cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2015.3.15.30 - Nicolas Coolman (15/03/2015)
~ Lancé par luckas (16/03/2015 20:01:11)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.7601.17514
MFIE: Mozilla Firefox 36.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 7 Home Premium, 32-bit Service Pack 1 (Build 7601)

---\\ Logiciels de protection du système
Windows Defender W7 (Activate)

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 16 ActiveX
Adobe Reader X

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2758 MB (77% free)
System Restore: Activé (Enable)
System drive C: has 203 GB (74%) free of 275 GB

---\\ Mode de connexion au système
~ Computer Name: LUCKAS-PC
~ User Name: luckas
~ All Users Names: luckas, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\luckas\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\luckas\AppData\Roaming\
~ %Desktop% : C:\Users\luckas\Desktop\
~ %Favorites% : C:\Users\luckas\Favorites\
~ %LocalAppData% : C:\Users\luckas\AppData\Local\
~ %StartMenu% : C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 203 Go of 275 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 3 Go of 18 Go)
F: Hard drive, Flash drive, Thumb drive (Free 0 Go of 5 Go)
G: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 37 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.40D777B7A95E00593EB1568C68514493] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 22:29:20.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.44214C94911C7CFB1D52CB64D5E8368D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.20/11/2010 - 22:29:12.) -- C:\Windows\System32\wininet.dll [980992]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 22:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.1151FD4FB0216CFED887BFDE29EBD516] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.20/11/2010 - 22:29:19.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.B272B4C3E085EA860C12F2E4FAF2FFA2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.20/11/2010 - 22:29:15.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.33C3093D09017CFE2E219F2472BFF6EB] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.20/11/2010 - 22:29:12.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
Mes images (My Pictures) : 2/2 (Modified)
~ Mes musiques (My Musics) : 1/70
~ Mes Favoris (My Favorites) : 1/27
~ Mon Bureau (My Desktop) : 1/225
~ Menu demarrer (Programs) : 1/57
~ Hidden Files: Scanned in 00mn 01s



---\\ Processus lancés
[MD5.1B7263F59C7AEB95664B338846BC5F3E] - (.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe [7353992] [PID.1548] =>PUP.BoBrowser
[MD5.0706510EDEDAF0F4C28B2D98E785DD42] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8186368] [PID.2732]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\luckas\AppData\Local\Google\Chrome\User Data\Default\Preferences

---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\luckas\AppData\Roaming\Mozilla\Firefox\Profiles\vb5v1arw.default-1426532199130\prefs.js
M3 - MFPP: Plugins - [luckas] -- C:\Program Files\Mozilla FireFox\searchplugins\Web Search.xml =>Parasite.Pugi
P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=3] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore
P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=9] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore
~ Firefox Browser: 5 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:newtab
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-page.com =>PUP.SweetPage
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://search.certified-toolbar.com =>PUP.CertifiedToolbar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HomeTab - {db17986c-1bb1-4523-bd7c-55575f7974e9} . (.Simply Tech LTD. - wtb Module.) -- C:\Program Files\HomeTab\IE\HomeTab.dll =>PUP.CertifiedToolbar
~ BHO: 2 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: HomeTab - [HKLM]{db17986c-1bb1-4523-bd7c-55575f7974e9} . (.Simply Tech LTD. - wtb Module.) -- C:\Program Files\HomeTab\IE\HomeTab.dll =>PUP.CertifiedToolbar
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: eFix Pro.lnk . (.Reimage® - eFix Pro Downloader.) -- C:\Program Files\eFix\eFix Pro\eFixPro.exe =>Rogue.Rogue.ReimageRepair
O4 - GS\Desktop [Public]: RegClean Pro.lnk . (...) -- C:\Program Files\RCP\RegCleanPro.exe =>Rogue.RegistryPowerCleaner
O4 - GS\QuickLaunch [luckas]: BoBrowser.lnk . (...) -- C:\Windows\system32\config\systemprofile\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser
O4 - GS\Desktop [luckas]: BoBrowser.lnk . (...) -- C:\Windows\system32\config\systemprofile\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser
O4 - GS\Desktop [luckas]: GU Player.lnk . (.The GuPlayer Company - Media Player.) -- C:\Program Files\GU Player\GuPlayer.exe =>PUP.GUPlayer
O4 - GS\Desktop [luckas]: Hotmail.lnk . (...) -- C:\Windows\system32\config\systemprofile\AppData\Local\BoBrowser\Application\bobrowser.exe (.not file.) =>PUP.BoBrowser
O4 - GS\Desktop [luckas]: Optimizer Pro.lnk . (.PC Utilities Software Limited - Optimizer Pro.) -- C:\Program Files\Optimizer Pro 3.38\OptimizerPro.exe =>PUP.OptimizerPro
~ Global Startup: 10 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [luckas]: OptimizerPro.lnk . (.PC Utilities Software Limited - OptimizerPro – Clean up your PC.) -- C:\ProgramData\{29eb43f0-0572-1895-29eb-b43f00570fc0}\OptimizerPro.exe =>PUP.OptimizerPro
O4 - GS\Startup [luckas]: StormWatch.lnk . (.Weather Protector LLC - StormWatch.) -- C:\Program Files\StormWatch\StormWatch.exe =>PUP.StormWatch
O4 - GS\Startup [luckas]: StormWatchApp.lnk . (...) -- C:\Program Files\StormWatch\StormWatchApp.exe =>PUP.StormWatch
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [gmsd_fr_266] Clé orpheline =>PUP.CrossRider
O4 - HKLM\..\Run: [3D BubbleSound] C:\Program Files\BubbleSound\3D BubbleSound.exe (.not file.) =>PUP.BubbleSound
O4 - HKLM\..\RunOnce: [Binkiland] . (...) -- C:\Users\luckas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat =>PUP.Binkiland
O4 - HKCU\..\Run: [cacaoweb] C:\Users\luckas\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro 3.38\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKCU\..\Run: [Bubble Dock] . (.Nosibay - Bubble Dock.) -- C:\Users\luckas\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe =>PUP.BubbleDock
O4 - HKCU\..\Run: [WindApp] C:\Users\luckas\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [Selection Tools] C:\Users\luckas\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKCU\..\Run: [BoBrowser] . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O4 - HKCU\..\RunOnce: [Binkiland] . (...) -- C:\Users\luckas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat =>PUP.Binkiland
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [cacaoweb] C:\Users\luckas\AppData\Roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro 3.38\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [Bubble Dock] . (.Nosibay - Bubble Dock.) -- C:\Users\luckas\AppData\Roaming\Nosibay\Bubble Dock\LBubble Dock.exe =>PUP.BubbleDock
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [WindApp] C:\Users\luckas\AppData\Roaming\Store\WindApp\WindApp.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [Selection Tools] C:\Users\luckas\AppData\Roaming\WTools\Selection Tools\Selection Tools.exe (.not file.) =>PUP.Nosibay
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\Run: [BoBrowser] . (.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O4 - HKUS\S-1-5-21-1326129485-1188771094-1049884244-1000\..\RunOnce: [Binkiland] . (...) -- C:\Users\luckas\AppData\Roaming\Binkiland\UpdateProc\bkup.dat =>PUP.Binkiland
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{1490CABA-A528-4740-A12A-BA763D5293DC}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CCS\Services\Tcpip\..\{53A4EF06-3D1E-4DE5-B13A-7A69984F2AA3}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{F87C41FB-AF5D-4303-9116-2D0F89B1ABFF}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1490CABA-A528-4740-A12A-BA763D5293DC}: DhcpNameServer = 212.27.40.241 212.27.40.240
O17 - HKLM\System\CS1\Services\Tcpip\..\{53A4EF06-3D1E-4DE5-B13A-7A69984F2AA3}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{F87C41FB-AF5D-4303-9116-2D0F89B1ABFF}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{53A4EF06-3D1E-4DE5-B13A-7A69984F2AA3}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{F87C41FB-AF5D-4303-9116-2D0F89B1ABFF}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\PROGRA~3\{4C2CA~1\192~1.1\radi.dll
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Optimizer Pro Crash Monitor (8df1bcd0) . (...) - c:\Program Files\Optimizer Pro 3.38\OptProMon.dll =>PUP.OptimizerPro
O23 - Service: ClaraUpdater (ClaraUpdater) . (.ClaraLabs - ClaraUpdater.) - C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab
O23 - Service: Search Protect Service (CltMngSvc) . (...) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect
O23 - Service: Surge Protector Job (cozydiju) . (...) - C:\Users\luckas\AppData\Local\D5E02E06-1425205472-11E0-BC07-68C25F0640B2\snswF516.tmp
O23 - Service: Socket Maximise (docojino) . (...) - C:\Users\luckas\AppData\Roaming\D5E02E06-1425205365-11E0-BC07-68C25F0640B2\nsv7B0E.tmpfs
O23 - Service: Quick Ref 1.10.0.9 Client Service (qrsvc_1.10.0.9) . (.Quick Ref - Quick Ref Client Service.) - C:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe =>PUP.QuickRef
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
O23 - Service: stdmfpam (stdmfpam) . (...) - C:\Program Files\HomeTab\stdmfpam.dll =>PUP.CertifiedToolbar
O23 - Service: SWUpdaterSvc (SWUpdater) . (.Weather Protector LLC - SW Updater Service.) - C:\Program Files\StormWatch\SWUpdaterSvc.exe =>PUP.StormWatch
O23 - Service: UUYtIrcP (UUYtIrcP) . (.Useful Technology - BreakingNewsAlert Service.) - C:\ProgramData\GfAFsdMjKJF\UUYtIrcP.exe =>PUP.BreakingNewsAlert
O23 - Service: Wajam Web Enhancer (Wajam Web Enhancer) . (...) - C:\Program Files\WajaWebEnhancer\wajam.exe =>PUP.Wajam
O23 - Service: Zoom In Colour Scheme (wisewife) . (...) - C:\Users\luckas\AppData\Roaming\D5E02E06-1425205365-11E0-BC07-68C25F0640B2\jnsqAB09.tmp
~ Services: 16 Legitimates Filtered in 00mn 02s



---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-1-6.job [3110]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-1-6 [3110]
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-1-7.job [3446]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-1-7 [3446]
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-10_user.job [2084]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-10_user [2084]
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-11.job [5156] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-11 [5156] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-4.job [4466] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-4 [4466] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5.job [2418] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5 [2418] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5_user.job [2418] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5_user [2418] =>PUP.CrossRider
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\APSnotifierPP1.job [366] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\System32\Tasks\APSnotifierPP1 [366] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\Tasks\APSnotifierPP2.job [364] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\System32\Tasks\APSnotifierPP2 [364] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\Tasks\APSnotifierPP3.job [364] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\System32\Tasks\APSnotifierPP3 [364] =>PUP.AnyProtect
O39 - APT: - (..) -- C:\Windows\Tasks\Binkiland.job [296] =>PUP.Binkiland
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Binkiland [296] =>PUP.Binkiland
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [930] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [930] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [934] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [934] =>PUP.GlobalUpdate
O39 - APT: - (..) -- C:\Windows\Tasks\RegClean Pro_DEFAULT.job [248] =>Rogue.RegistryPowerCleaner
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RegClean Pro_DEFAULT [248] =>Rogue.RegistryPowerCleaner
O39 - APT: - (..) -- C:\Windows\Tasks\RegClean Pro_UPDATES.job [256] =>Rogue.RegistryPowerCleaner
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RegClean Pro_UPDATES [256] =>Rogue.RegistryPowerCleaner
O39 - APT: - (..) -- C:\Windows\Tasks\RPRP.job [1338]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\RPRP [1338]
O39 - APT: - (..) -- C:\Windows\Tasks\Wse_taplika.job [296] =>PUP.Taplika
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Wse_taplika [296] =>PUP.Taplika
~ Scheduled Task: 18 Legitimates Filtered in 00mn 00s



---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (cherimoya) . (. - .) - C:\Windows\System32\drivers\cherimoya.sys (.not file.)
O41 - Driver: (pfnfd_1_10_0_9) . (. - .) - C:\Windows\System32\drivers\pfnfd_1_10_0_9.sys (.not file.) =>PUP.CrossRider
O41 - Driver: (qrnfd_1_10_0_9) . (.Quick Ref - Quick Ref Driver x86.) - C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys =>PUP.QuickRef
O41 - Driver: ({0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w.sys =>PUP.LinkiDoo
O41 - Driver: ({81221a42-ae9b-4e05-8ee0-5f627b0764b6}w) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{81221a42-ae9b-4e05-8ee0-5f627b0764b6}w.sys =>PUP.LinkiDoo
O41 - Driver: ({e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw.sys =>PUP.LinkiDoo
O41 - Driver: ({e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw.sys =>PUP.LinkiDoo
~ Drivers: 84 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: BoBrowser - (.BoBrowser.) [HKCU] -- BoBrowser =>PUP.BoBrowser
O42 - Logiciel: BrowserTexting - (."".) [HKLM] -- {FE139F4C-CE5B-121A-8A2D-191FA2226094}
O42 - Logiciel: GU Player (remove only) - (...) [HKLM] -- GU Player =>PUP.GUPlayer
O42 - Logiciel: GetTheDiscount - (.GetTheDiscount.) [HKLM] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1
O42 - Logiciel: HQV1.3V03.03 - (.HQV1.3V03.03.) [HKLM] -- HQV1.3V03.03
O42 - Logiciel: HomeTab 7.5 - (.One Floor App.) [HKLM] -- {c84e5f97-5b19-44e9-b487-1c6796dbb310}_is1 =>PUP.CertifiedToolbar
O42 - Logiciel: News Alert - (.Useful Technology.) [HKLM] -- BreakingNewsAlert =>PUP.BreakingNewsAlert
O42 - Logiciel: Quick Ref 1.10.0.9 - (.Quick Ref.) [HKLM] -- QuickRef_1.10.0.9 =>PUP.QuickRef
O42 - Logiciel: RegClean-Pro - (.systweak.com.) [HKLM] -- RegClean-Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: Search Protect - (.Client Connect LTD.) [HKLM] -- SearchProtect =>PUP.SearchProtect
O42 - Logiciel: WSE_Taplika - (.WSE_Taplika.) [HKLM] -- WSE_Taplika =>PUP.Taplika
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam Web Enhancer =>PUP.Wajam
O42 - Logiciel: WindApp - (.Store.) [HKCU] -- WindApp
O42 - Logiciel: eFix Pro - (.Reimage.) [HKLM] -- eFix Pro =>Rogue.ReimageRepair
~ Logic: 27 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AnyProtect] =>PUP.AnyProtect
[HKCU\Software\Binkiland Browser] =>PUP.Binkiland
[HKCU\Software\Boxore] =>Adware.Boxore
[HKCU\Software\Browser]
[HKCU\Software\CleanerProConfig]
[HKCU\Software\CleanerProLanguage]
[HKCU\Software\DoctorPCConfig]
[HKCU\Software\DoctorPCLanguage]
[HKCU\Software\GoHDV01.03-nv-ie] =>PUP.CrossRider
[HKCU\Software\HQCinemaPro2.1V01.03]
[HKCU\Software\HQV1.3V03.03-nv-ie]
[HKCU\Software\HQV1.3V03.03]
[HKCU\Software\HQVideo_7.1dV01.03-nv-ie]
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\I - Cinema-nv-ie] =>PUP.CrossRider
[HKCU\Software\I-Cinema] =>PUP.CrossRider
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\OB]
[HKCU\Software\ProductSetup]
[HKCU\Software\RPRP]
[HKCU\Software\Reg]
[HKCU\Software\Store] =>PUP.Nosibay
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\Taplika Browser] =>PUP.Taplika
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\WTools] =>PUP.Nosibay
[HKCU\Software\WajIEnhance] =>PUP.Wajam
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\eFix]
[HKCU\Software\efixpro] =>Rogue.Rogue.ReimageRepair
[HKCU\Software\wse_taplika] =>PUP.Taplika
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb] =>PUP.CrossRider
[HKLM\Software\Boxore] =>Adware.Boxore
[HKLM\Software\BubbleSound] =>PUP.BubbleSound
[HKLM\Software\Clara]
[HKLM\Software\Doctor PC] =>PUP.DoctorPC
[HKLM\Software\HQV1.3V03.03-nv-ie]
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\ORBTR] =>Toolbar.Conduit
[HKLM\Software\PhraseFinder_1.10.0.9] =>PUP.PhraseFinder
[HKLM\Software\Reg]
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\SiteSee]
[HKLM\Software\SpeedBrowser] =>PUP.SpeedBrowser
[HKLM\Software\StrongSignal] =>PUP.StrongSignal
[HKLM\Software\Tutorials] =>PUP.AgenceExclusive
[HKLM\Software\eFix]
~ Key Software: 198 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 28/02/2015 - 08:16:11 - [] ----D C:\Program Files\BrowserTexting
O43 - CFD: 01/03/2015 - 21:50:43 - [] ----D C:\Program Files\dEaL4reAli =>PUP.Deal4reaL
O43 - CFD: 14/03/2015 - 08:07:07 - [] ----D C:\Program Files\eFix
O43 - CFD: 06/03/2015 - 16:09:17 - [] ----D C:\Program Files\GU Player =>PUP.GUPlayer
O43 - CFD: 13/03/2015 - 06:17:59 - [] ----D C:\Program Files\HomeTab =>PUP.CertifiedToolbar
O43 - CFD: 06/03/2015 - 16:09:17 - [] ----D C:\Program Files\HQV1.3V03.03
O43 - CFD: 09/03/2015 - 10:58:52 - [] ----D C:\Program Files\KingCouoponn =>PUP.KingCoupon
O43 - CFD: 01/03/2015 - 14:33:05 - [] ----D C:\Program Files\ORBTR =>Toolbar.Conduit
O43 - CFD: 06/03/2015 - 16:09:18 - [] ----D C:\Program Files\QuickRef_1.10.0.9 =>PUP.QuickRef
O43 - CFD: 06/03/2015 - 16:09:18 - [] ----D C:\Program Files\RCP
O43 - CFD: 01/03/2015 - 14:33:05 - [] ----D C:\Program Files\Reimage =>Rogue.ReimageRepair
O43 - CFD: 01/03/2015 - 21:32:22 - [] ----D C:\Program Files\shopperz =>PUP.Shopperz
O43 - CFD: 06/03/2015 - 16:09:16 - [] ----D C:\Program Files\SmmaRtCompare =>PUP.SmartCompare
O43 - CFD: 01/03/2015 - 21:42:57 - [] ----D C:\Program Files\ver3CheckMeUp
O43 - CFD: 06/03/2015 - 16:22:45 - [] ----D C:\Program Files\WajaWebEnhancer =>PUP.Wajam
O43 - CFD: 06/03/2015 - 16:09:16 - [] ----D C:\Program Files\WowCoouupoin =>PUP.WOwCoupon
O43 - CFD: 06/03/2015 - 16:09:19 - [] ----D C:\Program Files\WSE_Taplika =>PUP.Taplika
O43 - CFD: 01/03/2015 - 21:47:14 - [] ----D C:\Program Files\Common Files\ClaraUpdater =>Adware.SupTab
O43 - CFD: 10/03/2015 - 21:43:24 - [] ----D C:\ProgramData\17930693880264348336
O43 - CFD: 06/03/2015 - 16:09:20 - [] ----D C:\ProgramData\BreakingNewsAlert =>PUP.BreakingNewsAlert
O43 - CFD: 06/03/2015 - 16:26:59 - [] ----D C:\ProgramData\Browser
O43 - CFD: 03/03/2015 - 12:54:26 - [0] ----D C:\ProgramData\c13db7e8000059aa
O43 - CFD: 07/02/2015 - 21:01:58 - [] ----D C:\ProgramData\c492db0600003767
O43 - CFD: 09/03/2015 - 10:58:52 - [] ----D C:\ProgramData\f8d69f154d6d52b0
O43 - CFD: 11/03/2015 - 20:32:24 - [] ----D C:\ProgramData\fbea293900002f15
O43 - CFD: 06/03/2015 - 16:09:20 - [] ----D C:\ProgramData\GetTheDiscount
O43 - CFD: 06/03/2015 - 16:21:57 - [] ----D C:\ProgramData\GfAFsdMjKJF
O43 - CFD: 14/03/2015 - 08:07:36 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair
O43 - CFD: 01/03/2015 - 14:34:04 - [] ----D C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu
O43 - CFD: 09/02/2015 - 13:42:47 - [] ----D C:\ProgramData\{29eb43f0-0572-1895-29eb-b43f00570fc0}
O43 - CFD: 06/03/2015 - 16:09:20 - [] ----D C:\ProgramData\{4C2CA4EF-1CAE-7569-AD28-05EB7DAAD665}
O43 - CFD: 14/03/2015 - 08:07:11 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eFix Pro
O43 - CFD: 06/03/2015 - 16:09:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 06/03/2015 - 16:09:20 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair
O43 - CFD: 12/04/2011 - 02:44:38 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 02/03/2015 - 09:59:46 - [] -SH-D C:\Users\luckas\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect
O43 - CFD: 05/02/2015 - 14:30:30 - [] ----D C:\Users\luckas\AppData\Roaming\Binkiland =>PUP.Binkiland
O43 - CFD: 01/03/2015 - 10:37:53 - [] ----D C:\Users\luckas\AppData\Roaming\D5E02E06-1425205365-11E0-BC07-68C25F0640B2
O43 - CFD: 06/03/2015 - 16:09:24 - [] ----D C:\Users\luckas\AppData\Roaming\Wse_taplika =>PUP.Taplika
O43 - CFD: 03/03/2015 - 12:18:40 - [0] ----D C:\Users\luckas\AppData\Roaming\WTools =>PUP.Nosibay
O43 - CFD: 02/03/2015 - 09:49:53 - [] ----D C:\Users\luckas\AppData\Local\avayvaxvaa =>PUP.SearchProtect
O43 - CFD: 01/03/2015 - 21:47:18 - [] ----D C:\Users\luckas\AppData\Local\BoBrowser =>PUP.BoBrowser
O43 - CFD: 01/03/2015 - 14:49:14 - [] ----D C:\Users\luckas\AppData\Local\Boxore =>Adware.Boxore
O43 - CFD: 16/03/2015 - 19:52:47 - [] ----D C:\Users\luckas\AppData\Local\BreakingNewsAlert =>PUP.BreakingNewsAlert
O43 - CFD: 05/02/2015 - 14:30:38 - [] ----D C:\Users\luckas\AppData\Local\CleanerPro
O43 - CFD: 12/03/2015 - 06:30:18 - [] ----D C:\Users\luckas\AppData\Local\D5E02E06-1425205472-11E0-BC07-68C25F0640B2
O43 - CFD: 01/03/2015 - 21:41:08 - [] ----D C:\Users\luckas\AppData\Local\Doctor_PC =>PUP.DoctorPC
O43 - CFD: 01/03/2015 - 10:46:50 - [0] ----D C:\Users\luckas\AppData\Local\GGEmpire
O43 - CFD: 01/03/2015 - 10:24:51 - [] ----D C:\Users\luckas\AppData\Local\Pro_PC_Cleaner =>PUP.DoctorPC
O43 - CFD: 13/03/2015 - 12:27:45 - [] ----D C:\Users\luckas\AppData\Local\SmartWeb =>PUP.SmartWeb
O43 - CFD: 13/03/2015 - 12:28:11 - [] ----D C:\Users\luckas\AppData\Local\Taplika =>PUP.Taplika
O43 - CFD: 01/03/2015 - 14:49:31 - [] ----D C:\Users\luckas\AppData\Local\Weather_Protector_LLC =>PUP.StormWatch
O43 - CFD: 06/03/2015 - 16:09:22 - [] ----D C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player =>PUP.GUPlayer
O43 - CFD: 06/03/2015 - 16:09:22 - [] ----D C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware
O43 - CFD: 06/03/2015 - 16:09:23 - [] ----D C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer =>PUP.Wajam
~ Program Folder: 173 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.66B56345B49A9CEDA6906108E8D6F96C] - 01/03/2015 - 21:47:04 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw.sys [43152] =>PUP.LinkiDoo
O44 - LFC:[MD5.DE36C357B57408DA7E832BA9A41BD6BE] - 02/03/2015 - 09:50:09 ---A- . (.OM Inc. - Pas de description.) -- C:\Windows\System32\BDL.dll [318808]
O44 - LFC:[MD5.18CEEB74714E40976F97F405C3161139] - 03/03/2015 - 01:21:12 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw.sys [43152] =>PUP.LinkiDoo
O44 - LFC:[MD5.74D6494C3A37C0BB1AA222FBC8982B61] - 03/03/2015 - 06:39:19 ---A- . (...) -- C:\Windows\System32\BasementDusterOff.ini [8656]
O44 - LFC:[MD5.0F09120B0932A02648C6AFEC265743CA] - 05/03/2015 - 20:09:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{81221a42-ae9b-4e05-8ee0-5f627b0764b6}w.sys [43152] =>PUP.LinkiDoo
O44 - LFC:[MD5.5172F68E363745765BC0A1DC68F252F4] - 08/03/2015 - 14:11:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w.sys [43152] =>PUP.LinkiDoo
O44 - LFC:[MD5.2DB203716CE18186E61BFD7D6D680CA1] - 09/03/2015 - 10:40:45 ---A- . (...) -- C:\Windows\win.ini [505]
O44 - LFC:[MD5.FB3B8BF111E6B1EF3C7004526D35EE87] - 10/03/2015 - 06:59:58 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [34368]
O44 - LFC:[MD5.406E76BE63C65E0BF4B263156320254E] - 14/03/2015 - 08:07:42 ---A- . (...) -- C:\Windows\System32\ScannerSettings [464]
O44 - LFC:[MD5.3E6EC6310448BB8D9C15E8E14C5CC335] - 14/03/2015 - 08:09:59 ---A- . (...) -- C:\Windows\efix.ini [120]
O44 - LFC:[MD5.60614030999AFED4B59144F48D719E9C] - 14/03/2015 - 08:10:22 ---A- . (...) -- C:\Windows\Reimage.ini [144] =>Rogue.ReimageRepair
O44 - LFC:[MD5.EC4F6B60ED53E33D3ADD16061AC762A8] - 14/03/2015 - 08:12:01 ---A- . (...) -- C:\Windows\System32\ScanResults.xml [7332]
O44 - LFC:[MD5.BB1D92F5153E51DCBC2C0E7E3FB03CF1] - 16/03/2015 - 19:48:54 ---A- . (...) -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7 [4]
O44 - LFC:[MD5.41A55CBD7602E220EC8AE433DE1AB889] - 16/03/2015 - 19:53:24 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [21648]
O44 - LFC:[MD5.41A55CBD7602E220EC8AE433DE1AB889] - 16/03/2015 - 19:53:24 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [21648]
O44 - LFC:[MD5.A485D0043D1CE7D30A77722A4A5C83F5] - 16/03/2015 - 19:54:17 ---A- . (...) -- C:\Windows\ntbtlog.txt [97906]
~ Files: 27 Legitimates Filtered in 00mn 01s



---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{59cb2acb-8e12-11e4-af7a-806e6f6e6963}\AutoRun\command. (...) -- D:\Autorun.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:06/02/2015 - 20:58:18 ---A- . (.Quick Ref - Quick Ref Driver x86.) -- C:\Windows\System32\Drivers\qrnfd_1_10_0_9.sys [52720] =>PUP.QuickRef
O58 - SDL:14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:15/08/2014 - 22:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:08/03/2015 - 14:11:56 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w.sys [43152] =>PUP.LinkiDoo
O58 - SDL:05/03/2015 - 20:09:34 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{81221a42-ae9b-4e05-8ee0-5f627b0764b6}w.sys [43152] =>PUP.LinkiDoo
O58 - SDL:01/03/2015 - 10:25:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:03/03/2015 - 01:21:12 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw.sys [43152] =>PUP.LinkiDoo
O58 - SDL:13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 70 Legitimates Filtered in 00mn 03s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 06/02/2015 - C:\Windows\System32\drivers\qrnfd_1_10_0_9.sys (qrnfd_1_10_0_9) .(.Quick Ref - Quick Ref Driver x86.) - LEGACY_QRNFD_1_10_0_9 =>PUP.QuickRef
O64 - Services: CurCS - 08/03/2015 - C:\Windows\System32\drivers\{0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w.sys ({0be0f2c5-d82f-4cdd-9fb1-d62b99b9ce72}w) .(.StdLib - StdLib.) - LEGACY_{0BE0F2C5-D82F-4CDD-9FB1-D62B99B9CE72}W =>PUP.LinkiDoo
O64 - Services: CurCS - 05/03/2015 - C:\Windows\System32\drivers\{81221a42-ae9b-4e05-8ee0-5f627b0764b6}w.sys ({81221a42-ae9b-4e05-8ee0-5f627b0764b6}w) .(.StdLib - StdLib.) - LEGACY_{81221A42-AE9B-4E05-8EE0-5F627B0764B6}W =>PUP.LinkiDoo
O64 - Services: CurCS - 01/03/2015 - C:\Windows\System32\drivers\{e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw.sys ({e84b220f-648a-4f9d-9211-7ac9cf1a7378}Gw) .(.StdLib - StdLib.) - LEGACY_{E84B220F-648A-4F9D-9211-7AC9CF1A7378}GW =>PUP.LinkiDoo
O64 - Services: CurCS - 03/03/2015 - C:\Windows\System32\drivers\{e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw.sys ({e972328a-9e8b-46ba-8a9f-3b8c738087b8}Gw) .(.StdLib - StdLib.) - LEGACY_{E972328A-9E8B-46BA-8A9F-3B8C738087B8}GW =>PUP.LinkiDoo
~ Legacy: 115 Legitimates Filtered in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\luckas\AppData\Local\CrossBrowser\Application\crossbrowser.exe (.not file.) =>PUP.CrossBrowser
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Binkiland) - http://binkiland.com =>PUP.Binkiland
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Taplika) - http://taplika.com =>PUP.Taplika
O69 - SBI: SearchScopes [HKCU] {0b4d26f6-61a8-4463-99dd-5f2fe0400fa6} - (Binkiland) - http://binkiland.com =>PUP.Binkiland
O69 - SBI: SearchScopes [HKCU] {114DB5FA-0AFB-BB92-A75B-F44D3CE875CD} - (Trovi) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (sweet-page) - http://www.sweet-page.com =>PUP.SweetPage
O69 - SBI: SearchScopes [HKCU] {589B893E-773C-4941-88C2-0DCC718E621C} - (Trovi) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://search.certified-toolbar.com =>PUP.CertifiedToolbar
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.4B77149D9B676867A14BA348BE30F08B] [SPRF][03/03/2015] (.HQV1.3V03.03 - HQV1.3V03.03 exe.) -- C:\Users\luckas\AppData\Roaming\RPRP.exe [1976280]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{E9F08BF6-F523-48CA-A813-A0C609708B11}" | In - None - P17 - TRUE | .(.The BoBrowser Authors - BoBrowser.) -- C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser
~ Firewall: 1 Legitimates Filtered in 00mn 01s



---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:060df2cd="alAl/YP/b/Af/X6/UxAp/X2/GxAk////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:0c230bcb="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:0dc3ee96="/P////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:0e93c3f3="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:1520c6f1="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:1c311243="alAl/YP/b/Af/X6/clAu/XZ/UxAp/X2/GxAk////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:27ddcf6f="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:2d71d5ab="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:2e22d94e="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:340d3099="/P////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:37b7a6d8="UlAr/XJ/c//k////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:38583bc3="Ml/2/CF/M//g/CZ////%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:3c09c42b="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:414bc593="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:48bd1aff="VP/l/C//N//l////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:51d2f2ea="IlAl/YP/HPAi/Xt/dxAu/YZ/J/Af/X6/Z/AM/X6/axAp/YP/alAf/Xt/axAr/B//VP/j/Cx/V//j/CZ/V//g/CF///
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:587b5709="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:6185d035="VP/h/CP/V//l////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:65114b36="VP/+////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:72758a5d="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:7367429f="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:7f69fa1f="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:8b9e4cbc="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:a0743acc="N/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:a1dcff5b="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:a2e3b941="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:bbf88800="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:c24899a6="VP/g/CV/Vl/1/CF////%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:c5705860="Vx////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:c6c5dd44="V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:c99a5f5c="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:d1abcdb6="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:d94388d2="alAl/YP/b/Af/X6/clAu/XZ/UxAp/X2/GxAk////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:e46c271e="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:e8f9dcc7="UlAr/XJ/c//k////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:f0bf0bde="///%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:f1f24e29="Vl/l/C/////%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:f2c53c49="UlAr/XJ/c//k////"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:f6ad6fa6="VP/l/C//V/////%%"
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb\42331239374832240\eae10f9d]:fe94ce1e="V/////%%"
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.854A87AFC88107DD499487FD6291611F] [WIS][01/03/2015] (.The Software Group - Software Update Helper.) -- C:\Windows\Installer\3b080.msi [45056] =>Adware.Boxore
~ WIS: 1 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\avayvaxvaa_RASAPI32 =>PUP.SearchProtect
HKLM\SOFTWARE\Microsoft\Tracing\avayvaxvaa_RASMANCS =>PUP.SearchProtect
HKLM\SOFTWARE\Microsoft\Tracing\Binkiland_RASAPI32 =>PUP.Binkiland
HKLM\SOFTWARE\Microsoft\Tracing\Binkiland_RASMANCS =>PUP.Binkiland
HKLM\SOFTWARE\Microsoft\Tracing\BoBrowser04_12-6c3841b8_RASAPI32 =>PUP.BoBrowser
HKLM\SOFTWARE\Microsoft\Tracing\BoBrowser04_12-6c3841b8_RASMANCS =>PUP.BoBrowser
HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASAPI32 =>Adware.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\boxore_RASMANCS =>Adware.Boxore
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock BSetup_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock Update_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASAPI32 =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\Bubble Dock_RASMANCS =>PUP.BubbleDock
HKLM\SOFTWARE\Microsoft\Tracing\ClaraUpdater_RASAPI32 =>Adware.SupTab
HKLM\SOFTWARE\Microsoft\Tracing\ClaraUpdater_RASMANCS =>Adware.SupTab
HKLM\SOFTWARE\Microsoft\Tracing\eFixPro(1)_RASAPI32 =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\eFixPro(1)_RASMANCS =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\eFixProMain_RASAPI32 =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\eFixProMain_RASMANCS =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\eFixProPackage_RASAPI32 =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\eFixProPackage_RASMANCS =>Rogue.Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\gmsd_fr_266_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\gmsd_fr_266_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32 =>PUP.CertifiedToolbar
HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS =>PUP.CertifiedToolbar
HKLM\SOFTWARE\Microsoft\Tracing\Jan14_corfr_sweet-page_RASAPI32 =>PUP.SweetPage
HKLM\SOFTWARE\Microsoft\Tracing\Jan14_corfr_sweet-page_RASMANCS =>PUP.SweetPage
HKLM\SOFTWARE\Microsoft\Tracing\OptimizerPro_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\OptimizerPro_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\OptProStart_RASAPI32 =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\OptProStart_RASMANCS =>PUP.OptimizerPro
HKLM\SOFTWARE\Microsoft\Tracing\package_BubbleSound_installer_multilang_RASAPI32 =>PUP.BubbleSound
HKLM\SOFTWARE\Microsoft\Tracing\package_BubbleSound_installer_multilang_RASMANCS =>PUP.BubbleSound
HKLM\SOFTWARE\Microsoft\Tracing\package_taplika_installer_multilang_RASAPI32 =>PUP.Taplika
HKLM\SOFTWARE\Microsoft\Tracing\package_taplika_installer_multilang_RASMANCS =>PUP.Taplika
HKLM\SOFTWARE\Microsoft\Tracing\PCSpeedMaximizer_RASAPI32 =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Microsoft\Tracing\PCSpeedMaximizer_RASMANCS =>Rogue.PCSpeedMaximizer
HKLM\SOFTWARE\Microsoft\Tracing\phrasefinder-setup-1_RASAPI32 =>PUP.PhraseFinder
HKLM\SOFTWARE\Microsoft\Tracing\phrasefinder-setup-1_RASMANCS =>PUP.PhraseFinder
HKLM\SOFTWARE\Microsoft\Tracing\predm_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\predm_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\ReimageRepair[1]_RASAPI32 =>Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\ReimageRepair[1]_RASMANCS =>Rogue.ReimageRepair
HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASAPI32 =>PUP.SearchProtect
HKLM\SOFTWARE\Microsoft\Tracing\SearchProtectINT_RASMANCS =>PUP.SearchProtect
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools Uninstall_RASAPI32 =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools Uninstall_RASMANCS =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools Update_RASAPI32 =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools Update_RASMANCS =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools_RASAPI32 =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\Selection Tools_RASMANCS =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\SmartWebApp_RASAPI32 =>PUP.SmartWeb
HKLM\SOFTWARE\Microsoft\Tracing\SmartWebApp_RASMANCS =>PUP.SmartWeb
HKLM\SOFTWARE\Microsoft\Tracing\StormWatchApp_RASAPI32 =>PUP.StormWatch
HKLM\SOFTWARE\Microsoft\Tracing\StormWatchApp_RASMANCS =>PUP.StormWatch
HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASAPI32 =>PUP.StormWatch
HKLM\SOFTWARE\Microsoft\Tracing\StormWatch_RASMANCS =>PUP.StormWatch
HKLM\SOFTWARE\Microsoft\Tracing\taplika_soft_partner_RASAPI32 =>PUP.Taplika
HKLM\SOFTWARE\Microsoft\Tracing\taplika_soft_partner_RASMANCS =>PUP.Taplika
HKLM\SOFTWARE\Microsoft\Tracing\upgmsd_fr_266_RASAPI32 =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\upgmsd_fr_266_RASMANCS =>PUP.CrossRider
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\uTorrent_RASMANCS =>P2P.µTorrent
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASAPI32 =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\VOPackage_RASMANCS =>Adware.Downware
HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_v2_RASAPI32 =>PUP.Wajam
HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_v2_RASMANCS =>PUP.Wajam
HKLM\SOFTWARE\Microsoft\Tracing\WindApp Update_RASAPI32 =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\WindApp Update_RASMANCS =>PUP.Nosibay
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASAPI32 =>PUP.WpManager
HKLM\SOFTWARE\Microsoft\Tracing\wpm_v20_RASMANCS =>PUP.WpManager
~ BTK: 453 Legitimates Filtered in 00mn 00s



---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate
[HKCR\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c}] (Strong Signal) =>PUP.StrongSignal
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate
[HKCR\CLSID\{db17986c-1bb1-4523-bd7c-55575f7974e9}] (HomeTab) =>PUP.CertifiedToolbar
[HKCR\CLSID\{e36b066e-9cfb-49e3-92b8-01324359020f}] (dEaL4reAli) =>PUP.Deal4reaL
~ BCK: 4340 Legitimates Filtered in 00mn 09s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Auto 07/02/2015 1633848 | (8df1bcd0) . (...) - c:\Program Files\Optimizer Pro 3.38\OptProMon.dll =>PUP.OptimizerPro
SS - | Auto 03/12/2014 81088 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 04/02/2015 267440 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 19/01/2015 60744 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 01/03/2015 328304 | (ClaraUpdater) . (.ClaraLabs.) - C:\Program Files\Common Files\ClaraUpdater\ClaraUpdater.exe =>Adware.SupTab
SS - | Auto 22/07/1658 2948880 | (CltMngSvc) . (...) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect
SS - | Auto 01/03/2015 141312 | (cozydiju) . (...) - C:\Users\luckas\AppData\Local\D5E02E06-1425205472-11E0-BC07-68C25F0640B2\snswF516.tmp
SS - | Auto 01/03/2015 124416 | (docojino) . (...) - C:\Users\luckas\AppData\Roaming\D5E02E06-1425205365-11E0-BC07-68C25F0640B2\nsv7B0E.tmpfs
SS - | Disabled 03/03/2015 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Disabled 03/03/2015 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate
SS - | Demand 27/01/2015 540968 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 15/10/2014 2117448 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SS - | Demand 09/03/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 06/02/2015 278592 | (qrsvc_1.10.0.9) . (.Quick Ref.) - C:\Program Files\QuickRef_1.10.0.9\Service\qrsvc.exe =>PUP.QuickRef
SS - | Auto 14/01/2015 6079848 | (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
SS - | Auto 03/03/2015 61728 | (stdmfpam) . (...) - C:\Program Files\HomeTab\stdmfpam.dll =>PUP.CertifiedToolbar
SS - | Auto 22/11/2014 17584 | (SWUpdater) . (.Weather Protector LLC.) - C:\Program Files\StormWatch\SWUpdaterSvc.exe =>PUP.StormWatch
SS - | Auto 03/03/2015 2733536 | (UUYtIrcP) . (.Useful Technology.) - C:\ProgramData\GfAFsdMjKJF\UUYtIrcP.exe
SS - | Auto 06/03/2015 1324544 | (Wajam Web Enhancer) . (...) - C:\Program Files\WajaWebEnhancer\wajam.exe =>PUP.Wajam
SS - | Auto 01/03/2015 174592 | (wisewife) . (...) - C:\Users\luckas\AppData\Roaming\D5E02E06-1425205365-11E0-BC07-68C25F0640B2\jnsqAB09.tmp
SS - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 11s



---\\ Scan Additionnel (O88)
Database Version : 13008 - (15/03/2015)
Clés trouvées (Keys found) : 62
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 38
Fichiers trouvés (Files found) : 58

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB17986C-1BB1-4523-BD7C-55575F7974E9}] =>PUP.CertifiedToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\8df1bcd0] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\ClaraUpdater] =>Adware.SupTab^
[HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>PUP.SearchProtect^
[HKLM\SYSTEM\CurrentControlSet\Services\qrsvc_1.10.0.9] =>PUP.QuickRef^
[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^
[HKLM\SYSTEM\CurrentControlSet\Services\stdmfpam] =>PUP.CertifiedToolbar^
[HKLM\SYSTEM\CurrentControlSet\Services\SWUpdater] =>PUP.StormWatch^
[HKLM\SYSTEM\CurrentControlSet\Services\UUYtIrcP] =>PUP.BreakingNewsAlert^
[HKLM\SYSTEM\CurrentControlSet\Services\Wajam Web Enhancer] =>PUP.Wajam^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\BoBrowser] =>PUP.BoBrowser^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GU Player] =>PUP.GUPlayer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{c84e5f97-5b19-44e9-b487-1c6796dbb310}_is1] =>PUP.CertifiedToolbar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BreakingNewsAlert] =>PUP.BreakingNewsAlert^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\QuickRef_1.10.0.9] =>PUP.QuickRef^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean-Pro_is1] =>Rogue.RegistryPowerCleaner^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.SearchProtect^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Taplika] =>PUP.Taplika^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam Web Enhancer] =>PUP.Wajam^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eFix Pro] =>Rogue.ReimageRepair^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\optimizerpro_RASMANCS] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Tracing\optimizerpro_RASAPI32] =>PUP.OptimizerPro
[HKCU\Software\Boxore] =>Adware.Boxore
[HKLM\Software\Boxore] =>Adware.Boxore
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Tracing\optprostart_RASMANCS] =>PUP.OptimizerPro
[HKLM\Software\Microsoft\Tracing\optprostart_RASAPI32] =>PUP.OptimizerPro
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}] =>Adware.PredictAd
[HKLM\Software\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}] =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}] =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}] =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}] =>Adware.PredictAd
[HKLM\Software\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.Band] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.Band.1] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.NotificationSource.1] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.SourceSinkImpl.1] =>Adware.PredictAd
[HKLM\Software\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.ToolbarInfo] =>Adware.PredictAd
[HKLM\Software\Classes\wtb.ToolbarInfo.1] =>Adware.PredictAd
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater] =>Hijacker.Eazel
[HKCU\Software\HomeTab] =>PUP.CertifiedToolbar
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{db17986c-1bb1-4523-bd7c-55575f7974e9} =>PUP.CertifiedToolbar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:gmsd_fr_266 =>PUP.CrossRider^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:Binkiland =>PUP.Binkiland^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:Binkiland =>PUP.Binkiland^
C:\Program Files\dEaL4reAli =>PUP.Deal4reaL^
C:\Program Files\GU Player =>PUP.GUPlayer^
C:\Program Files\HomeTab =>PUP.CertifiedToolbar^
C:\Program Files\KingCouoponn =>PUP.KingCoupon^
C:\Program Files\ORBTR =>Toolbar.Conduit^
C:\Program Files\QuickRef_1.10.0.9 =>PUP.QuickRef^
C:\Program Files\Reimage =>Rogue.ReimageRepair^
C:\Program Files\shopperz =>PUP.Shopperz^
C:\Program Files\SmmaRtCompare =>PUP.SmartCompare^
C:\Program Files\WajaWebEnhancer =>PUP.Wajam^
C:\Program Files\WowCoouupoin =>PUP.WOwCoupon^
C:\Program Files\WSE_Taplika =>PUP.Taplika^
C:\Program Files\Common Files\ClaraUpdater =>Adware.SupTab^
C:\ProgramData\BreakingNewsAlert =>PUP.BreakingNewsAlert^
C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^
C:\ProgramData\WindowsMangerProtect =>PUP.Fuyu^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair^
C:\Users\luckas\AppData\Roaming\AnyProtectEx =>PUP.AnyProtect^
C:\Users\luckas\AppData\Roaming\Binkiland =>PUP.Binkiland^
C:\Users\luckas\AppData\Roaming\Wse_taplika =>PUP.Taplika^
C:\Users\luckas\AppData\Roaming\WTools =>PUP.Nosibay^
C:\Users\luckas\AppData\Local\avayvaxvaa =>PUP.SearchProtect^
C:\Users\luckas\AppData\Local\BoBrowser =>PUP.BoBrowser^
C:\Users\luckas\AppData\Local\Boxore =>Adware.Boxore^
C:\Users\luckas\AppData\Local\BreakingNewsAlert =>PUP.BreakingNewsAlert^
C:\Users\luckas\AppData\Local\Doctor_PC =>PUP.DoctorPC^
C:\Users\luckas\AppData\Local\Pro_PC_Cleaner =>PUP.DoctorPC^
C:\Users\luckas\AppData\Local\SmartWeb =>PUP.SmartWeb^
C:\Users\luckas\AppData\Local\Taplika =>PUP.Taplika^
C:\Users\luckas\AppData\Local\Weather_Protector_LLC =>PUP.StormWatch^
C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GU Player =>PUP.GUPlayer^
C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage =>Adware.Downware^
C:\Users\luckas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam Web Enhancer =>PUP.Wajam^
C:\Program Files\SearchProtect =>Toolbar.Conduit
C:\Program Files\Software =>Adware.Boxore
C:\Users\luckas\AppData\Local\SearchProtect =>Toolbar.Conduit
C:\Users\luckas\AppData\LocalLow\HomeTab =>PUP.CertifiedToolbar
C:\Users\luckas\AppData\Local\BoBrowser\Application\bobrowser.exe =>PUP.BoBrowser^
C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-11.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-11 =>PUP.CrossRider^
C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-4.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-4 =>PUP.CrossRider^
C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5 =>PUP.CrossRider^
C:\Windows\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5_user.job =>PUP.CrossRider^
C:\Windows\System32\Tasks\6317c8b3-6a02-49c4-9102-80fcf7f360a0-5_user =>PUP.CrossRider^
C:\Windows\Tasks\APSnotifierPP1.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP1 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP2.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP2 =>PUP.AnyProtect^
C:\Windows\Tasks\APSnotifierPP3.job =>PUP.AnyProtect^
C:\Windows\System32\Tasks\APSnotifierPP3 =>PUP.AnyProtect^
C:\Windows\Tasks\Binkiland.job =>PUP.Binkiland^
C:\Windows\System32\Tasks\Binkiland =>PUP.Binkiland^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^
C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^
C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^
C:\Windows\Tasks\RegClean Pro_DEFAULT.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_DEFAULT =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_UPDATES.job =>Rogue.RegistryPowerCleaner^
C:\Windows\System32\Tasks\RegClean Pro_UPDATES =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\Wse_taplika.job =>PUP.Taplika^
C:\Windows\System32\Tasks\Wse_taplika =>PUP.Taplika^
[HKCU\Software\AnyProtect] =>PUP.AnyProtect^
[HKCU\Software\Binkiland Browser] =>PUP.Binkiland^
[HKCU\Software\GoHDV01.03-nv-ie] =>PUP.CrossRider^
[HKCU\Software\I - Cinema-nv-ie] =>PUP.CrossRider^
[HKCU\Software\I-Cinema] =>PUP.CrossRider^
[HKCU\Software\Store] =>PUP.Nosibay^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\Taplika Browser] =>PUP.Taplika^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\WTools] =>PUP.Nosibay^
[HKCU\Software\WajIEnhance] =>PUP.Wajam^
[HKCU\Software\efixpro] =>Rogue.Rogue.ReimageRepair^
[HKCU\Software\wse_taplika] =>PUP.Taplika^
[HKLM\Software\0d02169d-7881-b09b-9768-0054824dcfeb] =>PUP.CrossRider^
[HKLM\Software\BubbleSound] =>PUP.BubbleSound^
[HKLM\Software\Doctor PC] =>PUP.DoctorPC^
[HKLM\Software\ORBTR] =>Toolbar.Conduit^
[HKLM\Software\PhraseFinder_1.10.0.9] =>PUP.PhraseFinder^
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp^
[HKLM\Software\SpeedBrowser] =>PUP.SpeedBrowser^
[HKLM\Software\StrongSignal] =>PUP.StrongSignal^
C:\Windows\Installer\3b080.msi =>Adware.Boxore^
[HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^
[HKCR\CLSID\{c723a437-2eaf-466d-a95b-3fa0966bf88c}] (Strong Signal) =>PUP.StrongSignal^
[HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^
[HKCR\CLSID\{db17986c-1bb1-4523-bd7c-55575f7974e9}] (HomeTab) =>PUP.CertifiedToolbar^
[HKCR\CLSID\{e36b066e-9cfb-49e3-92b8-01324359020f}] (dEaL4reAli) =>PUP.Deal4reaL^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
C:\Users\luckas\AppData\Local\Temp\SearchProtectINT.exe =>Toolbar.Conduit
~ Additionnel Scan: 185962 Items scanned in 00mn 21s



---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s



---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PUP.BoBrowser
http://nicolascoolman.fr/parasite-pugi =>Parasite.Pugi
http://nicolascoolman.fr/adware-boxore =>Adware.Boxore
http://nicolascoolman.fr/pup-certifiedtoolbar =>PUP.CertifiedToolbar
http://nicolascoolman.fr/pup-sweetpage =>PUP.SweetPage
http://www.nicolascoolman.fr/blog/ =>Rogue.Rogue.ReimageRepair
http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
http://www.nicolascoolman.fr/blog/ =>PUP.GUPlayer
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.StormWatch
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.BubbleSound
http://www.nicolascoolman.fr/blog/ =>PUP.Binkiland
http://nicolascoolman.fr/pup-cacaoweb =>PUP.CacaoWeb
http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock
http://www.nicolascoolman.fr/blog/ =>PUP.Nosibay
http://www.nicolascoolman.fr/blog/ =>Adware.SupTab
http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect
http://www.nicolascoolman.fr/blog/ =>PUP.QuickRef
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://www.nicolascoolman.fr/blog/ =>PUP.BreakingNewsAlert
http://nicolascoolman.fr/pup-wajam =>PUP.Wajam
http://nicolascoolman.fr/pup-anyprotect =>PUP.AnyProtect
http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate
http://www.nicolascoolman.fr/blog/ =>PUP.Taplika
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://www.nicolascoolman.fr/blog/ =>PUP.DoctorPC
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://www.nicolascoolman.fr/blog/ =>PUP.PhraseFinder
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://www.nicolascoolman.fr/blog/ =>PUP.SpeedBrowser
http://www.nicolascoolman.fr/blog/ =>PUP.StrongSignal
http://www.nicolascoolman.fr/blog/ =>PUP.Deal4reaL
http://www.nicolascoolman.fr/blog/ =>PUP.KingCoupon
http://www.nicolascoolman.fr/blog/ =>PUP.Shopperz
http://www.nicolascoolman.fr/blog/ =>PUP.SmartCompare
http://www.nicolascoolman.fr/blog/ =>PUP.WOwCoupon
http://www.nicolascoolman.fr/blog/ =>PUP.Fuyu
http://nicolascoolman.fr/pup-smartwebsearch =>PUP.SmartWeb
http://nicolascoolman.fr/adware-downware =>Adware.Downware
http://www.nicolascoolman.fr/blog/ =>PUP.CrossBrowser
http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom
http://nicolascoolman.fr/rogue-pcspeedmaximizer =>Rogue.PCSpeedMaximizer
http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox
~ MSI: 53 link(s) detected in 00mn 00s



~ 775 Legitimates filtered by white list
End of the scan (987 lines in 01mn 00s)(0.6)

Publicité


Signaler le contenu de ce document

Publicité