Répondre à : Virus sur un PC d’occasion 2016-09-08T13:04:43+00:00
obelix87
Participant
Post count: 12

Je suis desole mais sur le tuto pour envoyer les rapports, je ne vois pas ce qu’est le “BBcode spoiler” et je ne vois pas de lien pour me redirigé alors voici la suite des rapports:

~ Rapport de ZHPDiag v2013.8.22.302 - Nicolas Coolman  (22/08/2013)
~ Lancé par user (23/08/2013 13:17:27)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC):


---\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
OBIE: Safari v5.34.57.2

---\ Informations sur les produits Windows
~ Langage: Français
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : B9HD2
Windows License : OK
Windows Automatic Updates : OK

---\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
SUPERAntiSpyware v5.6.1032

---\ Logiciels d'optimisation du système
CCleaner v4.04 =>Piriform Ltd

---\ Logiciels de partage PeerToPeer
µTorrent v3.2.2.28595 =>P2P.µTorrent

---\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X

---\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 105 GB (70%) free of 149 GB

---\ Mode de connexion au système
~ Computer Name: PC-DE-USER
~ User Name: user
~ All Users Names: user, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\ Variables d'environnement
~ System Unit : C:
~ %AppData% : C:UsersuserAppDataRoaming
~ %Desktop% : C:UsersuserDesktop
~ %Favorites% : C:UsersuserFavorites
~ %LocalAppData% : C:UsersuserAppDataLocal
~ %StartMenu% : C:UsersuserAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

---\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 105 Go of 149 Go)
D: CD-ROM drive (Not Inserted)



---\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s



---\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:WindowsExplorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:WindowsSystem32Wininit.exe [96768]
[MD5.6839F14A2507D9273BD13565DD880377] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/07/2013 - 03:26:10.) -- C:WindowsSystem32wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:WindowsSystem32Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:Windowssystem32DriversAFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:Windowssystem32Driversatapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:Windowssystem32DriversCdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:Windowssystem32DriversCdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:Windowssystem32DriversDfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:Windowssystem32DriversHDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:Windowssystem32Driversi8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:Windowssystem32DriversIpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:Windowssystem32DriversMRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:Windowssystem32DriversnetBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:Windowssystem32Driversntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:Windowssystem32DriversParport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:Windowssystem32DriversRasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:Windowssystem32Driversrdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:Windowssystem32Driverssmb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:Windowssystem32Driverstdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:Windowssystem32Driversvolsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 05s



---\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/140
~ Mes Favoris (My Favorites) : 1/77
~ Mes Documents (My Documents) : 1/551
~ Mon Bureau (My Desktop) : 1/613
~ Menu demarrer (Programs) : 1/28
~ Hidden Files: Scanned in 00mn 00s



---\ Processus lancés au démarrage du système
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:Program FilesMalwarebytes' Anti-Malwarembamgui.exe [532040] [PID.3192]
[MD5.C1C4C28E23AC934F49C2F60BD8D5BF63] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:WindowsSystem32WLTRAY.exe [3444736] [PID.3216]
[MD5.E23BF454E2B9049B3093033E0735E39C] - (.Intel Corporation - hkcmd Module.) -- C:WindowsSystem32hkcmd.exe [154136] [PID.3328]
[MD5.27BD1461ED8E7F84BFBA1A34F51F5CCF] - (.Intel Corporation - persistence Module.) -- C:WindowsSystem32igfxpers.exe [129560] [PID.3336]
[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe [283160] [PID.3392]
[MD5.CE42DFE915F78246364D464902E47360] - (.Apple Inc. - iTunesHelper.) -- C:Program FilesiTunesiTunesHelper.exe [152392] [PID.3404]
[MD5.F662782F23BE3C629AD81625AFFB4D4F] - (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe [5703920] [PID.3416]
[MD5.2DFEDE497E82D65A4A003FE64A19A98A] - (.Intel Corporation - igfxsrvc Module.) -- C:Windowssystem32igfxsrvc.exe [252440] [PID.3748]
[MD5.57EC630DBD5F0713E77CB3540AB80A8E] - (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe [757400] [PID.1408]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:Windowssystem32conime.exe [69120] [PID.3280]
[MD5.4ADFF37E77F0ABD1D886B07F3A021C5A] - (.Nicolas Coolman - ZHPDiag.) -- C:Program FilesZHPDiagZHPDiag.exe [7857664] [PID.2632]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:Windowssystem32SLsvc.exe [3408896] [PID.1268]
[MD5.2428E38ECCE487EBEF6FC4ACF636043B] - (...) -- C:WindowsSystem32WLTRYSVC.exe [24064] [PID.1628]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:Windowssystem32WLANExt.exe [74240] [PID.1636]
[MD5.983B5DC6E65071878ADA5A31AAD19B91] - (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Co.) -- C:WindowsSystem32bcmwltry.exe [2506752] [PID.1704]
[MD5.9EBE730D4B5E3FF25EAAF5A59BA6CCFF] - (.SUPERAntiSpyware.com - Core Service.) -- C:Program FilesSUPERAntiSpywareSASCORE.exe [119056] [PID.1960]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [65640] [PID.2036]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [57008] [PID.224]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:Program FilesBonjourmDNSResponder.exe [390504] [PID.360]
[MD5.28DC5D626E036A75A572556F0A6EB1F6] - (.Conexant Systems, Inc. - Modem Audio Service.) -- C:Windowssystem32DRIVERSxaudio.exe [386560] [PID.2284]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe [418376] [PID.3124]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe [701512] [PID.3136]
[MD5.D8B8B5A8FE57CF4F307A540D9A153C23] - (.Apple Inc. - iPodService Module (32-bit).) -- C:Program FilesiPodbiniPodService.exe [553288] [PID.4040]
[MD5.8FFF9083252C16FE3960173722605E9E] - (.Intel Corporation - IAStorDataSvc.) -- C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe [13336] [PID.1320]
[MD5.97D9D6A04E3AD9B6C626B9931DB78DBA] - (.Microsoft Corporation - Programme d’installation de modules Windows.) -- C:WindowsservicingTrustedInstaller.exe [39424] [PID.3720]
~ Processes Running: Scanned in 00mn 19s



---\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Electronic Arts - EA SPORTS Game Face Plugin 1.3.1.0.) (No version) -- (.not file.)
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\ Internet Explorer, Proxy Management (R5)
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 - REG:system.ini: Shell=C:Windowsexplorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1



---\ Internet Explorer Toolbars (O3)
O3 - ToolbarWebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM..Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:Windowssystem32WLTRAY.exe
O4 - HKLM..Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:Windowssystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:Windowssystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:Windowssystem32igfxpers.exe
O4 - HKLM..Run: [AppleSyncNotifier] . (.Apple Inc. - AppleSyncNotifier.) -- C:Program FilesCommon FilesAppleMobile Device SupportAppleSyncNotifier.exe
O4 - HKLM..Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
O4 - HKLM..Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorIcon.exe
O4 - HKLM..Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:Program FilesiTunesiTunesHelper.exe
O4 - HKCU..Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 - HKUSS-1-5-21-1051650705-3314682513-695485314-1000..Run: [SUPERAntiSpyware] . (.SUPERAntiSpyware - SUPERAntiSpyware Application.) -- C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
~ Application: Scanned in 00mn 00s



---\ Autres liens utilisateurs (O4)
O4 - GSPrograms: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe
O4 - GSPrograms: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:Program FilesWindows MailWinMail.exe
O4 - GSPrograms: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:Program FilesWindows Media Playerwmplayer.exe
O4 - GSQuickLaunch: Apple Safari.lnk . (...) -- C:WindowsInstaller{C779648B-410E-4BBA-B75B-5815BCEFE71D}SafariIco.exe
O4 - GSQuickLaunch: Dragon.lnk . (...) -- C:Program FilesComodoDragondragon.exe (.not file.)
O4 - GSQuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe
O4 - GSQuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:Program FilesWindows Media Playerwmplayer.exe
O4 - GSQuickLaunch: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:Program FilesuTorrentuTorrent.exe =>P2P.µTorrent
O4 - GSAccessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe
O4 - GSSendTo: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:Program FilesFreeTimeFormatFactoryFormatFactory.exe
O4 - Global Startup: C:UsersuserDesktop1net.url . (...) -- C:UsersuserDesktop1net.url
O4 - GSDesktop: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:Program FilesFreeTimeFormatFactoryFormatFactory.exe
O4 - Global Startup: C:UsersuserDesktopHotmail - ludo2701.chapaud@hotmail.fr.url . (.Glarysoft Ltd - Glary Utilities Setup.) -- C:UsersuserDesktopHotmail - ludo2701.chapaud@hotmail.fr.url
O4 - GSDesktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe
O4 - GSDesktop: Lanceur de tâches Microsoft Works.lnk . (.Microsoft® Corporation - Microsoft® Works.) -- C:Program FilesMicrosoft WorksMSWorks.exe
O4 - GSDesktop: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:Program FilesWindows LiveMessengermsnmsgr.exe
~ Global Startup: Scanned in 00mn 01s



---\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:Program FilesWindows LiveCompanioncompanionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:Program FilesWindows LiveCompanioncompanionres.dll
O9 - Extra button: @C:Program FilesWindows LiveWriterWindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Messenger.) -- C:Program FilesMessengerMSMSGS.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU...Domains] *.dell.com
~ IE Zone Confiance: Scanned in 00mn 00s



---\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfig_5_1_2_3.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} ((no name)) - http://game.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} ((no name)) - http://3dlifeplayer.dl.3dvia.com/player/install/3DVIA_player_installer.exe
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\ Modification Domaine/Adresses DNS (O17)
O17 - HKLMSystemCCSServicesTcpip..{49E5E71F-E01F-4E4E-B92F-05CD1A9CF39F}: DhcpNameServer = 192.168.1.1
O17 - HKLMSystemCCSServicesTcpip..{D09BD19C-3D3A-457A-8E16-8A4F507AAB20}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLMSystemCS1ServicesTcpip..{49E5E71F-E01F-4E4E-B92F-05CD1A9CF39F}: DhcpNameServer = 192.168.1.1
O17 - HKLMSystemCS1ServicesTcpip..{D09BD19C-3D3A-457A-8E16-8A4F507AAB20}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLMSystemCS2ServicesTcpip..{49E5E71F-E01F-4E4E-B92F-05CD1A9CF39F}: DhcpNameServer = 192.168.1.1
O17 - HKLMSystemCS2ServicesTcpip..{D09BD19C-3D3A-457A-8E16-8A4F507AAB20}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:Program FilesWindows LivePhoto GalleryAlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:WindowsSystem32mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:WindowsSystem32browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{11260787-E693-467D-A61B-24DB8F81E45F}] (...) -- C:usersuserAppDataLocalTempTemp1_clean202.zipMy DocumentsVisual Studio ProjectseCleaner v2.01Releaseclean202.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{67B9A0C7-2DF7-4343-9EE0-14FB34F332EA}] (...) -- D:ExpressCard1-SATAApplicationIDEDrvSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7309BEB5-1521-4864-98CD-A844D6B27BB1}] (...) -- D:ExpressCard1-SATAApplicationxRaidSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9B7B75FB-3082-4C9F-AA5A-433955EFA67A}] (...) -- D:ExpressCard1S1PVista32MosUnst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B3A7F7E6-8E3E-4074-BBFB-8A1F95B33FC2}] (...) -- D:ExpressCard1-SATAApplicationxIDESetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D04F33A4-4109-43A9-88CB-E4219AA48F7E}] (...) -- C:usersuserDocumentswinvista_15115.exe (.not file.) [0]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 11s



---\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (OMCI) . (. - .) - C:WindowssysTEM32DRIVERSOMCI.sys (.not file.)
~ Drivers: 72 Legitimates Filtered in 00mn 01s



---\ Logiciels installés (O42)
O42 - Logiciel: SeeSimilar02 - (.SeeSimilar.com.) [HKLM] -- SeeSimilar02 =>Adware.SeeSimilar
O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM] -- {C45933C0-8E22-45A0-8816-05D712A87799} =>Hijacker.SmartBar
O42 - Logiciel: Socialbox - (.Zoosk, Inc..) [HKLM] -- com.socialbox.socialbox
O42 - Logiciel: Socialbox - (.Zoosk, Inc..) [HKLM] -- {B3A4B5A9-C9CA-7C40-F58A-9BC514BAC3BA}
O42 - Logiciel: SweetIM for Messenger 3.4 - (.SweetIM Technologies Ltd..) [HKLM] -- {4EE2B017-D82C-4B12-B071-5CF1B23D1A42} =>PUP.SweetIM
~ Logic: 77 Legitimates Filtered in 00mn 00s



---\ HKCU & HKLM Software Keys
[HKCUSoftwareholasearch LTD] =>Hijacker.HolaSearch
[HKLMSoftwareIncrediMail]
[HKLMSoftwareTrymedia Systems] =>Adware.Trymedia
~ Key Software: 158 Legitimates Filtered in 00mn 00s



---\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/06/2013 - 00:52:26 - [2,443] ----D C:Program FilesSeeSimilar02 =>Adware.SeeSimilar
O43 - CFD: 09/12/2011 - 13:48:27 - [2,365] ----D C:Program FilesSocialbox
O43 - CFD: 10/06/2013 - 10:54:04 - [0,000] ----D C:ProgramData{5A85B23A-4B58-47D1-9B9C-DFBD7866099F}
O43 - CFD: 10/06/2013 - 10:54:14 - [0,000] ----D C:ProgramData{D76294E6-03B8-4971-AF2E-3F846161A690}
O43 - CFD: 19/06/2011 - 03:32:13 - [0,208] ----D C:UsersuserAppDataRoamingcom.socialbox.socialbox
O43 - CFD: 28/06/2013 - 00:52:25 - [0,049] ----D C:UsersuserAppDataRoamingSeeSimilar02 =>Adware.SeeSimilar
O43 - CFD: 06/10/2010 - 00:20:27 - [0,031] ----D C:UsersuserAppDataLocalAres
~ 1101 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1471 Legitimates Filtered in 00mn 46s



---\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8F67F0279E8F2EFCF81B1CB15050BFBB] - 23/08/2013 - 08:16:16 ---A- . (...) -- C:ComboFix.txt [10086]
O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 23/08/2013 - 08:13:56 ---A- . (...) -- C:Windowssystem.ini [215]
O44 - LFC:[MD5.45AA0EA94C65AC3F3E917654849FF2FA] - 22/08/2013 - 09:31:08 ---A- . (...) -- C:FyK_Kill.txt [1054]
O44 - LFC:[MD5.43F0CD4D983B9DA9A4E7E379C3AB62A0] - 22/08/2013 - 09:08:47 ---A- . (...) -- C:UsbFix [Clean 1] PC-DE-USER.txt [7871]
O44 - LFC:[MD5.C1022C4473A69E8E2DF26DB721AE891E] - 22/08/2013 - 09:06:53
. (...) -- C:UsbFix [Scan 2] PC-DE-USER.txt [4835]
O44 - LFC:[MD5.465C816F74AE69C3630FFACA7B643F08] - 22/08/2013 - 08:23:30
. (...) -- C:FyK_Scan.txt [1053]
O44 - LFC:[MD5.0277C027A26428DB64EF4F64F52BB4FD] - 12/08/2013 - 18:31:05 ---A- . (...) -- C:WindowsMBR.exe [208896]
O44 - LFC:[MD5.F042EE4C8D66248D9B86DCF52ABAE416] - 12/08/2013 - 18:31:05 ---A- . (...) -- C:WindowsPEV.exe [256000]
O44 - LFC:[MD5.9E05A9C264C8A908A8E79450FCBFF047] - 12/08/2013 - 18:31:05 ---A- . (...) -- C:Windowsgrep.exe [80412]
O44 - LFC:[MD5.2B657A67AEBB84AEA5632C53E61E23BF] - 12/08/2013 - 18:31:05 ---A- . (...) -- C:Windowssed.exe [98816]
O44 - LFC:[MD5.5E832F4FAF5F481F2EAF3B3A48F603B8] - 12/08/2013 - 18:31:05 ---A- . (...) -- C:Windowszip.exe [68096]
~ Files: 58 Legitimates Filtered in 00mn 02s



---\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:Program FilesSUPERAntiSpywareSASSEH.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM...PoliciesSystem] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM...PoliciesSystem] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:WindowsSystem32Driversadp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:WindowsSystem32ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - SosVirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation - Internet Explorer.) -- C:Program FilesInternet Exploreriexplore.exe
O68 - StartMenuInternet: [HKLM..ShellopenCommand] (.Apple Inc. - Safari.) -- C:Program FilesSafariSafari.exe
~ Keys: Scanned in 00mn 00s



---\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {5E867918-87BA-4E42-4563-66BA0B8E9027} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {8F93F761-CDEF-480A-B84F-1B4D58133B41} - (WiseConvert 1.5 B2 Customized Web Search) - http://search.conduit.com =>Toolbar.Conduit
~ Keys: Scanned in 00mn 00s



---\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.AB2BAC6072DC4A6EE0843EDA83253702] [SPRF][18/05/2013] (...) -- C:UsersuserAppDataLocald3d9caps.dat [680]
[MD5.4681E5744AD0338A02603B9E3FBE122F] [SPRF][20/08/2013] (...) -- C:UsersuserAppDataLocalTempQuarantine.exe [327903]
[MD5.5EE09796CBFABE5FAF9E519AFD741632] [SPRF][23/03/2013] (...) -- C:UsersuserAppDataRoamingwklnhst.dat [1750]
[MD5.583AF618F49B77824627A7B45CCF9FF9] [SPRF][23/08/2013] (...) -- C:UsersuserDesktopadwcleaner (1).exe [975858]
[MD5.251196F112EA0EE3A7A954FB9F2213F2] [SPRF][04/07/2013] (.AVG Technologies - AVG Setup Self-Extractor based on 7-Zip.) -- C:UsersuserDesktopavg_free_stb_eu_2013_2667_free.exe [4411392]
[MD5.ABFA836ED23B6181C2A984D1C3CA307C] [SPRF][23/08/2013] (.Swearware - ComboFix NSIS Installer.) -- C:UsersuserDesktopComboFix.exe [5111180]
[MD5.F1EDBC876C86119F93C31CF6A887B062] [SPRF][22/08/2013] (.El Desaparecido - SosVirus.org - FindyKill - Eradicate Bagle Worm.) -- C:UsersuserDesktopFyK.exe [2373438]
[MD5.016D85DC34357BBE7447411C63D0B731] [SPRF][11/06/2013] (.Glarysoft Ltd - Glary Utilities Setup.) -- C:UsersuserDesktopgusetup.exe [6696960]
[MD5.683FDD3D773C58B262DC07CD0C6CE938] [SPRF][05/07/2013] (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:UsersuserDesktopmbam-setup-1.75.0.1300.exe [10285040]
[MD5.4400E263874D3762D26B712FDF414C86] [SPRF][04/07/2013] (...) -- C:UsersuserDesktopRogueKiller-8.6.2.exe [914944]
[MD5.26373B6591EE77146476DDC92B02C6B2] [SPRF][22/08/2013] (.SUPERAntiSpyware - SUPERAntiSpyware Free Edition Setup.) -- C:UsersuserDesktopSUPERAntiSpyware.exe [27180736]
[MD5.43C35081CE0AC367267C5916AB25A817] [SPRF][09/06/2013] (...) -- C:UsersuserDesktopvlc-2.0.6-win32.exe [22948790]
[MD5.83D174BA9A71077EBAF769B2E1C8F594] [SPRF][23/08/2013] (.Nicolas Coolman - ZHPDiag.) -- C:UsersuserDesktopZHPDiag2.exe [5076117]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:WindowsDownloaded Program Filesdwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:WindowsDownloaded Program Filesdwusplay.exe [201648]
[MD5.DAEE914ABCF0081AAF23689E4A8C27DD] [SPRF][14/09/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r85.) -- C:WindowsDownloaded Program FilesFP_AX_CAB_INSTALLER.exe [2826192]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:WindowsDownloaded Program Filesisusweb.dll [484272]
[MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:WindowsDownloaded Program Fileszylomgamesplayer.dll [161976]
~ Files: Scanned in 00mn 02s



---\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "467F76FB6B590634BB752B5EAAC618B4" . (.SweetIM Toolbar for Internet Explorer 4.0.) -- C:WindowsInstaller{BF67F764-95B6-4360-BB57-B2E5AA6C814B}ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 99 Legitimates Filtered in 00mn 00s



---\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D861D14BA7F1EEF926C0FD75399E0F4A] [WIS][27/06/2013] (.ReSoft Ltd. - Snap.Do.) -- C:WindowsInstaller2468ce2a.msi [1609216] =>Hijacker.SmartBar
[MD5.943797023168EA6A87FFA798A175963A] [WIS][22/11/2010] (.Secure Digital Services - Widestream6.) -- C:WindowsInstaller291037e.msi [3006976] =>Adware.SPointer
[MD5.ECEA111ED782CA0AF071D20AC2CE658D] [WIS][09/12/2011] (.Zoosk, Inc. - Socialbox.) -- C:WindowsInstallera59df5a.msi [23552]
~ WIS: 102 Legitimates Filtered in 00mn 09s



---\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 23/05/2013 119056 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:Program FilesSUPERAntiSpywareSASCORE.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
SS - | Demand 23/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:Program FilesBonjourmDNSResponder.exe
SS - | Auto 24/11/2010 136176 | (gupdate) . (.Google Inc..) - C:Program FilesGoogleUpdateGoogleUpdate.exe
SS - | Demand 24/11/2010 136176 | (gupdatem) . (.Google Inc..) - C:Program FilesGoogleUpdateGoogleUpdate.exe
SS - | Demand 19/01/2008 21504 | C:Program FilesHPDigital Imagingbinhpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:WindowsSystem32svchost.exe
SR - | Auto 05/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:Program FilesIntelIntel(R) Rapid Storage TechnologyIAStorDataMgrSvc.exe
SR - | Demand 16/08/2013 553288 | (iPod Service) . (.Apple Inc..) - C:Program FilesiPodbiniPodService.exe
SS - | Demand 01/05/2011 311744 | (maconfservice) . (.CybelSoft.) - C:Program Filesma-config.commaconfservice.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:Program FilesMalwarebytes' Anti-Malwarembamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:Program FilesMalwarebytes' Anti-Malwarembamservice.exe
SR - | Auto 19/01/2008 21504 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:WindowsSystem32svchost.exe
SR - | Auto 19/01/2008 21504 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:WindowsSystem32svchost.exe
SS - | Auto 02/01/2007 90112 | (STacSV) . (.SigmaTel, Inc..) - C:Program FilesSigmaTelC-Major AudioWDMSTacSV.exe
SS - | Demand 02/12/2007 74384 | (stllssvr) . (.MicroVision Development, Inc..) - C:Program FilesCommon FilesSureThing Sharedstllssvr.exe
SS - | Demand 19/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:WindowsSystem32svchost.exe
SR - | Auto 09/10/2007 24064 | (wltrysvc) . (...) - C:WindowsSystem32WLTRYSVC.exe
SR - | Auto 19/01/2008 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:WindowsSystem32svchost.exe
SR - | Auto 04/08/2006 386560 | (XAudioService) . (.Conexant Systems, Inc..) - C:WindowsSystem32DRIVERSxaudio.exe
~ Services: Scanned in 00mn 10s



---\ Scan Additionnel (O88)
Database Version : v2.12862 - (22/08/2013)
Clés trouvées (Keys found) : 14
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 5
Fichiers trouvés (Files found) : 5

[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallSeeSimilar02] =>Adware.SeeSimilar^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{C45933C0-8E22-45A0-8816-05D712A87799}] =>Hijacker.SmartBar^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{4EE2B017-D82C-4B12-B071-5CF1B23D1A42}] =>PUP.SweetIM^
[HKLMSoftwareClassesInstallerFeatures710B2EE4C28D21B40B17C51F2BD3A124] =>PUP.SweetIM
[HKLMSoftwareClassesInstallerProducts710B2EE4C28D21B40B17C51F2BD3A124] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products710B2EE4C28D21B40B17C51F2BD3A124] =>PUP.SweetIM
[HKLMSoftwareClassesInstallerFeatures467F76FB6B590634BB752B5EAAC618B4] =>PUP.SweetIM
[HKLMSoftwareClassesInstallerProducts467F76FB6B590634BB752B5EAAC618B4] =>PUP.SweetIM
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products467F76FB6B590634BB752B5EAAC618B4] =>PUP.SweetIM
[HKLMSoftwareClassesWidestream6.Spointer.1] =>Adware.SPointer
[HKLMSoftwareClassesWidestream6.SpointerCtrl.1] =>Adware.SPointer
[HKLMSoftwareClassesWidestream6.SpointerWebDisp.1] =>Adware.SPointer
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:Program FilesSeeSimilar02 =>Adware.SeeSimilar^
C:UsersuserAppDataRoamingSeeSimilar02 =>Adware.SeeSimilar^
C:ProgramDataSoftware =>Adware.Boxore
C:UsersuserAppDataLocalSoftware =>Adware.Boxore
C:UsersuserAppDataLocalLowuTorrentBar_FR =>Toolbar.Conduit
[HKCUSoftwareholasearch LTD] =>Hijacker.HolaSearch^
[HKLMSoftwareTrymedia Systems] =>Adware.Trymedia^
C:WindowsInstaller{BF67F764-95B6-4360-BB57-B2E5AA6C814B}ARPPRODUCTICON.exe =>PUP.SweetIM^
C:WindowsInstaller2468ce2a.msi =>Hijacker.SmartBar^
C:WindowsInstaller291037e.msi =>Adware.SPointer^
~ Additionnel Scan: 263050 Items scanned in 00mn 22s



---\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/31473015-adware-seesimilar =>Adware.SeeSimilar
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28136809-hijacker-holasearch =>Hijacker.HolaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 8 link(s) detected in 00mn 22s



~ 2378 Legitimates filtered by white list
End of the scan (490 lines in 02mn 36s)(0)