cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.5.18.67 - Nicolas Coolman (18/05/2014)
~ Lancé par nino (19/05/2014 14:51:08)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Blog d'analyse software : http://nicolascoolman.byethost7.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Vista (TM) Home Premium, 64-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Windows Operating System - Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Security Client FR-FR Language Pack v2.1.1116.0

---\\ Logiciels d'optimisation du système
CCleaner v4.06

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader 8.3.1 - Français

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 13, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4093 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 426 GB (73%) free of 583 GB

---\\ Mode de connexion au système
~ Computer Name: PC-DE-NINO
~ User Name: nino
~ All Users Names: nino, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\nino\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\nino\AppData\Roaming\
~ %Desktop% : C:\Users\nino\Desktop\
~ %Favorites% : C:\Users\nino\Favorites\
~ %LocalAppData% : C:\Users\nino\AppData\Local\
~ %StartMenu% : C:\Users\nino\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 426 Go of 583 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 50 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.6B08E54A451B3F95E4109DBA7E594270] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 08:10:17.) -- C:\Windows\Explorer.exe [3079168]
[MD5.117EA87DF785CA1B9D821F6F213DCE07] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:50:23.) -- C:\Windows\System32\Wininit.exe [123904]
[MD5.56932FF02302B2A294A2221FF7FF1F06] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/03/2014 - 04:40:14.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.6D0773A3A65D28B663F334C90441D01A] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 08:11:08.) -- C:\Windows\System32\Winlogon.exe [405504]
[MD5.2BA159E1F9FD75F6A496742B20F1D9CF] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.04/09/2013 - 03:31:51.) -- C:\Windows\system32\Drivers\AFD.sys [404992]
[MD5.E68D9B3A3905619732F7FE039466A623] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 08:15:00.) -- C:\Windows\system32\Drivers\atapi.sys [20952]
[MD5.B4D787DB8D30793A4D4DF9FEED18F136] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:50:39.) -- C:\Windows\system32\Drivers\Cdfs.sys [90624]
[MD5.C025AA69BE3D0D25C7A2E746EF6F94FC] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 06:34:39.) -- C:\Windows\system32\Drivers\Cdrom.sys [79872]
[MD5.8B722BA35205C71E7951CDC4CDBADE19] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 16:14:19.) -- C:\Windows\system32\Drivers\DfsC.sys [97792]
[MD5.F942C5820205F2FB453243EDFEC82A3D] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 06:39:41.) -- C:\Windows\system32\Drivers\HDAudBus.sys [948736]
[MD5.CBB597659A2713CE0C9CC20C88C7591F] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:46:59.) -- C:\Windows\system32\Drivers\i8042prt.sys [64000]
[MD5.B7E6212F581EA5F6AB0C3A6CEEEB89BE] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:48:45.) -- C:\Windows\system32\Drivers\IpNat.sys [115712]
[MD5.1485811B320FF8C7EDAD1CAEBB1C6C2B] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:39:34.) -- C:\Windows\system32\Drivers\MRxSmb.sys [135680]
[MD5.FC2C792EBDDC8E28DF939D6A92C83D61] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 06:42:33.) -- C:\Windows\system32\Drivers\netBT.sys [248320]
[MD5.2ACCAA3C3C55370A32F17B3595E1A217] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:13:14.) -- C:\Windows\system32\Drivers\ntfs.sys [1513320]
[MD5.AECD57F94C887F58919F307C35498EA0] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 10:37:57.) -- C:\Windows\system32\Drivers\Parport.sys [96768]
[MD5.AC7BC4D42A7E558718DFDEC599BBFC2C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.11/04/2009 - 06:43:38.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.C045D1FB111C28DF0D1BE8D4BDA22C06] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:46:51.) -- C:\Windows\system32\Drivers\rdpdr.sys [314368]
[MD5.290B6F6A0EC4FCDFC90F5CB6D7020473] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 06:42:19.) -- C:\Windows\system32\Drivers\smb.sys [88064]
[MD5.458919C8C42E398DC4802178D5FFEE27] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 06:43:00.) -- C:\Windows\system32\Drivers\tdx.sys [94720]
[MD5.582F710097B46140F5A89A19A6573D4B] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:50:57.) -- C:\Windows\system32\Drivers\volsnap.sys [267648]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/50
~ Mes musiques (My Musics) : 7/139
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/32
~ Mes Documents (My Documents) : 2/455
~ Mon Bureau (My Desktop) : 1/932
~ Menu demarrer (Programs) : 1/34
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.66295B0D0FB2292C6D62904F5C3DE0B2] - (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe [561320] [PID.2204]
[MD5.095184B28B8414A6D2D09C1CE7C7B86F] - (.Orange - Executable Orange Inside.) -- C:\Users\nino\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1530520] [PID.2216]
[MD5.596C3DD487001E237CCE431EAE6F3EA0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144] [PID.2352]
[MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.2464]
[MD5.31EBC020D9B2D6239E2AF90BD48B6E60] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20587680] [PID.2488]
[MD5.6528D7D23AB7EE8374791E9666976429] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884248] [PID.2496]
[MD5.616593EE0D66C87912B57C5AE2A0C5CB] - (...) -- C:\Users\nino\AppData\Local\Genesis\Genesis.exe [3211264] [PID.2540] =>PUP.Genesis
[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.2588]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.2660]
[MD5.68BB0D0F31DAB67979C24218777F97EA] - (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe [1152296] [PID.2828]
[MD5.309C7161F58C75EE88B07F55CA858280] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [189736] [PID.2836]
[MD5.B6F6228AB545E2819A60C0D63A84E52E] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.2852]
[MD5.4334F0F2DDE36F1AF1B3200F88C1E155] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe [206120] [PID.2860]
[MD5.0B692C328AF648AD478A967C21DD7936] - (.Pas de propriétaire - AgentMon Application.) -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [391040] [PID.2896]
[MD5.08E7173D1B74095335052459200CB1EA] - (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe [421888] [PID.2928]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.2940]
[MD5.0A6E55FB7C79C89944D770FD0B907257] - (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [748736] [PID.2956] =>PUP.Mobogenie
[MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.2760]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\SysWOW64\conime.exe [69120] [PID.1372]
[MD5.DDB1C559E36063532ED1CBC101C17DA3] - (.Hewlett-Packard Company - KBD EXE.) -- C:\Program Files (x86)\Hewlett-Packard\KBD\kbd.exe [94208] [PID.2636]
[MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [PID.1216]
[MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [610304] [PID.4152]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.372]
[MD5.542459D16B416D054161007FC9B1246E] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032] [PID.5500]
[MD5.B1FB8BC16D0DB185202415E3083E745A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7877120] [PID.5888]
[MD5.221564CC7BE37611FE15EACF443E1BF6] - (.Apple Inc. - YSLoader.exe.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336] [PID.2528]
[MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3196]
[MD5.764BE9B8A5614F818597DB6F04EF6668] - (...) -- C:\Program Files (x86)\Mobogenie\MgAssist.exe [70848] [PID.3288] =>PUP.Mobogenie
[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.3324]
[MD5.4BC24AD1AF866EB21C09D837A8A017E7] - (.Pas de propriétaire - CLCapSvc Module.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320] [PID.3528]
[MD5.56196A4FD34A9985AB93531DCDC07DCB] - (.Pas de propriétaire - CLSched Module.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116104] [PID.3572]
[MD5.E335395F34387302252ADAA989D6879E] - (...) -- C:\Users\nino\AppData\Roaming\VOPackage\VOsrv.exe [355328] [PID.3604] =>Adware.Downware
[MD5.3A4F2C0BB87A0895ABEBA341AA1E341B] - (.Avanquest Software - Sony PCCompanion Service.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824] [PID.2736]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\nino\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://r.orange.fr
G2 - GCE: Preference [User Data\Default] [ejocekekgcaldnmjngfdbmbeebcekelc] SPOTS - A better way to start v.0.1.38, (Désactivé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
G2 - GCE: Preference [User Data\Default] [pioliciekajfgilkenamlbghbpgpipdm] Interest Recognizer for Widestream6 v.3.4.1545.153 (Désactivé) =>Adware.SPointer

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\prefs.js
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\user.js
M3 - MFPP: Plugins - [nino] -- C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\searchplugins\iminent.xml =>Adware.IMBooster
M3 - MFPP: Plugins - [nino] -- C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\searchplugins\Mysearchdial-1.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [nino] -- C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [nino] -- C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\searchplugins\Web Search.xml =>Parasite.Pugi
M2 - MFEP: prefs.js [nino - 73i52bq6.default\ffxtlbr@mysearchdial.com] [] mysearchdial.com v1.6.0 (..) =>Adware.MyWebSearch
M2 - MFEP: prefs.js [nino - 73i52bq6.default\FissaPlugin-trash] [] Fissa v1.0 (..) =>PUP.OfferBox
M2 - MFEP: prefs.js [nino - 73i52bq6.default\quick_start@gmail.com] [] Quick Start v1.1 (..) =>PUP.QuickStart
M2 - MFEP: prefs.js [nino - 73i52bq6.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v3.2.3.20140326060057 (..)
M2 - MFEP: prefs.js [nino - 73i52bq6.default\{75cdeaed-1dc0-d2a3-e0f5-269b476f673f}] [] Snap.Do v3.2.3.20140326060057 (..) =>Hijacker.SmartBar
M2 - MFEP: prefs.js [nino - 73i52bq6.default\{906000a4-88d9-4d52-b209-7a772970d91f}] [] DealPly Shopping v2.0 (..) =>PUP.DealPly
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (.Pas de propriétaire - Flash.) -- C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll
~ Firefox Browser: 19 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://istart.webssearches.com =>Hijacker.WebsSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://istart.webssearches.com =>Hijacker.WebsSearches
~ IE Browser: 21 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=http://127.0.0.1:9880 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
O1 - Hosts: 216.239.32.20 google.com
O1 - Hosts: 216.239.32.20 google.com www.google.ad
O1 - Hosts: 216.239.32.20 google.com www.google.ae
O1 - Hosts: 216.239.32.20 google.com www.google.com.af
O1 - Hosts: 216.239.32.20 google.com www.google.com.ag
O1 - Hosts: 216.239.32.20 google.com www.google.com.ai
O1 - Hosts: 216.239.32.20 google.com www.google.al
O1 - Hosts: 216.239.32.20 google.com www.google.am
O1 - Hosts: 216.239.32.20 google.com www.google.co.ao
O1 - Hosts: 216.239.32.20 google.com www.google.com.ar
O1 - Hosts: 216.239.32.20 google.com www.google.as
O1 - Hosts: 216.239.32.20 google.com www.google.at
O1 - Hosts: 216.239.32.20 google.com www.google.com.au
O1 - Hosts: 216.239.32.20 google.com www.google.az
O1 - Hosts: 216.239.32.20 google.com www.google.ba
O1 - Hosts: 216.239.32.20 google.com www.google.com.bd
O1 - Hosts: 216.239.32.20 google.com www.google.be
O1 - Hosts: 216.239.32.20 google.com www.google.bf
O1 - Hosts: 216.239.32.20 google.com www.google.bg
O1 - Hosts: 216.239.32.20 google.com www.google.com.bh
O1 - Hosts: 216.239.32.20 google.com www.google.bi
O1 - Hosts: 216.239.32.20 google.com www.google.bj
O1 - Hosts: 216.239.32.20 google.com www.google.com.bn
O1 - Hosts: 216.239.32.20 google.com www.google.com.bo
O1 - Hosts: 216.239.32.20 google.com www.google.com.br
O1 - Hosts: 216.239.32.20 google.com www.google.bs
O1 - Hosts: 216.239.32.20 google.com www.google.bt
O1 - Hosts: 216.239.32.20 google.com www.google.co.bw
O1 - Hosts: 216.239.32.20 google.com www.google.by
O1 - Hosts: 216.239.32.20 google.com www.google.com.bz
O1 - Hosts: 216.239.32.20 google.com www.google.ca
O1 - Hosts: 216.239.32.20 google.com www.google.cd
O1 - Hosts: 216.239.32.20 google.com www.google.cf
O1 - Hosts: 216.239.32.20 google.com www.google.cg
O1 - Hosts: 216.239.32.20 google.com www.google.ch
O1 - Hosts: 216.239.32.20 google.com www.google.ci
O1 - Hosts: 216.239.32.20 google.com www.google.co.ck
O1 - Hosts: 216.239.32.20 google.com www.google.cl
O1 - Hosts: 216.239.32.20 google.com www.google.cm
O1 - Hosts: 216.239.32.20 google.com www.google.cn
O1 - Hosts: 216.239.32.20 google.com www.google.com.co
O1 - Hosts: 216.239.32.20 google.com www.google.co.cr
O1 - Hosts: 216.239.32.20 google.com www.google.com.cu
O1 - Hosts: 216.239.32.20 google.com www.google.cv
O1 - Hosts: 216.239.32.20 google.com www.google.com.cy
O1 - Hosts: 216.239.32.20 google.com www.google.cz
O1 - Hosts: 216.239.32.20 google.com www.google.de
O1 - Hosts: 216.239.32.20 google.com www.google.dj
O1 - Hosts: 216.239.32.20 google.com www.google.dk
O1 - Hosts: 216.239.32.20 google.com www.google.dm
O1 - Hosts: 216.239.32.20 google.com www.google.com.do
O1 - Hosts: 216.239.32.20 google.com www.google.dz
O1 - Hosts: 216.239.32.20 google.com www.google.com.ec
O1 - Hosts: 216.239.32.20 google.com www.google.ee
O1 - Hosts: 216.239.32.20 google.com www.google.com.eg
O1 - Hosts: 216.239.32.20 google.com www.google.es
O1 - Hosts: 216.239.32.20 google.com www.google.com.et
O1 - Hosts: 216.239.32.20 google.com www.google.fi
O1 - Hosts: 216.239.32.20 google.com www.google.com.fj
O1 - Hosts: 216.239.32.20 google.com www.google.fm
O1 - Hosts: 216.239.32.20 google.com www.google.fr
O1 - Hosts: 216.239.32.20 google.com www.google.ga
O1 - Hosts: 216.239.32.20 google.com www.google.ge
O1 - Hosts: 216.239.32.20 google.com www.google.gg
O1 - Hosts: 216.239.32.20 google.com www.google.com.gh
O1 - Hosts: 216.239.32.20 google.com www.google.com.gi
O1 - Hosts: 216.239.32.20 google.com www.google.gl
O1 - Hosts: 216.239.32.20 google.com www.google.gm
O1 - Hosts: 216.239.32.20 google.com www.google.gp
O1 - Hosts: 216.239.32.20 google.com www.google.gr
O1 - Hosts: 216.239.32.20 google.com www.google.com.gt
O1 - Hosts: 216.239.32.20 google.com www.google.gy
O1 - Hosts: 216.239.32.20 google.com www.google.com.hk
O1 - Hosts: 216.239.32.20 google.com www.google.hn
O1 - Hosts: 216.239.32.20 google.com www.google.hr
O1 - Hosts: 216.239.32.20 google.com www.google.ht
O1 - Hosts: 216.239.32.20 google.com www.google.hu
O1 - Hosts: 216.239.32.20 google.com www.google.co.id
O1 - Hosts: 216.239.32.20 google.com www.google.ie
O1 - Hosts: 216.239.32.20 google.com www.google.co.il
O1 - Hosts: 216.239.32.20 google.com www.google.im
O1 - Hosts: 216.239.32.20 google.com www.google.co.in
O1 - Hosts: 216.239.32.20 google.com www.google.iq
O1 - Hosts: 216.239.32.20 google.com www.google.is
O1 - Hosts: 216.239.32.20 google.com www.google.it
O1 - Hosts: 216.239.32.20 google.com www.google.je
O1 - Hosts: 216.239.32.20 google.com www.google.com.jm
O1 - Hosts: 216.239.32.20 google.com www.google.jo
O1 - Hosts: 216.239.32.20 google.com www.google.co.jp
O1 - Hosts: 216.239.32.20 google.com www.google.co.ke
O1 - Hosts: 216.239.32.20 google.com www.google.com.kh
O1 - Hosts: 216.239.32.20 google.com www.google.ki
O1 - Hosts: 216.239.32.20 google.com www.google.kg
O1 - Hosts: 216.239.32.20 google.com www.google.co.kr
O1 - Hosts: 216.239.32.20 google.com www.google.com.kw
O1 - Hosts: 216.239.32.20 google.com www.google.kz
O1 - Hosts: 216.239.32.20 google.com www.google.la
O1 - Hosts: 216.239.32.20 google.com www.google.com.lb
O1 - Hosts: 216.239.32.20 google.com www.google.li
[...]
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 213



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0055697 [64Bits] - {11111111-1111-1111-1111-110511561197} . (.Corporate Inc - Pricora 10.4 BHO.) -- C:\Program Files (x86)\Pricora 10.4\Pricora 10.4-bho64.dll =>PUP.CrossRider
O2 - BHO: Snap.DoEngine [64Bits] - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar
~ BHO: 18 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Snap.Do - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D3028143-6145-4318-99D3-3EDCE54A95A9} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\Program [Public]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\Program [Public]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\SystemTools [Public]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\QuickLaunch [nino]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\QuickLaunch [nino]: Mozilla Firefox (2).lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://istart.webssearches.com =>Hijacker.WebsSearches
O4 - GS\Desktop [nino]: Continue VuuPC Installation.lnk . (...) -- C:\Users\nino\AppData\Local\Temp\ICReinstall_nsw329D.tmp \RR (.not file.) =>PUP.VuuPC
~ Global Startup: 9 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [nino]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe (.not file.)
O4 - HKLM\..\Run: [SmartMenu] C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (.not file.)
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nino\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\nino\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [genesis] . (...) -- c:\users\nino\appdata\local\genesis\genesis.exe =>PUP.Genesis
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_Plugin.exe
O4 - HKLM\..\Wow6432Node\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co
O4 - HKLM\..\Wow6432Node\Run: [KBD] . (.Microsoft - Kbd Stub.) -- C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [HP Health Check Scheduler] . (.Hewlett-Packard - HP Health Check Scheduler.) -- c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePDIRShortCut] . (.CyberLink Corp. - StartMen Application.) -- c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [TSMAgent] . (.CyberLink Corp. - CyberLink PowerCinema Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [CLMLServer for HP TouchSmart] . (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
O4 - HKLM\..\Wow6432Node\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] Clé orpheline
O4 - HKLM\..\Wow6432Node\Run: [TVAgent] . (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [AgentMonitor] . (.Pas de propriétaire - AgentMon Application.) -- C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [mobilegeni daemon] . (...) -- C:\Program Files (x86)\Mobogenie\DaemonProcess.exe =>PUP.Mobogenie
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] Clé orpheline
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [HPAdvisor] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\nino\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files (x86)\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\nino\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\Run: [genesis] . (...) -- c:\users\nino\appdata\local\genesis\genesis.exe =>PUP.Genesis
O4 - HKUS\S-1-5-21-3710467032-3842738352-2000084877-1000\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_13_0_0_206_Plugin.exe
~ Application: Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1901D06-4B17-4695-8610-5472550E4AC5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B1901D06-4B17-4695-8610-5472550E4AC5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{B1901D06-4B17-4695-8610-5472550E4AC5}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll (.not file.) =>Toolbar.Conduit
~ AppInit DLL: Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon [64Bits] - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: Bandoo Coordinator (Bandoo Coordinator) . (...) - C:\Program Files (x86)\Bandoo\Bandoo.exe (.not file.) =>Adware.Bandoo
O23 - Service: MgAssist Service (MgAssistService) . (...) - C:\Program Files (x86)\Mobogenie\MgAssist.exe =>PUP.Mobogenie
O23 - Service: Service Component of VO (vosr) . (...) - C:\Users\nino\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
~ Services: 14 Legitimates Filtered in 00mn 06s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP1] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP2] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [APSnotifierPP3] (...) -- C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe (.not file.) [0] =>PUP.AnyProtect
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\nino\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [fsupdate] (...) -- C:\Program Files (x86)\Flowsurf\fsupd.exe (.not file.) [0] =>PUP.FlowSurf
[MD5.00000000000000000000000000000000] [APT] [MySearchDial] (...) -- C:\Users\nino\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.MyWebSearch
[MD5.00000000000000000000000000000000] [APT] [wp_update] (...) -- C:\Users\nino\AppData\Roaming\~ijcvzuw.exe (.not file.) [0] =>PUP.WpManager
[MD5.00000000000000000000000000000000] [APT] [{780074AC-EF6E-4CC6-8399-9A89E4CD5347}] (...) -- E:\Codec DivX V3.11\divx_311alpha.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9C996F4B-B96F-4C50-B884-16AFC182D824}] (...) -- C:\Users\nino\Desktop\Codec DivX V3.11\divx_311alpha.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E2BE3FCD-2A3C-4047-A812-2C53F63BEE1B}] (...) -- C:\Users\nino\Desktop\VideoLAN\VLC\uninstall.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\Tasks\APSnotifierPP1.job [380] =>PUP.AnyProtect
O39 - APT: APSnotifierPP1 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP1 [380] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\Tasks\APSnotifierPP2.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP2 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP2 [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\Tasks\APSnotifierPP3.job [378] =>PUP.AnyProtect
O39 - APT: APSnotifierPP3 - (...) -- C:\Windows\System32\Tasks\APSnotifierPP3 [378] =>PUP.AnyProtect
O39 - APT: Dealply - (...) -- C:\Windows\Tasks\Dealply.job [286] =>PUP.DealPly
O39 - APT: Dealply - (...) -- C:\Windows\System32\Tasks\Dealply [286] =>PUP.DealPly
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3710467032-3842738352-2000084877-1000Core [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3710467032-3842738352-2000084877-1000UA [1092]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1060]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1064]
O39 - APT: MySearchDial - (...) -- C:\Windows\Tasks\MySearchDial.job [288] =>Adware.MyWebSearch
O39 - APT: MySearchDial - (...) -- C:\Windows\System32\Tasks\MySearchDial [288] =>Adware.MyWebSearch
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PCDRScheduledMaintenance [456]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{E9AC012B-1983-49F6-B86D-673EC563ED7F} [442]
~ Scheduled Task: 34 Legitimates Filtered in 00mn 04s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: ({2b4fc5ce-fd26-493c-97d3-e808aab73013}t64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}t64.sys =>PUP.LinkiDoo
~ Drivers: 63 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM][64Bits] -- Fissa =>PUP.OfferBox
O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM][64Bits] -- {4BD271AB-66E2-4D58-AF88-80FE3B0770C4} =>PUP.OfferBox
O42 - Logiciel: Genesis - (...) [HKCU][64Bits] -- genesis =>PUP.Genesis
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM][64Bits] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Pricora 10.4 - (.Corporate Inc.) [HKLM][64Bits] -- Pricora 10.4 =>Adware.Pricora
O42 - Logiciel: VO Package - (...) [HKLM][64Bits] -- VOPackage =>Adware.Downware
O42 - Logiciel: ValueApps - (.Conduit.) [HKCU][64Bits] -- ValueApps =>Toolbar.Conduit
O42 - Logiciel: ViewPassword - (.ViewPassword-software.) [HKLM][64Bits] -- F75BEFBB-AEAC-56BA-DCD1-5EDE5994FD0B =>PUP.ViewPassword
~ Logic: 60 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Genesis] =>PUP.Genesis
[HKCU\Software\SearchquMediabarTb] =>PUP.Datamngr
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager
[HKCU\Software\WideStream] =>Adware.SPointer
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch
[HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램]
[HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\FissaSearch] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\MySearchDial] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\RST]
[HKLM\Software\Wow6432Node\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\Wow6432Node\mamverifier]
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
[HKLM\Software\Wow6432Node\widestream] =>Adware.SPointer
[HKLM\Software\suprasavings] =>PUP.SupraSavings
~ Key Software: 421 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/08/2011 - 14:40:56 - [0] ----D C:\Program Files (x86)\Fluendo =>Adware.SPointer
O43 - CFD: 01/05/2014 - 12:22:54 - [] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 02/05/2014 - 09:11:34 - [] ----D C:\Program Files (x86)\Pricora 10.4 =>Adware.Pricora
O43 - CFD: 02/05/2014 - 09:11:34 - [] ----D C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword
O43 - CFD: 11/10/2010 - 16:35:20 - [] ----D C:\Program Files (x86)\Widestream6 =>Adware.SPointer
O43 - CFD: 23/02/2013 - 20:03:35 - [] ----D C:\Program Files (x86)\WowCartographe
O43 - CFD: 30/06/2010 - 12:46:32 - [] ----D C:\ProgramData\Bandoo =>Adware.Bandoo
O43 - CFD: 02/05/2014 - 09:11:33 - [] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 11/11/2010 - 18:07:20 - [] ----D C:\Users\nino\AppData\Roaming\AutoTransfer
O43 - CFD: 27/06/2010 - 22:09:26 - [0] ----D C:\Users\nino\AppData\Roaming\Bandoo =>Adware.Bandoo
O43 - CFD: 07/03/2011 - 19:22:39 - [] ----D C:\Users\nino\AppData\Roaming\FissaSearch =>PUP.OfferBox
O43 - CFD: 17/10/2012 - 13:10:19 - [] ----D C:\Users\nino\AppData\Roaming\ManuelNumeriqueDidier
O43 - CFD: 01/05/2014 - 22:15:01 - [0] ----D C:\Users\nino\AppData\Roaming\SupTab =>PUP.SupTab
O43 - CFD: 01/05/2014 - 22:17:27 - [0] ----D C:\Users\nino\AppData\Roaming\ValueApps =>Toolbar.Conduit
O43 - CFD: 15/04/2014 - 21:07:18 - [] ----D C:\Users\nino\AppData\Roaming\VOPackage =>Adware.Downware
O43 - CFD: 11/10/2010 - 16:35:55 - [] ----D C:\Users\nino\AppData\Roaming\widestream =>Adware.SPointer
O43 - CFD: 01/05/2014 - 16:59:51 - [] ----D C:\Users\nino\AppData\Roaming\wp_update =>PUP.WpManager
O43 - CFD: 01/05/2014 - 22:15:01 - [] ----D C:\Users\nino\AppData\Local\41
O43 - CFD: 19/05/2014 - 14:50:35 - [] ----D C:\Users\nino\AppData\Local\Genesis =>PUP.Genesis
O43 - CFD: 19/05/2014 - 14:17:31 - [] ----D C:\Users\nino\AppData\Local\widestream6 Air =>Adware.SPointer
~ 775 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1040 Legitimates Filtered in 00mn 12s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{f0764841-6298-11de-988e-00242156b3f1}\AutoRun\command. (...) -- C:\Windows\system32\bittorrent.exe (.not file.) =>P2P.BitTorrent
O51 - MPSK:{fe62943f-bbb1-11e1-b671-00242156b3f1}\AutoRun\command. (...) -- K:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:21/01/2008 - 03:47:30 ---A- . (...) -- C:\Windows\System32\Drivers\bdasup.sys [15616]
O58 - SDL:18/09/2006 - 22:30:18 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [14976]
O58 - SDL:19/09/2006 - 12:42:33 ---A- . (...) -- C:\Windows\System32\Drivers\BrUsbSer.sys [14720]
O58 - SDL:21/01/2008 - 03:46:56 ---A- . (...) -- C:\Windows\System32\Drivers\E1G6032E.sys [146176]
O58 - SDL:21/01/2008 - 03:46:59 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [397368]
O58 - SDL:21/08/2012 - 13:01:20 ---A- . (...) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240]
O58 - SDL:03/07/2013 - 03:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\hidparse.sys [31616]
O58 - SDL:02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [37480]
O58 - SDL:02/11/2006 - 13:02:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [37480]
O58 - SDL:21/01/2008 - 03:49:00 ---A- . (...) -- C:\Windows\System32\Drivers\ksthunk.sys [20864]
O58 - SDL:21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mskssrv.sys [11008]
O58 - SDL:02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspclock.sys [7040]
O58 - SDL:02/11/2006 - 10:37:30 ---A- . (...) -- C:\Windows\System32\Drivers\mspqm.sys [6656]
O58 - SDL:21/01/2008 - 03:49:52 ---A- . (...) -- C:\Windows\System32\Drivers\mstee.sys [7936]
O58 - SDL:02/11/2006 - 10:43:56 ---A- . (...) -- C:\Windows\System32\Drivers\ohci1394.sys [72192]
O58 - SDL:11/04/2009 - 06:39:31 ---A- . (...) -- C:\Windows\System32\Drivers\stream.sys [68224]
O58 - SDL:21/01/2008 - 03:46:56 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [284728]
O58 - SDL:02/11/2006 - 12:50:54 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [148072]
O58 - SDL:21/01/2008 - 03:46:52 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series x64 Windows Driver.) -- C:\Windows\System32\Drivers\ulsata2.sys [174696]
O58 - SDL:13/12/2012 - 14:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:11/04/2009 - 06:39:40 ---A- . (...) -- C:\Windows\System32\Drivers\USBCAMD2.sys [32640]
O58 - SDL:29/06/2013 - 03:25:14 ---A- . (...) -- C:\Windows\System32\Drivers\usbd.sys [7552]
O58 - SDL:12/07/2013 - 10:19:36 ---A- . (...) -- C:\Windows\System32\Drivers\usbvideo.sys [168960]
O58 - SDL:02/11/2006 - 10:40:24 ---A- . (...) -- C:\Windows\System32\Drivers\wacompen.sys [26624]
O58 - SDL:24/04/2014 - 11:18:02 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}t64.sys [60096] =>PUP.LinkiDoo
O58 - SDL:24/07/2006 - 16:05:00 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
~ Drivers: 86 Legitimates Filtered in 00mn 04s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{2b4fc5ce-fd26-493c-97d3-e808aab73013}t64.sys ({2b4fc5ce-fd26-493c-97d3-e808aab73013}t64) .(.StdLib - StdLib.) - LEGACY_{2B4FC5CE-FD26-493C-97D3-E808AAB73013}T64 =>PUP.LinkiDoo
~ Legacy: 80 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
~ FASS Keys: 13 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("browser.search.order.1", "Mysearchdial"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.Fissa.Uninstall.lastRunTime", "Mon, 07 Mar 2011 17:24:15 GMT"); =>PUP.OfferBox
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.Fissa.lastRunTime", "Sun, 20 Feb 2011 16:19:26 GMT"); =>PUP.OfferBox
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.crossrider.bic", "1426b1e72f26766d3805f793c8dbca0b"); =>PUP.CrossRider
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.BackPageActive", true); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.DockingPositionDown", false); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.LastHiddenTime", 23284306); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.SmartbarDisabled", false); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.SmartbarStateMinimaized", false); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.Visibility", false); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.backPageCapacity", 3); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.backPageCounter", 1); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.backPageDay", 15); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.backPageLastEvent", "1397588436798"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.backPageMinInterval", 15); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.barcodeid", "81860"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.countryiso", "fr"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.downloadprovider", "soft32yb"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.externalJsFiles", ""); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.fromautoupdate", "true"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.installationid", "75cdeaed-1dc0-d2a3-e0f5-269b476f673f"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.installdate", "17/11/2013"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.keepAliveLastevent", "1396252782"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.lastExternalJsUpdate", "1399102336635"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.helperbar.publisher", "soft32yb"); =>PUP.HelperBar
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.AL", 2); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.aflt", "adk0102"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtByEtBtCyDyC0BtA0FtCyCtAtB0EtN0D0Tzu0SzzyEyBtN1L2XzutBtFtCzztFtBtFtDt[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.cntry", "FR"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.cr", "963428685"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.dfltLng", ""); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.dfltSrch", true); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.dnsErr", true); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.dspFFXOld", "Orange"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.excTlbr", false); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.hdrMd5", "B7475F2C4067BA903DC31D8114517E42"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.hmpg", true); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=adk0102&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCyDyC0BtA[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.hpFFXOld", "http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.id", "00242156B3F1632E"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.instlDay", "16186"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.instlRef", ""); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.lastB", "http://r.orange.fr/r/Ohome_portail?ref=O_OI_defaultPage_FF"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.lastVrsnTs", ""); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=adk0102&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCyDyC0B[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"96\",\"lastVrsn\":\"96\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"s[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.prdct", "mysearchdial"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.sg", "{smplGrp}"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.tlbrId", "base"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=adk0102&cd=2XzuyEtN2Y1L1QzutDtDtByEtBtCyDyC[...] =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.vrsn", "1.8.29.0"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial.vrsni", "1.8.29.0"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial_i.newTab", false); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial_i.smplGrp", "none"); =>Adware.MyWebSearch
O69 - SBI: prefs.js [nino - 73i52bq6.default] user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.019:51:41"); =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} [DefaultScope] - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1E547A48574C8D382C1487402C0D4938] [SPRF][02/12/2013] (...) -- C:\Users\nino\AppData\Roaming\wklnhst.dat [1934]
~ Files: 2 Legitimates Filtered in 00mn 00s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "BA172DB42E6685D4FA8808EFB370074C" . (.Fissa.) -- C:\Windows\Installer\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}\ARPPRODUCTICON.exe =>PUP.OfferBox
~ Update Products: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.949E14C7AA0986138052F11973D2BC29] [WIS][19/09/2012] (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Windows\Installer\41d17.msi [24064] =>Toolbar.Google
[MD5.37DC40E3A79B1EBF06040FB6D9A63A79] [WIS][20/02/2011] (.Secure Digital Services - Fissa.) -- C:\Windows\Installer\69b802.msi [1275392] =>Adware.SPointer
~ WIS: 2 Legitimates Filtered in 00mn 09s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google
[HKCR\CLSID\{56A45471-9392-433a-9DC8-16D1141D49C2}] (MediaGoLyricsComponent Class) =>Adware.AddLyrics
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar
~ BCK: 3741 Legitimates Filtered in 00mn 07s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 01/05/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 14/03/2014 36392 | (BackupStack) . (.Just Develop It.) - C:\Program Files (x86)\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Auto 10/07/1658 0 | (Bandoo Coordinator) . (...) - C:\Program Files (x86)\Bandoo\Bandoo.exe =>Adware.Bandoo
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 18/10/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/10/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 30/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/07/1658 0 | (PCD5SRVC{8AAF211B-043E02A9-05040000}) . (...) - C:\Program Files (x86)\PC-DOC~1\PCD5SRVC_x64.pkms
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 21/01/2008 27648 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Demand 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 01/12/2008 932864 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 04/12/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Demand 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 27648 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 17/03/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 26/04/2014 70848 | (MgAssistService) . (...) - C:\Program Files (x86)\Mobogenie\MgAssist.exe =>PUP.Mobogenie
SR - | Auto 11/03/2014 23808 | (MsMpSvc) . (.Microsoft Corporation.) - c:\Program Files\Microsoft Security Client\MsMpEng.exe
SR - | Auto 24/09/2008 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 27648 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SR - | Auto 22/04/2009 296320 | (TVCapSvc) . (...) - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
SR - | Auto 22/04/2009 116104 | (TVSched) . (...) - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
SR - | Auto 15/04/2014 355328 | (vosr) . (...) - C:\Users\nino\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware
SR - | Auto 21/01/2008 27648 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 28/11/2008 146928 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.CyberLink Corp..) - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 08s



---\\ Scan Additionnel (O88)
Database Version : 13036 - (18/05/2014)
Clés trouvées (Keys found) : 174
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 28
Fichiers trouvés (Files found) : 33

[HKLM\Software\Google\Chrome\Extensions\pioliciekajfgilkenamlbghbpgpipdm] =>Adware.SPointer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511561197}] =>PUP.CrossRider^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Hijacker.SmartBar^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\Bandoo Coordinator] =>Adware.Bandoo^
[HKLM\SYSTEM\CurrentControlSet\Services\MgAssistService] =>PUP.Mobogenie^
[HKLM\SYSTEM\CurrentControlSet\Services\vosr] =>Adware.Downware^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fissa] =>PUP.OfferBox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}] =>PUP.OfferBox^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\genesis] =>PUP.Genesis^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pricora 10.4] =>Adware.Pricora^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage] =>Adware.Downware^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\F75BEFBB-AEAC-56BA-DCD1-5EDE5994FD0B] =>PUP.ViewPassword^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{01222E21-6BD0-4EB3-94F1-967EB09CCED5}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{12D6D31C-C5BF-4C66-BF8D-D54D5BFD3D41}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{12D6D31C-C5BF-4C66-BF8D-D54D5BFD3D41}] =>Adware.SPointer
[HKLM\Software\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{1301a8a5-3dfb-4731-a162-b357d00c9644}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{24CBAA7E-4C85-4B75-B101-9803391AC327}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{24CBAA7E-4C85-4B75-B101-9803391AC327}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{33DDFC61-F531-4982-8C32-4212B7835D44}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{3AD7A5B6-610D-4A82-979E-0AED20920690}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{3AD7A5B6-610D-4A82-979E-0AED20920690}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624f4-c5dd-4e1d-bdd0-1e9c9b7799cc}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{4410C118-B23C-406C-9F52-9CDABD90A5EA}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{477f210a-2a86-4666-9c4b-1189634d2c84}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{48ACB95E-38BE-4377-BE46-67F5B68C1A77}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD271AB-66E2-4D58-AF88-80FE3B0770C4}] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{62E5C9E1-A0E8-4F8C-8EAF-0F9250CC5786}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6D4630E6-2F14-4615-8FE3-26ECBC39AC2A}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{723328FF-22D0-497f-9EB5-1AC919582DE1}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{723328FF-22D0-497f-9EB5-1AC919582DE1}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{7D21B744-838A-4208-8CEF-3D70162B053B}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{7D21B744-838A-4208-8CEF-3D70162B053B}] =>Adware.SPointer
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7f000001-db8e-f89c-2fec-49bf726f8c12}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FF99715-3016-4381-84CE-E4E4C9673020}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7FF99715-3016-4381-84CE-E4E4C9673020}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{8273A950-A894-497B-B408-A19B33968243}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{8273A950-A894-497B-B408-A19B33968243}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424c-BB9F-74C6899B9F92}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{99379002-4781-440E-9002-EF5CEBC666FD}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{99379002-4781-440E-9002-EF5CEBC666FD}] =>Adware.SPointer
[HKLM\Software\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{9C123289-82E1-4DA7-A3C2-B8D28AAD114B}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9c8a3ca5-889e-4554-beec-ec0876e4e96a}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{A01A3335-0C30-4312-A430-92356CC37A92}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Classes\Interface\{A0DFD148-D748-4C58-B8E7-396B85D62091}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{A0DFD148-D748-4C58-B8E7-396B85D62091}] =>Adware.SPointer
[HKLM\Software\Classes\TypeLib\{A36EC25F-1846-45D0-903F-A9F9B5CF0FD0}] =>Adware.SPointer
[HKLM\Software\Classes\TypeLib\{A4D74ECD-AEF8-45EB-929C-DB36E4D00ECF}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{A9005ED5-4A1D-4606-A4DF-1A25E7D7B417}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\TypeLib\{B5E29133-7CC2-4174-B60E-42F51C7E7919}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}] =>PUP.iMesh
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CE1CB632-6817-47b3-8587-D05AF75D6D5A}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D789B722-522C-4868-8DA4-EE7B5F5F575C}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{EAE5C2BC-AE3F-4C6F-A736-03DDF56FA2D9}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{EAE5C2BC-AE3F-4C6F-A736-03DDF56FA2D9}] =>Adware.SPointer
[HKLM\Software\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{EDE2C296-2458-4E3B-A846-4B512C0703B5}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{F030DBBA-EFC2-4443-A1D1-0B716CE0CC78}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Interface\{F030DBBA-EFC2-4443-A1D1-0B716CE0CC78}] =>Adware.SPointer
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f9189560-573a-4fde-b055-ae7b0f4cf080}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{ff871e51-2655-4d06-aed5-745962a96b32}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\BandooCoordinator.EXE] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\bandoocore.exe] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\GIFAnimator.DLL] =>PUP.BearShare
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Bandoo] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fissa] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu MediaBar] =>Adware.Bandoo
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\pioliciekajfgilkenamlbghbpgpipdm] =>Adware.SPointer
[HKLM\Software\Classes\Installer\Features\BA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Products\BA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BA172DB42E6685D4FA8808EFB370074C] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\FissaSearch] =>PUP.OfferBox
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\WideStream] =>Adware.SPointer
[HKLM\Software\Wow6432Node\WideStream] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Fissa] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\IEPLUGIN.DLL] =>PUP.MediaFinder
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\Widestream6.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.Spointer.1] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerWebDisp.1] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511561197}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522562297}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511011148}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291124}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\iminent] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Classes\Widestream6.Spointer] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.Spointer.1] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerWebDisp.1] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\AppID\BandooCoordinator.EXE] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\BandooCore.EXE] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:genesis =>PUP.Genesis^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^
C:\Users\nino\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioliciekajfgilkenamlbghbpgpipdm =>Adware.SPointer^
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\extensions\ffxtlbr@mysearchdial.com =>Adware.MyWebSearch^
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\extensions\FissaPlugin-trash =>PUP.OfferBox^
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\extensions\quick_start@gmail.com =>PUP.QuickStart^
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\extensions\{75cdeaed-1dc0-d2a3-e0f5-269b476f673f} =>Hijacker.SmartBar^
C:\Users\nino\AppData\Roaming\Mozilla\Firefox\Profiles\73i52bq6.default\extensions\{906000a4-88d9-4d52-b209-7a772970d91f} =>PUP.DealPly^
C:\Program Files (x86)\Fluendo =>Adware.SPointer^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Pricora 10.4 =>Adware.Pricora^
C:\Program Files (x86)\ViewPassword-soft =>PUP.ViewPassword^
C:\Program Files (x86)\Widestream6 =>Adware.SPointer^
C:\ProgramData\Bandoo =>Adware.Bandoo^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\nino\AppData\Roaming\Bandoo =>Adware.Bandoo^
C:\Users\nino\AppData\Roaming\FissaSearch =>PUP.OfferBox^
C:\Users\nino\AppData\Roaming\SupTab =>PUP.SupTab^
C:\Users\nino\AppData\Roaming\ValueApps =>Toolbar.Conduit^
C:\Users\nino\AppData\Roaming\VOPackage =>Adware.Downware^
C:\Users\nino\AppData\Roaming\widestream =>Adware.SPointer^
C:\Users\nino\AppData\Roaming\wp_update =>PUP.WpManager^
C:\Users\nino\AppData\Local\Genesis =>PUP.Genesis^
C:\Users\nino\AppData\Local\widestream6 Air =>Adware.SPointer^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Users\nino\AppData\Local\moovida air =>Adware.SPointer
C:\Users\nino\AppData\Local\Moovida =>Adware.SPointer
C:\Users\nino\AppData\LocalLow\searchqutb =>Adware.Bandoo
C:\Users\nino\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\nino\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar
C:\Users\nino\AppData\Local\Genesis\Genesis.exe =>PUP.Genesis^
C:\Program Files (x86)\Mobogenie\DaemonProcess.exe =>PUP.Mobogenie^
C:\Program Files (x86)\Mobogenie\MgAssist.exe =>PUP.Mobogenie^
C:\Users\nino\AppData\Roaming\VOPackage\VOsrv.exe =>Adware.Downware^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Dealply.job =>PUP.DealPly^
C:\Windows\System32\Tasks\Dealply =>PUP.DealPly^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\System32\Tasks\MySearchDial =>Adware.MyWebSearch^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\Genesis] =>PUP.Genesis^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WEDLMNGR] =>PUP.weDownloadManager^
[HKCU\Software\freesofttoday] =>Adware.FreeSoftToday^
[HKCU\Software\mysearchdial.com] =>Adware.MyWebSearch^
[HKLM\Software\LevelQualityWatcher] =>PUP.LevelQualityWatcher^
[HKLM\Software\Wow6432Node\MySearchDial] =>Adware.MyWebSearch^
[HKLM\Software\Wow6432Node\supTab] =>PUP.SupTab^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
[HKLM\Software\Wow6432Node\widestream] =>Adware.SPointer^
[HKLM\Software\suprasavings] =>PUP.SupraSavings^
C:\Windows\Installer\41d17.msi =>Toolbar.Google^
C:\Windows\Installer\69b802.msi =>Adware.SPointer^
[HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}] (Google Toolbar) =>Toolbar.Google^
[HKCR\CLSID\{56A45471-9392-433a-9DC8-16D1141D49C2}] (MediaGoLyricsComponent Class) =>Adware.AddLyrics^
[HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}] (Google Toolbar Helper) =>Toolbar.Google^
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar^
~ Additionnel Scan: 442379 Items scanned in 02mn 11s



---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.byethost7.com/pup-mobogenie =>PUP.Mobogenie
http://nicolascoolman.byethost7.com/adware-downware =>Adware.Downware
http://nicolascoolman.byethost7.com/adware-spointer =>Adware.SPointer
http://nicolascoolman.byethost7.com/adware-imbooster =>Adware.IMBooster
http://nicolascoolman.byethost7.com/adware-mywebsearch =>Adware.MyWebSearch
http://nicolascoolman.byethost7.com/parasite-pugi =>Parasite.Pugi
http://nicolascoolman.byethost7.com/pup-offerbox =>PUP.OfferBox
http://nicolascoolman.byethost7.com/pup-quickstart =>PUP.QuickStart
http://nicolascoolman.byethost7.com/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.byethost7.com/pup-dealply =>PUP.DealPly
http://nicolascoolman.byethost7.com/hijacker-webssearches =>Hijacker.WebsSearches
http://nicolascoolman.byethost7.com/hijacker-proxy =>Hijacker.Proxy
http://nicolascoolman.byethost7.com/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.webs.com/apps/blog/show/33388048-pup-vuupc =>PUP.VuuPC
http://nicolascoolman.byethost7.com/pup-mypcbackup =>PUP.MyPCBackup
http://nicolascoolman.byethost7.com/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.byethost7.com/adware-bandoo =>Adware.Bandoo
http://nicolascoolman.byethost7.com/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.byethost7.com/pup-wpmanager =>PUP.WpManager
http://nicolascoolman.byethost7.com/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.webs.com/apps/blog/show/29294184-adware-pricora =>Adware.Pricora
http://nicolascoolman.webs.com/apps/blog/show/35740148-pup-viewpassword =>PUP.ViewPassword
http://nicolascoolman.byethost7.com/adware-boxore =>Adware.Boxore
http://nicolascoolman.byethost7.com/pup-datamngr =>PUP.Datamngr
http://nicolascoolman.byethost7.com/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager
http://nicolascoolman.byethost7.com/adware-freesofttoday =>Adware.FreeSoftToday
http://nicolascoolman.byethost7.com/adware-lollipop =>Adware.Lollipop
http://nicolascoolman.byethost7.com/adware-vidsaver =>Adware.VidSaver
http://nicolascoolman.byethost7.com/pup-suptab =>PUP.SupTab
http://nicolascoolman.byethost7.com/pup-suprasavings =>PUP.SupraSavings
http://nicolascoolman.webs.com/apps/blog/show/26601058-adware-addlyrics =>Adware.AddLyrics
http://nicolascoolman.byethost7.com/pup-babylon =>PUP.Babylon
http://nicolascoolman.byethost7.com/pup-v9software =>PUP.V9Software
http://nicolascoolman.byethost7.com/pup-imesh =>PUP.iMesh
http://nicolascoolman.byethost7.com/pup-bearshare =>PUP.BearShare
http://nicolascoolman.byethost7.com/pup-software-updater =>PUP.Software.Updater
http://nicolascoolman.webs.com/apps/blog/show/28445531-pup-mediafinder =>PUP.MediaFinder
http://nicolascoolman.byethost7.com/pup-optimizerpro =>PUP.OptimizerPro
http://nicolascoolman.byethost7.com/pup-funmoods =>PUP.Funmoods
~ MSI: 40 link(s) detected in 00mn 00s



~ 1762 Legitimates filtered by white list
End of the scan (1069 lines in 03mn 47s)(0)

Publicité


Signaler le contenu de ce document

Publicité