Répondre à : Virus rvzr-a. akamaihd 2016-09-08T13:17:08+00:00
popoutre
Post count: 0

voici le 2° rapport

~ Rapport de ZHPDiag v2013.11.11.25 – Nicolas Coolman (11/11/2013)
~ Lancé par Mégane (12/11/2013 16:26:14)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v30.0.1599.101 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Home Premium Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : 66JYG
Windows License : OK
~ Windows Remaining Initializations Number : 998
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
Bitdefender Antivirus Plus v17.20.0.883
Windows Defender W8

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Reader XI
Java 7 Update 45

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 58 Stepping 9, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6029 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 215 GB (77%) free of 279 GB

—\ Mode de connexion au système
~ Computer Name: PC-MEGANE
~ User Name: Mégane
~ All Users Names: UpdatusUser, Mégane, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersMéganeAppDataRoamingZHP
~ %AppData% : C:UsersMéganeAppDataRoaming
~ %Desktop% : C:UsersMéganeDesktop
~ %Favorites% : C:UsersMéganeFavorites
~ %LocalAppData% : C:UsersMéganeAppDataLocal
~ %StartMenu% : C:UsersMéganeAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 215 Go of 279 Go)
D: Hard drive, Flash drive, Thumb drive (Free 398 Go of 398 Go)
E: CD-ROM drive (Not Inserted)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] – (.Microsoft Corporation – Explorateur Windows.) (.01/06/2013 – 12:34:21.) — C:WindowsExplorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] – (.Microsoft Corporation – Application de démarrage de Windows.) (.26/07/2012 – 04:08:50.) — C:WindowsSystem32Wininit.exe [132608]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/09/2013 – 23:55:10.) — C:WindowsSystem32wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.11/10/2012 – 06:46:58.) — C:WindowsSystem32Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] – (.Microsoft Corporation – Bibliothèque de licences.) (.26/07/2012 – 04:07:20.) — C:WindowsSystem32sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] – (.Microsoft Corporation – Pilote de fonction connexe pour WinSock.) (.06/11/2012 – 04:53:44.) — C:Windowssystem32DriversAFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.26/07/2012 – 06:00:48.) — C:Windowssystem32Driversatapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] – (.Microsoft Corporation – CD-ROM File System Driver.) (.26/07/2012 – 03:30:10.) — C:Windowssystem32DriversCdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.26/07/2012 – 03:26:36.) — C:Windowssystem32DriversCdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.26/07/2012 – 03:26:53.) — C:Windowssystem32DriversDfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.27/11/2012 – 13:56:51.) — C:Windowssystem32DriversHDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] – (.Microsoft Corporation – Pilote de port i8042.) (.26/07/2012 – 03:28:51.) — C:Windowssystem32Driversi8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] – (.Microsoft Corporation – IP Network Address Translator.) (.26/07/2012 – 03:23:01.) — C:Windowssystem32DriversIpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] – (.Microsoft Corporation – Minirdr SMB Windows NT.) (.05/02/2013 – 23:29:09.) — C:Windowssystem32DriversMRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] – (.Microsoft Corporation – MBT Transport driver.) (.26/07/2012 – 03:24:28.) — C:Windowssystem32DriversnetBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.02/02/2013 – 11:54:54.) — C:Windowssystem32Driversntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] – (.Microsoft Corporation – Pilote de port parallèle.) (.26/07/2012 – 03:29:53.) — C:Windowssystem32DriversParport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.26/07/2012 – 03:23:17.) — C:Windowssystem32DriversRasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] – (.Microsoft Corporation – Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 – 03:25:18.) — C:Windowssystem32Driversrdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] – (.Microsoft Corporation – TDI Translation Driver.) (.26/07/2012 – 06:26:47.) — C:Windowssystem32Driverstdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.01/06/2013 – 12:26:33.) — C:Windowssystem32Driversvolsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/2456
~ Mes musiques (My Musics) : 1/994
~ Mes Videos (My Videos) : 1/26
~ Mes Favoris (My Favorites) : 1/7
~ Mes Documents (My Documents) : 1/69
~ Mon Bureau (My Desktop) : 1/15
~ Menu demarrer (Programs) : 1/21
~ Hidden Files: Scanned in 00mn 02s

—\ Processus lancés
[MD5.B07086D59443DAC6A668D691B27B968C] – (.ASUSTeK Computer Inc. – ASUS Color Engine.) — C:Program Files (x86)ASUSSplendidColorUService.exe [176240] [PID.1544]
[MD5.C570FD825751F7805CE226F68C4605DE] – (.ASUS – ACMON.) — C:Program Files (x86)ASUSSplendidACMON.exe [54488] [PID.1124]
[MD5.C6D3BB61E24F66EB976C6CC55346B5F2] – (.ASUS – ASUS InstantOn.) — C:Program Files (x86)ASUSASUS InstantOnInsOnCfg.exe [1196416] [PID.1996]
[MD5.97432AB9F1B3B3E63E778C1E69E71E91] – (.ASUSTek Computer Inc. – ASUS USB Charger Plus.) — C:Program Files (x86)ASUSUSBChargerPlusUSBChargerPlus.exe [1124032] [PID.2976]
[MD5.0B50F07E63EE15383CDFDC26D7A3D3E3] – (.ASUSTek Computer Inc. – ATK Media.) — C:Program Files (x86)ASUSATK PackageATK MediaDMedia.exe [205184] [PID.3604]
[MD5.2D32F0EF950AED6AD007D042676FD39E] – (.ASUSTek Computer Inc. – ATKOSD2.) — C:Program Files (x86)ASUSATK PackageATKOSD2ATKOSD2.exe [328064] [PID.3612]
[MD5.498622161649098034DA1893F00E9762] – (.ASUSTeK Computer Inc. – ASUS Quick Gesture Exe.) — C:Program Files (x86)ASUSASUS Smart GestureQuickGesturex86QuickGesture.exe [20792] [PID.1588]
[MD5.169A19284E9397EF95A5F36749301993] – (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe [2646504] [PID.4404]
[MD5.077541A539C9454FA2077D0EBE1FD93D] – (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe [621448] [PID.4532]
[MD5.B7995C675014EEBE77A0BEB7AFCCFC08] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe [91432] [PID.4820]
[MD5.35048D8E8A0BF7A797CD5757ACD7EED0] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [107816] [PID.4856]
[MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.4876]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] – (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe [254336] [PID.4940]
[MD5.B53B22F4BEDDF8D7AAC5DFC50097BC9B] – (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe [2258056] [PID.4956]
[MD5.DB0C938BC311B31CF90C13821AE682B3] – (.ASUSTeK Computer Inc. – ASUS Live Update.) — C:Program Files (x86)ASUSASUS Live UpdateLiveUpdate.exe [1559936] [PID.4232]
[MD5.32AE4864E55782B00CA6B213F8E383F0] – (.Microsoft Corp. – BDExtHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDExtHost.exe [207496] [PID.4552]
[MD5.6176E2630EA5759CA6E915AD0EB9F460] – (.Microsoft Corp. – BDAppHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDAppHost.exe [153224] [PID.2196]
[MD5.687C7EF01D3AF31D8844FB22BC6B88D4] – (.Microsoft Corp. – BDRuntimeHost.exe.) — C:Program Files (x86)MicrosoftBingDesktopBDRuntimeHost.exe [369800] [PID.5216]
[MD5.3E399A1328181C2A352472369DE2A93A] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [844752] [PID.4244]
[MD5.0248882379D37F3DC3EA1C721803B645] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8202752] [PID.4548]
[MD5.60A3399135BEFC6F4BADBD6C13A4AC24] – (.Microsoft Corporation – Hôte Microsoft WWA.) — C:Windowssyswow64wwahost.exe [333824] [PID.4048]
~ Processes Running: Scanned in 00mn 01s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 – GCE: Preference [User DataDefault] [aaaaacalgebmfelllfiaoknifldpngjh] Avira SearchFree Toolbar plus Web Protection v.25.62074, (Désactivé) =>Toolbar.Avira
G2 – GCE: Preference [User DataDefault] [ccahoghmggldkcdjiebjkidpfongdfbl] Bitdefender Wallet v.17.19.0 (Activé)
G2 – GCE: Preference [User DataDefault] [jpmbfleldcgkldadpdinhjjopdfpjfjp] Wajam v.1.24 (Désactivé) =>PUP.Wajam
~ Google Browser: 16 Legitimates Filtered in 00mn 26s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: ASUS Install.lnk . (.ASUSTek Computer INC. – AsInsWiz.) — C:eSupporteDriverAsInsWiz.exe
O4 – GSDesktop [Public]: ASUS Instant Connect Installer.lnk . (…) — C:windowsInstaller{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}_77CD0D17CE4BC69D3FCD39.exe
O4 – GSDesktop [Public]: ASUS Tutor.lnk . (…) — C:windowsInstaller{58172D66-2F69-4215-9AEC-ED8196023736}_E2D96973328BFA48EC703B.exe
O4 – GSDesktop [Public]: eManual.Lnk . (.ASUSTek Computer Inc. – EManual Application.) — C:eSupportManualeManual.exe
O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSDesktop [Public]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
O4 – GSDesktop [Public]: Scene Switch.lnk . (…) — C:WindowsInstaller{5172E572-C175-4F80-A6D5-5CB45826AD61}_BA416CBB8E260BCD465EF1.exe
O4 – GSDesktop [Public]: Waves MAXXAudio.lnk . (…) — C:Program Files (x86)RealtekAudioHDAMaxxAudioControl64.exe (.not file.)
O4 – GSDesktop [Public]: WebStorage.lnk . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
O4 – GSProgram [Public]: Desktop.lnk – Clé orpheline
O4 – GSQuickLaunch [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Mégane]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSTaskBar [Mégane]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSTaskBar [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSTaskBar [Mégane]: OpenOffice 4.0.0.lnk . (.Apache Software Foundation – OpenOffice 4.0.0.) — C:Program Files (x86)OpenOffice 4programsoffice.exe
O4 – GSProgram [Mégane]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
~ Global Startup: 51 Legitimates Filtered in 00mn 02s

—\ Applications lancées au démarrage du sytème (O4)
O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:Windowssystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:Windowssystem32hkcmd.exe
O4 – HKLM..Run: [RTHDVCPL] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [RtHDVBg] . (.Realtek Semiconductor – HD Audio Background Process.) — C:Program FilesRealtekAudioHDARAVBg64.exe
O4 – HKLM..Run: [Bdagent] . (.Bitdefender – Bitdefender Agent.) — C:Program FilesBitdefenderBitdefenderbdagent.exe
O4 – HKCU..Run: [Power2GoExpress] . (.CyberLink Corp. – Power2Go Desktop Burning Gadget.) — C:Program Files (x86)CyberLinkPower2GoPower2GoExpress.exe
O4 – HKCU..Run: [msnmsgr] . (.Microsoft Corporation – Windows Live Messenger.) — C:Program Files (x86)Windows LiveMessengermsnmsgr.exe
O4 – HKCU..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
O4 – HKCU..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
O4 – HKCU..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
O4 – HKLM..Wow6432NodeRun: [Adobe Reader Speed Launcher] C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe (.not file.)
O4 – HKLM..Wow6432NodeRun: [ASUSPRP] . (.ASUSTek Computer Inc. – ASUS Product Register Program.) — C:Program Files (x86)ASUSAPRPAPRP.exe
O4 – HKLM..Wow6432NodeRun: [ASUSWebStorage] . (.ASUS Cloud Corporation – ASUS WebStorage Panel.) — C:Program Files (x86)ASUSWebStorage Sync Agent1.1.10.123AsusWSPanel.exe
O4 – HKLM..Wow6432NodeRun: [RemoteControl10] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD10PDVD10Serv.exe
O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKLM..Wow6432NodeRun: [BingDesktop] . (.Microsoft Corp. – Bing Desktop Application.) — C:Program Files (x86)MicrosoftBingDesktopBingDesktop.exe
O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet Agent] . (.Bitdefender – Bitdefender Password Manager Agent.) — C:Program FilesBitdefenderBitdefenderpmbxag.exe
O4 – HKUSS-1-5-18..Run: [Bitdefender Wallet] . (.Bitdefender – Bitdefender Password Manager.) — C:Program FilesBitdefenderBitdefenderpwdmanui.exe
O4 – HKUSS-1-5-18..Run: [Bitdefender Agent de l’application Wallet] . (.Bitdefender – Bitdefender Application Password Manager Ag.) — C:Program FilesBitdefenderBitdefenderantispam32bdapppassmgr.exe
~ Application: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
O17 – HKLMSystemCCSServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
O17 – HKLMSystemCCSServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpNameServer = 127.0.0.1
O17 – HKLMSystemCS1ServicesTcpip..{F109431D-AF75-40B1-8A24-12D4CA0EC0F9}: DhcpNameServer = 10.188.0.1
O17 – HKLMSystemCS1ServicesTcpip..{126EF352-55B9-459E-B6EA-65454DEC9394}: DhcpDomain = ANCE.com
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 10.188.0.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: application/x-msdownload [64Bits] – {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation – Microsoft .NET Runtime Execution Engine.) — C:WindowsSystem32mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – AppInit_DLLs: . (.NVIDIA Corporation – NVIDIA shim initialization dll, Version 311.) – C:Windowssystem32nvinitx.dll
~ AppInit DLL: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: McAfee AP Service (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe (.not file.)
O23 – Service: Bitdefender Virus Shield (VSSERV) . (.Bitdefender – Bitdefender Security Service.) – C:Program FilesBitdefenderBitdefendervsserv.exe
~ Services: 17 Legitimates Filtered in 00mn 17s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{8590CA3A-4956-42E6-A81E-A0BABFDA13F5}] (…) — C:Program Files (x86)ElectroLyrics-1Uninstall.exe (.not file.) [0] =>Adware.AddLyrics
~ Scheduled Task: 17 Legitimates Filtered in 00mn 11s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSysNativeuser_gensett.xml [385]
O44 – LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] – 09/11/2013 – 14:45:24 —A- . (…) — C:WindowsSystem32user_gensett.xml [385]
O44 – LFC:[MD5.BE6049A12849F52987A7AD3E4EA1980A] – 12/11/2013 – 16:09:53 —A- . (…) — C:bdlog.txt [3386]
~ Files: 62 Legitimates Filtered in 00mn 51s

—\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 – LFCP:[MD5.04BDCD830B3009647A0D9A50F683C24C] – 05/11/2013 – 17:51:59 —A- – C:WindowsPrefetchHOROSCOPE.EXE-39F22478.pf
O45 – LFCP:[MD5.5E5FDEF9517263F04E293E917F8F8D9E] – 07/11/2013 – 13:26:40 —A- – C:WindowsPrefetchGLCND.EXE-DD45F588.pf
O45 – LFCP:[MD5.7E8737DC303C53B75749325A8068AADD] – 09/11/2013 – 14:05:21 —A- – C:WindowsPrefetchBITDEFENDER_AV_64B.EXE-6559A4F5.pf
O45 – LFCP:[MD5.B48F0D81812B3FB53C7F8AF64246FBCF] – 09/11/2013 – 14:09:12 —A- – C:WindowsPrefetchINSTALLERPACKAGE.EXE-C9871E88.pf
O45 – LFCP:[MD5.FA41B0A4E9B284C1468B38207482F7AC] – 09/11/2013 – 14:09:33 —A- – C:WindowsPrefetchINSTALLER.EXE-2463F9E4.pf
O45 – LFCP:[MD5.03796ECA22DF9A2F01AABE877933E4C0] – 09/11/2013 – 17:33:51 —A- – C:WindowsPrefetchODSW.EXE-983DD055.pf
O45 – LFCP:[MD5.B20E85ECAA0AD437CFED830489D6CE01] – 09/11/2013 – 18:08:41 —A- – C:WindowsPrefetchODSLV.EXE-1ECDDD1C.pf
O45 – LFCP:[MD5.932F310B417598F4BB9F89F06061EC81] – 09/11/2013 – 19:39:07 —A- – C:WindowsPrefetchOBK.EXE-DCF2DD96.pf
O45 – LFCP:[MD5.4EB8AB23E7CFFE0F431563E2F6D35B5D] – 09/11/2013 – 19:39:08 —A- – C:WindowsPrefetchOBKCH.EXE-A945AD95.pf
O45 – LFCP:[MD5.9A63F9B33663E43A4B6595E7FCBE9847] – 10/11/2013 – 17:36:48 —A- – C:WindowsPrefetchFIRSTRUN.EXE-ED4F9EAB.pf
O45 – LFCP:[MD5.BC68303A87C8BB0BAE328EAF1FD09534] – 11/11/2013 – 10:44:00 —A- – C:WindowsPrefetchUPDATESRV.EXE-9AD36E5A.pf
O45 – LFCP:[MD5.0A9843C57F8D70A71A7D2B7B5F4C2BB5] – 12/11/2013 – 07:01:51 —A- – C:WindowsPrefetchCACAOWEB.EXE-BEB0B4FE.pf =>PUP.CacaoWeb
O45 – LFCP:[MD5.936843CABC678DBA99CA9A64DB7D168E] – 12/11/2013 – 07:01:53 —A- – C:WindowsPrefetchPMBXAG.EXE-EE66F507.pf
O45 – LFCP:[MD5.300CB252040B3693E9EE087BFF87082B] – 12/11/2013 – 07:01:54 —A- – C:WindowsPrefetchBDAPPPASSMGR.EXE-D7D02AFE.pf
O45 – LFCP:[MD5.BDCE7B78F39C847F8DE698B40110E41B] – 12/11/2013 – 07:02:01 —A- – C:WindowsPrefetchTBNOTIFIER.EXE-7924204A.pf
O45 – LFCP:[MD5.3F52DADB648EBCC79B3AAD7029943097] – 12/11/2013 – 07:04:29 —A- – C:WindowsPrefetchWSHOST.EXE-05F0A3AF.pf
O45 – LFCP:[MD5.678171A66869754A89970C15AA612DBD] – 12/11/2013 – 09:54:57 —A- – C:WindowsPrefetchPWDMANUI.EXE-B52CDD6D.pf
O45 – LFCP:[MD5.6097E76E437A304E49C2E07159EA0ED6] – 12/11/2013 – 11:15:09 —A- – C:WindowsPrefetchBDADDMTASK.EXE-35FD799F.pf
O45 – LFCP:[MD5.B59AF409D18966F116C2AE708F7F713C] – 12/11/2013 – 11:28:00 —A- – C:WindowsPrefetchELECTROLYRICS-1-CODEDOWNLOADE-419A0C12.pf =>Adware.AddLyrics
O45 – LFCP:[MD5.5B17B3244E8A97918EFD3DD0BB59C41E] – 12/11/2013 – 11:29:00 —A- – C:WindowsPrefetchELECTROLYRICS-1-ENABLER.EXE-E7CB4435.pf =>Adware.AddLyrics
O45 – LFCP:[MD5.41BB2DC301DBC410F95BECECA8640B65] – 12/11/2013 – 12:15:53 —A- – C:WindowsPrefetchINSTALLER.EXE-166619CC.pf
O45 – LFCP:[MD5.21920A473C28EACB1D4206B393EAB459] – 12/11/2013 – 12:42:00 —A- – C:WindowsPrefetchPLUS-HD-3.5-CODEDOWNLOADER.EX-2BD8074E.pf =>Adware.PlusHD
O45 – LFCP:[MD5.96FD74220E97B3068A0EE83800DC190E] – 12/11/2013 – 12:42:00 —A- – C:WindowsPrefetchPLUS-HD-3.5-ENABLER.EXE-83E16711.pf =>Adware.PlusHD
O45 – LFCP:[MD5.612E4173269E4652693E5E50E8E86114] – 12/11/2013 – 12:45:10 —A- – C:WindowsPrefetchdynreservedpri.db
O45 – LFCP:[MD5.BF07F364B360210FC27E71C1F46B12F2] – 12/11/2013 – 16:12:24 —A- – C:WindowsPrefetchPDVD10SERV.EXE-99C8A7B5.pf
O45 – LFCP:[MD5.EEBF0972D41388F3593C608AEA2A8816] – 12/11/2013 – 16:13:01 —A- – C:WindowsPrefetchBDEXTHOST.EXE-46A5DBB8.pf
O45 – LFCP:[MD5.E34DA27F33472A4A7C4D7143E4509C8B] – 12/11/2013 – 16:13:03 —A- – C:WindowsPrefetchBDAPPHOST.EXE-3F03D4E8.pf
O45 – LFCP:[MD5.45FB5050053D19399D147771D8AF3562] – 12/11/2013 – 16:13:04 —A- – C:WindowsPrefetchBDRUNTIMEHOST.EXE-686E0807.pf
O45 – LFCP:[MD5.DED66970164D203E206FEC258A7F935D] – 12/11/2013 – 16:24:28 —A- – C:WindowsPrefetch_IU14D2N.TMP-A8098D0F.pf
O45 – LFCP:[MD5.DBD08CABBC744AF9D614D2F6AD1F81ED] – 13/10/2013 – 19:56:08 —A- – C:WindowsPrefetchFIRSTRUN.EXE-3834855C.pf
O45 – LFCP:[MD5.4C71B19C81D0DE948B457C3094636FA3] – 16/10/2013 – 16:22:52 —A- – C:WindowsPrefetchSYSTEMPROPERTIESREMOTE.EXE-A8B3EF40.pf
O45 – LFCP:[MD5.18B2437BC21ECE4ED813D16F454328E5] – 28/10/2013 – 19:10:40 —A- – C:WindowsPrefetchOFFERCAST_AVIRAV7_.EXE-0B097BEE.pf
O45 – LFCP:[MD5.2B0B5A53DC9E6B0D3681D0006A9388B9] – 28/10/2013 – 19:16:58 —A- – C:WindowsPrefetchMCUIHOST.EXE-AE5E0AD4.pf
~ Prefetcher: 249 Legitimates Filtered in 00mn 06s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
~ MWPE Keys: 8 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.A8080BEBCDB7A16495CE1205921DCAC5] – 02/08/2012 – 04:22:48 —A- . (.Pas de propriétaire – Keyboard Filter Driver.) — C:WindowsSystem32Driverskbfiltr.sys [14992]
~ Drivers: 19 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 09/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeAppDataTempwinupdates.xml [82006]
O61 – LFC: 09/11/2013 – 16:29:56 —A- . (…) — C:UsersMéganeDownloadsTerminaisons faibles phonétique.docx [15565]
O61 – LFC: 10/11/2013 – 16:29:37 —A- . (…) — C:UsersMéganeDocumentsPOEM LANGUE ORALE.odt [22406]
O61 – LFC: 11/11/2013 – 16:29:38 —A- . (…) — C:UsersMéganeDownloads23054_OFFRE_Magasinier_e-commerce.pdf [371705]
O61 – LFC: 12/11/2013 – 16:29:11 —A- . (…) — C:UsersMéganeAppDataLocalGoogleChromeUser DataLocal State [47190]
O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingZHPLog.txt [15905] =>.Nicolas Coolman
O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingZHPTestsZHPDiag.txt [2899] =>.Nicolas Coolman
O61 – LFC: 12/11/2013 – 16:29:35 —A- . (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeAppDataRoaminguser_gensett.xml [385]
O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsAcademic writing pour le 19 novembre.odt [16986]
O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsAméricaine civi.odt [33411]
O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsCivilisation Américaine CM 12 Novembre.odt [26066]
O61 – LFC: 12/11/2013 – 16:29:36 —A- . (…) — C:UsersMéganeDocumentsCivilisation Britannique CM 12 novembre.odt [26324]
O61 – LFC: 12/11/2013 – 16:29:38 —A- . (…) — C:UsersMéganeDownloads23097_DS_Phonétique_-_Mr_Gauthier.pdf [10229]
O61 – LFC: 12/11/2013 – 16:29:43 —A- . (…) — C:UsersMéganeDownloadsadwcleaner.exe [1085542]
~ 3 Fichiers temporaires (Temporary files)
~ Files: 731 Legitimates Filtered in 01mn 44s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.EF70DF92CF61D0CA3FE0D2AD50BB6FAD] [SPRF][09/11/2013] (…) — C:ProgramData1384002564.bdinstall.bin [1142527]
[MD5.4A93070098539B54FDA391D4D551C880] [SPRF][22/07/2009] (…) — C:ProgramDataSetStretch.exe [24576]
[MD5.5E873D6381A043A6380F2D991078E804] [SPRF][09/11/2013] (…) — C:UsersMéganeAppDataLocalTempdefaultCache.reg [85258]
[MD5.50E2028779633173CD919D080200DD42] [SPRF][12/10/2013] (…) — C:UsersMéganeAppDataLocalTempICReinstall_wlsetup-web.exe [618864]
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersMéganeAppDataLocalTempQuarantine.exe [350377]
[MD5.22FB4C2FF5F50BD7492075457F0A3677] [SPRF][12/11/2013] (…) — C:UsersMéganeAppDataRoamingsp_data.sys [62]
[MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][12/11/2013] (…) — C:UsersMéganeDesktopadwcleaner.exe [1085542]
~ Files: 8 Legitimates Filtered in 00mn 00s

—\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 – FAEL: “TCP Query User{58F51957-CF37-4D8C-B0F3-9F136E989E8E}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 – FAEL: “UDP Query User{C19950CF-FDDE-4ABF-B043-05EBD8C81AE1}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Private – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 – FAEL: “TCP Query User{CBDF3A2E-823B-44B6-9F24-8D407BD00E33}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P6 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 – FAEL: “UDP Query User{ED08F8CE-C9C0-4AB3-ABEF-72F0B2AD42FC}C:usersméganeappdataroamingcacaowebcacaoweb.exe” |In – Public – P17 – TRUE | .(…) — C:usersméganeappdataroamingcacaowebcacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 234 Legitimates Filtered in 00mn 02s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: “25946514D2147365007A7A857BC06000” . (.Avira SearchFree Toolbar.) — C:WindowsInstaller{41564952-412D-5637-00A7-A758B70C0600}ToolbarIcon.exe =>Toolbar.Avira
~ Update Products: 107 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.D1CC83CE82B0A5BB1DE4B57648A7E5A6] [WIS][23/10/2013] (.APN, LLC – Avira SearchFree Toolbar.) — C:WindowsInstaller3f70edb1.msi [814592] =>Toolbar.Avira
~ WIS: 108 Legitimates Filtered in 00mn 13s

—\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR – | Auto 05/09/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR – | Auto 05/10/2012 110976 | (ASLDRService) . (.ASUSTek Computer Inc..) – C:Program Files (x86)ASUSATK PackageATK HotkeyASLDRSrv.exe
SR – | Auto 13/04/2012 277120 | (ASUS InstantOn) . (.ASUS.) – C:Program Files (x86)ASUSASUS InstantOnInsOnSrv.exe
SR – | Auto 21/11/2011 96896 | (ATKGFNEXSrv) . (.ASUS.) – C:Program Files (x86)ASUSATK PackageATKGFNEXGFNEXSrv.exe
SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SS – | Demand 13/12/2012 277616 | (cphs) . (.Intel Corporation.) – C:WindowsSysWow64IntelCpHeciSvc.exe
SS – | Auto 08/11/2013 116648 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 08/11/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SR – | Demand 24/04/2012 169752 | (ICCS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Integrated Clock Controller ServiceICCProxy.exe
SR – | Auto 13/09/2012 2466448 | (IconMan_R) . (.Realsil Microelectronics Inc..) – C:Program Files (x86)RealtekRealtek PCIE Card ReaderRIconMan.exe
SR – | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) – C:Program FilesInteliCLS ClientHeciServer.exe
SR – | Auto 27/06/2012 129856 | (Intel(R) ME Service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsFWServiceIntelMeFWService.exe
SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
SR – | Auto 25/06/2012 166720 | (jhi_service) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsDALjhi_service.exe
SR – | Auto 17/07/2012 277824 | (LMS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsLMSLMS.exe
SS – | Auto 10/07/1658 0 | (McAPExe) . (…) – C:Program FilesMcAfeeMSCMcAPexe.exe
SR – | Auto 14/03/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) – C:Windowssystem32nvvsvc.exe
SR – | Auto 14/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
SR – | Auto 17/07/2012 365376 | (UNS) . (.Intel Corporation.) – C:Program Files (x86)IntelIntel(R) Management Engine ComponentsUNSUNS.exe
SR – | Auto 07/10/2013 67320 | (UPDATESRV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefenderupdatesrv.exe
SR – | Auto 14/10/2013 1506736 | (VSSERV) . (.Bitdefender.) – C:Program FilesBitdefenderBitdefendervsserv.exe
SS – | Demand 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Demand 27/11/2012 29696 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 15s

—\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
Run by Mégane at 12/11/2013 16:32:50
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s

—\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by Mégane at 12/11/2013 16:32:52

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

—\ Scan Additionnel (O88)
Database Version : 12994 – (11/11/2013)
Clés trouvées (Keys found) : 2
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 2

[HKLMSoftwareGoogleChromeExtensionsaaaaacalgebmfelllfiaoknifldpngjh] =>Toolbar.Avira^
[HKLMSoftwareGoogleChromeExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp] =>PUP.Wajam^
C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsaaaaacalgebmfelllfiaoknifldpngjh =>Toolbar.Avira^
C:UsersMéganeAppDataLocalGoogleChromeUser DataDefaultExtensionsjpmbfleldcgkldadpdinhjjopdfpjfjp =>PUP.Wajam^
C:WindowsInstaller3f70edb1.msi =>Toolbar.Avira^
C:UsersMéganeDownloadscacaoweb.exe =>PUP.CacaoWeb
~ Additionnel Scan: 244196 Items scanned in 00mn 48s

—\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira” onclick=”window.open(this.href);return false; =>Toolbar.Avira
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam” onclick=”window.open(this.href);return false; =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics” onclick=”window.open(this.href);return false; =>Adware.AddLyrics
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb” onclick=”window.open(this.href);return false; =>PUP.CacaoWeb
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd” onclick=”window.open(this.href);return false; =>Adware.PlusHD
~ MSI: 5 link(s) detected in 00mn 48s

~ 1883 Legitimates filtered by white list
End of the scan (483 lines in 07mn 28s)(0)