal SettingsApplication DataFacebookUpdateFacebookUpdate.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [NBJ] . (.Ahead Software AG – Nero BackItUp Scheduler Application.) — C:Program FilesAheadNero BackItUpNBJ.exe
O4 – HKUSS-1-5-21-1957994488-796845957-682003330-1004..Run: [Google Update] . (.Google Inc. – Programme d’installation de Google.) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe =>.Google Inc
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
O9 – Extra button: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} — Clé orpheline
O9 – Extra button: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation – Windows Messenger.) — C:Program FilesMessengermsmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1311094778015 » onclick= »window.open(this.href);return false;
O16 – DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) – http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1376062795750 » onclick= »window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{AD6314AB-591A-4471-80A1-EDA3243FEC35}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{AD6314AB-591A-4471-80A1-EDA3243FEC35}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{AD6314AB-591A-4471-80A1-EDA3243FEC35}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wia – {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation – WIA Scripting Layer.) — C:WINDOWSsystem32wiascr.dll
O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesFichiers communsMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: crypt32chain . (.Microsoft Corporation – Crypto API32.) — C:WINDOWSsystem32crypt32.dll
O20 – Winlogon Notify: cryptnet . (.Microsoft Corporation – Crypto Network Related API.) — C:WINDOWSsystem32cryptnet.dll
O20 – Winlogon Notify: cscdll . (.Microsoft Corporation – Agent réseau hors connexion.) — C:WINDOWSsystem32cscdll.dll
O20 – Winlogon Notify: dimsntfy . (.Microsoft Corporation – DIMS Notification Handler.) — C:WINDOWSsystem32dimsntfy.dll
O20 – Winlogon Notify: ScCertProp . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: Schedule . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: sclgntfy . (.Microsoft Corporation – DLL secondaire de notification de service d.) — C:WINDOWSsystem32sclgntfy.dll
O20 – Winlogon Notify: SensLogn . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32WlNotify.dll
O20 – Winlogon Notify: termsrv . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
O20 – Winlogon Notify: wlballoon . (.Microsoft Corporation – DLL commune de réception des notifications.) — C:WINDOWSsystem32wlnotify.dll
~ Winlogon: Scanned in 00mn 00s

—\ Enumération Active Desktop & MHTML Editor (O24)
O24 – Desktop General: BackupWallPaper – .(…) – C:Documents and SettingsAdminLocal SettingsApplication DataMicrosoftWallpaper1.bmp
O24 – Desktop General: WallPaper – .(…) – C:Documents and SettingsAdminLocal SettingsApplication DataMicrosoftWallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s

—\ Logiciels installés (O42)
O42 – Logiciel: OpenSong Version 1.6 – (…) [HKLM] — OpenSong_is1
O42 – Logiciel: Update for Video Converter – (…) [HKCU] — DSite =>Hijacker.DSite
O42 – Logiciel: Video Converter Packages – (…) [HKCU] — Video Converter Packages
O42 – Logiciel: Video Converter Packages 42 – (…) [HKCU] — Video Converter Packages 42
O42 – Logiciel: e-Sword – (.Rick Meyers.) [HKLM] — {9B98010C-A6E2-40D4-A69D-7EA024EAEC79}
~ Logic: 28 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftwareIncrediMail]
[HKCUSoftwareSenvid]
[HKLMSoftwareSenvid]
~ Key Software: 293 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 29/07/2011 – 22:19:15 – [50,202] —-D C:Program Filese-Sword
O43 – CFD: 29/07/2011 – 20:37:05 – [0] —-D C:Program FilesMoNooN
O43 – CFD: 26/10/2012 – 15:34:08 – [52,188] —-D C:Program FilesOpenSong
O43 – CFD: 29/07/2011 – 22:09:51 – [1,051] —-D C:Program FilesFichiers communsEzTools
O43 – CFD: 29/11/2013 – 17:29:00 – [3,316] —-D C:Documents and SettingsAdminApplication DataIM
O43 – CFD: 26/10/2012 – 15:41:09 – [0,002] —-D C:Documents and SettingsAdminApplication DataOpenSong
O43 – CFD: 13/07/2013 – 09:56:04 – [1,063] —-D C:Documents and SettingsAdminApplication DataVideo Converter Packages
O43 – CFD: 29/07/2011 – 21:02:48 – [27,802] —-D C:Documents and SettingsAdminLocal SettingsApplication DataDownloaded Cashe
~ Program Folder: 195 Legitimates Filtered in 00mn 32s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.DCCE102BCC91AAAA9F8804BB2CCF5D9A] – 14/11/2013 – 19:17:35 —A- . (…) — C:WINDOWSimsins.BAK [1393]
O44 – LFC:[MD5.EAE4CD03002391CB4810E05F463BD826] – 14/11/2013 – 19:17:52 —A- . (…) — C:WINDOWSFaxSetup.log [1193042]
O44 – LFC:[MD5.B15449A38EA05CD8D8F7CCA9EA20EA4D] – 14/11/2013 – 19:17:52 —A- . (…) — C:WINDOWSmsgsocm.log [60060]
O44 – LFC:[MD5.764626D9637CEEF86DDC0AA50F1270B7] – 14/11/2013 – 19:17:52 —A- . (…) — C:WINDOWSupdspapi.log [67461]
O44 – LFC:[MD5.5E6CD2A2A4C35A9AD806A506A6F6FE70] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWScomsetup.log [408239]
O44 – LFC:[MD5.07E5313D147D0B555773E5C1619CFD05] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWSiis6.log [189036]
O44 – LFC:[MD5.95B31BF9B35A67DDCBB9E29190273D4D] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWSimsins.log [1393]
O44 – LFC:[MD5.BC6179C754153342CBFF320A74985469] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWSntdtcsetup.log [245529]
O44 – LFC:[MD5.8EA97B59C2667593137687544D39F454] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWSocgen.log [582426]
O44 – LFC:[MD5.D8A9A31F76C2ADFA0B4108CE8F480D81] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWSocmsn.log [66334]
O44 – LFC:[MD5.B0DF995FDCDF2AC5E5A517CC55673FB0] – 14/11/2013 – 19:17:53 —A- . (…) — C:WINDOWStsoc.log [461125]
O44 – LFC:[MD5.493827604C937BEA5DDACF32F180530E] – 29/11/2013 – 17:28:40 —A- . (…) — C:WINDOWSwiaservc.log [50]
O44 – LFC:[MD5.8783201868204622F17FB3E8D370268A] – 29/11/2013 – 17:29:33 —A- . (…) — C:WINDOWSwiadebug.log [259]
~ Files: 28 Legitimates Filtered in 00mn 26s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.A1D82DE9E432B9188613A334F864F6F6] – 29/11/2013 – 17:29:49 —A- – C:WINDOWSPrefetchSWBOENGINE.EXE-10F36AB3.pf
~ Prefetcher: 29 Legitimates Filtered in 00mn 00s

—\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 – SEH:ShellExecuteHooks – URL Exec Hook – {AEB6717E-7E19-11d0-97EE-00C04FD91972} – shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s

—\ Export de clé d’application autorisée (O47)
O47 – AAKE:Key Export SP – « C:Documents and SettingsAdminLocal SettingsApplication DataGoogleGoogle Talk Plugingoogletalkplugin.exe » [Enabled] .(.Google.) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleGoogle Talk Plugingoogletalkplugin.exe
O47 – AAKE:Key Export SP – « C:WINDOWSsystem32dmwu.exe » [Enabled] .(…) — C:WINDOWSsystem32dmwu.exe (.not file.)
~ Keys Export: 16 Legitimates Filtered in 00mn 00s

—\ Image File Execution Options (IFEO) (O50)
O50 – IFEO:Image File Execution Options – Your Image File Name Here without a path – ntsd -d
~ IFEO: Scanned in 00mn 00s

—\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 – MPSK:{06be4ba8-b267-11e0-b9f2-806d6172696f}AutoRuncommand. (…) — D:ASRSetup.exe (.not file.)
O51 – MPSK:{254a098a-b296-11e0-9a07-00252286c5e5}AutoRuncommand. (…) — O:start.exe (.not file.)
~ Keys: Scanned in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.85ECE26F326C2D07BA77A60343468272] – 30/12/2010 – 14:19:40 —A- . (.Wondershare – Wondershare Virtual Audio Device.) — C:WINDOWSsystem32DriversApowersoft_AudioDevice.sys [16640]
O58 – SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] – 14/04/2008 – 13:00:00 —A- . (.RAVISENT Technologies Inc. – Pilote principal CineMaster C 1.2 WDM.) — C:WINDOWSsystem32Driverscinemst2.sys [262528]
O58 – SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] – 14/04/2008 – 13:00:00 —A- . (.Windows (R) Server 2003 DDK provider – High Definition Audio Bus Driver v1.0a.) — C:WINDOWSsystem32Drivershdaudbus.sys [144384]
O58 – SDL:[MD5.E7AC7B1E8AE57C3D55C661187CEEBF11] – 08/10/2004 – 12:58:32 R–A- . (…) — C:WINDOWSsystem32Driverslvcm.sys [585824]
O58 – SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] – 14/04/2008 – 13:00:00 —A- . (.Parallel Technologies, Inc. – Parallel Technologies DirectParallel IO Library.) — C:WINDOWSsystem32Driversptilink.sys [17792]
O58 – SDL:[MD5.58C938BDD89281DC1A64B1DCE675FCE4] – 17/08/2004 – 04:44:22 —A- . (.VM – Video streaming and Capture Device Driver.) — C:WINDOWSsystem32DriversusbVM31b.sys [91263]
O58 – SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] – 14/04/2008 – 13:00:00 —A- . (.RAVISENT Technologies Inc. – CineMaster C WDM DVD Minidriver.) — C:WINDOWSsystem32Driversvdmindvd.sys [58112]
O58 – SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ansi.sys [9037]
O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32country.sys [27097]
O58 – SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32himem.sys [4912]
O58 – SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32key01.sys [42809]
O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32keyboard.sys [42537]
O58 – SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntdos.sys [27916]
O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntdos404.sys [29146]
O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntdos411.sys [29370]
O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntdos412.sys [29274]
O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntdos804.sys [29146]
O58 – SDL:[MD5.CAAA108FD7BF71989946B39704323455] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntio.sys [34000]
O58 – SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntio404.sys [34560]
O58 – SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntio411.sys [35648]
O58 – SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntio412.sys [35424]
O58 – SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] – 14/04/2008 – 13:00:00 —A- . (…) — C:WINDOWSsystem32ntio804.sys [34560]
~ Drivers: 5 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 26/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00769.txt [6842]
O61 – LFC: 26/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00770.txt [6842]
O61 – LFC: 26/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultbookmarkbackupsbookmarks-2013-11-26_32.json [15801]
O61 – LFC: 26/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultdownloads.sqlite [196608]
O61 – LFC: 26/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_2 [1056768]
O61 – LFC: 27/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00771.txt [6846]
O61 – LFC: 27/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultbookmarkbackupsbookmarks-2013-11-27_32.json [15801]
O61 – LFC: 27/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultcontent-prefs.sqlite [229376]
O61 – LFC: 28/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00772.txt [6844]
O61 – LFC: 28/11/2013 – 17:45:39 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultaddons.json [8695]
O61 – LFC: 28/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultbookmarkbackupsbookmarks-2013-11-28_32.json [15801]
O61 – LFC: 28/11/2013 – 17:45:41 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultindexedDBchromeidb2107386035db8d2l2a2n6r9e8t-n1i9.sqlite [524288]
O61 – LFC: 28/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultindexedDBchromeidb3283997206db8d2c2n2y6s9a8m-o1c9.sqlite [524288]
O61 – LFC: 28/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLast Tabs [70402]
O61 – LFC: 28/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension Settingsldikpdnngdmeceeameoaannjilbjppnm00823.ldb [461271]
O61 – LFC: 29/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00773.txt [6840]
O61 – LFC: 29/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00774.txt [6840]
O61 – LFC: 29/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00775.txt [6840]
O61 – LFC: 29/11/2013 – 17:45:33 —A- . (…) — C:Documents and SettingsAdminApplication DataIMsldIMSchedulerLog_20090-40000-1100_00776.txt [6840]
O61 – LFC: 29/11/2013 – 17:45:39 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultblocklist.xml [86992]
O61 – LFC: 29/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultbookmarkbackupsbookmarks-2013-11-29_32.json [15801]
O61 – LFC: 29/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultcert8.db [196608]
O61 – LFC: 29/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultcookies.sqlite [524288]
O61 – LFC: 29/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultcookies.sqlite-shm [32768]
O61 – LFC: 29/11/2013 – 17:45:40 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultcookies.sqlite-wal [590288]
O61 – LFC: 29/11/2013 – 17:45:41 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultextensions.sqlite [524288]
O61 – LFC: 29/11/2013 – 17:45:41 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultformhistory.sqlite [196608]
O61 – LFC: 29/11/2013 – 17:45:41 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaulthealthreport.sqlite-shm [32768]
O61 – LFC: 29/11/2013 – 17:45:41 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaulthealthreport.sqlite-wal [131200]
O61 – LFC: 29/11/2013 – 17:45:42


. (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultprefs.js [22045]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultkey3.db [16384]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultlocalstore.rdf [7073]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultpermissions.sqlite [65536]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultplaces.sqlite [20971520]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultplaces.sqlite-shm [32768]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultplaces.sqlite-wal [229576]
O61 – LFC: 29/11/2013 – 17:45:42 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultpluginreg.dat [10830]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultsessionstore.bak [16807]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultsessionstore.js [106544]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultsignons.sqlite [327680]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaulturlclassifierkey3.txt [154]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultwebappswebapps.json [2]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultwebappsstore.sqlite [262144]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultwebappsstore.sqlite-shm [32768]
O61 – LFC: 29/11/2013 – 17:45:43 —A- . (…) — C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultwebappsstore.sqlite-wal [0]
O61 – LFC: 29/11/2013 – 17:45:44 —A- . (…) — C:Documents and SettingsAdminApplication DataUnH SolutionsIE Privacy Keepersettings.iepk [3860]
O61 – LFC: 29/11/2013 – 17:45:47 —A- . (…) — C:Documents and SettingsAdminApplication DataZHPLog.txt [18391] =>.Nicolas Coolman
O61 – LFC: 29/11/2013 – 17:45:47 —A- . (…) — C:Documents and SettingsAdminApplication DataZHPTestsZHPDiag.txt [3257] =>.Nicolas Coolman
O61 – LFC: 29/11/2013 – 17:47:10 —A- . (…) — C:Documents and SettingsAdminBureauZHPDiag.lnk [1523] =>.Nicolas Coolman
O61 – LFC: 29/11/2013 – 17:47:10 —A- . (…) — C:Documents and SettingsAdminBureauZHPFix.lnk [1628] =>.Nicolas Coolman
O61 – LFC: 29/11/2013 – 17:47:10 —A- . (…) — C:Documents and SettingsAdminBureausos virus.docx [15402]
O61 – LFC: 29/11/2013 – 17:47:10 –HA- . (…) — C:Documents and SettingsAdminBureau~$s virus.docx [162]
O61 – LFC: 29/11/2013 – 17:47:15 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataCertificate Revocation Lists [269208]
O61 – LFC: 29/11/2013 – 17:47:15 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultArchived History [3616768]
O61 – LFC: 29/11/2013 – 17:47:15 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultArchived History-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:15 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultCookies [1097728]
O61 – LFC: 29/11/2013 – 17:47:15 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultCookies-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultCurrent Session [650498]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultCurrent Tabs [692363]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesCURRENT [16]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesLOG [148]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension RulesLOG.old [148]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension State02621.ldb [393]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension State02623.ldb [68552]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension StateCURRENT [16]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension StateLOG [276]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension StateLOG.old [789]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultExtension StateMANIFEST-002622 [723]
O61 – LFC: 29/11/2013 – 17:47:16 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultdatabaseschrome-extension_ldikpdnngdmeceeameoaannjilbjppnm_04 [379904]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultFavicons [3112960]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultFavicons-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_0 [45056]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultGPUCachedata_1 [270336]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultHistory [4874240]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultHistory Provider Cache [431066]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultHistory-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLast Session [484545]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension Settingsldikpdnngdmeceeameoaannjilbjppnm00828.ldb [174]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension SettingsldikpdnngdmeceeameoaannjilbjppnmCURRENT [16]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension SettingsldikpdnngdmeceeameoaannjilbjppnmLOG [269]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension SettingsldikpdnngdmeceeameoaannjilbjppnmLOG.old [267]
O61 – LFC: 29/11/2013 – 17:47:20 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Extension SettingsldikpdnngdmeceeameoaannjilbjppnmMANIFEST-000827 [175]
O61 – LFC: 29/11/2013 – 17:47:24 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Storagehttp_static.live-lyrics.com_0.localstorage [2843648] =>Adware.AddLyrics
O61 – LFC: 29/11/2013 – 17:47:24 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Storagehttp_static.live-lyrics.com_0.localstorage-journal [16384] =>Adware.AddLyrics
O61 – LFC: 29/11/2013 – 17:47:27 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Storagehttp_www.superfish.com_0.localstorage [5120]
O61 – LFC: 29/11/2013 – 17:47:27 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultLocal Storagehttp_www.superfish.com_0.localstorage-journal [5672]
O61 – LFC: 29/11/2013 – 17:47:30 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultNetwork Action Predictor [621568]
O61 – LFC: 29/11/2013 – 17:47:30 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultNetwork Action Predictor-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultQuotaManager [13312]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultQuotaManager-journal [6704]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession Storage04673.ldb [147]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession Storage04675.ldb [188204]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageCURRENT [16]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageLOG [277]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageLOG.old [790]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultSession StorageMANIFEST-004674 [166]
O61 – LFC: 29/11/2013 – 17:47:32 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultpreferences [212673]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultShortcuts [339968]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultShortcuts-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultTop Sites [606208]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultTop Sites-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultTransportSecurity [5729]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultVisited Links [524192]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultWeb Data [120832]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataDefaultWeb Data-journal [16384]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataLocal State [46685]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Bloom [7763668]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Bloom Prefix Set [1386790]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Cookies [6144]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Cookies-journal [4640]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Csd Whitelist [135388]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Download [1210948]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Download Whitelist [19504]
O61 – LFC: 29/11/2013 – 17:47:33 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataGoogleChromeUser DataSafe Browsing Extension Blacklist [6852]
O61 – LFC: 29/11/2013 – 17:47:47 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataMozillaFirefoxProfileskutfpq8i.default_CACHE_CLEAN_ [1]
O61 – LFC: 29/11/2013 – 17:47:47 —A- . (…) — C:Documents and SettingsAdminLocal SettingsApplication DataMozillaFirefoxProfileskutfpq8i.defaultstartupCachestartupCache.4.little [1236493]
O61 – LFC: 29/11/2013 – 17:49:12 —A- . (…) — C:Documents and SettingsAdminMes documentsDownloadsNetoyage PCadwcleaner (1).exe [1091882]
O61 – LFC: 29/11/2013 – 17:49:12 —A- . (…) — C:Documents and SettingsAdminMes documentsDownloadsNetoyage PCdelfix.exe [707006]
O61 – LFC: 29/11/2013 – 17:49:12 —A- . (…) — C:Documents and SettingsAdminMes documentsDownloadsNetoyage PCmbam-log-2013-11-29 (16-19-27).txt [13852]
O61 – LFC: 29/11/2013 – 17:49:31 -SHA- . (…) — C:Documents and SettingsAdminMes documentsDownloadsThumbs.db [365056]
O61 – LFC: 29/11/2013 – 17:53:27 -SHA- . (…) — C:Documents and SettingsAdminMes documentsTéléchargementsThumbs.db [231424]
O61 – LFC: 29/11/2013 – 17:53:31 —A- . (…) — C:Documents and SettingsAdminRecentsos virus.lnk [488]
~ 2 Fichiers temporaires (Temporary files)
~ 2 Fichiers cookies (Cookies files)
~ Files: 222 Legitimates Filtered in 08mn 01s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Mozilla Corporation – Firefox.) — C:Program FilesMozilla Firefoxfirefox.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (@ieframe.dll,-12512) – http://www.bing.com » onclick= »window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (@ieframe.dll,-12512) – http://www.bing.com » onclick= »window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft 3gp Video Converter v3.1.5.0430b Winall Cracked-Czw.rar
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWCrackvideoenc.exe-up.txt
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWkeygen.exe
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWx-3gp-video-converter.exe
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft 3gp Video Converter v3.1.5.0430b Winall Cracked-Czw.rar
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWCrackvideoenc.exe-up.txt
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWkeygen.exe
C:Documents and SettingsAdminMes documentsApplications3GPXilisoft.3GP.Video.Converter.v3.1.5.0430b.WinALL.Cracked-CzWx-3gp-video-converter.exe
~ Files: Scanned in 00mn 55s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: « 0CC62614458A2044DA607D3959512C28 » . (.Sibelius Scorch (Firefox, Opera, Netscape, Chrome only).) — C:WINDOWSInstaller{41626CC0-A854-4402-AD06-D7939515C282}ARPPRODUCTICON.exe
O90 – PUC: « 394E2E69484C3E34B9596DE27E4DD0A3 » . (.Toolbar 4.7 by SweetPacks.) — C:WINDOWSInstaller{96E2E493-C484-43E3-9B95-D62EE7D40D3A}ARPPRODUCTICON.exe =>PUP.SweetIM
O90 – PUC: « 452B63F044BF958498713877F821A0C7 » . (.Boxore Client.) — C:WINDOWSInstaller{0F36B254-FB44-4859-8917-83778F120A7C}boxore.ico =>Adware.Boxore
O90 – PUC: « C01089B92E6A4D046AD9E70A42AECE97 » . (.e-Sword.) — C:WINDOWSInstaller{9B98010C-A6E2-40D4-A69D-7EA024EAEC79}ARPPRODUCTICON.exe
~ Update Products: 75 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.4C42A805251908FC8D3DBB341AD1C6ED] [WIS][02/08/2013] (.Boxore OU – Boxore Client Installer.) — C:WindowsInstaller18fbfc.msi [474624] =>Adware.Boxore
[MD5.E1E7D2CD47BE8EB890C7DD17997388E8] [WIS][29/07/2011] (.BibleStudyPro.com – Bible Study Pro.) — C:WindowsInstaller192c311.msi [914944]
[MD5.4808135346AB22C3DC2862A1A94476DD] [WIS][29/07/2011] (.Rick Meyers – e-Sword.) — C:WindowsInstaller1cffac2.msi [2745856]
~ WIS: 77 Legitimates Filtered in 00mn 09s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 21/07/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) – C:Program FilesFichiers communsAdobe Systems SharedServiceAdobelmsvc.exe
SS – | Demand 01/11/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WINDOWSsystem32MacromedFlashFlashPlayerUpdateService.exe
SS – | Demand 09/09/2008 79144 | (CoordinatorServiceHost) . (.Dassault Systèmes SolidWorks Corp..) – C:Program FilesSolidWorks CorpSolidWorksswSchedulerDTSCoordinatorService.exe
SS – | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) – C:WINDOWSsystem32dmadmin.exe
SS – | Auto 10/11/2012 116648 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 10/11/2012 116648 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 14/11/2011 311928 | (maconfservice) . (.CybelSoft.) – C:Program Filesma-config.commaconfservice.exe
SS – | Demand 06/09/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) – C:Program FilesMcAfee Security Scan3.8.130McCHSvc.exe
SS – | Demand 16/11/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) – C:Program FilesMozilla Maintenance Servicemaintenanceservice.exe
SS – | Auto 14/04/2009 163908 | (NVSvc) . (.NVIDIA Corporation.) – C:WINDOWSsystem32nvsvc32.exe
SS – | Demand 07/01/2012 79360 | (SolidWorks Licensing Service) . (.SolidWorks.) – C:Program FilesFichiers communsSolidWorks SharedServiceSolidWorksLicensing.exe

SR – | Demand 25/01/2010 245760 | (BrYNSvc) . (.Brother Industries, Ltd..) – C:Program FilesBrowny02BrYNSvc.exe
SR – | Auto 11/11/2010 11736 | (MsMpSvc) . (.Microsoft Corporation.) – C:Program FilesMicrosoft Security ClientAntimalwareMsMpEng.exe

~ Services: Scanned in 00mn 11s

—\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net » onclick= »window.open(this.href);return false;
Run by Admin at 29/11/2013 17:54:49

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll SCSIPORT.SYS nvgts.sys
C:WINDOWSsystem32driversnvgts.sys NVIDIA Corporation NVIDIA nForce(TM) SATA Driver
1 ntkrnlpa!IofCallDriver[0x804EE1A0] >> DeviceHarddisk0DR0[0x89B688C8]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 14 Legitimates Filtered in 00mn 02s

—\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
Run by Admin at 29/11/2013 17:54:51

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s

—\ Scan Additionnel (O88)
Database Version : 13001 – (28/11/2013)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 1

[HKCUSoftwareMicrosoftWindowsCurrentVersionUninstallDSite] =>Hijacker.DSite^
[HKLMSoftwareClassesCLSID{1a03f196-9617-4ca0-842b-a83ceecb022b}] =>PUP.SweetIM
[HKLMSoftwareClassesInstallerFeatures394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
[HKLMSoftwareClassesInstallerProducts394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products394E2E69484C3E34B9596DE27E4DD0A3] =>PUP.SweetIM
C:Documents and SettingsAdminApplication DataMozillaFirefoxProfileskutfpq8i.defaultextensionsjid1-FCM5fDwCW5M3AQ@jetpack =>Spyware.SmartDisplay^
C:Documents and SettingsAdminLocal SettingsApplication DataSoftware =>Adware.Boxore
C:WindowsInstaller18fbfc.msi =>Adware.Boxore^
~ Additionnel Scan: 267684 Items scanned in 00mn 14s

—\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay » onclick= »window.open(this.href);return false; =>Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blog/show/35170315-hijacker-dsite » onclick= »window.open(this.href);return false; =>Hijacker.DSite
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics » onclick= »window.open(this.href);return false; =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim » onclick= »window.open(this.href);return false; =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore » onclick= »window.open(this.href);return false; =>Adware.Boxore
~ MSI: 5 link(s) detected in 00mn 14s

~ 1193 Legitimates filtered by white list
End of the scan (660 lines in 11mn 36s)(8)