Sofit
Nombre d'articles : 0

Dernier scan avec ZHP

~ Rapport de ZHPDiag v2013.11.19.41 – Nicolas Coolman (19/11/2013)
~ Lancé par Sophie (19/11/2013 16:24:54)
~ Adresse du Site Web http://nicolascoolman.webs.com » onclick= »window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ » onclick= »window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v31.0.1650.57 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

—\ Logiciels de protection du système
AVG 2014 v14.0.4158
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

—\ Logiciels d’optimisation du système

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader 9.1 – Français

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3892 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 28 GB (15%) free of 179 GB

—\ Mode de connexion au système
~ Computer Name: SOPHIE-PC
~ User Name: Sophie
~ All Users Names: Sophie, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:UsersSophieAppDataRoamingZHP
~ %AppData% : C:UsersSophieAppDataRoaming
~ %Desktop% : C:UsersSophieDesktop
~ %Favorites% : C:UsersSophieFavorites
~ %LocalAppData% : C:UsersSophieAppDataLocal
~ %StartMenu% : C:UsersSophieAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 28 Go of 179 Go)
D: Hard drive, Flash drive, Thumb drive (Free 253 Go of 267 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Free 1 Go of 1 Go)
G: Floppy drive, Flash card reader, USB Key (Free 1 Go of 7 Go)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] – (.Microsoft Corporation – Explorateur Windows.) (.26/02/2011 – 07:23:14.) — C:WindowsExplorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.22/02/2013 – 07:20:51.) — C:WindowsSystem32wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.28/10/2009 – 07:24:40.) — C:WindowsSystem32Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] – (.Microsoft Corporation – Bibliothèque de licences.) (.14/07/2009 – 02:41:54.) — C:WindowsSystem32sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/12/2011 – 04:59:11.) — C:Windowssystem32DriversAFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.14/07/2009 – 00:19:54.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.27/04/2011 – 03:57:40.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.14/07/2009 – 01:06:13.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.04/05/2011 – 03:51:08.) — C:Windowssystem32DriversMRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] – (.Microsoft Corporation – MBT Transport driver.) (.14/07/2009 – 00:21:29.) — C:Windowssystem32DriversnetBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.12/04/2013 – 15:36:37.) — C:Windowssystem32Driversntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.14/07/2009 – 01:10:12.) — C:Windowssystem32DriversRasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] – (.Microsoft Corporation – TDI Translation Driver.) (.14/07/2009 – 00:21:15.) — C:Windowssystem32Driverstdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.06/09/2012 – 18:38:18.) — C:Windowssystem32Driversvolsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/4913
~ Mes musiques (My Musics) : 5/1096
~ Mes Videos (My Videos) : 1/8
~ Mes Favoris (My Favorites) : 1/80
~ Mes Documents (My Documents) : 1/53
~ Mon Bureau (My Desktop) : 1/531
~ Menu demarrer (Programs) : 1/59
~ Hidden Files: Scanned in 00mn 08s

—\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe [532040] [PID.2928]
[MD5.326691EA3A6B5576A9DEFEF47AA6C327] – (.Samsung Electronics Co., Ltd. – Easy Display Manager.) — C:Program Files (x86)SamsungEasy Display Managerdmhkcore.exe [847360] [PID.3816]
[MD5.E3735DC796E5183D63F35921B058934C] – (.Samsung Electronics Co., Ltd. – EasySpeedUpManager.) — C:Program Files (x86)SAMSUNGEasySpeedUpManagerEasySpeedUpManager.exe [716800] [PID.4000]
[MD5.10760383AA50CCFC7DB9B5AB0D326AAF] – (.SAMSUNG Electronics – SSCKbdHk.) — C:Program Files (x86)SamsungSamsung Support CenterSSCKbdHk.exe [1749504] [PID.4012]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] – (.SEC – Samsung Recovery Solution 4.) — C:Program Files (x86)SamsungSamsung Recovery Solution 4WCScheduler.exe [2201192] [PID.4052]
[MD5.97B1D0896F24C5ACAF0F0938C08AC462] – (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe [1103768] [PID.4084]
[MD5.3C3B37BD28CF8E7CC7C89C8C0D5F2B34] – (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe [18672232] [PID.3328]
[MD5.7738C9F1318EA2E747330008C42B9473] – (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe [1561968] [PID.3536]
[MD5.F7E1CCBAD109329203AACB1E87BE614C] – (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe [27776968] [PID.3960]
[MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] – (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe [103720] [PID.3412]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] – (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe [91432] [PID.4348]
[MD5.38392CC7CDCA0C2C247B0B279EC2FCE3] – (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe [4908592] [PID.4520]
[MD5.F6B028380423B1C498984ED5CE873A47] – (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe [311152] [PID.4664]
[MD5.B2387FD351A3D4780A917E4C00A83310] – (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe [152392] [PID.4876]
[MD5.636D97B3BAF854511FF3F4093E895FED] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [863184] [PID.2308]
[MD5.5B201C6E792E3CBAA7AE8CAA680BA28F] – (.Nicolas Coolman – ZHPDiag.) — C:Program Files (x86)ZHPDiagZHPDiag.exe [8259072] [PID.5132]
[MD5.30E3850F303EAE5C364782EA78579CC9] – (.Apple Inc. – MobileDeviceService.) — C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe [55624] [PID.1732]
[MD5.55985B78AB0B3CC406C8BFDF772E05C2] – (.AVG Technologies CZ, s.r.o. – AVG Firewall Service.) — C:Program Files (x86)AVGAVG2014avgfws.exe [1358944] [PID.1768]
[MD5.332AEB8F6F9595C8886A7AA7A62322DC] – (.AVG Technologies CZ, s.r.o. – AVG Identity Protection Service.) — C:Program Files (x86)AVGAVG2014avgidsagent.exe [3538480] [PID.1796]
[MD5.07646F5F37F18F1F978CE3B0378EF1C9] – (.AVG Technologies CZ, s.r.o. – AVG Watchdog Service.) — C:Program Files (x86)AVGAVG2014avgwdsvc.exe [301152] [PID.1816]
[MD5.65085456FD9A74D7F1A999520C299ECB] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe [418376] [PID.1968]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe [701512] [PID.2016]
[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] – (.Pas de propriétaire – RichVideo Module.) — C:Program Files (x86)CyberLinkShared filesRichVideo.exe [247152] [PID.1200]
[MD5.388AE59FE75F1B959DFA0900923C61BB] – (.Skype Technologies S.A. – Skype C2C Service.) — C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe [3064000] [PID.1680]
~ Processes Running: Scanned in 00mn 01s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:UsersSophieAppDataLocalGoogleChromeUser DataDefaultPreferences
G1 – GCS: Preference [User DataDefault] http://dts.search-results.com » onclick= »window.open(this.href);return false; =>PUP.SearchResults
G2 – GCE: Preference [User DataDefault] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Activé)
~ Google Browser: 9 Legitimates Filtered in 00mn 05s

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 – HKCUSOFTWAREMicrosoftInternet ExplorerMain,Search Bar = preserve
~ IE Browser: 16 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: Google Toolbar [64Bits] – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll =>Toolbar.Google
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSDesktop [Public]: Easy Network Manager.lnk . (.Samsung Electronics Co. Ltd – Samsung Easy Network Manager.) — C:Program Files (x86)SamsungEasy Network ManagerENM.exe
O4 – GSDesktop [Public]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSDesktop [Public]: User Guide.lnk . (.Samsung Electronics – Runmanual.) — C:Program FilesSamsungSamsungManualRunManual.exe
O4 – GSQuickLaunch [Sophie]: Free Video Converter.lnk . (.Koyote Soft – FreeVideoConverter.) — C:Program Files (x86)Free Video ConverterFreeVideoConverter.exe
O4 – GSQuickLaunch [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSQuickLaunch [Sophie]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSTaskBar [Sophie]: Google Chrome.lnk . (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O4 – GSProgram [Sophie]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSProgram [Sophie]: Internet Explorer.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSSystemTools [Sophie]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
O4 – GSDesktop [Sophie]: Mix Sophie officiel – Copie.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:windowssystem32cmd.exe =>.Microsoft Corporation
O4 – GSDesktop [Sophie]: SosVirus Forum Gratuit.lnk . (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe http://www.sosvirus.net » onclick= »window.open(this.href);return false;
O4 – GSDesktop [Sophie]: Votre avis nous intéresse.lnk – Clé orpheline
O4 – GSDesktop [Sophie]: zumba 16 nov 2013.lnk . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
~ Global Startup: 83 Legitimates Filtered in 00mn 02s

—\ Applications lancées au démarrage du sytème (O4)
O4 – GSStartup [Sophie]: Dropbox.lnk . (.Dropbox, Inc. – Dropbox.) — C:UsersSophieAppDataRoamingDropboxbinDropbox.exe
O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [SynTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exe (.not file.)
O4 – HKLM..Run: [IgfxTray] . (.Intel Corporation – igfxTray Module.) — C:windowssystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] . (.Intel Corporation – hkcmd Module.) — C:windowssystem32hkcmd.exe
O4 – HKLM..Run: [Persistence] . (.Intel Corporation – persistence Module.) — C:windowssystem32igfxpers.exe
O4 – HKCU..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
O4 – HKCU..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKCU..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
O4 – HKCU..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – HKCU..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
O4 – HKCU..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
O4 – HKLM..Wow6432NodeRun: [UpdateLBPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkLabelPrintMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [CLMLServer] . (.CyberLink – CyberLink MediaLibray Service.) — C:Program Files (x86)CyberLinkPower2GoCLMLSvc.exe
O4 – HKLM..Wow6432NodeRun: [UpdateP2GoShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPower2GoMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [UpdatePDRShortCut] . (.CyberLink Corp. – StartMen Application.) — C:Program Files (x86)CyberLinkPowerDirectorMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [RemoteControl8] . (.CyberLink Corp. – PowerDVD RC Service.) — C:Program Files (x86)CyberLinkPowerDVD8PDVD8Serv.exe
O4 – HKLM..Wow6432NodeRun: [PDVD8LanguageShortcut] . (.CyberLink Corp. – PowerDVD Language Application.) — C:Program Files (x86)CyberLinkPowerDVD8LanguageLanguage.exe
O4 – HKLM..Wow6432NodeRun: [UpdatePPShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkPowerProducerMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [UpdatePSTShortCut] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkDVD SuiteMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [Microsoft Default Manager] . (.Microsoft Corporation – Microsoft Default Manager.) — C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe =>.Microsoft Corporation
O4 – HKLM..Wow6432NodeRun: [UCam_Menu] . (.CyberLink Corp. – MUI StartMenu Application.) — C:Program Files (x86)CyberLinkYouCamMUITransferMUIStartMenu.exe
O4 – HKLM..Wow6432NodeRun: [APSDaemon] . (.Apple Inc. – Apple Push.) — C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe
O4 – HKLM..Wow6432NodeRun: [AVG_UI] . (.AVG Technologies CZ, s.r.o. – AVG User Interface.) — C:Program Files (x86)AVGAVG2014avgui.exe
O4 – HKLM..Wow6432NodeRun: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. – Kies TrayAgent Application.) — C:Program Files (x86)SamsungKiesKiesTrayAgent.exe =>.Samsung Electronics Co
O4 – HKLM..Wow6432NodeRun: [iTunesHelper] . (.Apple Inc. – iTunesHelper.) — C:Program Files (x86)iTunesiTunesHelper.exe
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Facebook Update] . (.Facebook Inc. – Programme d’installation de Facebook.) — C:UsersSophieAppDataLocalFacebookUpdateFacebookUpdate.exe
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify Web Helper] . (.Spotify Ltd – SpotifyWebHelper.) — C:UsersSophieAppDataRoamingSpotifyDataSpotifyWebHelper.exe
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Spotify] . (.Spotify Ltd – Spotify.) — C:UsersSophieAppDataRoamingSpotifySpotify.exe
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [Skype] . (.Skype Technologies S.A. – Skype.) — C:Program Files (x86)SkypePhoneSkype.exe =>.Skype Technologies S.A.
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesPreload] . (.Samsung – Kies.) — C:Program Files (x86)SamsungKiesKies.exe
O4 – HKUSS-1-5-21-1972273453-3807663751-171534141-1001..Run: [KiesAirMessage] C:Program Files (x86)SamsungKiesKiesAirMessage.exe (.not file.)
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: Skype Click to Call [64Bits] – {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (…) — c:program files (x86)skypetoolbarsinternet explorer x64icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCCSServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
O17 – HKLMSystemCS1ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS1ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
O17 – HKLMSystemCS2ServicesTcpip..{D555802D-1EEC-4BAA-B7B0-1B4DCF68F9D1}: DhcpNameServer = 192.168.1.1
O17 – HKLMSystemCS2ServicesTcpip..{DC679C78-2304-45F5-9BCF-B9C323371F23}: DhcpNameServer = 192.168.0.1
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 – Winlogon Notify: igfxcui . (.Intel Corporation – igfxdev Module.) — C:WindowsSystem32igfxdev.dll
~ Winlogon: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe (.not file.) =>Toolbar.AVGSearch
~ Services: 12 Legitimates Filtered in 00mn 10s

—\ Logiciels installés (O42)
O42 – Logiciel: Search-Results Toolbar – (.APN LLC.) [HKLM][64Bits] — ilividtoolbargaw =>Adware.Bandoo
~ Logic: 108 Legitimates Filtered in 00mn 01s

—\ HKCU & HKLM Software Keys
[HKLMSoftwareASK]
~ Key Software: 122 Legitimates Filtered in 00mn 01s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
~ 4 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 135 Legitimates Filtered in 00mn 29s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.97BBBF99B3E117DA331C9EF080DBD21A] – 18/11/2013 – 22:33:04


. (…) — C:UsbFix [Scan 1] SOPHIE-PC.txt [16862]
O44 – LFC:[MD5.C11CB38803CF5B659194F6FF3953FCD8] – 18/11/2013 – 22:41:39 —A- . (…) — C:UsbFix [Clean 3] SOPHIE-PC.txt [22395]
~ Files: 21 Legitimates Filtered in 00mn 46s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – « EnableUIADesktopToggle »=0
O55 – MWPS:[HKLM…PoliciesSystem] – « FilterAdministratorToken »=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – « NoActiveDesktopChanges »=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] – 14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
O58 – SDL:[MD5.4CA0DBA9E224473D664C25E411F5A3BD] – 30/03/2011 – 01:58:20 —A- . (.Windows (R) 2003 DDK 3790 provider – Generic Port I/O for Win64.) — C:WindowsSysWOW64driversrtport.sys [15144]
~ Drivers: 16 Legitimates Filtered in 00mn 01s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxx.cfg [1680]
O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxbpmscheme.xml [134]
O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxmixxxdb.sqlite [27648]
O61 – LFC: 17/11/2013 – 16:27:56 —A- . (…) — C:UsersSophieAppDataLocalMixxxsoundconfig.xml [250]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcfg.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgcore.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgdecider.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgmsgdisp.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgpostinst.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgual.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgui.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgupd.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logcommonpriv.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logfixcfg.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logkrnlapi.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014loglng.log.lock [0]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infoavi.ctf [3359]
O61 – LFC: 18/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014updatedownloadavg14infowin.ctf [25090]
O61 – LFC: 18/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalMFADatalogsnds-20131118-210818.log.lock [0]
O61 – LFC: 18/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film.wlmp [2252]
O61 – LFC: 19/11/2013 – 16:27:41 —A- . (…) — C:UsersSophieAppDataLocalAvg2014logavgidpagentmonitor.log.lock [0]
O61 – LFC: 19/11/2013 – 16:27:43 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataCertificate Revocation Lists [263773]
O61 – LFC: 19/11/2013 – 16:27:55 —A- . (…) — C:UsersSophieAppDataLocalGoogleChromeUser DataLocal State [46556]
O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPLog.txt [17027] =>.Nicolas Coolman
O61 – LFC: 19/11/2013 – 16:28:05 —A- . (…) — C:UsersSophieAppDataRoamingZHPTestsZHPDiag.txt [2873] =>.Nicolas Coolman
O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMixAlbum-18-11-13-15h46.zip [104509544]
O61 – LFC: 19/11/2013 – 16:28:06 —A- . (…) — C:UsersSophieDownloadsMon film (1).wlmp [2252]
~ 11 Fichiers temporaires (Temporary files)
~ Files: 225 Legitimates Filtered in 01mn 30s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix By El Desaparecido – (.El Desaparecido – http://www.usbfix.net.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2013 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.378189889438568FEF3D98588283B3A5] [SPRF][11/11/2013] (…) — C:UsersSophieAppDataLocalTempQuarantine.exe [350377]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][17/11/2013] (…) — C:UsersSophieAppDataLocalLowprvlcl.dat [0]
[MD5.9812917FE2FCDEA2FD800573D7842E5D] [SPRF][19/11/2013] (…) — C:UsersSophieDesktopadwcleaner.exe [1085542]
~ Files: 6 Legitimates Filtered in 00mn 04s

—\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 – FAEL: « {CB29C480-5A1A-42E6-B620-AFB5C2A45FB5} » |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
O87 – FAEL: « {36047400-F2A1-4892-BDC5-72174BF4F29C} » |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Searchqu ToolbarDatamngrToolBardtUser.exe (.not file.) =>PUP.Datamngr
O87 – FAEL: « {E26E000C-AF5B-49E4-B7C8-99257CA300A1} » |In – Private – P6 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
O87 – FAEL: « {96415DA7-0820-4389-A239-9439A1E452CF} » |In – Private – P17 – TRUE | .(…) — C:Program Files (x86)Search Results ToolbarDatamngrSRTOOL~1dtUser.exe (.not file.) =>PUP.SearchResults
O87 – FAEL: « {7A5759E5-F987-4273-8815-E6C5668A8033} » |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.exe (.not file.) =>Adware.IMBooster
O87 – FAEL: « {66FFFBFF-97CB-41F2-B2FA-255A929F2415} » |In – None – P17 – TRUE | .(…) — C:Program Files (x86)IminentIminent.Messengers.exe (.not file.) =>Adware.IMBooster
~ Firewall: 228 Legitimates Filtered in 00mn 01s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: « 45ADD8F9B89E76040A8DBF736098468D » . (.Dj Mixer Studio.) — C:windowsInstaller{9F8DDA54-E98B-4067-A0D8-FB37068964D8}ARPPRODUCTICON.exe
~ Update Products: 503 Legitimates Filtered in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd – BabylonObjectInstaller.) — C:WindowsInstaller1056310.msi [353280] =>PUP.Babylon
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][20/09/2012] (.Boxore OU. – Software Update Helper.) — C:WindowsInstaller382340.msi [45056] =>Adware.Boxore
~ WIS: 510 Legitimates Filtered in 00mn 43s

—\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 08/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:windowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SR – | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) – C:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exe
SR – | Auto 25/09/2013 1358944 | (avgfws) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgfws.exe
SR – | Auto 03/10/2013 3538480 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgidsagent.exe
SR – | Auto 25/09/2013 301152 | (avgwd) . (.AVG Technologies CZ, s.r.o..) – C:Program Files (x86)AVGAVG2014avgwdsvc.exe
SR – | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) – C:Program FilesBonjourmDNSResponder.exe
SS – | Auto 23/09/2012 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 23/09/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 04/10/2012 194032 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
SR – | Demand 17/09/2013 641352 | (iPod Service) . (.Apple Inc..) – C:Program FilesiPodbiniPodService.exe
SR – | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamscheduler.exe
SR – | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes’ Anti-Malwarembamservice.exe
SR – | Auto 07/07/2009 247152 | (RichVideo) . (…) – C:Program Files (x86)CyberLinkShared filesRichVideo.exe
SR – | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) – C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe
SS – | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) – C:Program Files (x86)SkypeUpdaterUpdater.exe
SR – | Auto 13/12/2011 2028864 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) – C:Program Files (x86)TuneUp Utilities 2011TuneUpUtilitiesService64.exe
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) – C:WindowsSystem32svchost.exe
SS – | Auto 10/07/1658 0 | (vToolbarUpdater13.2.0) . (…) – C:Program Files (x86)Common FilesAVG Secure SearchvToolbarUpdater13.2.0ToolbarUpdater.exe =>Toolbar.AVGSearch
SS – | Demand 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 45s

—\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
Run by Sophie at 19/11/2013 16:30:21
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s

—\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog » onclick= »window.open(this.href);return false;
Run by Sophie at 19/11/2013 16:30:23

********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s

—\ Scan Additionnel (O88)
Database Version : 12996 – (19/11/2013)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2

[HKLMSYSTEMCurrentControlSetServicesvToolbarUpdater13.2.0] =>Toolbar.AVGSearch^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstallilividtoolbargaw] =>Adware.Bandoo^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsAF2CF8FE20EBB4443855807CA5D6E7A3] =>Adware.Boxore
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsBA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLMSoftwareClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLMSoftwareWow6432NodeClassesInterface{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products9EC6D81181F59F2459A84176A626F9ED] =>Adware.IMBooster
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodesF1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Components38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
C:WindowsInstaller1056310.msi =>PUP.Babylon^
C:WindowsInstaller382340.msi =>Adware.Boxore^
~ Additionnel Scan: 292697 Items scanned in 00mn 22s

—\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults » onclick= »window.open(this.href);return false; =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo » onclick= »window.open(this.href);return false; =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr » onclick= »window.open(this.href);return false; =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster » onclick= »window.open(this.href);return false; =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon » onclick= »window.open(this.href);return false; =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore » onclick= »window.open(this.href);return false; =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox » onclick= »window.open(this.href);return false; =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma » onclick= »window.open(this.href);return false; =>PUP.Tarma
~ MSI: 8 link(s) detected in 00mn 22s

~ 1745 Legitimates filtered by white list
End of the scan (510 lines in 05mn 52s)(0)