bravoryo
Participant
Nombre d'articles : 6

Bonjour

voici le rapport de zhpdiag :

~ Rapport de ZHPDiag v2014.5.3.52 – Nicolas Coolman (03/05/2014)
~ Lancé par saint martin (04/05/2014 15:11:17)
~ Adresse du Site Web http://nicolascoolman.webs.com” onclick=”window.open(this.href);return false;
~ Forums gratuits d’Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/” onclick=”window.open(this.href);return false;
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user

—\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16661
GCIE: Google Chrome v34.0.1847.131 (Defaut)

—\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK

—\ Logiciels de protection du système
avast! Internet Security v9.0.2018
Malwarebytes Anti-Malware version 2.0.1.1004
Windows Defender W7

—\ Logiciels d’optimisation du système
CCleaner v4.02

—\ Logiciels de partage PeerToPeer

—\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader X
Java 7 Update 55

—\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4095 MB (30% free)
System Restore: Activé (Enable)
System drive C: has 712 GB (77%) free of 920 GB

—\ Mode de connexion au système
~ Computer Name: MAISON-PC
~ User Name: saint martin
~ All Users Names: saint martin, HomeGroupUser$, DELPHINE, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

—\ Variables d’environnement
~ System Unit : C:
~ %AppZHP% : C:Userssaint martinAppDataRoamingZHP
~ %AppData% : C:Userssaint martinAppDataRoaming
~ %Desktop% : C:Userssaint martinDesktop
~ %Favorites% : C:Userssaint martinFavorites
~ %LocalAppData% : C:Userssaint martinAppDataLocal
~ %StartMenu% : C:Userssaint martinAppDataRoamingMicrosoftWindowsStart Menu
~ %Windir% : C:Windows
~ %System% : C:WindowsSystem32

—\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 712 Go of 920 Go)
D: Hard drive, Flash drive, Thumb drive (Free 920 Go of 920 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)

—\ Etat du Centre de Sécurité Windows
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesExplorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s

—\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] – (.Microsoft Corporation – Explorateur Windows.) (.25/02/2011 – 07:19:30.) — C:WindowsExplorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] – (.Microsoft Corporation – Application de démarrage de Windows.) (.14/07/2009 – 02:39:52.) — C:WindowsSystem32Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] – (.Microsoft Corporation – Extensions Internet pour Win32.) (.01/03/2014 – 04:10:28.) — C:WindowsSystem32wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] – (.Microsoft Corporation – Application d’ouverture de session Windows.) (.21/11/2010 – 04:24:29.) — C:WindowsSystem32Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] – (.Microsoft Corporation – Bibliothèque de licences.) (.21/11/2010 – 04:24:16.) — C:WindowsSystem32sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] – (.Microsoft Corporation – Ancillary Function Driver for WinSock.) (.28/09/2013 – 02:09:10.) — C:Windowssystem32DriversAFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] – (.Microsoft Corporation – ATAPI IDE Miniport Driver.) (.14/07/2009 – 02:52:21.) — C:Windowssystem32Driversatapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] – (.Microsoft Corporation – CD-ROM File System Driver.) (.14/07/2009 – 00:19:47.) — C:Windowssystem32DriversCdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] – (.Microsoft Corporation – SCSI CD-ROM Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversCdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] – (.Microsoft Corporation – DFS Namespace Client Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32DriversDfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] – (.Microsoft Corporation – High Definition Audio Bus Driver.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32DriversHDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] – (.Microsoft Corporation – Pilote de port i8042.) (.14/07/2009 – 00:19:57.) — C:Windowssystem32Driversi8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] – (.Microsoft Corporation – IP Network Address Translator.) (.14/07/2009 – 01:10:03.) — C:Windowssystem32DriversIpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] – (.Microsoft Corporation – Windows NT SMB Minirdr.) (.27/04/2011 – 03:40:40.) — C:Windowssystem32DriversMRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] – (.Microsoft Corporation – MBT Transport driver.) (.21/11/2010 – 04:23:51.) — C:Windowssystem32DriversnetBT.sys [261632]
[MD5.1A29A59A4C5BA6F8C85062A613B7E2B2] – (.Microsoft Corporation – Pilote du système de fichiers NT.) (.24/01/2014 – 03:37:55.) — C:Windowssystem32Driversntfs.sys [1684928]
[MD5.0086431C29C35BE1DBC43F52CC273887] – (.Microsoft Corporation – Pilote de port parallèle.) (.14/07/2009 – 01:00:41.) — C:Windowssystem32DriversParport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] – (.Microsoft Corporation – RAS L2TP mini-port/call-manager driver.) (.21/11/2010 – 04:24:33.) — C:Windowssystem32DriversRasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] – (.Microsoft Corporation – SMB Transport driver.) (.14/07/2009 – 01:09:09.) — C:Windowssystem32Driverssmb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] – (.Microsoft Corporation – TDI Translation Driver.) (.21/11/2010 – 04:24:32.) — C:Windowssystem32Driverstdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] – (.Microsoft Corporation – Pilote de cliché instantané du volume.) (.21/11/2010 – 04:23:47.) — C:Windowssystem32Driversvolsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s

—\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2272
~ Mes musiques (My Musics) : 1/5
~ Mes Videos (My Videos) : 2/58
~ Mes Favoris (My Favorites) : 1/276
~ Mes Documents (My Documents) : 2/596
~ Mon Bureau (My Desktop) : 1/38
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s

—\ Processus lancés
[MD5.41AD6110110A2E89957F831DCBFAF892] – (.Malwarebytes Corporation – Malwarebytes Anti-Malware.) — C:Program Files (x86)Malwarebytes Anti-Malwarembam.exe [6963512] [PID.3084]
[MD5.3E364978E4C74D3BCEA29FB41743CB5A] – (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe [3873704] [PID.4600]
[MD5.3A3BEA53F039CE2E997A918E26E30B1D] – (.Microsoft Corporation – Internet Explorer.) — C:Program Files (x86)Internet ExplorerIEXPLORE.exe [808152] [PID.5024]
[MD5.542459D16B416D054161007FC9B1246E] – (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe [841032] [PID.4360]
[MD5.D2A18C9922075A88204A39A4D19F5028] – (.Microsoft Corporation – Windows Live Mail.) — C:Program Files (x86)Windows LiveMailwlmail.exe [102080] [PID.2840]
[MD5.E948B39B496BE1302E974DEBB3ED51D2] – (.Nicolas Coolman – ZHPDiag.) — C:Userssaint martinDesktopZHPDiagZHPDiag.exe [7869440] [PID.6960]
~ Processes Running: Scanned in 00mn 00s

—\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:Userssaint martinAppDataLocalGoogleChromeUser DataDefaultPreferences
G2 – GCE: Preference [User DataDefault] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 – GCE: Preference [User DataDefault] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 – GCE: Preference [User DataDefault] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)

—\ Liste des dossiers d’extension Google Chrome
~ Google Lines Browser: 15 Legitimates Filtered in 00mn 01s

—\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 – MFPP: Plugins – [saint martin] — C:Program Files (x86)Mozilla FireFoxsearchpluginsSearch_Results.xml =>PUP.SearchResults
~ Firefox Browser: 3 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 – URLSearchHook: SearchHook Class [64Bits] – {D8278076-BC68-4484-9233-6E7F1628B56C} . (.APN LLC. – Search Hook.) (21.5.0.2560) — C:Program Files (x86)AskPartnerNetworkToolbarsearchhook.dll =>Toolbar.Ask
~ IE Browser: 20 Legitimates Filtered in 00mn 00s

—\ Internet Explorer, Proxy Management (R5)
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = no key
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyEnable = 0
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,MigrateProxy = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,EnableHttp1_1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyHttp1.1 = 1
R5 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s

—\ Analyse des lignes F0, F1, F2, F3 – IniFiles, Autoloading programs
F2 – REG:system.ini: USERINIT=C:Windowssystem32userinit.exe,
F2 – REG:system.ini: Shell=C:Windowsexplorer.exe
F2 – REG:system.ini: VMApplet=C:WindowsSystem32SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s

—\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21

—\ Internet Explorer Toolbars (O3)
O3 – Toolbar: avast! Online Security – [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} . (…) — (.not file.)
O3 – Toolbar: Easy Photo Print – [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION – Epson Easy Photo Print (TBL x64).) — C:Program Files (x86)Epson SoftwareEasy Photo PrintEPTBL.dll
O3 – Toolbar: (no name) – [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
O3 – Toolbar: Google Toolbar – [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. – Google Toolbar.) — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_64.dll =>Toolbar.Google
O3 – Toolbar: Ask Toolbar – [HKLM]{4F524A2D-5637-4300-76A7-7A786E7484D7} . (.APN LLC. – Passport.) — C:Program Files (x86)AskPartnerNetworkToolbarORJ-V7CPassport_x64.dll =>Toolbar.Ask
O3 – ToolbarWebBrowser: (no name) – [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 – ToolbarWebBrowser: (no name) – [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 – ToolbarWebBrowser: (no name) – [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s

—\ Autres liens utilisateurs (O4)
O4 – GSProgram [saint martin]: Lollipop.lnk . (…) — C:Userssaint martinAppDataLocalLollipoplollipop_06281841.exe (.not file.) =>Adware.Lollipop
~ Global Startup: 2 Legitimates Filtered in 00mn 00s

—\ Applications lancées au démarrage du système (O4)
O4 – GSStartup [saint martin]: lollipop_06281841.lnk . (…) — C:Userssaint martinAppDataLocalLollipoplollipop_06281841.exe (.not file.) =>Adware.Lollipop
O4 – HKLM..Run: [RtHDVCpl] . (.Realtek Semiconductor – Gestionnaire audio HD Realtek.) — C:Program FilesRealtekAudioHDARAVCpl64.exe =>.Realtek Semiconductor Corp
O4 – HKLM..Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated – Adobe Updater Startup Utility.) — C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 – HKLM..Run: [Easy-PrintToolBox] . (.CANON INC. – BJPSMAIN.) — C:Program Files (x86)CanonEasy-PrintToolBoxBJPSMAIN.exe
O4 – HKLM..Run: [CanonMyPrinter] . (.CANON INC. – Canon My Printer.) — C:Program FilesCanonMyPrinterBJMyPrt.exe
O4 – HKCU..Run: [E09FXLRD_652302] C:Program Files (x86)Microsoft EncartaMicrosoft Encarta 2009 – Collection DVDEDICT.exe (.not file.)
O4 – HKCU..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKCU..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe
O4 – HKCU..RunOnce: [Uninstall C:Userssaint martinAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
O4 – HKLM..Wow6432NodeRun: [Hotkey Utility] . (.Pas de propriétaire – Hotkey Utility.) — C:Program Files (x86)Packard BellHotkey UtilityHotkeyUtility.exe
O4 – HKLM..Wow6432NodeRun: [NWEReboot] Clé orpheline
O4 – HKLM..Wow6432NodeRun: [ArcSoft Connection Service] . (.ArcSoft Inc. – ArcSoft Connect Daemon.) — C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACDaemon.exe
O4 – HKLM..Wow6432NodeRun: [Adobe ARM] . (.Adobe Systems Incorporated – Adobe Reader and Acrobat Manager.) — C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe =>.Adobe Systems Incorporated
O4 – HKLM..Wow6432NodeRun: [PivotSoftware] . (…) — C:Program Files (x86)Portrait DisplaysPivot Pro PluginPivot_startup.exe
O4 – HKLM..Wow6432NodeRun: [DT ACR] . (.Portrait Displays, Inc. – DT_Startup.) — C:Program Files (x86)Common FilesPortrait DisplaysSharedDT_startup.exe
O4 – HKLM..Wow6432NodeRun: [EEventManager] . (.SEIKO EPSON CORPORATION – EEventManager Application.) — C:Program Files (x86)Epson SoftwareEvent ManagerEEventManager.exe
O4 – HKLM..Wow6432NodeRun: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited – Launch Agent Service.) — C:Program Files (x86)Common FilesResearch In MotionUSB DriversRIMBBLaunchAgent.exe
O4 – HKLM..Wow6432NodeRun: [Nikon Message Center 2] . (.Nikon Corporation – Nikon Message Center 2.) — C:Program Files (x86)NikonNikon Message Center 2NkMC2.exe
O4 – HKLM..Wow6432NodeRun: [AvastUI.exe] . (.AVAST Software – avast! Antivirus.) — C:Program FilesAVAST SoftwareAvastAvastUI.exe
O4 – HKLM..Wow6432NodeRun: [SunJavaUpdateSched] . (.Oracle Corporation – Java(TM) Update Scheduler.) — C:Program Files (x86)Common FilesJavaJava Updatejusched.exe =>.Oracle Corporation
O4 – HKLM..Wow6432NodeRun: [ApnTBMon] . (.APN – Ask Toolbar Notifier.) — C:Program Files (x86)AskPartnerNetworkToolbarUpdaterTBNotifier.exe =>Toolbar.Ask
O4 – HKUSS-1-5-19..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program Files (x86)Windows SidebarSidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-19..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-20..RunOnce: [mctadmin] . (.Microsoft Corporation – MCTAdmin.) — C:WindowsSystem32mctadmin.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2237735633-2641064963-615179137-1001..Run: [E09FXLRD_652302] C:Program Files (x86)Microsoft EncartaMicrosoft Encarta 2009 – Collection DVDEDICT.exe (.not file.)
O4 – HKUSS-1-5-21-2237735633-2641064963-615179137-1001..Run: [Sidebar] . (.Microsoft Corporation – Gadgets du Bureau Windows.) — C:Program FilesWindows Sidebarsidebar.exe =>.Microsoft Corporation
O4 – HKUSS-1-5-21-2237735633-2641064963-615179137-1001..Run: [TomTomHOME.exe] . (.TomTom – System Tray application for TomTom HOME.) — C:Program Files (x86)TomTom HOME 2TomTomHOMERunner.exe
O4 – HKUSS-1-5-21-2237735633-2641064963-615179137-1001..RunOnce: [Uninstall C:Userssaint martinAppDataLocalMicrosoftSkyDrive16.4.6013.0910amd64] . (.Microsoft Corporation – Interpréteur de commandes Windows.) — C:Windowssystem32cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s

—\ Boutons situés sur la barre d’outils principale d’Internet Explorer (O9)
O9 – Extra button: Barre de recherche Encarta [64Bits] – {B205A35E-1FC4-4CE3-818B-899DBBB3388C} — Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s

—\ Objets ActiveX (Downloaded Program Files)(O16)
O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) – http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab” onclick=”window.open(this.href);return false;
~ Objets ActiveX: Scanned in 00mn 00s

—\ Modification Domaine/Adresses DNS (O17)
O17 – HKLMSystemCCSServicesTcpip..{C4486AD5-0E1B-453B-A21B-8D4215B637CB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 – HKLMSystemCS1ServicesTcpip..{C4486AD5-0E1B-453B-A21B-8D4215B637CB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 – HKLMSystemCS2ServicesTcpip..{C4486AD5-0E1B-453B-A21B-8D4215B637CB}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 – HKLMSystemCCSServicesTcpipParameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s

—\ Protocole additionnel (O18)
O18 – Handler: wlpg [64Bits] – {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (…) —
O18 – Filter: text/xml [64Bits] – {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation – Microsoft Office XML MIME Filter.) — C:Program FilesCommon FilesMicrosoft SharedOFFICE12MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s

—\ Liste des services NT non Microsoft et non désactivés (O23)
O23 – Service: Service de mise à jour Ask (APNMCP) . (.APN LLC. – APN Updater.) – C:Program Files (x86)AskPartnerNetworkToolbarapnmcp.exe =>Toolbar.Ask
~ Services: 23 Legitimates Filtered in 00mn 12s

—\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [EPUpdater] (…) — C:Userssaint martinAppDataRoamingBABSOL~1SharedBabMaint.exe (.not file.) [0] =>Hijacker.BabSolution
[MD5.00000000000000000000000000000000] [APT] [FGRun] (…) — C:Userssaint martinAppDataRoamingpack.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SoftwareUpdateTaskMachineUA] (…) — C:Program Files (x86)SoftwareUpdateSoftwareUpdate.exe (.not file.) [0] =>Adware.Boxore
[MD5.00000000000000000000000000000000] [APT] [{02CA44EC-4CC7-4EDE-A058-671C8FB55AE0}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0B833C51-4EF9-4284-A560-0DD3045E947B}] (…) — C:Nouveau dossieraomwin200ea24.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{30F3B39B-B42D-420F-9067-519B14265830}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3A217E2B-C115-4917-AE00-4B5111613210}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{44CD500C-6E7D-4667-83C6-7955752974EA}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{46E45BFD-B12F-4878-B8D6-30281D2256AE}] (…) — E:TWAINFRENCHSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{49925E6A-4177-4370-84D6-46B29838A034}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5DA9791F-098C-4934-B288-3EE74D73E787}] (…) — E:Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5E221895-816E-4037-8807-09CE7E8FC7EE}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{64C60372-F84E-48C5-A837-BEBBDECD0286}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{822A3598-4BA2-4A97-9698-F61835F6C3A3}] (…) — E:TWAINFRENCHSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{85E7F3E4-9342-4AB6-8523-E902CAE1CD3D}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{86CFA734-DE9F-4AC7-BAEE-13ED5AF1E526}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8D6F2129-F308-4104-8CB9-80DAC4E5B464}] (…) — E:Setupx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{938920FA-E1CF-4DFE-A494-E2FB9B225807}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{99D9FFD7-2BE9-4E90-819D-EEDB2FBA8992}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9E4512CE-7598-4CCB-8ED5-544BE711EFFE}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A3324CCB-56C4-416F-B939-A11B41153A09}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A38E697E-F4A3-4697-B5C8-2DF64C1DDECC}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AFA9B950-4E94-485B-92BB-598D26DDD609}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C06A52B4-61AB-4A1B-A86B-FF9759CCD944}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D1AF2C91-FF22-4B65-9DF0-CA694A113FC6}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D6DE51AB-5281-492E-8985-B81AB1C2E0E1}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E12F53B4-EB1B-4663-B673-FE50B37F90FF}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E612E369-A844-491B-A498-A58043C98D71}] (…) — C:EPSONepson12242_twain5_driver_571asetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E8DC2188-E0C5-4430-B2F2-47D039DC3618}] (…) — E:SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E948F8F7-28ED-4B24-8EEF-309E5E1D4B5B}] (…) — E:SETUP.exe (.not file.) [0]
O39 – APT: – (..) — C:WindowsSystem32TasksAdobe Flash Player Updater [1002]
O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineCore [1076]
O39 – APT: – (..) — C:WindowsSystem32TasksGoogleUpdateTaskMachineUA [1080]
O39 – APT: SoftwareUpdateTaskMachineUA – (…) — C:WindowsTasksSoftwareUpdateTaskMachineUA.job [930]
O39 – APT: SoftwareUpdateTaskMachineUA – (…) — C:WindowsSystem32TasksSoftwareUpdateTaskMachineUA [930]
~ Scheduled Task: 47 Legitimates Filtered in 00mn 03s

—\ Logiciels installés (O42)
O42 – Logiciel: Ask Toolbar – (.APN, LLC.) [HKLM][64Bits] — {4F524A2D-5637-4300-76A7-A758B70C0A06} =>Adware.Bandoo
O42 – Logiciel: Boxore Client – (.Boxore OU.) [HKLM][64Bits] — {0E25BB07-62EB-476F-87FC-6AF426AB059E} =>Adware.Boxore
~ Logic: 44 Legitimates Filtered in 00mn 00s

—\ HKCU & HKLM Software Keys
[HKCUSoftware59ed78bb43bbe48] =>Hijacker.Eazel
[HKCUSoftwareAskPartnerNetwork]
[HKCUSoftwareBabSolution] =>Hijacker.BabSolution
[HKCUSoftwareIncrediMail]
[HKCUSoftwareiLivid] =>Adware.Bandoo
[HKCUSoftwarelollipop] =>Adware.Lollipop
[HKLMSoftwareAskPartnerNetwork]
[HKLMSoftwareWow6432Node59ed78bb43bbe48] =>Hijacker.Eazel
[HKLMSoftwareWow6432NodeAskPartnerNetwork]
[HKLMSoftwareWow6432NodeBabylon] =>PUP.Babylon
[HKLMSoftwareWow6432NodeDatamngr] =>PUP.Datamngr
[HKLMSoftwareWow6432NodeGuides]
[HKLMSoftwareWow6432NodeHAL]
[HKLMSoftwareWow6432NodeiLividSRTB] =>Adware.Bandoo
~ Key Software: 424 Legitimates Filtered in 00mn 00s

—\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 – CFD: 26/04/2014 – 16:55:30 – [] —-D C:Program Files (x86)AskPartnerNetwork
O43 – CFD: 02/07/2013 – 08:59:40 – [0] —-D C:Program Files (x86)Boxore =>Adware.Boxore
O43 – CFD: 10/09/2013 – 19:24:26 – [] —-D C:ProgramDataAPN
O43 – CFD: 11/02/2012 – 09:05:04 – [] —-D C:ProgramDataAsk
O43 – CFD: 26/04/2014 – 16:55:30 – [] —-D C:ProgramDataAskPartnerNetwork
O43 – CFD: 13/04/2012 – 19:34:42 – [0] —-D C:ProgramDataBabylon =>PUP.Babylon
O43 – CFD: 11/11/2011 – 11:34:55 – [] —-D C:ProgramDataboost_interprocess
~ 1125 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1371 Legitimates Filtered in 00mn 13s

—\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 – LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] – 01/05/2014 – 13:34:54 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208]
O44 – LFC:[MD5.BD248BB67D0E4861570487774B1A8F0C] – 02/05/2014 – 18:37:36 —A- . (…) — C:Windowswininit.ini [479]
~ Files: 29 Legitimates Filtered in 00mn 01s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKLM…policiesExplorer] – “NoActiveDesktopChanges”=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:01/05/2014 – 13:34:54 —A- . (…) — C:WindowsSystem32DriversaswHwid.sys [29208] =>.ALWIL Software
O58 – SDL:01/05/2014 – 13:34:55 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [65776] =>.ALWIL Software
O58 – SDL:01/05/2014 – 13:34:56 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [208416] =>.ALWIL Software
O58 – SDL:14/07/2009 – 02:47:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [530496]
O58 – SDL:10/11/2009 – 11:02:50 —A- . (.eMPIA Technology, Inc. – USB 28xx WDM Driver.) — C:WindowsSystem32DriversemDevice64.sys [222016]
O58 – SDL:10/11/2009 – 11:02:50 —A- . (.eMPIA Technology, Inc. – USB 28xx WDM Lower filter.) — C:WindowsSystem32DriversemFilter64.sys [12608]
O58 – SDL:10/11/2009 – 11:02:50 —A- . (.eMPIA Technology, Inc. – USB 28xx WDM Upper Filter.) — C:WindowsSystem32Driversemscan64.sys [12352]
O58 – SDL:10/06/2009 – 21:31:59 —A- . (.Hauppauge Computer Works, Inc. – Hauppauge WinTV 885 Consumer IR Driver for eHome.) — C:WindowsSystem32Drivershcw85cir.sys [31232]
O58 – SDL:14/07/2009 – 02:45:55 —A- . (.Promise Technology – Promise SuperTrak EX Series Driver for Windows.) — C:WindowsSystem32Driversstexstor.sys [24656]
O58 – SDL:30/04/2013 – 09:51:09 —A- . (.The OpenVPN Project – TAP-Windows Virtual Network Driver.) — C:WindowsSystem32Driverstap0901.sys [40616]
O58 – SDL:25/10/2007 – 16:26:10 —A- . (…) — C:WindowsSysWOW64driversStarOpen.sys [5632]
O58 – SDL:31/03/2009 – 08:39:36 —A- . (.Teruten Inc – File System Mini Filter Drvier.) — C:WindowsSysWOW64driversTFsExDisk.Sys [16392]
O58 – SDL:04/04/2007 – 09:30:12 —A- . (…) — C:WindowsSysWOW64Machnm32.sys [7432]
~ Drivers: 85 Legitimates Filtered in 00mn 00s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 01/05/2014 – C:Windowssystem32driversaswHwid.sys (aswHwid) .(…) – LEGACY_ASWHWID
~ Legacy: 90 Legitimates Filtered in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKCU..openCommand] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program Files (x86)GoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} – (Delta Search) – http://www.delta-search.com” onclick=”window.open(this.href);return false; =>Toolbar.DeltaSearch
O69 – SBI: SearchScopes [HKCU] {70CE3298-0C22-4180-A979-D1E0646DB158} – (Ask Search) – http://www.search.ask.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les codes produits des logiciels (PUC) (O90)
O90 – PUC: “70BB52E0BE26F67478CFA64F62BA50E9” . (.Boxore Client.) — C:WindowsInstaller{0E25BB07-62EB-476F-87FC-6AF426AB059E}boxore.ico =>Adware.Boxore
O90 – PUC: “7FD91B0E7C1B7394284CE0B4E1439656” . (.eBay Worldwide.) — c:WindowsInstaller{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}_6FEFF9B68218417F98F549.exe =>Toolbar.eBay
O90 – PUC: “A81E737A17150D040843D72D34240018” . (.Software Updater.) — C:WindowsInstaller{A737E18A-5171-40D0-8034-7DD243420081}icon.ico =>PUP.Eorezo
O90 – PUC: “D2A425F473650034677A7A857BC0A060” . (.Ask Toolbar.) — C:WindowsInstaller{4F524A2D-5637-4300-76A7-A758B70C0A06}ToolbarIcon.exe =>Toolbar.Ask
~ Update Products: 4 Legitimates Filtered in 00mn 00s

—\ Export de clés de registre aléatoires (O91)
[HKCUSoftware59ed78bb43bbe482.6.1519.190upd]:=”upd=1″ =>Hijacker.Eazel
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName=”BrowserDefender.dll” =>Hijacker.Eazel
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName=”BrowserDefender.exe” =>Hijacker.Eazel
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName=”BrowserDefender” =>Hijacker.Eazel
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid=”{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}” =>Hijacker.Eazel
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName=”BrowserDefendert” =>PUA.BrowserDefendert
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version=”2.6.1339.144″ =>Hijacker.Eazel
[HKLMSoftwareWow6432Node59ed78bb43bbe48] => Clé orpheline => Clé orpheline => Clé orpheline => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s

—\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.243F07CA5C356CDE711E3893E3849801] [WIS][26/03/2014] (.APN, LLC – Ask Toolbar.) — C:WindowsInstaller8ec277.msi [464384] =>Adware.Bandoo
[MD5.8797F3592E055284D113FEAA21B71ED3] [WIS][04/02/2012] (.Google Inc. – Google Toolbar for Internet Explorer.) — C:WindowsInstallerb9cb16.msi [28160] =>Toolbar.Google
~ WIS: 2 Legitimates Filtered in 00mn 01s

—\ Recherche de clés de registre Tracing (O100)
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_en32_signed_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_en32_signed_RASMANCS =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingGoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLMSOFTWAREWow6432NodeMicrosoftTracingiLividMediaBar_RASAPI32 =>Adware.Bandoo
HKLMSOFTWAREWow6432NodeMicrosoftTracingiLividMediaBar_RASMANCS =>Adware.Bandoo
HKLMSOFTWAREWow6432NodeMicrosoftTracingiLividSetup_RASAPI32 =>Adware.Bandoo
HKLMSOFTWAREWow6432NodeMicrosoftTracingiLividSetup_RASMANCS =>Adware.Bandoo
HKLMSOFTWAREWow6432NodeMicrosoftTracingIminentSetup_RASAPI32 =>Adware.IMBooster
HKLMSOFTWAREWow6432NodeMicrosoftTracingIminentSetup_RASMANCS =>Adware.IMBooster
HKLMSOFTWAREWow6432NodeMicrosoftTracingMyBabylonTB_RASAPI32 =>PUP.Babylon
HKLMSOFTWAREWow6432NodeMicrosoftTracingMyBabylonTB_RASMANCS =>PUP.Babylon
HKLMSOFTWAREWow6432NodeMicrosoftTracingSpybot – Search & Destroy distribue par GetNow_RASAPI32 =>PUP.GetNow
HKLMSOFTWAREWow6432NodeMicrosoftTracingSpybot – Search & Destroy distribue par GetNow_RASMANCS =>PUP.GetNow
~ BTK: 287 Legitimates Filtered in 00mn 00s

—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCRCLSID{4F524A2D-5637-4300-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
~ BCK: 4440 Legitimates Filtered in 00mn 05s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 29/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe
SS – | Demand 18/01/2013 577536 | (Blackberry Device Manager) . (.Research In Motion Limited.) – C:Program Files (x86)Common FilesResearch In MotionUSB DriversBbDevMgr.exe
SS – | Auto 12/12/2011 135824 | (EpsonScanSvc) . (.Seiko Epson Corporation.) – C:Windowssystem32EscSvc64.exe
SS – | Demand 09/11/2013 227936 | (GamesAppIntegrationService) . (.WildTangent.) – C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe
SS – | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) – C:Program Files (x86)WildTangent GamesAppGamesAppService.exe
SS – | Auto 04/02/2012 136176 | (gupdate) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 04/02/2012 136176 | (gupdatem) . (.Google Inc..) – C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
SS – | Demand 27/08/2012 194032 | (gusvc) . (.Google.) – C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
SS – | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) – C:Program Files (x86)Common FilesInstallShieldDriver11Intel 32IDriverT.exe
SR – | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) – C:Program Files (x86)Common FilesABBYYFineReaderSprint9.00LicensingNetworkLicenseServer.exe
SR – | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) – C:Program Files (x86)Common FilesArcSoftConnection ServiceBinACService.exe
SR – | Auto 16/09/2011 39528 | (ADExchange) . (.ArcSoft Inc..) – C:Program Files (x86)Common FilesArcSoftesinterBineservutil.exe
SR – | Auto 30/09/2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) – c:Program Files (x86)AdobeElements 9 OrganizerPhotoshopElementsFileAgent.exe
SR – | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) – C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
SR – | Auto 26/03/2014 166352 | (APNMCP) . (.APN LLC..) – C:Program Files (x86)AskPartnerNetworkToolbarapnmcp.exe =>Toolbar.Ask
SR – | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Auto 01/05/2014 109048 | (avast! Firewall) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastafwServ.exe
SR – | Auto 07/10/2010 345376 | (Bonjour Service) . (.Apple Inc..) – C:Program Files (x86)BonjourmDNSResponder.exe
SR – | Auto 26/05/2011 129648 | (DTSRVC) . (.Portrait Displays, Inc..) – C:Program Files (x86)Common FilesPortrait DisplaysShareddtsrvc.exe
SR – | Auto 19/12/2006 94208 | (EpsonBidirectionalService) . (.SEIKO EPSON CORPORATION.) – C:Program Files (x86)Common FilesEPSONEBAPIeEBSVC.exe
SR – | Auto 21/02/2012 151648 | (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) – C:Program FilesCommon FilesEPSONEPW!3 SSRPE_S50RPB.exe
SR – | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) – C:Program Files (x86)Packard BellRegistrationGREGsvc.exe
SR – | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) – C:Program FilesPackard BellPackard Bell UpdaterUpdaterService.exe
SR – | Auto 03/04/2014 1809720 | (MBAMScheduler) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamscheduler.exe
SR – | Auto 03/04/2014 857912 | (MBAMService) . (.Malwarebytes Corporation.) – C:Program Files (x86)Malwarebytes Anti-Malwarembamservice.exe
SR – | Auto 04/05/2010 503080 | (NAUpdate) . (.Nero AG.) – C:Program Files (x86)NeroUpdateNASvc.exe
SR – | Auto 08/03/2011 1002904 | (NVSvc) . (.NVIDIA Corporation.) – C:WindowsSystem32nvvsvc.exe
SR – | Auto 05/05/2011 113264 | (PdiService) . (.Portrait Displays, Inc..) – C:Program Files (x86)Common FilesPortrait DisplaysDriverspdisrvc.exe
SR – | Auto 08/03/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) – C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
SR – | Auto 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) – C:Program Files (x86)TomTom HOME 2TomTomHOMEService.exe
SR – | Auto 14/07/2009 27136 | C:Program Files (x86)Windows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 10/07/1658 0 | (WMPNetworkSvc) . (…) – C:Program Files (x86)Windows Media Playerwmpnetwk.exe =>.Microsoft Corporation
SR – | Auto 14/07/2009 27136 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 05s

—\ Scan Additionnel (O88)
Database Version : 13045 – (03/05/2014)
Clés trouvées (Keys found) : 29
Valeurs trouvées (Values found) : 4
Dossiers trouvés (Folders found) : 9
Fichiers trouvés (Files found) : 10

[HKLMSYSTEMCurrentControlSetServicesAPNMCP] =>Toolbar.Ask^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{4F524A2D-5637-4300-76A7-A758B70C0A06}] =>Adware.Bandoo^
[HKLMSoftwareMicrosoftWindowsCurrentVersionUninstall{0E25BB07-62EB-476F-87FC-6AF426AB059E}] =>Adware.Boxore^
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLMSoftwareMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerSearchScopes{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLMSoftwareClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLMSoftwareWow6432NodeClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUpgradeCodes1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLMSoftwareWow6432NodeDataMngr] =>Adware.Bandoo
[HKCUSoftwarelollipop] =>Adware.Lollipop
[HKLMSoftwareWow6432NodeiLividSRTB] =>Adware.Bandoo
[HKCUSoftwareilivid] =>Adware.Bandoo
[HKLMSoftwareWow6432NodeMicrosoftTracingMyBabylontb_RASAPI32] =>PUP.Babylon
[HKLMSoftwareWow6432NodeMicrosoftTracingMyBabylontb_RASMANCS] =>PUP.Babylon
[HKLMSoftwareClassesProd.cap] =>PUP.Babylon
[HKCUSoftwareAskPartnerNetwork] =>Toolbar.Ask
[HKLMSoftwareAskPartnerNetwork] =>Toolbar.Ask
[HKLMSoftwareWow6432NodeAskPartnerNetwork] =>Toolbar.Ask
[HKLMSoftwareWow6432NodeMicrosoftTracingapnstub_RASAPI32] =>Toolbar.Ask
[HKLMSoftwareWow6432NodeMicrosoftTracingapnstub_RASMANCS] =>Toolbar.Ask
[HKLMSoftwareWow6432NodeMicrosoftTracingaskpartnercobrandingtool_rasapi32] =>Toolbar.Ask
[HKLMSoftwareWow6432NodeMicrosoftTracingaskpartnercobrandingtool_rasmancs] =>Toolbar.Ask
[HKLMSoftwareClassesprotector_dll.protectorbho] =>PUP.BProtector
[HKLMSoftwareClassesprotector_dll.protectorbho.1] =>PUP.BProtector
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsBA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLMSOFTWAREMicrosoftInternet ExplorerURLSearchHooks]:{D8278076-BC68-4484-9233-6E7F1628B56C} =>Toolbar.Ask^
[HKLMSoftwareMicrosoftInternet ExplorerToolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun]:ApnTBMon =>Toolbar.Ask^
[HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:Program Files (x86)Boxore =>Adware.Boxore^
C:ProgramDataBabylon =>PUP.Babylon^
C:Program Files (x86)Software =>Adware.Boxore
C:Program Files (x86)AskPartnerNetwork =>Toolbar.Ask
C:ProgramDataAskPartnerNetwork =>Toolbar.Ask
C:Userssaint martinAppDataLocalSoftware =>Adware.Boxore
C:Userssaint martinAppDataLocalLowBabylonToolbar =>PUP.Babylon
C:Userssaint martinAppDataLocalTempAskSearch =>Toolbar.AskBarDis
C:Userssaint martinAppDataLocalTempBabylonToolbar =>PUP.Babylon
[HKCUSoftwareBabSolution] =>Hijacker.BabSolution^
[HKCUSoftwareiLivid] =>Adware.Bandoo^
[HKLMSoftwareWow6432NodeBabylon] =>PUP.Babylon^
[HKLMSoftwareWow6432NodeDatamngr] =>PUP.Datamngr^
[HKCUSoftware59ed78bb43bbe48history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName=”BrowserDefender.dll” =>Hijacker.Eazel^
C:WindowsInstaller8ec277.msi =>Adware.Bandoo^
C:WindowsInstallerb9cb16.msi =>Toolbar.Google^
[HKCRCLSID{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCRCLSID{4F524A2D-5637-4300-76A7-7A786E7484D7}] (Ask Toolbar) =>Toolbar.Ask^
[HKCRCLSID{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
~ Additionnel Scan: 377831 Items scanned in 00mn 48s

—\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults” onclick=”window.open(this.href);return false; =>PUP.SearchResults
http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask” onclick=”window.open(this.href);return false; =>Toolbar.Ask
http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop” onclick=”window.open(this.href);return false; =>Adware.Lollipop
http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution” onclick=”window.open(this.href);return false; =>Hijacker.BabSolution
http://nicolascoolman.byethost7.com/wordpress/adware-boxore/” onclick=”window.open(this.href);return false; =>Adware.Boxore
http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo” onclick=”window.open(this.href);return false; =>Adware.Bandoo
http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel” onclick=”window.open(this.href);return false; =>Hijacker.Eazel
http://nicolascoolman.byethost7.com/wordpress/pup-babylon/” onclick=”window.open(this.href);return false; =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr” onclick=”window.open(this.href);return false; =>PUP.Datamngr
http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch” onclick=”window.open(this.href);return false; =>Toolbar.DeltaSearch
http://nicolascoolman.byethost7.com/wordpress/pup-eorezo/” onclick=”window.open(this.href);return false; =>PUP.Eorezo
http://nicolascoolman.webs.com/apps/blog/show/35127313-pua-browserdefendert” onclick=”window.open(this.href);return false; =>PUA.BrowserDefendert
http://nicolascoolman.byethost7.com/wordpress/adware-imbooster/” onclick=”window.open(this.href);return false; =>Adware.IMBooster
http://nicolascoolman.byethost7.com/wordpress/pup-getnow/” onclick=”window.open(this.href);return false; =>PUP.GetNow
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad” onclick=”window.open(this.href);return false; =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector” onclick=”window.open(this.href);return false; =>PUP.BProtector
~ MSI: 16 link(s) detected in 00mn 00s

~ 2093 Legitimates filtered by white list
End of the scan (592 lines in 01mn 46s)(0)

Merci pour ton aide

Bruno