~ Rapport de ZHPDiag v2013.10.30.78 - Nicolas Coolman (30/10/2013) ~ Lancé par Chris (31/10/2013 19:41:49) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16721 MFIE: Mozilla Firefox 24.0 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : BWX77 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Avira Free Antivirus v13.0.0.3885 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader X Java 7 Update 45 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3958 MB (52% free) System Restore: Activé (Enable) System drive C: has 29 GB (9%) free of 298 GB ---\\ Mode de connexion au système ~ Computer Name: CHRIS-TOSH ~ User Name: Chris ~ All Users Names: HomeGroupUser$, Chris, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Chris\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Chris\AppData\Roaming\ ~ %Desktop% : C:\Users\Chris\Desktop\ ~ %Favorites% : C:\Users\Chris\Favorites\ ~ %LocalAppData% : C:\Users\Chris\AppData\Local\ ~ %StartMenu% : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 29 Go of 298 Go) D: Hard drive, Flash drive, Thumb drive (Free 33 Go of 298 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified ~ Security Center: 46 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.314C17917AC8523EC77A710215012A65] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 02:10:19.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3583 ~ Mes musiques (My Musics) : 3/176 ~ Mes Videos (My Videos) : 1/126 ~ Mes Favoris (My Favorites) : 1/199 ~ Mes Documents (My Documents) : 1/2365 ~ Mon Bureau (My Desktop) : 4/2530 ~ Menu demarrer (Programs) : 1/30 ~ Hidden Files: Scanned in 00mn 07s ---\\ Processus lancés [MD5.05973FB5F863CDB65852D88ADB383A33] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280] [PID.2788] [MD5.F8C89D2C5281253945D1C93391EDCAB2] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [310128] [PID.2864] [MD5.26F044CF1F6C7F8AFC590C97E0F781A9] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1475952] [PID.2956] [MD5.334206173B1DF9D68817E5F07789E955] - (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560] [PID.3024] [MD5.D5D8A5E87D3C32C516E5B5E2BA5B0DBF] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247768] [PID.3056] [MD5.0E8F60BE218F60CDA959B02DA9C404AD] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20687728] [PID.1632] [MD5.4DD5F34807A2084D3E80665B2445BF95] - (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe [1526080] [PID.2364] =>Hijacker.Beamrise [MD5.80A02F5ADDDF2D615B85A4F19424DCBB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760] [PID.3128] [MD5.F7E0783DA9043BC131BB37C77EDB04DF] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840] [PID.3200] [MD5.0B836459B84E16F3D3F908AEC8352041] - (.Pas de propriétaire - Printer Card Transfer Monitor.) -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe [25256] [PID.3304] [MD5.EF1FDB2A4B30AA4761376183FD81CC18] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe [282624] [PID.3344] [MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.3656] [MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.3856] [MD5.A7E406711790197712D376B44A9FBB0B] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496] [PID.3896] [MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848] [PID.3352] [MD5.D6B7DDB68436F13C3CAE2B92524F1FEC] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770648] [PID.4944] [MD5.A7766D3BCB614BC77AA06579D84AE8ED] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8153600] [PID.7872] [MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024] [PID.1340] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1516] [MD5.10DBAA1703253FB511D0F5C5F6064B00] - (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [77824] [PID.1976] [MD5.23DE5B62B0445A6F874BE633C95B483E] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2072] [MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.2100] [MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2196] [MD5.D65F491938DB7527776BDE77D2849FB0] - (...) -- C:\Windows\System32\rpcnetp.exe [17920] [PID.2404] [MD5.F620772888B6E3EDEF5C3E71E3D447F0] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92632] [PID.2552] [MD5.ADA29CA7063D21B930B2A3263CD17F1C] - (.BatBrowse - BatBrowse.) -- C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe [65824] [PID.2856] =>PUP.BatBrowse [MD5.ADA29CA7063D21B930B2A3263CD17F1C] - (.BatBrowse - BatBrowse.) -- C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe [65824] [PID.2916] =>PUP.BatBrowse [MD5.CAB0EEAF5295FC96DDD3E19DCE27E131] - (.TOSHIBA CORPORATION - ConfigFree Service Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [46448] [PID.5632] [MD5.CC3775100ABA633984F73DFAE1F55CAE] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.524] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\iam3er7k.default\prefs.js M3 - MFPP: Plugins - [Chris] -- C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\iam3er7k.default\searchplugins\amazon.xml ~ Firefox Browser: 7 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: BatBrowse [64Bits] - {b67b3dbb-c1c9-49d2-b016-2748b0b5017e} . (.BatBrowse - BatBrowse.) -- C:\Program Files (x86)\BatBrowse\BatBrowsebho.dll =>PUP.BatBrowse ~ BHO: 9 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\QuickLaunch [Chris]: Beamrise.lnk . (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise O4 - GS\QuickLaunch [Chris]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [Chris]: LRPGN-Ic@re.lnk . (...) -- D:\LRPGN\LRPGN.exe O4 - GS\QuickLaunch [Chris]: PhotoScape.lnk . (...) -- C:\Users\Chris\Documents\PhotoScape\PhotoScape.exe O4 - GS\QuickLaunch [Chris]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\TaskBar [Chris]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [Chris]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Chris\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - GS\Program [Chris]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [Chris]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [Chris]: Facebook.lnk . (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe http://search2.beamrise.com =>Hijacker.Beamrise O4 - GS\Desktop [Chris]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [Chris]: Nettoyez votre registre gratuitement!.lnk - Clé orpheline O4 - GS\Desktop [Chris]: Ordinateur - Raccourci.lnk - Clé orpheline O4 - GS\Desktop [Chris]: PhotoScape.lnk . (...) -- C:\Users\Chris\Documents\PhotoScape\PhotoScape.exe O4 - GS\Desktop [Chris]: Pinterest.lnk . (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe http://search2.beamrise.com =>Hijacker.Beamrise ~ Global Startup: 64 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe O4 - HKLM\..\Run: [SmartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe O4 - HKLM\..\Run: [SmartFaceVWatcher] C:\Program Files (x86)\Toshiba\SmartFaceV\SmartFaceVWatcher.exe (.not file.) O4 - HKLM\..\Run: [Teco] C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe (.not file.) O4 - HKLM\..\Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe (.not file.) O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe =>.Toshiba Corporation O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe O4 - HKCU\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe =>.Toshiba Corporation O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [Beamrise] . (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [lxdvmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvmon.exe O4 - HKLM\..\Wow6432Node\Run: [lxdvamon] . (.Pas de propriétaire - Printer Card Transfer Monitor.) -- C:\Program Files (x86) (x86)\Lexmark X5400 Series\lxdvamon.exe O4 - HKLM\..\Wow6432Node\Run: [CardDetectorHUAWEI1752_1552] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\CardDetector\HUAWEI1752_1552\CardDetector.exe O4 - HKLM\..\Wow6432Node\Run: [BEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- C:\Program Files (x86)\Orange\IEWInternet\SessionManager\SessionManager.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKLM\..\Wow6432Node\Run: [Monitor] C:\Users\Chris\Documents\Mes fichiers reçus\LeapFrog Connect\Monitor.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe =>.Toshiba Corporation O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe =>.Toshiba Corporation O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [HP Deskjet 3050A J611 series (NET)] . (.Hewlett-Packard Co. - ScanToPCActivationApp.) -- C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe =>.Hewlett-Packard Co O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Chris\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-981523513-1740632741-3645543073-1001\..\Run: [Beamrise] . (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise ~ Application: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{182FC27A-B65B-4FDE-B0AA-9C7A2176270B}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{4685D478-643C-4275-8901-E6683160EBC9}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CCS\Services\Tcpip\..\{7511D80F-1B90-456B-A20E-1B41D7BF8493}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{917E8AFA-8395-4CCF-A862-65E7D57FA303}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{AF08A5BC-1D1E-4D98-B78B-5BCEB56CFC99}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS1\Services\Tcpip\..\{182FC27A-B65B-4FDE-B0AA-9C7A2176270B}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS1\Services\Tcpip\..\{4685D478-643C-4275-8901-E6683160EBC9}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS1\Services\Tcpip\..\{7511D80F-1B90-456B-A20E-1B41D7BF8493}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{917E8AFA-8395-4CCF-A862-65E7D57FA303}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{AF08A5BC-1D1E-4D98-B78B-5BCEB56CFC99}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS2\Services\Tcpip\..\{182FC27A-B65B-4FDE-B0AA-9C7A2176270B}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS2\Services\Tcpip\..\{4685D478-643C-4275-8901-E6683160EBC9}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CS2\Services\Tcpip\..\{7511D80F-1B90-456B-A20E-1B41D7BF8493}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{917E8AFA-8395-4CCF-A862-65E7D57FA303}: DhcpNameServer = 192.168.1.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{AF08A5BC-1D1E-4D98-B78B-5BCEB56CFC99}: DhcpNameServer = 192.168.10.110 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (.not file.) =>Toolbar.Conduit ~ AppInit DLL: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: LeapFrog Connect Device Service (LeapFrog Connect Device Service) . (...) - C:\Users\Chris\Documents\Mes fichiers reçus\LeapFrog Connect\CommandService.exe (.not file.) O23 - Service: Update BatBrowse (Update BatBrowse) . (.BatBrowse - BatBrowse.) - C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe =>PUP.BatBrowse O23 - Service: Util BatBrowse (Util BatBrowse) . (.BatBrowse - BatBrowse.) - C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe =>PUP.BatBrowse ~ Services: 17 Legitimates Filtered in 00mn 04s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk /r \??\C:) - File not found ~ BEX: 2 Legitimates Filtered in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.14BD428A057C8D2FBFFCB2897CF3EA0F] [APT] [{432ED3A1-A0FD-4913-9025-31195293C6C2}] (...) -- C:\lexmark\drivers\X5400\Setup.exe [307880] [MD5.00000000000000000000000000000000] [APT] [{9CABDC61-CE96-4AD9-8B49-67F73CCD5F7B}] (...) -- F:\Internet_Download_Manager_5.18_build_8_Inclus_Patch___Serial_-_Majax31\Internet Download Manager\Uninstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{F0521ED3-8C91-4A21-AF54-E49C73C43FAE}] (...) -- C:\Users\Chris\Downloads\install_flash_player_ax.exe (.not file.) [0] ~ Scheduled Task: 19 Legitimates Filtered in 00mn 04s ---\\ Logiciels installés (O42) O42 - Logiciel: BatBrowse 1.0.0 - (.BatBrowse.) [HKLM][64Bits] -- BatBrowse =>PUP.BatBrowse O42 - Logiciel: Beamrise - (.Beamrise.) [HKCU][64Bits] -- Beamrise =>Hijacker.Beamrise O42 - Logiciel: Iminent - (.Iminent.) [HKLM][64Bits] -- {BC8BD878-91A4-4EDD-898F-68E0573468B4} =>Adware.IMBooster O42 - Logiciel: LRPGN - (.Communauté e-c@re.) [HKLM][64Bits] -- 1ADA18FF-87F8-54F1-7898-46226F8D0C2F ~ Logic: 145 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\APN] [HKCU\Software\BatBrowse] =>PUP.BatBrowse [HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals [HKLM\Software\Wow6432Node\APN] [HKLM\Software\Wow6432Node\BatBrowse] =>PUP.BatBrowse [HKLM\Software\Wow6432Node\BonanzaDeals] =>Adware.BonanzaDeals [HKLM\Software\Wow6432Node\LRPGN] ~ Key Software: 237 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 31/10/2013 - 10:12:45 - [2,264] ----D C:\Program Files (x86)\BatBrowse =>PUP.BatBrowse O43 - CFD: 25/04/2013 - 17:52:49 - [0,192] ----D C:\Users\Chris\AppData\Local\APN O43 - CFD: 31/10/2013 - 16:57:24 - [319,251] ----D C:\Users\Chris\AppData\Local\Beamrise =>Hijacker.Beamrise O43 - CFD: 31/10/2013 - 16:57:13 - [0,876] ----D C:\Users\Chris\AppData\Local\BeamriseUninstall =>Hijacker.Beamrise O43 - CFD: 31/10/2013 - 16:57:14 - [0,006] ----D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beamrise =>Hijacker.Beamrise ~ 397 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 608 Legitimates Filtered in 00mn 43s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 30/10/2013 - 10:09:32 ---A- . (...) -- C:\Windows\SysNative\sasnative64.exe [16896] O44 - LFC:[MD5.CB8572E790FCE09714143741C20E9934] - 30/10/2013 - 10:09:32 ---A- . (...) -- C:\Windows\System32\sasnative64.exe [16896] O44 - LFC:[MD5.D65F491938DB7527776BDE77D2849FB0] - 31/10/2013 - 17:18:26 ---A- . (...) -- C:\Windows\SysNative\rpcnetp.exe [17920] O44 - LFC:[MD5.D65F491938DB7527776BDE77D2849FB0] - 31/10/2013 - 17:18:26 ---A- . (...) -- C:\Windows\System32\rpcnetp.exe [17920] ~ Files: 19 Legitimates Filtered in 00mn 03s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{1be681e6-f117-11e0-be58-e839dfc02f8a}\AutoRun\command. (...) -- F:\Setup.exe (.not file.) O51 - MPSK:{abca1c0f-f053-11e0-9689-e839dfc02f8a}\AutoRun\command. (...) -- F:\AutoRunCardDetector.exe (.not file.) O51 - MPSK:{d6922d68-f0ac-11e0-91b9-00266c93f3cb}\AutoRun\command. (...) -- G:\Setup.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1 ~ MWPS: 17 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 25/10/2010 - 10:10:22 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552] O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392] ~ Drivers: 17 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise ~ FASS Keys: 19 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The Beamrise Authors - Beamrise.) -- C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Chris\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {27D3D0B9-BAC1-47A8-AFE4-C4FCC0DD14CB} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} [DefaultScope] - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKCU] {A32F15C6-0E11-4ABE-8C10-9D7221BF3664} - (eBay) - http://rover.ebay.com =>Toolbar.eBay ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][30/10/2013] (...) -- C:\Users\Chris\AppData\Local\Temp\BackupSetup.exe [10355400] [MD5.32DCED18FFFEA0035E4FA975CA0AE8BE] [SPRF][22/04/2013] (.The Software Group - Software Update Setup.) -- C:\Users\Chris\AppData\Local\Temp\BoxoreInstaller.exe [620656] =>Adware.Boxore [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nsb152D.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nsb17EC.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nsl1B85.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nslEE1A.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nslF398.exe [167812] =>Toolbar.Conduit [MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][06/10/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Chris\AppData\Local\Temp\nswF0CA.exe [167812] =>Toolbar.Conduit [MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][19/10/2013] (...) -- C:\Users\Chris\AppData\Local\Temp\Quarantine.exe [344355] [MD5.6B50EF2119FAFABB60F6FB4C249E2CA0] [SPRF][18/10/2013] (.Conduit - Search Protect by Conduit.) -- C:\Users\Chris\AppData\Local\Temp\SPSetup.exe [5651608] =>Toolbar.Conduit [MD5.9FB9D49C2DB7EDD1084AB765D619F5C6] [SPRF][18/10/2013] (.Conduit - Search Protect by conduit.) -- C:\Users\Chris\AppData\Local\Temp\uttC1D9.tmp.exe [66368] =>Toolbar.Conduit [MD5.24AEB20C4D857A431FE82AAC1A95C005] [SPRF][18/10/2013] (.BitTorrent Inc. - µTorrent.) -- C:\Users\Chris\AppData\Local\Temp\uttF25B.tmp.exe [902736] =>P2P.BitTorrent [MD5.8C27D71B2F6719136407C525ECF18D51] [SPRF][31/10/2013] (...) -- C:\Users\Chris\Desktop\adwcleaner.exe [1060070] ~ Files: 15 Legitimates Filtered in 00mn 02s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{7F47FA79-614E-46FC-87B7-49D50C9A123F}" |In - Private - P6 - TRUE | .(...) -- C:\Users\Chris\AppData\Local\Temp\Update_9fd2.exe (.not file.) O87 - FAEL: "{4049ECBA-7F01-4309-9021-E3C4D3BE3338}" |In - Private - P17 - TRUE | .(...) -- C:\Users\Chris\AppData\Local\Temp\Update_9fd2.exe (.not file.) O87 - FAEL: "{818337B8-1A57-48DA-BDD5-2A20AD38AEAE}" |In - None - P17 - TRUE | .(...) -- E:\setup\hpznui40.exe (.not file.) O87 - FAEL: "{74D95EE3-4B92-4F08-9D6A-3CED6532E7EA}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HP\hp software update\hpwucli.exe (.not file.) =>.Hewlett-Packard Co O87 - FAEL: "{3070F9A8-6C6A-49CB-BCE7-B21C838D04A8}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster O87 - FAEL: "{71CB62C3-CEFF-4CD3-A424-76B2AF407210}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster O87 - FAEL: "{931037EE-F3E7-4969-89CF-2A0897467A8F}" |In - None - P17 - TRUE | .(...) -- C:\Users\Chris\Documents\Mes fichiers reçus\LeapFrog Connect\LeapfrogConnect.exe (.not file.) ~ Firewall: 240 Legitimates Filtered in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "3E9A223DB85706D47A4C568CF83D870D" . (.Bing Bar.) -- C:\Windows\Installer\{D322A9E3-758B-4D60-A7C4-65C88FD378D0}\icon_installer_ico =>Toolbar.Bing O90 - PUC: "878DB8CB4A19DDE498F8860E7543864B" . (.Iminent.) -- C:\Windows\Installer\{BC8BD878-91A4-4EDD-898F-68E0573468B4}\imbooster.ico =>Adware.IMBooster O90 - PUC: "EB525538DB364CE4495200ECDA84942C" . (.Widestream6.) -- C:\Windows\Installer\{835525BE-63BD-4EC4-9425-00CEAD4849C2}\ARPPRODUCTICON.exe =>Adware.SPointer ~ Update Products: 148 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.E32A1A1B9CC600CF062E0E429925841A] [WIS][16/08/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\2990f14.msi [1974272] =>Adware.Boxore [MD5.571DC77B42EA4B9313BD829B904A6E8C] [WIS][02/12/2012] (.Iminent - Iminent.) -- C:\Windows\Installer\4a75c1.msi [10543104] =>Adware.IMBooster ~ WIS: 153 Legitimates Filtered in 00mn 23s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 10/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 26/04/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 26/08/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SS - | Auto 26/08/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SS - | Disabled 26/08/2013 589368 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.exe SS - | Auto 23/07/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe SR - | Demand 23/07/2013 240288 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe SR - | Auto 25/08/2009 77824 | C:\Program Files (x86)\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files (x86)\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 22/02/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 22/02/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 26/07/2013 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Auto 10/07/1658 0 | (LeapFrog Connect Device Service) . (...) - C:\Users\Chris\Documents\Mes fichiers reçus\LeapFrog Connect\CommandService.exe SR - | Auto 03/03/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Demand 01/10/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SS - | Auto 25/07/2013 162672 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Auto 28/07/2009 140632 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe SR - | Auto 05/12/2012 92632 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 06/04/2010 258928 | (TOSHIBA eco Utility Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TECO\TecoService.exe =>.Toshiba Corporation SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe SR - | Demand 23/02/2010 835952 | (TPCHSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe SR - | Auto 03/03/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SR - | Auto 22/10/2013 65824 | (Update BatBrowse) . (.BatBrowse.) - C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe =>PUP.BatBrowse SR - | Auto 31/10/2013 65824 | (Util BatBrowse) . (.BatBrowse.) - C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe =>PUP.BatBrowse SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 24s ---\\ Scan Additionnel (O88) Database Version : 12965 - (30/10/2013) Clés trouvées (Keys found) : 57 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 27 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B67B3DBB-C1C9-49D2-B016-2748B0B5017E}] =>PUP.BatBrowse^ [HKLM\SYSTEM\CurrentControlSet\Services\Update BatBrowse] =>PUP.BatBrowse^ [HKLM\SYSTEM\CurrentControlSet\Services\Util BatBrowse] =>PUP.BatBrowse^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BatBrowse] =>PUP.BatBrowse^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Beamrise] =>Hijacker.Beamrise^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC8BD878-91A4-4EDD-898F-68E0573468B4}] =>Adware.IMBooster^ [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC8BD878-91A4-4EDD-898F-68E0573468B4}] =>Adware.IMBooster [HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\878DB8CB4A19DDE498F8860E7543864B] =>Adware.IMBooster [HKLM\Software\Classes\Installer\Products\878DB8CB4A19DDE498F8860E7543864B] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\878DB8CB4A19DDE498F8860E7543864B] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Installer\Features\878DB8CB4A19DDE498F8860E7543864B] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Installer\Products\878DB8CB4A19DDE498F8860E7543864B] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask [HKLM\Software\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer [HKLM\Software\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer [HKLM\Software\Wow6432Node\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9] =>Adware.MyWebSearch [HKCU\Software\APN] =>Toolbar.Ask [HKLM\Software\Wow6432Node\APN] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2] =>Toolbar.Ask [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322202202}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220322532229}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422412258}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322202202}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322532229}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422412258}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Beamrise =>Hijacker.Beamrise^ C:\Program Files (x86)\BatBrowse =>PUP.BatBrowse^ C:\Users\Chris\AppData\Local\Beamrise =>Hijacker.Beamrise^ C:\Users\Chris\AppData\Local\BeamriseUninstall =>Hijacker.Beamrise^ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Beamrise =>Hijacker.Beamrise^ C:\Users\Chris\AppData\Local\Software =>Adware.Boxore C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eppeebfgcgojgpffkdcpiljephjaboki =>Adware.SPointer C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa =>Spyware.SmartDisplay C:\Users\Chris\AppData\Local\Beamrise\Application\beamrise.exe =>Hijacker.Beamrise^ C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe =>PUP.BatBrowse^ C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe =>PUP.BatBrowse^ [HKCU\Software\BatBrowse] =>PUP.BatBrowse^ [HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals^ [HKLM\Software\Wow6432Node\BatBrowse] =>PUP.BatBrowse^ [HKLM\Software\Wow6432Node\BonanzaDeals] =>Adware.BonanzaDeals^ C:\Users\Chris\AppData\Local\Temp\BoxoreInstaller.exe =>Adware.Boxore^ C:\Users\Chris\AppData\Local\Temp\nsb152D.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\nsb17EC.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\nsl1B85.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\nslEE1A.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\nslF398.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\nswF0CA.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\SPSetup.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\uttC1D9.tmp.exe =>Toolbar.Conduit^ C:\Users\Chris\AppData\Local\Temp\uttF25B.tmp.exe =>P2P.BitTorrent^ C:\Windows\Installer\2990f14.msi =>Adware.Boxore^ C:\Windows\Installer\4a75c1.msi =>Adware.IMBooster^ ~ Additionnel Scan: 275773 Items scanned in 00mn 24s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/34065742-hijacker-beamrise =>Hijacker.Beamrise ~ http://nicolascoolman.webs.com/apps/blog/show/34726799-pup-batbrowse =>PUP.BatBrowse ~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/32816468-adware-bonanzadeals =>Adware.BonanzaDeals ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/34702976-toolbar-ebay =>Toolbar.eBay ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay ~ MSI: 17 link(s) detected in 00mn 24s ~ 1647 Legitimates filtered by white list End of the scan (640 lines in 02mn 17s)(0)