Répondre à : Fichier clés usb transformé en raccourcis 2016-09-08T13:42:28+00:00
marinezer
Participant
Post count: 15

Désolé je n’avais pas compris, ça doit être bon là :

—\ Enumération des clés de registre SecurityProviders (MCSP) (O54)
O54 – MCSP:[HKLM…CurrentControlSetControl] – (SecurityProviders) – (.Microsoft Corporation – TS Single Sign On Security Package.) — C:WindowsSystem32credssp.dll
O54 – MCSP:[HKLM…ControlSet001Control] – (SecurityProviders) – (.Microsoft Corporation – TS Single Sign On Security Package.) — C:WindowsSystem32credssp.dll
~ MSCP: 2 Scanned in 00mn 00s

—\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorAdmin”=2
O55 – MWPS:[HKLM…PoliciesSystem] – “ConsentPromptBehaviorUser”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableInstallerDetection”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableLUA”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableSecureUIAPaths”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableVirtualization”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “PromptOnSecureDesktop”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “ValidateAdminCodeSignatures”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “dontdisplaylastusername”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticecaption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “legalnoticetext”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “scforceoption”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “shutdownwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “undockwithoutlogon”=1
O55 – MWPS:[HKLM…PoliciesSystem] – “FilterAdministratorToken”=0
O55 – MWPS:[HKLM…PoliciesSystem] – “EnableUIADesktopToggle”=0
~ MWPS: 16 Scanned in 00mn 00s

—\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 – MWPE:[HKCU…policiesExplorer] – “NoDriveTypeAutoRun”=0
O56 – MWPE:[HKCU…policiesExplorer] – “NoDriveAutoRun”=3
O56 – MWPE:[HKLM…policiesExplorer] – “NoDriveAutoRun”=3
O56 – MWPE:[HKLM…policiesExplorer] – “NoDriveTypeAutoRun”=0
~ MWPE Keys: 4 Scanned in 00mn 00s

—\ Liste des pilotes du système (SDL) (O58)
O58 – SDL:21/01/2008 – 03:32:46 —A- . (.Adaptec, Inc. – Adaptec Windows SAS/SATA Storport Driver.) — C:WindowsSystem32Driversadp94xx.sys [422968]
O58 – SDL:21/01/2008 – 03:32:51 —A- . (.Adaptec, Inc. – Adaptec Windows SATA Storport Driver.) — C:WindowsSystem32Driversadpahci.sys [300600]
O58 – SDL:21/01/2008 – 03:32:52 —A- . (.Adaptec, Inc. – Adaptec LH Ultra160 Driver (x86).) — C:WindowsSystem32Driversadpu160m.sys [101432]
O58 – SDL:21/01/2008 – 03:32:53 —A- . (.Adaptec, Inc. – Adaptec StorPort Ultra320 SCSI Driver.) — C:WindowsSystem32Driversadpu320.sys [149560]
O58 – SDL:04/01/2009 – 01:41:00 —A- . (.Advanced Micro Devices, Inc – AMD AHCI Compatible Controller Driver for Windows family.) — C:WindowsSystem32Driversahcix86s.sys [183312]
O58 – SDL:21/01/2008 – 03:32:21 —A- . (.Acer Laboratories Inc. – ALi mini IDE Driver.) — C:WindowsSystem32Driversaliide.sys [17464]
O58 – SDL:21/01/2008 – 03:32:49 —A- . (.Adaptec, Inc. – Adaptec RAID Storport Driver.) — C:WindowsSystem32Driversarc.sys [79416]
O58 – SDL:21/01/2008 – 03:32:50 —A- . (.Adaptec, Inc. – Adaptec SAS RAID WS03 Driver.) — C:WindowsSystem32Driversarcsas.sys [79928]
O58 – SDL:31/10/2013 – 07:46:14 —A- . (.AVAST Software – avast! Filtering TDI driver.) — C:WindowsSystem32DriversaswFW.sys [104752]
O58 – SDL:24/02/2014 – 18:42:35 —A- . (.AVAST Software – avast! File System Minifilter for Windows 2003/Vista.) — C:WindowsSystem32DriversaswMonFlt.sys [67824]
O58 – SDL:24/02/2014 – 18:42:35 —A- . (.AVAST Software – avast! TDI Redirect Driver.) — C:WindowsSystem32DriversaswRdr.sys [54832]
O58 – SDL:17/11/2013 – 21:54:25 —A- . (…) — C:WindowsSystem32DriversaswRvrt.sys [49944] =>.ALWIL Software
O58 – SDL:24/02/2014 – 18:42:35 —A- . (.AVAST Software – avast! Virtualization Driver.) — C:WindowsSystem32DriversaswSnx.sys [775952]
O58 – SDL:24/02/2014 – 18:42:35 —A- . (.AVAST Software – avast! self protection module.) — C:WindowsSystem32DriversaswSP.sys [410784]
O58 – SDL:24/02/2014 – 18:42:35 —A- . (.AVAST Software – avast! TDI Filter Driver.) — C:WindowsSystem32DriversaswTdi.sys [57672]
O58 – SDL:29/12/2013 – 17:42:28 —A- . (…) — C:WindowsSystem32DriversaswVmm.sys [180248] =>.ALWIL Software
O58 – SDL:04/11/2008 – 06:13:32 —A- . (.Atheros Communications, Inc. – Atheros Extensible Wireless LAN device driver.) — C:WindowsSystem32Driversathr.sys [952320]
O58 – SDL:04/01/2009 – 01:41:00 —A- . (.ATI Technologies Inc. – ATI Radeon Kernel Mode Driver.) — C:WindowsSystem32Driversatikmdag.sys [4172288]
O58 – SDL:04/01/2009 – 01:42:00 —A- . (.ATI Technologies Inc. – ATI PCIE Driver for ATI PCIE chipset.) — C:WindowsSystem32DriversAtiPcie.sys [14352]
O58 – SDL:02/11/2006 – 09:24:45 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) — C:WindowsSystem32DriversBrFiltLo.sys [13568]
O58 – SDL:02/11/2006 – 09:24:46 —A- . (.Brother Industries, Ltd. – Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) — C:WindowsSystem32DriversBrFiltUp.sys [5248]
O58 – SDL:02/11/2006 – 09:25:24 —A- . (.Brother Industries Ltd. – Pilote Brother Série I/F (WDM).) — C:WindowsSystem32DriversBrSerId.sys [71808]
O58 – SDL:02/11/2006 – 09:24:44 —A- . (.Brother Industries Ltd. – Brother Serial driver (WDM version).) — C:WindowsSystem32DriversBrSerWdm.sys [62336]
O58 – SDL:02/11/2006 – 09:24:44 —A- . (.Brother Industries Ltd. – Brother USB MDM Driver.) — C:WindowsSystem32DriversBrUsbMdm.sys [12160]
O58 – SDL:02/11/2006 – 09:24:47 —A- . (.Brother Industries Ltd. – Brother USB Serial Driver.) — C:WindowsSystem32DriversBrUsbSer.sys [11904]
O58 – SDL:21/01/2008 – 03:32:21 —A- . (.CMD Technology, Inc. – CMD PCI IDE Bus Driver.) — C:WindowsSystem32Driverscmdide.sys [19000]
O58 – SDL:02/11/2006 – 10:50:11 —A- . (.Adaptec, Inc. – Adaptec Ultra SCSI miniport.) — C:WindowsSystem32Driversdjsvs.sys [71272]
O58 – SDL:02/11/2006 – 14:29:38 —A- . (.Dritek System Inc. – Dritek PS2 Keyboard Filter Driver.) — C:WindowsSystem32DriversDKbFltr.sys [21264]
O58 – SDL:21/01/2008 – 03:32:50 —A- . (.Intel Corporation – Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) — C:WindowsSystem32DriversE1G60I32.sys [118784]
O58 – SDL:21/01/2008 – 03:32:48 —A- . (.Emulex – Storport Miniport Driver for LightPulse HBAs.) — C:WindowsSystem32Driverselxstor.sys [342584]
O58 – SDL:21/01/2008 – 03:32:52 —A- . (.Hewlett-Packard Company – Smart Array Storport Driver.) — C:WindowsSystem32DriversHpCISSs.sys [40504]
O58 – SDL:21/01/2008 – 03:32:49 —A- . (.Intel Corporation – Intel Matrix Storage Manager driver (base).) — C:WindowsSystem32DriversiaStorV.sys [235064]
O58 – SDL:02/11/2006 – 10:50:17 —A- . (.Intel Corp./ICP vortex GmbH – Intel/ICP Raid Storport Driver.) — C:WindowsSystem32Driversiirsp.sys [41576]
O58 – SDL:02/11/2006 – 10:50:07 —A- . (.Integrated Technology Express, Inc. – ITE IT8211 ATA/ATAPI SCSI miniport.) — C:WindowsSystem32Driversiteatapi.sys [35944]
O58 – SDL:02/11/2006 – 10:50:09 —A- . (.Integrated Technology Express, Inc. – ITE IT8212 ATA RAID SCSI miniport.) — C:WindowsSystem32Driversiteraid.sys [35944]
O58 – SDL:15/01/2009 – 04:03:14 —A- . (.Atheros Communications, Inc. – Atheros L1c PCI-E Gigabit Ethernet Controller.) — C:WindowsSystem32DriversL1C60x86.sys [49664]
O58 – SDL:21/01/2008 – 03:32:49 —A- . (.LSI Logic – LSI Logic Fusion-MPT FC Driver (StorPort).) — C:WindowsSystem32Driverslsi_fc.sys [96312]
O58 – SDL:21/01/2008 – 03:32:51 —A- . (.LSI Logic – LSI Logic Fusion-MPT SAS Driver (StorPort).) — C:WindowsSystem32Driverslsi_sas.sys [89656]
O58 – SDL:21/01/2008 – 03:32:48 —A- . (.LSI Logic – LSI Logic Fusion-MPT SCSI Driver (StorPort).) — C:WindowsSystem32Driverslsi_scsi.sys [96312]
O58 – SDL:21/01/2008 – 03:32:53 —A- . (.LSI Corporation – MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) — C:WindowsSystem32Driversmegasas.sys [31288]
O58 – SDL:21/01/2008 – 03:32:52 —A- . (.LSI Corporation, Inc. – LSI MegaRAID Software RAID Driver.) — C:WindowsSystem32DriversMegaSR.sys [386616]
O58 – SDL:02/11/2006 – 10:49:59 —A- . (.LSI Logic Corporation – MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) — C:WindowsSystem32DriversMraid35x.sys [33384]
O58 – SDL:02/11/2006 – 10:50:19 —A- . (.IBM Corporation – IBM ServeRAID Controller Driver.) — C:WindowsSystem32Driversnfrd960.sys [45160]
O58 – SDL:30/01/2008 – 10:52:06 —A- . (.NewTech Infosystems, Inc. – NTI CD-ROM Filter Driver.) — C:WindowsSystem32DriversNTIDrvr.sys [14848]
O58 – SDL:02/11/2006 – 08:36:50 —A- . (.N-trig Innovative Technologies – Pilote intégré de digitalisateur de tablette N-trig.) — C:WindowsSystem32Driversntrigdigi.sys [20608]
O58 – SDL:21/01/2008 – 03:32:47 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) RAID Driver.) — C:WindowsSystem32Driversnvraid.sys [102968]
O58 – SDL:21/01/2008 – 03:32:47 —A- . (.NVIDIA Corporation – NVIDIA® nForce(TM) Sata Performance Driver.) — C:WindowsSystem32Driversnvstor.sys [45112]
O58 – SDL:21/01/2008 – 03:32:50 —A- . (.QLogic Corporation – QLogic Fibre Channel Stor Miniport Driver.) — C:WindowsSystem32Driversql2300.sys [1122360]
O58 – SDL:02/11/2006 – 10:50:35 —A- . (.QLogic Corporation – QLogic iSCSI Storport Miniport Driver.) — C:WindowsSystem32Driversql40xx.sys [106088]
O58 – SDL:17/04/2007 – 19:09:28 —A- . (.InterVideo – regi driver.) — C:WindowsSystem32Driversregi.sys [11032]
O58 – SDL:13/01/2009 – 12:15:18 —A- . (.Realtek Semiconductor Corp. – Realtek(r) High Definition Audio Function Driver.) — C:WindowsSystem32DriversRTKVHDA.sys [2304928]
O58 – SDL:15/01/2009 – 23:00:30 —A- . (.Realtek Semiconductor Corp. – Realtek USB Mass Storage Driver for Vista.) — C:WindowsSystem32DriversRTSTOR.sys [61440]
O58 – SDL:02/11/2006 – 07:37:21 —A- . (.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) — C:WindowsSystem32Driverssecdrv.sys [20480]
O58 – SDL:21/01/2008 – 03:32:52 —A- . (.Silicon Integrated Systems – SiS AHCI Stor-Miniport Driver.) — C:WindowsSystem32Driverssisraid4.sys [74808]
O58 – SDL:02/11/2006 – 10:50:05 —A- . (.LSI Logic – LSI Logic 8XX SCSI Miniport Driver.) — C:WindowsSystem32Driverssymc8xx.sys [35944]
O58 – SDL:02/11/2006 – 10:49:56 —A- . (.LSI Logic – LSI Logic Hi-Perf SCSI Miniport Driver.) — C:WindowsSystem32Driverssym_hi.sys [31848]
O58 – SDL:02/11/2006 – 10:50:03 —A- . (.LSI Logic – LSI Logic Ultra160 SCSI Miniport Driver.) — C:WindowsSystem32Driverssym_u3.sys [34920]
O58 – SDL:09/01/2009 – 02:48:16 —A- . (.Synaptics, Inc. – Synaptics Touchpad Driver.) — C:WindowsSystem32DriversSynTP.sys [204976]
O58 – SDL:30/01/2008 – 10:51:50 —A- . (.NewTech Infosystems Corporation – NTI CDROM Filter Driver.) — C:WindowsSystem32DriversUBHelper.sys [13824]
O58 – SDL:21/01/2008 – 03:32:45 —A- . (.ULi Electronics Inc. – ULi SATA Controller Driver.) — C:WindowsSystem32Driversuliahci.sys [238648]
O58 – SDL:02/11/2006 – 10:50:35 —A- . (.Promise Technology, Inc. – Promise Ultra/Sata Series Driver for Win2003.) — C:WindowsSystem32Driversulsata.sys [98408]
O58 – SDL:21/01/2008 – 03:32:49 —A- . (.Promise Technology, Inc. – Promise SATAII150 Series Windows Drivers.) — C:WindowsSystem32Driversulsata2.sys [115816]
O58 – SDL:21/01/2008 – 03:32:21 —A- . (.VIA Technologies, Inc. – VIA Generic PCI IDE Bus Driver.) — C:WindowsSystem32Driversviaide.sys [20024]
O58 – SDL:21/01/2008 – 03:32:49 —A- . (.VIA Technologies Inc.,Ltd – VIA RAID DRIVER FOR AMD-X86-64.) — C:WindowsSystem32Driversvsmraid.sys [130616]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbmdm6k.sys [105088]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Corporation. – USB NDIS Miniport Driver.) — C:WindowsSystem32DriversZTEusbnet.sys [114688]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbnmea.sys [105088]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbnmeaext.sys [105088]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbnmeaext2.sys [105088]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbser6k.sys [105088]
O58 – SDL:26/09/2011 – 11:04:02 —A- . (.ZTE Inc. – USB Modem/Serial Device Driver.) — C:WindowsSystem32DriversZTEusbvoice.sys [105088]
O58 – SDL:02/11/2006 – 08:09:42 —A- . (…) — C:WindowsSystem32ANSI.SYS [9029]
O58 – SDL:02/11/2006 – 08:09:45 —A- . (…) — C:WindowsSystem32country.sys [27097]
O58 – SDL:02/11/2006 – 08:09:41 —A- . (…) — C:WindowsSystem32HIMEM.SYS [4768]
O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEY01.SYS [42809]
O58 – SDL:02/11/2006 – 08:09:44 —A- . (…) — C:WindowsSystem32KEYBOARD.SYS [42537]
O58 – SDL:02/11/2006 – 08:09:29 —A- . (…) — C:WindowsSystem32NTDOS.SYS [27866]
O58 – SDL:02/11/2006 – 08:09:35 —A- . (…) — C:WindowsSystem32NTDOS404.SYS [29146]
O58 – SDL:02/11/2006 – 08:09:38 —A- . (…) — C:WindowsSystem32NTDOS411.SYS [29370]
O58 – SDL:02/11/2006 – 08:09:40 —A- . (…) — C:WindowsSystem32NTDOS412.SYS [29274]
O58 – SDL:02/11/2006 – 08:09:31 —A- . (…) — C:WindowsSystem32NTDOS804.SYS [29146]
O58 – SDL:02/11/2006 – 08:09:20 —A- . (…) — C:WindowsSystem32NTIO.SYS [33952]
O58 – SDL:02/11/2006 – 08:09:23 —A- . (…) — C:WindowsSystem32NTIO404.SYS [34672]
O58 – SDL:02/11/2006 – 08:09:24 —A- . (…) — C:WindowsSystem32NTIO411.SYS [35776]
O58 – SDL:02/11/2006 – 08:09:26 —A- . (…) — C:WindowsSystem32NTIO412.SYS [35536]
O58 – SDL:02/11/2006 – 08:09:22 —A- . (…) — C:WindowsSystem32NTIO804.SYS [34672]
~ Drivers: 86 Scanned in 00mn 31s

—\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 – LFC: 23/05/2014 – 14:38:28 —A- . (…) — C:UsersmarineAppDataRoamingAdobeAcrobat9.0UserCache.bin [90791]
O61 – LFC: 23/05/2014 – 14:38:28 —A- . (.El Desaparecido – SosVirus.net – UsbFix.net.) — C:UsersmarineAppDataLocalTemp~nsu.tmpAu_.exe [133700]
O61 – LFC: 23/05/2014 – 14:38:28 —A- . (.El Desaparecido – SosVirus.net – UsbFix.net.) — C:UsersmarineDownloadsUsbFix.exe [3051000]
O61 – LFC: 23/05/2014 – 14:38:28 —A- . (.Nicolas Coolman.) — C:UsersmarineDownloadsZHPDiag2.exe [6780575] =>.Nicolas Coolman
~ 4 Fichiers temporaires (Temporary files)
~ 8 Fichiers cookies (Cookies files)
~ Files: 4 Scanned in 00mn 01s

—\ Liste des outils de désinfection (LATC) (O63)
O63 – Logiciel: UsbFix – (.El Desaparecido – http://www.usbfix.nethttp://www.sosvirus.net.) [HKLM] — Usbfix
O63 – Logiciel: ZHPDiag 2014 – (.Nicolas Coolman.) [HKLM] — ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s

—\ Liste les services legacy du registre (LALS) (O64)
O64 – Services: CurCS – 24/02/2014 – C:Windowssystem32driversaswMonFlt.sys (aswMonFlt) .(.AVAST Software – avast! File System Minifilter for Windows 2.) – LEGACY_ASWMONFLT
O64 – Services: CurCS – 24/02/2014 – C:Windowssystem32driversaswRdr.sys (aswRdr) .(.AVAST Software – avast! TDI Redirect Driver.) – LEGACY_ASWRDR
O64 – Services: CurCS – 17/11/2013 – C:WindowsSystem32DriversaswRvrt.sys (aswRvrt) .(…) – LEGACY_ASWRVRT
O64 – Services: CurCS – 24/02/2014 – C:Windowssystem32driversaswSnx.sys (aswSnx) .(.AVAST Software – avast! Virtualization Driver.) – LEGACY_ASWSNX
O64 – Services: CurCS – 24/02/2014 – C:Windowssystem32driversaswSP.sys (aswSP) .(.AVAST Software – avast! self protection module.) – LEGACY_ASWSP
O64 – Services: CurCS – 24/02/2014 – C:Windowssystem32driversaswTdi.sys (aswTdi) .(.AVAST Software – avast! TDI Filter Driver.) – LEGACY_ASWTDI
O64 – Services: CurCS – 29/12/2013 – C:WindowsSystem32DriversaswVmm.sys (aswVmm) .(…) – LEGACY_ASWVMM
O64 – Services: CurCS – 02/11/2006 – C:Program FilesLAUNCH~1DPortIO.sys (DritekPortIO) .(.Dritek System Inc. – General Port I/O.) – LEGACY_DRITEKPORTIO
O64 – Services: CurCS – 17/04/2007 – C:WindowsSystem32driversregi.sys (regi) .(.InterVideo – regi driver.) – LEGACY_REGI
O64 – Services: CurCS – 02/11/2006 – C:WindowsSystem32Driverssecdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe – Macrovision SECURITY Driver.) – LEGACY_SECDRV
~ Legacy: 86 Scanned in 00mn 00s

—\ Associations Shell Spawning (O67)
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..cplopenCommand] (.Microsoft Corporation – Windows Control Panel.) — C:WindowsSystem32control.exe =>.Microsoft Corporation
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Lanceur du composant logiciel enfichable Observateur d’événements.) — C:WindowsSystem32eventvwr.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” %*
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Microsoft (R) Windows Based Script Host.) — C:WindowsSystem32WScript.exe
O67 – Shell Spawning: [HKLM..openCommand] (.Microsoft Corporation – Éditeur du Registre.) — C:Windowsregedit.exe
O67 – Shell Spawning: [HKLM..openCommand] (…) — “%1” /S
O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
O67 – Shell Spawning: [HKU..openCommand] (.Not Key.)
~ FASS Keys: 12 Scanned in 00mn 00s

—\ Menu de démarrage Internet (SMI) (O68)
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Google Inc. – Google Chrome.) — C:Program FilesGoogleChromeApplicationchrome.exe
O68 – StartMenuInternet: [HKLM..ShellopenCommand] (.Microsoft Corporation – Internet Explorer.) — C:Program FilesInternet Exploreriexplore.exe
~ Keys: Scanned in 00mn 00s

—\ Recherche d’infection sur les navigateurs internet (SBI) (O69)
O69 – SBI: C:UsersmarineAppDataRoamingMozillaFirefoxProfilesdwt984hb.defaultsearchpluginsconduit.xml
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“browser.search.defaultthis.engineName”, “01NET.com Main Customized Web Search”);
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“browser.search.defaulturl”, “http://search.conduit.com/ResultsExt.aspx?ctid=CT3285358&CUI=UN94251443328045185&UM=2&Sear[…]
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.Fissa.Uninstall.lastRunTime”, “Thu, 24 Mar 2011 19:01:06 GMT”); =>PUP.OfferBox
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.Fissa.lastRunTime”, “Thu, 24 Mar 2011 18:19:05 GMT”); =>PUP.OfferBox
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.DNSErrUrl”, “http://start.facemoods.com/?a=ddrnw&f=5”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.aflt”, “_#ddrnw”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.dfltSrch”, true); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.dfltSrchPrvdr”, “Facemoods Search”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.dnsErr”, true); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.fcmdVrsn”, “1.2.7.5.4”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.firstRun”, false); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.first_time”, false); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.hmpg”, true); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.hmpgUrl”, “http://start.facemoods.com/?a=ddrnw”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.id”, “_#8e2b759500000000000000235adde7f9”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.instlDay”, “_#15228”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.mntz”, “”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.newTab”, true); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.newTabUrl”, “http://start.facemoods.com/?a=ddrnw&f=2”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.prtnrId”, “_#facemoods.com”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.searchProviderAdded”, true); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.sid”, “_#e68f29f66ffd4b03b45c7e9e240fefca”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.tlbrSrchUrl”, “http://start.facemoods.com/?a=ddrnw&f=3”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.update”, “_#v1.4.0”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“extensions.facemoods.vrsn”, “_#1.4.17.11”); =>Adware.Facemoods
O69 – SBI: prefs.js [marine – dwt984hb.default] user_pref(“smartbar.conduitSearchAddressUrlList”, “http://search.conduit.com/ResultsExt.aspx?ctid=CT3285358&SearchSource=2&CUI=UN9[…] =>Hijacker.SmartBar
O69 – SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} – () – http://search.live.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {0D7562AE-8EF6-416d-A838-AB665251703A} – (Web Search) – http://search.certified-toolbar.com” onclick=”window.open(this.href);return false; =>PUP.CertifiedToolbar
O69 – SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} – (Delta Search) – http://www.delta-search.com” onclick=”window.open(this.href);return false; =>Toolbar.DeltaSearch
O69 – SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {b9508593-ae5f-42a4-a513-126644af3685} – (iadah) – http://www.iadah.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {BC48935D-0C66-4AF5-B14D-CD1548EA82D3} [DefaultScope] – (01NET.com Main Customized Web Search) – http://search.conduit.com” onclick=”window.open(this.href);return false;
O69 – SBI: SearchScopes [HKCU] {F00A3CE5-6DA9-49BC-826F-86C9D16E53A1} – (Google) – http://www.google.com” onclick=”window.open(this.href);return false;
~ Keys: Scanned in 00mn 00s

—\ Enumère les service demarrés par Svchost (SSS) (O83)
O83 – Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation – Service Expérience d’application.) — C:WindowsSystem32aelupsvc.dll [24576]
O83 – Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation – Rapports et solutions aux problèmes.) — C:WindowsSystem32wercplsupport.dll [62976]
O83 – Search Svchost Services: Themes (Themes) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [247808]
O83 – Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [40448]
O83 – Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation – Service de propagation de certificats de cartes à puce Microsoft.) — C:WindowsSystem32certprop.dll [40448]
O83 – Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation – DLL du service Serveur.) — C:WindowsSystem32srvsvc.dll [125952]
O83 – Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation – Client de stratégie de groupe.) — C:WindowsSystem32gpsvc.dll [574464]
O83 – Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation – Extension IKE.) — C:WindowsSystem32ikeext.dll [438272]
O83 – Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation – Service Audio Windows.) — C:WindowsSystem32Audiosrv.dll [314368]
O83 – Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation – Gestionnaire de numérotation automatique d’accès distant.) — C:WindowsSystem32rasauto.dll [90624]
O83 – Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation – Gestionnaire de connexions d’accès distant.) — C:WindowsSystem32rasmans.dll [260608]
O83 – Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation – Gestionnaire d’interface dynamique.) — C:WindowsSystem32mprdim.dll [68608]
O83 – Search Svchost Services: SENS (SENS) . (.Microsoft Corporation – Service de notification d’événements système (SENS).) — C:WindowsSystem32sens.dll [47104]
O83 – Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation – Composants de l’application d’assistance à Microsoft NAT.) — C:WindowsSystem32ipnathlp.dll [288256]
O83 – Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation – Serveur de téléphonie Microsoft® Windows(TM).) — C:WindowsSystem32tapisrv.dll [242688]
O83 – Search Svchost Services: TermService (TermService) . (.Microsoft Corporation – Gestionnaire des connexions distantes Terminal Server.) — C:WindowsSystem32termsrv.dll [448512]
O83 – Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation – Agent de mise à jour automatique Windows Update.) — C:WindowsSystem32wuaueng.dll [1929952]
O83 – Search Svchost Services: BITS (BITS) . (.Microsoft Corporation – Service de transfert intelligent en arrière-plan.) — C:WindowsSystem32qmgr.dll [758272]
O83 – Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation – Dll des services Windows Shell.) — C:WindowsSystem32shsvcs.dll [247808]
O83 – Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation – Service offrant une connectivité IPv6 sur un réseau IPv4..) — C:WindowsSystem32iphlpsvc.dll [190464]
O83 – Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation – DLL de service d’ouverture de session secondaire.) — C:Windowssystem32seclogon.dll [19968]
O83 – Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation – Service Informations d’application.) — C:WindowsSystem32appinfo.dll [33280]
O83 – Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation – Service de découverte iSCSI.) — C:WindowsSystem32iscsiexe.dll [111616]
O83 – Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation – Service Planificateur de classes multimédias.) — C:WindowsSystem32mmcss.dll [45056]
O83 – Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation – ProfSvc.) — C:WindowsSystem32profsvc.dll [153600]
O83 – Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation – Service EAPHost Microsoft.) — C:WindowsSystem32eapsvc.dll [57344]
O83 – Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation – WMI.) — C:WindowsSystem32wbemWMIsvc.dll [161792]
O83 – Search Svchost Services: schedule (schedule) . (.Microsoft Corporation – Service du Planificateur de tâches.) — C:WindowsSystem32schedsvc.dll [603648]
O83 – Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation – Service de configuration des services Terminal Server.) — C:WindowsSystem32sessenv.dll [84992]
O83 – Search Svchost Services: browser (browser) . (.Microsoft Corporation – DLL du service Explorateur d’ordinateurs.) — C:WindowsSystem32browser.dll [81920]
O83 – Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation – Service Gestion des clés.) — C:WindowsSystem32kmsvc.dll [68096]
~ Services: 31 Scanned in 00mn 00s

—\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.5B6C11DE7E839C05248CED8825470FEF] [SPRF][30/05/2012] (.VSO Software – low level access layer for CD/DVD/BD devices.) — C:UsersmarineAppDataRoamingpcouffin.sys [47360]
[MD5.457F9A510E4E9BD04E27D356511D0EB8] [SPRF][02/02/2013] (…) — C:UsersmarineAppDataRoamingwklnhst.dat [3554]
[MD5.53DDA20538126954A415C797BC0A63C7] [SPRF][29/06/2012] (.Adobe Systems, Inc. – Adobe Flash Player 10.1 r52.) — C:UsersmarineDesktopWebGameplay.exe [5484987]
~ Files: 3 Scanned in 00mn 00s

—\ Export de clés de registre aléatoires (O91)
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid=”{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}” =>Hijacker.Eazel
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version=”2.6.1095.52″ =>Hijacker.Eazel
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid=”{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}” =>Hijacker.Eazel
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version=”2.6.1125.80″ =>Hijacker.Eazel
[HKCUSoftware5353dc8bb339e544] =>PUP.Babylon^
~ Export Key Software: Scanned in 00mn 00s

—\ Recherche de clés de registre CLSID (O101)
[HKCRCLSID{23AF19F7-1D5B-442c-B14C-3D1081953C94}] (Bubble Dock SurfMatch) =>PUP.BubbleDock
[HKCRCLSID{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] (OfferBox) =>PUP.OfferBox
~ BCK: 4771 Scanned in 00mn 16s

—\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS – | Demand 15/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) – C:Windowssystem32MacromedFlashFlashPlayerUpdateService.exe
SS – | Auto 04/01/2009 724992 | (Ati External Event Utility) . (.ATI Technologies Inc..) – C:WindowsSystem32Ati2evxx.exe
SS – | Auto 06/02/2009 653856 | (ePowerSvc) . (.Acer Incorporated.) – C:Program FileseMachineseMachines Power ManagementePowerSvc.exe
SS – | Auto 18/02/2013 116648 | (gupdate) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Demand 18/02/2013 116648 | (gupdatem) . (.Google Inc..) – C:Program FilesGoogleUpdateGoogleUpdate.exe
SS – | Auto 28/03/2012 140456 | (IJPLMSVC) . (…) – C:Program FilesCanonIJPLMIJPLMSVC.exe
SS – | Auto 04/01/2007 112152 | (IviRegMgr) . (.InterVideo.) – C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe
SS – | Demand 23/09/2008 50424 | (NTIBackupSvc) . (.NewTech InfoSystems, Inc..) – C:Program FilesNewTech InfosystemsNTI Backup Now 5BackupSvc.exe
SS – | Auto 23/09/2008 144632 | (NTISchedulerSvc) . (.NewTech Infosystems, Inc..) – C:Program FilesNewTech InfosystemsNTI Backup Now 5SchedulerSvc.exe
SR – | Auto 24/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) – C:Program FilesAVAST SoftwareAvastAvastSvc.exe
SR – | Auto 21/01/2008 21504 | C:Windowssystem32HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SR – | Auto 21/01/2008 21504 | C:Windowssystem32HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) – C:WindowsSystem32svchost.exe
SR – | Auto 21/01/2008 21504 | C:Program FilesWindows Defendermpsvc.dll (WinDefend) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
SR – | Auto 21/01/2008 21504 | C:WindowsSystem32wuaueng.dll (wuauserv) . (.Microsoft Corporation.) – C:WindowsSystem32svchost.exe
~ Services: Scanned in 00mn 18s

—\ Recherche d’infection sur le Master Boot Record (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net” onclick=”window.open(this.href);return false;
Run by marine at 23/05/2014 14:39:22
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys ahcix86s.sys ndis.sys athr.sys win32k.sys
C:Windowssystem32DRIVERSahcix86s.sys Advanced Micro Devices, Inc AMD AHCI Compatible Controller
C:Windowssystem32DRIVERSathr.sys Atheros Communications, Inc. Driver for Atheros CB42/CB43/MB42/MB43 Network Adapter
1 ntkrnlpa!IofCallDriver[0x828D8FEF] >> DeviceHarddisk0DR0[0x8639DAA0]
3 CLASSPNP[0x87FA4745] >> ntkrnlpa!IofCallDriver[0x828D8FEF] >> [0x84AC0360]
5 acpi[0x806136A0] >> ntkrnlpa!IofCallDriver[0x828D8FEF] >> Device0000067[0x859B8C90]
kernel: MBR read successfully
user & kernel MBR OK
error: Read Ressources système insuffisantes pour terminer le service demandé.
~ MBR: 16 Scanned in 00mn 02s

—\ Recherche d’infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog” onclick=”window.open(this.href);return false;
Run by marine at 23/05/2014 14:39:24
********* Dump file Name *********
C:PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s

—\ Scan Additionnel (O88)
Database Version : 13029 – (23/05/2014)
Clés trouvées (Keys found) : 46
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 19
Fichiers trouvés (Files found) : 15

[HKLMSoftwareGoogleChromeExtensionskbjlipmgfoamgjaogmbihaffnpkpjajp] =>PUP.BubbleDock^
[HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{23AF19F7-1D5B-442C-B14C-3D1081953C94}] =>PUP.BubbleDock^
[HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>PUP.OfferBox^
[HKLMSoftwareMicrosoftShared ToolsMSConfigstartupreguTorrent] =>P2P.µTorrent^
[HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0D7562AE-8EF6-416d-A838-AB665251703A}] =>Adware.Facemoods
[HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLMSoftwareClassesCLSID{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLMSoftwareClassesCLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{4a1b5397-2a80-4f7d-af70-327d9e2103c6}] =>Toolbar.Agent
[HKLMSoftwareClassesAppID{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware.BullseyeToolbar
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{64182481-4F71-486b-A045-B233BD0DA8FC}] =>Adware.Facemoods
[HKLMSoftwareClassesCLSID{80922ee0-8a76-46ae-95d5-bd3c3fe0708d}] =>Adware.Yontoo
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLMSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLMSoftwareClassesAppID{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}] =>Adware.BullseyeToolbar
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent
[HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent
[HKLMSoftwareClassesCLSID{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent
[HKCUSoftwareMicrosoftWindowsCurrentVersionApp ManagementARPCacheOfferBox Browser] =>PUP.OfferBox
[HKLMSoftwareClassesOfferBox.OfferBoxServer] =>PUP.OfferBox
[HKLMSoftwareClassesOfferBox.OfferBoxServer.1] =>PUP.OfferBox
[HKLMSoftwareGoogleChromeExtensionsbjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKLMSoftwareBoxore] =>Adware.Boxore
[HKCUSoftwareAppDataLowSoftwareConduitSearchScopes] =>Toolbar.Conduit
[HKCUSoftwareDataMngr] =>Adware.Bandoo
[HKLMSoftwareDataMngr] =>Adware.Bandoo
[HKCUSoftwareFissaSearch] =>PUP.OfferBox
[HKCUSoftwarefreeCompressor] =>Adware.SPointer
[HKLMSoftwareGamesBarSetup] =>Adware.GamesBar
[HKCUSoftwarelollipop] =>Adware.Lollipop
[HKCUSoftwareOfferBox] =>PUP.OfferBox
[HKLMSoftwareOfferBox] =>PUP.OfferBox
[HKLMSoftwareTarma Installer] =>PUP.Tarma
[HKLMSoftwareClassesProd.cap] =>PUP.Babylon
[HKCUSoftwareInstallCore] =>Adware.InstallCore
[HKCUAppEventsSchemesAppsExplorerNavigatingOld_Current] =>PUP.MediaFinder
[HKLMSoftwareClassesAppID{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLMSoftwareClassesToolbar.CT3285358] =>Toolbar.Conduit
[HKLMSoftwareMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ComponentsCA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLMSoftwareMozillaFirefoxExtensions]:offerboxffx@offerbox.com =>PUP.OfferBox
C:UsersmarineAppDataLocalGoogleChromeUser DataDefaultExtensionskbjlipmgfoamgjaogmbihaffnpkpjajp =>PUP.BubbleDock^
C:Program FilesOfferBox =>PUP.OfferBox^
C:Program FilesProtected Search =>Spyware.ProtectedSearch^
C:ProgramDataBabylon =>PUP.Babylon^
C:ProgramDataTarma Installer =>PUP.Tarma^
C:ProgramDataTrymedia =>Adware.Trymedia^
C:UsersmarineAppDataRoamingBabylon =>PUP.Babylon^
C:UsersmarineAppDataRoamingDealPly =>PUP.DealPly^
C:UsersmarineAppDataRoamingNosibay =>PUP.BubbleDock^
C:UsersmarineAppDataRoamingOfferBox =>PUP.OfferBox^
C:UsersmarineAppDataLocalLollipop =>Adware.Lollipop^
C:Program FilesConduit =>Toolbar.Conduit
C:Program FilesFreeCompressor =>Adware.SPointer
C:Program FilesSoftware =>Adware.Boxore
C:Program FilesWebgameplay setup =>Toolbar.Agent
C:UsersmarineAppDataRoamingFreeCompressor =>Adware.SPointer
C:UsersmarineAppDataLocalConduit =>Toolbar.Conduit
C:UsersmarineAppDataLocalSoftware =>Adware.Boxore
C:UsersmarineAppDataLocalLowConduit =>Toolbar.Conduit
C:UsersmarineAppDataRoamingMozillaFirefoxProfilesdwt984hb.defaultSearchPluginsconduit.xml =>Toolbar.Conduit
C:UsersmarineAppDataRoamingMozillaFirefoxProfilesdwt984hb.defaultSearchPluginsfissa.xml =>PUP.OfferBox
[HKCUSoftwareAppDataLowSoftwareConduit] =>Toolbar.Conduit^
[HKCUSoftwareAppDataLowSoftwareSmartbar] =>Hijacker.SmartBar^
[HKCUSoftwareBabSolution] =>Hijacker.BabSolution^
[HKCUSoftwareConduit] =>Toolbar.Conduit^
[HKLMSoftwareBabylon] =>PUP.Babylon^
[HKLMSoftwareConduit] =>Toolbar.Conduit^
[HKLMSoftwareDomaIQ] =>Adware.DomaIQ^
[HKLMSoftwareTrymedia Systems] =>Adware.Trymedia^
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid=”{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}” =>Hijacker.Eazel^
[HKCUSoftware5353dc8bb339e544history{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid=”{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}” =>Hijacker.Eazel^
[HKCUSoftware5353dc8bb339e544] =>PUP.Babylon^^
[HKCRCLSID{23AF19F7-1D5B-442c-B14C-3D1081953C94}] (Bubble Dock SurfMatch) =>PUP.BubbleDock^
[HKCRCLSID{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] (OfferBox) =>PUP.OfferBox^
~ Additionnel Scan: 248352 Items scanned in 00mn 47s

—\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.fr/toolbar-deltasearch” onclick=”window.open(this.href);return false; =>Toolbar.DeltaSearch
http://nicolascoolman.fr/pup-bubbledock” onclick=”window.open(this.href);return false; =>PUP.BubbleDock
http://nicolascoolman.fr/pup-babylon” onclick=”window.open(this.href);return false; =>PUP.Babylon
http://nicolascoolman.fr/pup-offerbox” onclick=”window.open(this.href);return false; =>PUP.OfferBox
http://nicolascoolman.fr/pup-certifiedtoolbar” onclick=”window.open(this.href);return false; =>PUP.CertifiedToolbar
http://nicolascoolman.fr/adware-facemoods” onclick=”window.open(this.href);return false; =>Adware.Facemoods
http://nicolascoolman.fr/pup-dealply” onclick=”window.open(this.href);return false; =>PUP.DealPly
http://nicolascoolman.fr/hijacker-eazel” onclick=”window.open(this.href);return false; =>Hijacker.Eazel
http://nicolascoolman.fr/toolbar-conduit” onclick=”window.open(this.href);return false; =>Toolbar.Conduit
http://nicolascoolman.fr/hijacker-smartbar” onclick=”window.open(this.href);return false; =>Hijacker.SmartBar
http://nicolascoolman.fr/hijacker-babsolution” onclick=”window.open(this.href);return false; =>Hijacker.BabSolution
http://nicolascoolman.fr/pup-datamngr” onclick=”window.open(this.href);return false; =>PUP.Datamngr
http://nicolascoolman.fr/adware-installcore” onclick=”window.open(this.href);return false; =>Adware.InstallCore
http://nicolascoolman.fr/adware-lollipop” onclick=”window.open(this.href);return false; =>Adware.Lollipop
http://nicolascoolman.fr/adware-boxore” onclick=”window.open(this.href);return false; =>Adware.Boxore
http://nicolascoolman.fr/adware-domaiq” onclick=”window.open(this.href);return false; =>Adware.DomaIQ
http://nicolascoolman.fr/26808625-adware-gamesbar” onclick=”window.open(this.href);return false; =>Adware.GamesBar
http://nicolascoolman.fr/pup-tarma” onclick=”window.open(this.href);return false; =>PUP.Tarma
http://nicolascoolman.fr/adware-trymedia” onclick=”window.open(this.href);return false; =>Adware.Trymedia
http://nicolascoolman.fr/spyware-protectedsearch” onclick=”window.open(this.href);return false; =>Spyware.ProtectedSearch
http://nicolascoolman.fr/adware-spointer” onclick=”window.open(this.href);return false; =>Adware.SPointer
http://nicolascoolman.fr/adware-iwinarcade” onclick=”window.open(this.href);return false; =>Adware.iWinArcade
http://nicolascoolman.fr/adware-bullseyetoolbar” onclick=”window.open(this.href);return false; =>Adware.BullseyeToolbar
http://nicolascoolman.fr/adware-yontoo” onclick=”window.open(this.href);return false; =>Adware.Yontoo
http://nicolascoolman.fr/adware-bandoo” onclick=”window.open(this.href);return false; =>Adware.Bandoo
http://nicolascoolman.fr/28445531-pup-mediafinder” onclick=”window.open(this.href);return false; =>PUP.MediaFinder
~ MSI: 26 link(s) detected in 00mn 00s

End of the scan (1417 lines in 03mn 59s)(0)