~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman  (25/01/2014)
~ Lancé par manu (01/02/2014 12:10:15)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 15.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Ultimate, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : HYRR2
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.09 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 Plugin
Adobe Reader X
Java 7 Update 51

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (42% free)
System Restore: Activé (Enable)
System drive C: has 48 GB (33%) free of 145 GB

---\\ Mode de connexion au système
~ Computer Name: MANU-PC
~ User Name: manu
~ All Users Names: manu, HomeGroupUser$, Guest, Christine, Administrator, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\manu\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\manu\AppData\Roaming\
~ %Desktop% : C:\Users\manu\Desktop\
~ %Favorites% : C:\Users\manu\Favorites\
~ %LocalAppData% : C:\Users\manu\AppData\Local\
~ %StartMenu% : C:\Users\manu\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 48 Go of 145 Go)
D: Hard drive, Flash drive, Thumb drive (Free 30 Go of 291 Go)
E: Hard drive, Flash drive, Thumb drive (Free 1 Go of 7 Go)
F: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 42 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DE03C917EDED2A999C942A4F943D3068] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.28/02/2012 - 07:39:37.) -- C:\Windows\System32\wininet.dll [1188864]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/457
~ Mes musiques (My Musics) : 9/32
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 11/583
~ Mon Bureau (My Desktop) : 2/255
~ Menu demarrer (Programs) : 1/40
~ Hidden Files:  Scanned in 00mn 03s



---\\ Processus lancés
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe   [684600] [PID.3536]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.3564]
[MD5.8C35F5380E57EA4DC2E75532FF47E475] - (...) -- C:\Program Files (x86)\fst_fr_33\fst_fr_33.exe   [11671024] [PID.3664]  =>PUA.FSTfr9
[MD5.9B593137FBCC7C1E5D0E4A422749D9A5] - (.Google Inc. - Google Chrome.) -- C:\Users\manu\AppData\Local\Google\Chrome\Application\chrome.exe   [866584] [PID.4628]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8339968] [PID.412]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe   [440376] [PID.1452]
[MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe   [759048] [PID.1604]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65432] [PID.1692]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe   [440376] [PID.1712]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe   [335872] [PID.1856]
[MD5.6B220CC1B8EB7F8723F5082F4A990B3C] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe   [31408] [PID.1912]
[MD5.4D05898896EC49CF663DDA61041AB096] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe   [272024] [PID.1940]
[MD5.9F712B26EE3B0242DE997A42FD302E2C] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe   [3275136] [PID.2008]
~ Processes Running:  Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\manu\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [giacfgjdclhnmkacnfbaljbmpnelflol] iVIDI.org plugin v.1.3 (Désactivé) =>PUP.Ividi
G2 - GCE: Preference [User Data\Default] [idhngdhcfkoamngbedgpaokgjbnpdiji] RealNetworks Downloader Extension v.1.0 (Désactivé)
G2 - GCE: Preference [User Data\Default] [kbjlipmgfoamgjaogmbihaffnpkpjajp] Bubble Dock v.1.0.0.130 (Désactivé) =>PUP.BubbleDock
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 19 Legitimates Filtered in 00mn 11s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\manu\AppData\Roaming\Mozilla\Firefox\Profiles\33ucsyfu.default\prefs.js
M2 - MFEP: prefs.js [manu - 33ucsyfu.default\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com] [] Services x86 v (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [manu - 33ucsyfu.default\@FissaPlugin] [] Fissa v1.0 (..) =>PUP.OfferBox
M2 - MFEP: prefs.js [manu - 33ucsyfu.default\crossriderapp12767@crossrider.com] [] Tiger Savings v1.0 (..) =>PUP.SpecialSavings
M2 - MFEP: prefs.js [manu - 33ucsyfu.default\ScorpionSaver@jetpack] [] ScorpionSaver v5.0 (..) =>PUP.ScorpionSaver
M2 - MFEP: prefs.js [manu - 33ucsyfu.default\{941E9C01-F8E0-493E-B814-E693BC99A1A1}] [] Notificatoin v1.0.0 (..)
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (...) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (.not file.)
~ Firefox Browser: 35 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EF79F67A-6AD7-4715-A0F8-932FCA442023} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Digital Photo Navigator 1.5.lnk . (.Victor Company of Japan, Ltd. - Digital Photo Navigator.)  -- C:\Program Files (x86)\Digital Photo Navigator 1.5\PH_NV15.exe 
O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.)  -- C:\Windows\twain_32\escndv\escndv.exe 
O4 - GS\Desktop [Public]: ManiaPlanet.lnk . (...)  -- C:\Program Files (x86)\ManiaPlanet\ManiaPlanetLauncher.exe
O4 - GS\Desktop [Public]: MuseScore.lnk . (...)  -- C:\Program Files (x86)\MuseScore\bin\mscore.exe
O4 - GS\Desktop [Public]: Pinnacle VideoSpin.lnk . (.Pinnacle Systems - Pinnacle VideoSpin program file.)  -- C:\Program Files (x86)\Pinnacle\VideoSpin\Programs\VideoSpin.exe 
O4 - GS\Desktop [Public]: PowerCinema NE for Everio.lnk . (.CyberLink Corp. - CyberLink PowerCinema Main Program.)  -- C:\Program Files (x86)\CyberLink\PCM4Everio\PCM4Everio.exe 
O4 - GS\Program [Public]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\QuickLaunch [manu]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.)  -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe 
O4 - GS\QuickLaunch [manu]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [manu]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\QuickLaunch [manu]: Vuze.lnk . (...)  -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus
O4 - GS\TaskBar [manu]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\manu\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar [manu]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\Program [manu]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [manu]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [manu]: Webplayer.lnk . (...)  -- C:\Users\manu\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_3F7CDAE07E1639C4AEA7A8.exe
O4 - GS\SystemTools [manu]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [manu]: book.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\manu\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop [manu]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.)  -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe 
O4 - GS\Desktop [manu]: Minecraft.lnk . (...)  -- C:\Users\manu\AppData\Roaming\.minecraft\MinecraftLauncher.jar 
O4 - GS\Desktop [manu]: Photo Collage Master.lnk . (...)  -- C:\Program Files (x86)\Photo Collage Master\photocollage.exe (.not file.)
O4 - GS\Desktop [manu]: Start Minecraft Cracked.lnk . (...)  -- C:\Users\manu\AppData\Roaming\.minecraft\Minecraft Cracked.exe (.not file.)
O4 - GS\Desktop [manu]: Webplayer.lnk . (...)  -- C:\Users\manu\AppData\Roaming\Microsoft\Installer\{9937E55B-6331-4804-93EF-77E992F204BD}\_481820CA410C366184E158.exe
O4 - GS\QuickLaunch [Christine]: IncrediMail 2.0.lnk . (...)  -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (.not file.)
O4 - GS\QuickLaunch [Christine]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\TaskBar [Christine]: google chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\manu\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Program [Christine]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Program [Christine]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\SystemTools [Christine]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Desktop [Christine]: adwcleaner - Raccourci.lnk . (...)  -- C:\Users\manu\Desktop\adwcleaner.exe (.not file.)
O4 - GS\Desktop [Christine]: Métronimo Solfège.lnk . (...)  -- C:\Program Files (x86)\metronimo\Msolfege\Msolfege.exe
O4 - GS\Desktop [Christine]: Rythmonimo.lnk . (.Metronimo - Jeux pour apprendre le rythme.)  -- C:\Program Files (x86)\metronimo\rythmonimo\rythmonimo.exe 
O4 - GS\Desktop [Christine]: Sarbacane 3.lnk . (.Sarbacane Software - Sarbacane 3.)  -- C:\Program Files (x86)\Sarbacane software\Sarbacane 3\Sarbacane 3.exe 
O4 - GS\Desktop [Christine]: SPC 200NC - Raccourci.lnk - Clé orpheline
~ Global Startup: 106 Legitimates Filtered in 00mn 06s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKCU\..\Run: [EPSON SX218 Series (Copy 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.exe  =>.Epson Seiko Corporation
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\manu\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [fst_fr_33] . (...) -- C:\Program Files (x86)\fst_fr_33\fst_fr_33.exe =>PUA.FSTfr9
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe  =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4167101601-2050720487-1441536221-1000\..\Run: [EPSON SX218 Series (Copy 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGDE.exe  =>.Epson Seiko Corporation
O4 - HKUS\S-1-5-21-4167101601-2050720487-1441536221-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\manu\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
~ Application:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9E80109C-BE28-47B6-A0B4-28173F260082}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{9E80109C-BE28-47B6-A0B4-28173F260082}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{9E80109C-BE28-47B6-A0B4-28173F260082}: DhcpNameServer = 192.168.0.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{2A340B87-502E-40A4-BA69-0476E584AD39}] (...) -- G:\AutoPlay\Docs\JoinMEPlay\setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{303195D9-1231-4C0E-B531-9B0191C66908}] (...) -- C:\Program Files (x86)\Steam\steam.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{6099A2E4-5106-41DB-A284-CEF680BF10DA}] (...) -- C:\Users\manu\Desktop\Combatarms_eu.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A1C7D2BD-67C7-437A-A276-0F84D3E06EC2}] (...) -- C:\Program Files (x86)\Free Ride Games\Uninstall.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{E9B3107C-6629-4677-BDAF-8AE34946A167}] (...) -- C:\Remote Programs\Azteca\GPlrLanc.exe (.not file.)   [0]
~ Scheduled Task: 36 Legitimates Filtered in 00mn 33s



---\\ Logiciels installés (O42)
O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM][64Bits] -- {0F36B254-FB44-4859-8917-83778F120A7C} =>Adware.Boxore
O42 - Logiciel: LilyPond - (...) [HKLM][64Bits] -- LilyPond
O42 - Logiciel: Programme Votre Opinion - (.Votre Opinion.) [HKLM][64Bits] -- {D5EA1755-1899-4380-A4BA-83840648CBDA}
O42 - Logiciel: Rythmonimo - (...) [HKCU][64Bits] -- Rythmonimo
O42 - Logiciel: ScorpionSaver - (.Adpeak, Inc..) [HKLM][64Bits] -- {273E1F1A-7B1A-436C-A783-A4A8C97AD036} =>PUP.ScorpionSaver
O42 - Logiciel: ScorpionSaver Services - (.Adpeak, Inc..) [HKLM][64Bits] -- {6E810AB6-F34E-49A3-A93F-9E503660F718} =>PUP.ScorpionSaver
O42 - Logiciel: fst_fr_33 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_33_is1 =>PUA.FSTfr9
O42 - Logiciel: fst_fr_50 - (.FREESOFTTODAY.) [HKLM][64Bits] -- fst_fr_50_is1 =>PUA.FSTfr9
~ Logic: 30 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adpeak, Inc.]
[HKCU\Software\IncrediMail]
[HKCU\Software\LetsTunes]
[HKCU\Software\Pando Networks]
[HKLM\Software\Adpeak, Inc.]
[HKLM\Software\LevelQualityWatcher]
[HKLM\Software\Scorpion Saver]
[HKLM\Software\Wow6432Node\LimeWire]
~ Key Software: 336 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/01/2014 - 13:38:30 - [12,208] ----D C:\Program Files (x86)\fst_fr_33 =>PUA.FSTfr9
O43 - CFD: 18/01/2014 - 14:47:26 - [4,376] ----D C:\Program Files (x86)\fst_fr_50 =>PUA.FSTfr9
O43 - CFD: 11/04/2011 - 22:16:08 - [76,726] ----D C:\Program Files (x86)\LilyPond
O43 - CFD: 09/10/2011 - 18:31:38 - [68,587] ----D C:\Program Files (x86)\LimeWire
O43 - CFD: 30/11/2013 - 18:10:28 - [0] ----D C:\Program Files (x86)\Notificatoin
O43 - CFD: 31/12/2012 - 14:02:14 - [0] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 28/03/2011 - 17:27:39 - [0,087] ----D C:\Program Files (x86)\Votre Opinion
O43 - CFD: 03/02/2011 - 10:01:55 - [0,001] ----D C:\ProgramData\EMA
O43 - CFD: 07/09/2010 - 18:53:11 - [0] ----D C:\ProgramData\IM
O43 - CFD: 07/09/2010 - 18:52:09 - [0,021] ----D C:\ProgramData\IncrediMail
O43 - CFD: 19/05/2011 - 16:17:59 - [0,001] ----D C:\Users\manu\AppData\Roaming\letstunes
O43 - CFD: 09/10/2011 - 18:26:56 - [22,433] ----D C:\Users\manu\AppData\Roaming\LimeWire
O43 - CFD: 28/01/2014 - 13:38:32 - [0] ----D C:\Users\manu\AppData\Local\fst_fr_33 =>PUA.FSTfr9
O43 - CFD: 29/01/2014 - 06:34:15 - [9,150] ----D C:\Users\manu\AppData\Local\fst_fr_50 =>PUA.FSTfr9
O43 - CFD: 17/01/2014 - 19:31:10 - [1,224] ----D C:\Users\manu\AppData\Local\genienext
O43 - CFD: 07/09/2010 - 18:54:53 - [570,666] ----D C:\Users\manu\AppData\Local\IM
O43 - CFD: 28/03/2011 - 17:27:40 - [7,073] ----D C:\Users\manu\AppData\Local\Votre Opinion
O43 - CFD: 28/03/2011 - 17:27:40 - [0,003] ----D C:\Users\manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Votre Opinion
~ 553 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 802 Legitimates Filtered in 01mn 19s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{2287f21b-8020-11e1-a78b-001bb9b73b5d}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{2287f223-8020-11e1-a78b-001bb9b73b5d}\AutoRun\command. (...) -- L:\AutoRun.exe (.not file.)
O51 - MPSK:{33f6bc8c-bbca-11df-8053-001bb9b73b5d}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.)
~ Keys:  Scanned in 04mn 42s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys   [530496]
O58 - SDL:[MD5.CD46F1AD4B1E758A81AED784899648BC] - 27/06/2012 - 09:37:56 ---A- . (.Danish Wireless Design A/S - USB driver for Flash Loader Utility.) -- C:\Windows\System32\Drivers\flashusb.sys   [19968]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys   [31232]
O58 - SDL:[MD5.9B4B4838A6C8DC97416581C13CB6482C] - 15/07/2011 - 13:10:10 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys   [18456]
O58 - SDL:[MD5.B51D1DA59AD8174E1C5E1F30ED02E93B] - 19/01/2008 - 18:47:00 R--A- . (.Primax Electronics Ltd. - Mouse Suite Driver (For Windows 2000 and Whistler Only).) -- C:\Windows\System32\Drivers\PELMOUSE.SYS   [35840]
O58 - SDL:[MD5.98AFF2FA7BCF27FE0AF70E59634B48CF] - 27/03/2008 - 12:10:00 R--A- . (.Primax Electronics Ltd. - PS/2 Mouse Filter Driver (For Windows 2000 Only).) -- C:\Windows\System32\Drivers\PELPS2M.SYS   [25088]
O58 - SDL:[MD5.CEA613F892F7FDBB33DFA88C38916515] - 03/06/2008 - 17:54:38 R--A- . (.Primax Electronics Ltd. - USB Mouse Low Filter Driver.) -- C:\Windows\System32\Drivers\PELUSBLF.SYS   [27648]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise  SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys   [24656]
O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 10/05/2011 - 07:06:08 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [51712]
O58 - SDL:[MD5.99217BD11BEE7F21E873F6E39B93AAFD] - 06/06/2006 - 04:45:24 ---A- . (.VM - Video streaming and Capture Device Driver.) -- C:\Windows\System32\Drivers\usbVM31b.sys   [432512]
~ Drivers: 16 Legitimates Filtered in 00mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: <Google Chrome.manu> <Google Chrome>[HKLM\..\Shell\open\Command] (...) --  C:\Users\manu\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.qvo6.com =>Hijacker.Qvo6
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {8CDB9F36-85E6-4D37-8376-22A0B30BA0E5} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {EDDC6763-B0FF-4CE0-9B85-A9EEE1D85DAB} - (Google) - http://www.google.com
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\manu\AppData\Local\Temp\Quarantine.exe   [344355]
[MD5.A95663408ABFBA0E630905AD972B99D8] [SPRF][07/08/2013] (...) -- C:\Users\manu\Desktop\cc_20130807_225429.reg   [16384]
~ Files: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{51418BC9-18E6-4D00-9954-2EC058240383}" | In - Private - P6 - FALSE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe
O87 - FAEL: "{9D3FFB60-7F27-4A48-AEAE-0BAE665E4C30}" | In - Private - P17 - FALSE | .(.Lime Wire, LLC - LimeWire.) -- C:\Program Files (x86)\LimeWire\LimeWire.exe
~ Firewall: 269 Legitimates Filtered in 00mn 03s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "452B63F044BF958498713877F821A0C7" . (.Boxore Client.) -- C:\Windows\Installer\{0F36B254-FB44-4859-8917-83778F120A7C}\boxore.ico =>Adware.Boxore
O90 - PUC: "6BA018E6E43F3A949AF3E90563067F81" . (.ScorpionSaver Services.) -- c:\Windows\Installer\{6E810AB6-F34E-49A3-A93F-9E503660F718}\icon64.ico =>PUP.ScorpionSaver
O90 - PUC: "A1F1E372A1B7C6347A384A8A9CA70D63" . (.ScorpionSaver.) -- c:\Windows\Installer\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}\icon64.ico =>PUP.ScorpionSaver
O90 - PUC: "BA172DB42E6685D4FA8808EFB370074C" . (.Fissa.) -- C:\Windows\Installer\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}\ARPPRODUCTICON.exe =>PUP.OfferBox
~ Update Products: 96 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.363B4ECD444606CF8A4D938EE599CB64] [WIS][19/05/2011] (.Secure Digital Services - Fissa.) -- C:\Windows\Installer\146a39f.msi   [1294336]  =>PUP.OfferBox
[MD5.35344E29B90CC8D9F353A6632D65FF57] [WIS][28/03/2011] (.Votre Opinion - Programme d'installation de Votre Opinion.) -- C:\Windows\Installer\250444e.msi   [1115663]
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06/01/2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\2f8a6a34.msi   [3088384]
[MD5.79E6443F01B4B1C3B957AA38DDD564FF] [WIS][20/07/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\34f57e.msi   [45056]  =>Adware.Boxore
[MD5.47FE6777BC5F33EC9FB4A6741E96E665] [WIS][07/12/2013] (.Google, Inc. - Google Drive.) -- C:\Windows\Installer\8a15cfb.msi   [31694848]
~ WIS: 100 Legitimates Filtered in 00mn 22s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/01/2014 257928 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 16/09/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 16/09/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/05/2011 136120 |  (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 29/05/2013 114144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 |  (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des
SS - | Demand 30/12/2009 91136 |  (PanelSvc) . (...) - C:\Program Files (x86)\Votre Opinion\PanelApp\PanelSvc.exe
SS - | Auto 09/11/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/05/2009 759048 |  (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
SR - | Auto 18/12/2013 65432 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 04/08/2010 203264 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 20/12/2013 440376 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 28/11/2013 440376 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 14/09/2009 166400 |  (EPSON_EB_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.exe
SR - | Auto 14/09/2009 128512 |  (EPSON_PM_RPCV4_04) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.exe
SR - | Auto 02/12/2011 31408 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 19/12/2006 272024 |  (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 09/10/2013 3275136 |  (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services:  Scanned in 00mn 28s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 27
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 11
Fichiers trouvés  (Files found) : 3

[HKLM\Software\Google\Chrome\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol]   =>PUP.Ividi^
[HKLM\Software\Google\Chrome\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp]   =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F36B254-FB44-4859-8917-83778F120A7C}]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}]   =>PUP.ScorpionSaver^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6E810AB6-F34E-49A3-A93F-9E503660F718}]   =>PUP.ScorpionSaver^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_33_is1]   =>PUA.FSTfr9^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\fst_fr_50_is1]   =>PUA.FSTfr9^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ef79f67a-6ad7-4715-a0f8-932fca442023}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ef79f67a-6ad7-4715-a0f8-932fca442023}]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160]   =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24]   =>Adware.PredictAd
[HKLM\Software\Classes\Installer\Features\BA172DB42E6685D4FA8808EFB370074C]   =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Products\BA172DB42E6685D4FA8808EFB370074C]   =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA172DB42E6685D4FA8808EFB370074C]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Classes\Installer\Features\BA172DB42E6685D4FA8808EFB370074C]   =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Classes\Installer\Products\BA172DB42E6685D4FA8808EFB370074C]   =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\BittorrentBar_FR]   =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32]   =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8]   =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\38D5CDD0A851B3940A43CC50ABBA251C]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA]   =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC]   =>Adware.Boxore^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_33   =>PUA.FSTfr9^
C:\Users\manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\giacfgjdclhnmkacnfbaljbmpnelflol   =>PUP.Ividi^
C:\Users\manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbjlipmgfoamgjaogmbihaffnpkpjajp   =>PUP.BubbleDock^
C:\Users\manu\AppData\Roaming\Mozilla\Firefox\Profiles\33ucsyfu.default\extensions\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com   =>PUP.CrossRider^
C:\Users\manu\AppData\Roaming\Mozilla\Firefox\Profiles\33ucsyfu.default\extensions\@FissaPlugin   =>PUP.OfferBox^
C:\Users\manu\AppData\Roaming\Mozilla\Firefox\Profiles\33ucsyfu.default\extensions\crossriderapp12767@crossrider.com   =>PUP.SpecialSavings^
C:\Users\manu\AppData\Roaming\Mozilla\Firefox\Profiles\33ucsyfu.default\extensions\ScorpionSaver@jetpack   =>PUP.ScorpionSaver^
C:\Program Files (x86)\fst_fr_33   =>PUA.FSTfr9^
C:\Program Files (x86)\fst_fr_50   =>PUA.FSTfr9^
C:\Users\manu\AppData\Local\fst_fr_33   =>PUA.FSTfr9^
C:\Users\manu\AppData\Local\fst_fr_50   =>PUA.FSTfr9^
C:\Users\manu\AppData\Local\Software   =>Adware.Boxore
C:\Program Files (x86)\fst_fr_33\fst_fr_33.exe   =>PUA.FSTfr9^
C:\Windows\Installer\146a39f.msi   =>PUP.OfferBox^
C:\Windows\Installer\34f57e.msi   =>Adware.Boxore^
~ Additionnel Scan: 265279 Items scanned in 00mn 48s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9    =>PUA.FSTfr9
~ http://nicolascoolman.webs.com/apps/blog/show/33067902-pup-ividi   =>PUP.Ividi
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock   =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider   =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox   =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/26686441-pup-specialsavings   =>PUP.SpecialSavings
~ http://nicolascoolman.webs.com/apps/blog/show/show/36718501-pup-scorpionsaver   =>PUP.ScorpionSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy    =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6   =>Hijacker.Qvo6
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad   =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>PUP.Tarma
~ MSI: 14 link(s) detected in 00mn 48s



~ 1863 Legitimates filtered by white list
End of the scan (543 lines in 10mn 16s)(0)