Répondre à : aartemis 2016-09-08T13:23:06+00:00
lachipie0380
Participant
Nombre d'articles : 7

~ Rapport de ZHPDiag v2013.12.1.4 – Nicolas Coolman (01/12/2013)
~ Lancé par Utilisateur (03/12/2013 10:40:46)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program

—\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
GCIE: Google Chrome v31.0.1650.57 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows Vista Starter Edition, 32-bit (Build 6000)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : WHMY7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK

—\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader X

—\ Informations sur le système
~ Processor: x86 Family 6 Model 28 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1015 MB (17% free)
System Restore: Activé (Enable)
System drive C: has 249 GB (83%) free of 298 GB

—\ Mode de connexion au système
~ Computer Name: UTILISATEUR-PC
~ User Name: Utilisateur
~ All Users Names: Utilisateur, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersUtilisateurAppDataRoamingZHP
~ %AppData% : C:UsersUtilisateurAppDataRoaming
~ %Desktop% : C:UsersUtilisateurDesktop
~ %Favorites% : C:UsersUtilisateurFavorites
~ %LocalAppData% : C:UsersUtilisateurAppDataLocal
~ %StartMenu% : C:UsersUtilisateurAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 249 Go of 298 Go)

—\ Etat du Centre de Sécurité Windows
~ Security Center: 46 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 06:30:54.) — C:WindowsExplorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:14:45.) — C:WindowsSystem32Wininit.exe [96256]
[MD5.5FD4335DCD343D0FEA9FA6B18ED408D9] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.12/10/2013 – 08:03:50.) — C:WindowsSystem32wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.20/11/2010 – 13:17:54.) — C:WindowsSystem32Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] – (.Microsoft Corporation – Bibliothèque de licences.) (.20/11/2010 – 13:21:24.) — C:WindowsSystem32sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.14/09/2013 – 01:48:58.) — C:Windowssystem32DriversAFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:26:15.) — C:Windowssystem32Driversatapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:11:15.) — C:Windowssystem32DriversCdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.20/11/2010 – 09:38:10.) — C:Windowssystem32DriversCdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.20/11/2010 – 09:42:32.) — C:Windowssystem32DriversDfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.20/11/2010 – 10:59:29.) — C:Windowssystem32DriversHDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:11:24.) — C:Windowssystem32Driversi8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 00:54:29.) — C:Windowssystem32DriversIpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:17:22.) — C:Windowssystem32DriversMRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] – (.Microsoft Corporation – MBT Transport driver.) (.20/11/2010 – 09:39:44.) — C:Windowssystem32DriversnetBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 14:45:29.) — C:Windowssystem32Driversntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 00:45:35.) — C:Windowssystem32DriversParport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 00:54:34.) — C:Windowssystem32DriversRasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 00:53:41.) — C:Windowssystem32Driverssmb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] – (.Microsoft Corporation – TDI Translation Driver.) (.20/11/2010 – 09:39:17.) — C:Windowssystem32Driverstdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.20/11/2010 – 13:30:16.) — C:Windowssystem32Driversvolsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/305
~ Mes musiques (My Musics) : 5/214
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 4/58
~ Mon Bureau (My Desktop) : 4/6524
~ Menu demarrer (Programs) : 1/25
~ Hidden Files: Scanned in 00mn 14s

—\ Processus lancés
[MD5.004763BDF8E48244DBB9FDFDE3065EBC] – (.Intel Corporation – hkcmd Module.) — C:WindowsSystem32hkcmd.exe [173592] [PID.1788]
[MD5.CD1102E5D340216138C7F56FA8D26998] – (.Intel Corporation – persistence Module.) — C:WindowsSystem32igfxpers.exe [150552] [PID.1816]
[MD5.84A678CFE00DD62E7DAC96D93AA55E00] – (.F-Secure Corporation – F-Secure Settings and Statistics.) — C:Program FilesSecuritooav_fwCommonFSM32.exe [201400] [PID.1840]
[MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe [152392] [PID.1928]
[MD5.D9C51528488EA0D98D3C4D02ABD16759] – (.Intel Corporation – igfxsrvc Module.) — C:Windowssystem32igfxsrvc.exe [252952] [PID.408]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2744]
[MD5.636D97B3BAF854511FF3F4093E895FED] – (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe [863184] [PID.4048]
[MD5.3E02FD57FDAF184A15CCAD9D9BD9C626] – (.Nicolas Coolman – ZHPDiag.) — C:Program FilesZHPDiagZHPDiag.exe [8263680] [PID.4656]
[MD5.62B7936F9036DD6ED36E6A7EFA805DC0] – (.Adobe Systems Incorporated – Adobe Acrobat Update Service.) — C:Program FilesCommon FilesAdobeARM1.0armsvc.exe [63928] [PID.1564]
[MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1632]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] – (.Apple Inc. – Bonjour Service.) — C:Program FilesBonjourmDNSResponder.exe [390504] [PID.1960]
[MD5.3C5DC1819767668E59CAE3BC3AD6146C] – (.F-Secure Corporation – F-Secure Anti-Virus Scanning Service.) — C:Program FilesSecuritooav_fwAnti-Virusfsgk32st.exe [221880] [PID.592]
[MD5.1658B96575182F53C0424586EC03B7A0] – (.F-Secure Corporation – F-Secure Gatekeeper Handler 32-bit.) — C:Program FilesSecuritooav_fwAnti-VirusFSGK32.exe [621608] [PID.1028]
[MD5.5A67DD8B6F0603B321B940FBB58C2712] – (.F-Secure Corporation – F-Secure Management Agent.) — C:Program FilesSecuritooav_fwCommonFSMA32.exe [189112] [PID.1432]
[MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe [418376] [PID.1968]
[MD5.4D41E0BCD784801E18D33F35375F4B31] – (.F-Secure Corporation – F-Secure DLL Hosting Plugin.) — C:Program FilesSecuritooav_fwCommonFSHDLL32.exe [90808] [PID.808]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe [701512] [PID.2088]
[MD5.7CF1B716372B89568AE4C0FE769F5869] – (.Microsoft Corporation – Machine Debug Manager.) — C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe [335872] [PID.2304]
[MD5.6BD833275D73A351C296E9DDEB080A6C] – (.F-Secure Corporation – F-Secure Internet Shield daemon (32 bit).) — C:Program FilesSecuritooav_fwFWESProgramfsdfwd.exe [582328] [PID.3060]
[MD5.45303CDBC1FD8F8D371E726BF126F771] – (.F-Secure Corporation – F-Secure ORSP Service.) — C:Program FilesSecuritooav_fwORSP Clientfsorsp.exe [60352] [PID.3092]
[MD5.C00149A7027081539A66DC5A46695EAD] – (.Apple Inc. – iPodService Module (32-bit).) — C:Program FilesiPodbiniPodService.exe [553288] [PID.3120]
[MD5.537F5AA8CD3AA0DDDA640FB55538FBF8] – (.F-Secure Corporation – F-Secure Scanner Manager 32-bit.) — C:Program FilesSecuritooav_fwAnti-Virusfssm32.exe [1162280] [PID.3404]
[MD5.20C3D8E800F3BDDC763A81166411A6DA] – (.F-Secure Corporation – F-Secure Anti-Virus Handler 32-bit.) — C:Program FilesSecuritooav_fwAnti-Virusfsav32.exe [563648] [PID.2540]
[MD5.CF87A1DE791347E75B98885214CED2B8] – (.Microsoft Corporation – Service de la plateforme de protection logi.) — C:Windowssystem32sppsvc.exe [3179520] [PID.3708]
[MD5.2C49B175AEE1D4364B91B531417FE583] – (.Microsoft Corporation – Programme d’installation pour les modules W.) — C:WindowsservicingTrustedInstaller.exe [204800] [PID.5052]
~ Processes Running: Scanned in 00mn 06s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersUtilisateurAppDataLocalGoogleChromeUser DataDefaultPreferences
~ Google Browser: 9 Legitimates Filtered in 00mn 02s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Browsing Protection Toolbar – [HKLM]{265EEE8E-3228-44D3-AEA5-F7FDF5860049} . (.F-Secure Corporation – Litmus.) — C:Program FilesSecuritooav_fwNRSiescriptbaselitmus.dll
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: Fotosizer.lnk . (.Fotosizer.com – Fotosizer Batch Image Resizer.) — C:Program FilesFotosizerFotosizer.exe
O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSDesktop [Public]: Securitoo AntiVirus Firewall.lnk . (.F-Secure Corporation – F-Secure Common User Interface Framework.) — C:Program FilesSecuritooav_fwFSGUIfscuif.exe
O4 – GSProgram [Public]: Songr.lnk . (.Xamasoft – Songr.) — C:Program FilesSongrSongr.exe
O4 – GSQuickLaunch [Utilisateur]: Fotosizer.lnk . (.Fotosizer.com – Fotosizer Batch Image Resizer.) — C:Program FilesFotosizerFotosizer.exe
O4 – GSQuickLaunch [Utilisateur]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Utilisateur]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSTaskBar [Utilisateur]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O4 – GSTaskBar [Utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSTaskBar [Utilisateur]: Songr.lnk . (.Xamasoft – Songr.) — C:Program FilesSongrSongr.exe
O4 – GSProgram [Utilisateur]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSSystemTools [Utilisateur]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O4 – GSDesktop [Utilisateur]: 001 – Raccourci.lnk . (…) — C:UsersUtilisateurPictures2013-07-2901.jpg
O4 – GSDesktop [Utilisateur]: 003 – Raccourci.lnk . (…) — C:UsersUtilisateurPictures2013-07-2903.jpg
O4 – GSDesktop [Utilisateur]: Songr.lnk . (.Xamasoft – Songr.) — C:Program FilesSongrSongr.exe
O4 – GSDesktop [Utilisateur]: SpyHunter.lnk . (.Enigma Software Group USA, LLC. – SpyHunter4 application.) — C:Program FilesEnigma Software GroupSpyHunterSpyHunter4.exe =>Crapware.SpyHunter
~ Global Startup: 56 Legitimates Filtered in 00mn 19s

—\ Applications lancées au démarrage du sytème (O4)
O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:Windowssystem32igfxpers.exe
O4 – HKLM..Run: [F-Secure Manager] . (.F-Secure Corporation – F-Secure Settings and Statistics.) — C:Program FilesSecuritooav_fwCommonFSM32.exe
O4 – HKLM..Run: [F-Secure TNB] . (.F-Secure Corporation – TNBUtil.) — C:Program FilesSecuritooav_fwFSGUITNBUtil.exe
O4 – HKLM..Run: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program FilesCommon FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Run: [QuickTime Task] . (.Apple Inc. – QuickTime Task.) — C:Program FilesQuickTimeQTTask.exe
O4 – HKLM..Run: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program FilesiTunesiTunesHelper.exe
O4 – HKLM..Run: [mobilegeni daemon] C:Program FilesMobogenieDaemonProcess.exe (.not file.)
O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersUtilisateurAppDataLocalFacebookUpdateFacebookUpdate.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-18..RunOnce: [SPReview] . (.Microsoft Corporation – SP Reviewer.) — C:WindowsSystem32SPReviewSPReview.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-377383574-2506968292-2955816827-1000..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersUtilisateurAppDataLocalFacebookUpdateFacebookUpdate.exe
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (…) — C:Program FilesMicrosoft OfficeOffice12REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{893CB6B9-4035-407C-A72B-42905C8040A8}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 – HKLMSystemCCSServicesTcpip..{B47950C3-CABE-489D-8B87-0F72058AC8C1}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCS1ServicesTcpip..{893CB6B9-4035-407C-A72B-42905C8040A8}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 – HKLMSystemCS1ServicesTcpip..{B47950C3-CABE-489D-8B87-0F72058AC8C1}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCS2ServicesTcpip..{893CB6B9-4035-407C-A72B-42905C8040A8}: DhcpNameServer = 172.20.2.39 172.20.2.10
O17 – HKLMSystemCS2ServicesTcpip..{B47950C3-CABE-489D-8B87-0F72058AC8C1}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation – Visionneuse HTML Microsoft (R).) — C:WindowsSystem32mshtml.dll =>.Microsoft Corporation
O18 – Filter: text/xml – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon Filesmicrosoft sharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

—\ Tâches planifiées en automatique (O39)
[MD5.FCD0DE9649EA75B67CD88EBB06A72074] [APT] [Scheduled scanning task] (…) — C:Program FilesSECURI~1av_fwANTI-V~1fsav.exe [215736]
[MD5.00000000000000000000000000000000] [APT] [{EBE206DD-560A-49D7-8AB7-8156D44C0DDF}] (…) — c:usersUtilisateurappdatalocallollipoplollipop.bat (.not file.) [0] =>Adware.Lollipop
~ Scheduled Task: 16 Legitimates Filtered in 00mn 15s

—\ Pilotes lancés au démarrage du système (O41)
O41 – Driver: (fsvista) . (…) – C:Program FilesSecuritooav_fwAnti-Virusminifilterfsvista.sys
~ Drivers: 72 Legitimates Filtered in 00mn 08s

—\ HKCU & HKLM Software Keys
[HKLMSoftwareiWin]
[HKLMSoftwaresupWPM]
~ Key Software: 159 Legitimates Filtered in 00mn 02s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 02/12/2013 – 15:10:59 – [0] —-D C:ProgramDataWPM
O43 – CFD: 02/12/2013 – 19:36:39 – [0,005] —-D C:UsersUtilisateurAppDataRoamingMicrosoftWindowsStart MenuProgramsSpyHunter =>Crapware.SpyHunter
~ Program Folder: 125 Legitimates Filtered in 00mn 32s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.6F37098F835ADF4077BC42CBD8FDB225] – 20/11/2013 – 03:04:11 —A- . (…) — C:WindowsIE11_main.log [4970]
~ Files: 13 Legitimates Filtered in 00mn 53s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.12D0A8D668F53EE09B30978644ED0A09] – 02/12/2013 – 13:33:08 —A- – C:WindowsPrefetchCLOCKWORK-ORANGE-FONT_1.0.EXE-CD79CC65.pf
O45 – LFCP:[MD5.FE3E678F77C6092F6BB1A27E7D8349FB] – 02/12/2013 – 13:34:32 —A- – C:WindowsPrefetchONEINSTALLER_AARTEMIS_2013111-3C185BBE.pf =>PUP.AArtemis
O45 – LFCP:[MD5.B89B0775BCCF63A40074207F3B8C5E05] – 02/12/2013 – 13:35:14 —A- – C:WindowsPrefetchLLPINSTALLER.EXE-EE33FA7C.pf
O45 – LFCP:[MD5.5B188F93EACE1534D1DBCB79EED35285] – 02/12/2013 – 13:35:16 —A- – C:WindowsPrefetchVBATESINSTALLER.EXE-CEF8C945.pf
O45 – LFCP:[MD5.C09B6232B7AFF3AE65E2FC03BE95506F] – 02/12/2013 – 13:35:17 —A- – C:WindowsPrefetch20131202133308.314.EXE-310D621D.pf
O45 – LFCP:[MD5.7361A2BA83CBF331AAF7AD7D52050967] – 02/12/2013 – 13:35:29 —A- – C:WindowsPrefetchSU.EXE-CF2F4BE6.pf
O45 – LFCP:[MD5.3575277D7434FDD742294DB30A600FA4] – 02/12/2013 – 13:35:35 —A- – C:WindowsPrefetchBXRINSTALLER.EXE-3C7DB630.pf
O45 – LFCP:[MD5.04EE503AD645E7DCC048E0E83E389B63] – 02/12/2013 – 13:36:02 —A- – C:WindowsPrefetchMOBOGENIEINSTALLER.EXE-B8B07935.pf
O45 – LFCP:[MD5.59C3A3D9D20711FC68403AF8817DC2FC] – 02/12/2013 – 13:36:02 —A- – C:WindowsPrefetchOKITSPACE.EXE-68981ED5.pf =>PUP.Onekit
O45 – LFCP:[MD5.938C50786264734A7414CE01BCFC3DD5] – 02/12/2013 – 13:36:39 —A- – C:WindowsPrefetchVBATESINSTALLER.TMP-7BDDBAD1.pf
O45 – LFCP:[MD5.0D86F15C90F0A8B0E0B18D9D5B747C43] – 02/12/2013 – 13:36:39 —A- – C:WindowsPrefetchWAJAMC.EXE-DFDFA7D5.pf =>PUP.Wajam
O45 – LFCP:[MD5.78A4D995FAE14A738EBDF2CA37067018] – 02/12/2013 – 13:36:40 —A- – C:WindowsPrefetchNSED37.TMP-D7D671FC.pf
O45 – LFCP:[MD5.87B236F4B3B0376B5253B7C8D8D591EB] – 02/12/2013 – 13:36:53 —A- – C:WindowsPrefetchPLUGINPROTECT.EXE-82FF75AC.pf
O45 – LFCP:[MD5.86161F65FEFB657A3734F2F07BE30E27] – 02/12/2013 – 13:37:07 —A- – C:WindowsPrefetchBOXOREINSTALLER.EXE-EF59D9E7.pf =>Adware.Boxore
O45 – LFCP:[MD5.7033B96070F2F3572E78C429A0E0C2A5] – 02/12/2013 – 13:38:05 —A- – C:WindowsPrefetchFONTVIEW.EXE-9D7359FA.pf
O45 – LFCP:[MD5.4FBF371A62B664CC3DCC1A4342940112] – 03/12/2013 – 10:35:33 —A- – C:WindowsPrefetchFSDC32.EXE-BDBA138C.pf
O45 – LFCP:[MD5.C6FEE6EF279E96DA6198A10A5D7482E8] – 15/11/2013 – 10:29:34 —A- – C:WindowsPrefetchIMINENT.EXE-75DD804E.pf =>Adware.IMBooster
O45 – LFCP:[MD5.7CAFE8C8917971223AD52336FDFC8591] – 17/11/2013 – 13:17:19 —A- – C:WindowsPrefetch31.0.1650.57_30.0.1599.101_CH-E144672A.pf
~ Prefetcher: 142 Legitimates Filtered in 00mn 07s

—\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 – MPSK:{16d2342f-54a1-11e1-b330-18a905855d16}AutoRuncommand. (…) — D:autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] – 14/07/2009 – 02:20:28 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [453712]
O58 – SDL:[MD5.C1258ADCBE6E51A3C06C234D2BDB81B5] – 24/06/2010 – 13:27:58 —A- . (.Huawei Tech. Co., Ltd. – HUAWEI USB Smart Card Driver.) — C:WindowsSystem32Driversewdcsc.sys [23424]
O58 – SDL:[MD5.18DA737DD5122A475DA4948ED4643675] – 23/02/2013 – 14:54:10 —A- . (…) — C:WindowsSystem32Driversfsbts.sys [44240]
O58 – SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] – 13/07/2009 – 23:54:14 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [26624]
O58 – SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] – 14/07/2009 – 02:19:04 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [21072]
O58 – SDL:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] – 13/12/2012 – 13:50:38 —A- . (.Apple, Inc. – Apple Mobile Device USB Driver.) — C:WindowsSystem32Driversusbaapl.sys [45056]
O58 – SDL:[MD5.8AAD333C876590293F72B315E162BCC7] – 13/07/2009 – 22:40:41 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
O58 – SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] – 13/07/2009 – 22:40:44 —A- . (…) — C:WindowsSystem32country.sys [27097]
O58 – SDL:[MD5.01CE484FF6D70A39479BC6D619DE7ED6] – 22/06/2012 – 11:01:32 —A- . (…) — C:WindowsSystem32ESGScanner.sys [19984]
O58 – SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] – 13/07/2009 – 22:40:40 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
O58 – SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
O58 – SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] – 13/07/2009 – 22:40:43 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
O58 – SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] – 13/07/2009 – 22:40:23 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
O58 – SDL:[MD5.CF9ED169FF86D935E47999E82359E898] – 13/07/2009 – 22:40:31 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
O58 – SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] – 13/07/2009 – 22:40:35 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
O58 – SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] – 13/07/2009 – 22:40:39 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
O58 – SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] – 13/07/2009 – 22:40:27 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
O58 – SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] – 13/07/2009 – 22:40:11 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
O58 – SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] – 13/07/2009 – 22:40:15 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
O58 – SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] – 13/07/2009 – 22:40:17 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
O58 – SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] – 13/07/2009 – 22:40:19 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
O58 – SDL:[MD5.D86B6435729231C171432B4E77801BDB] – 13/07/2009 – 22:40:13 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 10s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 02/12/2013 – 10:46:03 —A- . (…) — C:UsersUtilisateurAppDataLocalGDIPFONTCACHEV1.DAT [65592]
O61 – LFC: 02/12/2013 – 10:46:22 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataFirst Run [0]
O61 – LFC: 02/12/2013 – 10:46:22 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser Dataen-US-3-0.bdic [440949]
O61 – LFC: 02/12/2013 – 10:46:22 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser Datafr-FR-3-0.bdic [1074744]
O61 – LFC: 02/12/2013 – 10:46:24 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376manifest.fingerprint [66]
O61 – LFC: 02/12/2013 – 10:46:24 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376manifest.json [848]
O61 – LFC: 02/12/2013 – 10:46:28 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataWidevineCDM1.4.1.376_platform_specificwin_x86widevinecdm.dll [6940304]
O61 – LFC: 02/12/2013 – 10:48:48 R–A- . (…) — C:UsersUtilisateurAppDataRoamingMicrosoftInstaller{220FB035-4744-483A-9A0B-41DF77061583}IconCF33A0CE.exe [110080]
O61 – LFC: 02/12/2013 – 10:48:48 R–A- . (…) — C:UsersUtilisateurAppDataRoamingMicrosoftInstaller{220FB035-4744-483A-9A0B-41DF77061583}IconD7F16134.exe [110080]
O61 – LFC: 02/12/2013 – 10:48:48 R–A- . (…) — C:UsersUtilisateurAppDataRoamingMicrosoftInstaller{220FB035-4744-483A-9A0B-41DF77061583}IconF7A21AF7.exe [110080]
O61 – LFC: 02/12/2013 – 10:48:51 —A- . (…) — C:UsersUtilisateurAppDataRoamingZHPZHPDiag.txt [90420] =>.Nicolas Coolman
O61 – LFC: 02/12/2013 – 10:48:52 —A- . (…) — C:UsersUtilisateurdaemonprocess.txt [282]
O61 – LFC: 02/12/2013 – 10:49:50 —A- . (…) — C:UsersUtilisateurDownloadsClockwork-Orange-Font_1.0.exe [278784]
O61 – LFC: 02/12/2013 – 10:50:35 —A- . (.Conduit.) — C:UsersUtilisateurDownloadsSetup_brch.exe [1119056]
O61 – LFC: 03/12/2013 – 10:46:03 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [263877]
O61 – LFC: 03/12/2013 – 10:46:22 —A- . (…) — C:UsersUtilisateurAppDataLocalGoogleChromeUser DataLocal State [47501]
O61 – LFC: 03/12/2013 – 10:48:51 —A- . (…) — C:UsersUtilisateurAppDataRoamingZHPLog.txt [109936] =>.Nicolas Coolman
O61 – LFC: 03/12/2013 – 10:48:51 —A- . (…) — C:UsersUtilisateurAppDataRoamingZHPTestsZHPDiag.txt [2958] =>.Nicolas Coolman
O61 – LFC: 03/12/2013 – 10:49:41 —A- . (…) — C:UsersUtilisateurDownloadsadwcleaner (1).exe [1110034]
O61 – LFC: 03/12/2013 – 10:49:41 —A- . (…) — C:UsersUtilisateurDownloadsadwcleaner.exe [1110034]
~ 303 Fichiers temporaires (Temporary files)
~ Files: 1496 Legitimates Filtered in 05mn 25s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – (Bing) – http://www.bing.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.A3AF60FEB8685052D07346FE8D929410] [SPRF][02/12/2013] (…) — C:UsersUtilisateurAppDataLocalTemp20131202133308.314.exe [675216]
[MD5.2FECB22098400E131731424B6A7C3B02] [SPRF][12/09/2011] (…) — C:UsersUtilisateurAppDataLocalTemp2384LC4A.bat [8075]
[MD5.2F08D91BFE7D5B863F7DDE4826B1955F] [SPRF][05/11/2013] (.The Software Group – Software Update Setup.) — C:UsersUtilisateurAppDataLocalTempBoxoreInstaller.exe [621168] =>Adware.Boxore
[MD5.28FC891FBC5BBBB31667417AB87D8D17] [SPRF][01/12/2013] (…) — C:UsersUtilisateurAppDataLocalTempQuarantine.exe [355227]
[MD5.37F2F6D556EE5C6C3EE3779CE4C13EA6] [SPRF][02/12/2013] (…) — C:UsersUtilisateurAppDataLocalTempSHSetup.exe [45663824] =>Crapware.SpyHunter
[MD5.EEFAC0A5E3D9EAC7FE34F5D969FCD35D] [SPRF][05/11/2013] (…) — C:UsersUtilisateurAppDataLocalTempwajam_download.exe [61624] =>PUP.Wajam
[MD5.5A45A7E3E12BE51844B741945FB8E85E] [SPRF][18/03/2012] (.Iminent – IMinent bootstrapper.) — C:UsersUtilisateurDesktopIminentSetup_2-KFRPtAWP-1_.exe [825312] =>Adware.IMBooster
~ Files: 7 Legitimates Filtered in 00mn 05s

—\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 – FAEL: “{BC12CA59-B7DD-409B-9F92-0E34691C2DA8}” |In – None – P17 – TRUE | .(…) — C:Program FilesIminentIminent.exe (.not file.) =>Adware.IMBooster
O87 – FAEL: “{3226F1BB-817B-4C8D-908C-FC02542FE4E8}” |In – None – P17 – TRUE | .(…) — C:Program FilesIminentIminent.Messengers.exe (.not file.) =>Adware.IMBooster
O87 – FAEL: “{BC629C0A-8B58-462B-9566-582C3007A83E}” |In – Private – P6 – TRUE | .(…) — C:Program FilesSweetIMCommunicatorSweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 – FAEL: “{BA00D535-4718-43D8-8062-48950818D02D}” |In – Private – P17 – TRUE | .(…) — C:Program FilesSweetIMCommunicatorSweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
~ Firewall: 151 Legitimates Filtered in 00mn 03s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: “BA172DB42E6685D4FA8808EFB370074C” . (.Fissa.) — C:WindowsInstaller{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}ARPPRODUCTICON.exe =>PUP.OfferBox
~ Update Products: 31 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.EBAB99411769E8924D9BF17717ECB07E] [WIS][18/07/2012] (.SweetIM Technologies Ltd. – SweetIM for Messenger 3.6.) — C:WindowsInstaller194585d.msi [3553792] =>PUP.SweetIM
[MD5.0C8AC497AFCA75C05EB08C89863A97B3] [WIS][18/07/2012] (.SweetIM Technologies Ltd. – SweetPacks Toolbar for Internet Explorer 4.0.) — C:WindowsInstaller1945862.msi [3070464] =>PUP.SweetIM
[MD5.85C5DEF2B079CA6E8CA7FCBD45793BEF] [WIS][18/07/2012] (.SweetIM Technologies Ltd. – Sweetpacks Communicator 1.0.) — C:WindowsInstaller1945867.msi [2243584] =>PUP.SweetIM
[MD5.FEEB576634F1F961F5649D4D09F02363] [WIS][18/03/2012] (.Iminent – Iminent.) — C:WindowsInstallerab4b5.msi [9420800] =>Adware.IMBooster
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][18/03/2012] (.IMinent – IMinent Toolbar.) — C:WindowsInstallerab4ba.msi [1019392] =>Adware.IMBooster
~ WIS: 39 Legitimates Filtered in 00mn 16s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Auto 02/12/2013 116648 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 02/12/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe

SR – | Auto 03/01/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program FilesCommon FilesAdobeARM1.0armsvc.exe
SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR – | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SR – | Auto 26/09/2011 221880 | (F-Secure Gatekeeper Handler Starter) . (.F-Secure Corporation.) – C:Program FilesSecuritooav_fwAnti-Virusfsgk32st.exe
SR – | Demand 26/09/2011 582328 | (FSDFWD) . (.F-Secure Corporation.) – C:Program FilesSecuritooav_fwFWESProgramfsdfwd.exe
SR – | Auto 26/09/2011 189112 | (FSMA) . (.F-Secure Corporation.) – C:Program FilesSecuritooav_fwCommonFSMA32.exe
SR – | Demand 06/06/2013 60352 | (FSORSPClient) . (.F-Secure Corporation.) – C:Program FilesSecuritooav_fwORSP Clientfsorsp.exe
SR – | Demand 17/09/2013 553288 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes’ Anti-Malwarembamscheduler.exe
SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program FilesMalwarebytes’ Anti-Malwarembamservice.exe
SR – | Auto 14/07/2009 20992 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 20992 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 20992 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 14/07/2009 20992 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe

~ Services: Scanned in 00mn 23s

—\ Scan Additionnel (O88)
Database Version : 13007 – (01/12/2013)
Clés trouvées (Keys found) : 6
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 11

[HKLMSoftwareClassesInstallerFeaturesBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLMSoftwareClassesInstallerProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLMSoftwareiwin] =>Adware.iWinArcade
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsFF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:UsersUtilisateurAppDataRoamingMicrosoftWindowsStart MenuProgramsSpyHunter =>Crapware.SpyHunter^
C:UsersUtilisateurAppDataLocalSoftware =>Adware.Boxore
C:UsersUtilisateurAppDataLocalTempBoxoreInstaller.exe =>Adware.Boxore^
C:UsersUtilisateurAppDataLocalTempSHSetup.exe =>Crapware.SpyHunter^
C:UsersUtilisateurAppDataLocalTempwajam_download.exe =>PUP.Wajam^
C:UsersUtilisateurDesktopIminentSetup_2-KFRPtAWP-1_.exe =>Adware.IMBooster^
C:WindowsInstaller194585d.msi =>PUP.SweetIM^
C:WindowsInstaller1945862.msi =>PUP.SweetIM^
C:WindowsInstaller1945867.msi =>PUP.SweetIM^
C:WindowsInstallerab4b5.msi =>Adware.IMBooster^
C:WindowsInstallerab4ba.msi =>Adware.IMBooster^
C:UsersUtilisateurDesktopSpyHunter.lnk =>Crapware.SpyHunter
~ Additionnel Scan: 210399 Items scanned in 02mn 41s

—\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter” onclick=”window.open(this.href);return false; =>Crapware.SpyHunter
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop” onclick=”window.open(this.href);return false; =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/35393224-pup-aartemis” onclick=”window.open(this.href);return false; =>PUP.AArtemis
~ http://nicolascoolman.webs.com/apps/blog/show/33456961-pup-onekit” onclick=”window.open(this.href);return false; =>PUP.OneKit
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam” onclick=”window.open(this.href);return false; =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore” onclick=”window.open(this.href);return false; =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster” onclick=”window.open(this.href);return false; =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim” onclick=”window.open(this.href);return false; =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade” onclick=”window.open(this.href);return false; =>Adware.iWinArcade
~ MSI: 10 link(s) detected in 02mn 41s

~ 2438 Legitimates filtered by white list
End of the scan (504 lines in 15mn 20s)(0)