~ Rapport de ZHPDiag v2014.3.19.15 - Nicolas Coolman (19/03/2014) ~ Lancé par isabelle (20/03/2014 19:32:08) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.16521 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Windows Defender W7 ---\\ Logiciels d'optimisation du système CCleaner v3.02 =>Piriform Ltd ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 12 Plugin ---\\ Informations sur le système ~ Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3839 MB (51% free) System Restore: Activé (Enable) System drive C: has 212 GB (36%) free of 586 GB ---\\ Mode de connexion au système ~ Computer Name: ZAZA ~ User Name: isabelle ~ All Users Names: Mcx1-ZAZA, isabelle, isa, HomeGroupUser$, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\isabelle\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\isabelle\AppData\Roaming\ ~ %Desktop% : C:\Users\isabelle\Desktop\ ~ %Favorites% : C:\Users\isabelle\Favorites\ ~ %LocalAppData% : C:\Users\isabelle\AppData\Local\ ~ %StartMenu% : C:\Users\isabelle\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 212 Go of 586 Go) D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 10 Go) F: CD-ROM drive (Not Inserted) Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 44 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/14 ~ Mes musiques (My Musics) : 12/209 ~ Mes Videos (My Videos) : 1/5 ~ Mes Favoris (My Favorites) : 1/20 ~ Mes Documents (My Documents) : 1/2556 ~ Mon Bureau (My Desktop) : 2/4457 ~ Menu demarrer (Programs) : 1/3 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.9C65C4F46BB75904B8B843724971E020] - (.SEIKO EPSON CORPORATION - MyEpson Portal.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mep.exe [2387520] [PID.1944] [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3996] [MD5.0FF101F5C767393195602237E211B311] - (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe [6123032] [PID.2956] [MD5.70EA13A41C0D9D31343EC203A629F801] - (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe [3209216] [PID.4060] [MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.1952] [MD5.5516C26A6AF8EB4E2CAB48EC98A74398] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [54576] [PID.924] [MD5.A2418D3C557C0A0C634DA713A8AC3789] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336] [PID.3944] [MD5.FB1A303207C1124C2B61A50E5A32AC21] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.3960] [MD5.550B8CB98A8FA1D7A1A7371055A38DDA] - (...) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe [265240] [PID.3860] [MD5.902054D6B4292329F9594FFF24EE02DB] - (...) -- C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe [680984] [PID.1568] [MD5.5331DC9D1C88840326F68C2C531A82A7] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LULnchr.exe [351248] [PID.4736] [MD5.235D42833F2F89083FA70B9787899846] - (.Logitech, Inc. - Logitech Updater.) -- C:\Users\isabelle\AppData\Local\Logitech® Webcam Software\Logishrd\LU2.0\LogitechUpdate.exe [1353232] [PID.4792] [MD5.A9182CE59CFC56F9C1DDE8B3C0AE8378] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [274840] [PID.4248] [MD5.12FD4EF8F2CBBF98E0A5CED88258DDF3] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17816] [PID.5060] [MD5.497E84A1B6767142987A17574C57C04E] - (.Adobe Systems, Inc. - Adobe Flash Player 12.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe [1863560] [PID.3724] [MD5.AF9F5747805B0D152D6DB8D6CEF6DC95] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8360448] [PID.5188] [MD5.67A95B9D129ED5399E7965CD09CF30E7] - (.Logitech Inc. - Logitech User mode UMVPF service.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [450848] [PID.980] [MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1476] [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1884] [MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2008] [MD5.213F5D05EE522E7321C513D4A6A318E0] - (.SEIKO EPSON CORPORATION - MyEpson Portal Service.) -- C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe [703616] [PID.1424] [MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.1532] [MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.2164] [MD5.B94C3C4DCA2093243C76CA218EDE2A97] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [209768] [PID.2508] [MD5.BFDB58616FF5EA540A5F58301D50641E] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [483688] [PID.2752] [MD5.C523F582AB537293844596CE66D76125] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [821664] [PID.3152] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] http://www.awesomehp.com =>PUP.Awesomehp G0 - GCSP: Preference [User Data\Default][HomePage] http://www.awesomehp.com =>PUP.Awesomehp G2 - GCE: Preference [User Data\Default] [lndipknmjijnalnkamonmljeaojdbpna] video-high v.1.26.22, (Activé) =>PUP.CrossRider G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé) G2 - GCE: Preference [User Data\Default] [pbmbgangfmfbhnngbdgkplhjnfoaeihd] i-beta v.0.1.8 (Désactivé) =>PUP.i-Beta G2 - GCE: Preference [User Data\Default] [pelmeidfhdlhlbjimpabfcbnnojbboma] Quick Start v.3.1.3, (Désactivé) ~ Google Browser: 14 Legitimates Filtered in 00mn 01s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\2ruridje.default\prefs.js C:\Users\isabelle\AppData\Roaming\Mozilla\Firefox\Profiles\2ruridje.default\user.js M2 - MFEP: prefs.js [isabelle - 2ruridje.default\{40a1f5d7-afc2-498f-b264-02668d616ff6}] [] Mega Manager Integration v1.1 (..) ~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://www.qvo6.com =>Hijacker.Qvo6 R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp ~ IE Browser: 25 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: cam.lnk . (...) -- C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe O4 - GS\Desktop [Public]: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.) -- C:\Windows\twain_32\escndv\escndv.exe O4 - GS\Desktop [Public]: Euro Truck Simulator.lnk . (...) -- C:\Program Files (x86)\Euro Truck Simulator\eurotrucks.exe O4 - GS\Desktop [Public]: GetDataBack for NTFS.lnk . (.Runtime Software - GetDataBack for NTFS Data Recovery.) -- C:\Program Files (x86)\Runtime Software\GetDataBack for NTFS\gdbnt.exe O4 - GS\Desktop [Public]: HP games.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\Desktop [Public]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.) -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe O4 - GS\Desktop [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus O4 - GS\Program [Public]: LabelPrint.lnk . (.CyberLink Corp. - LabelPrint.) -- C:\Program Files (x86)\Cyberlink\LabelPrint\LabelPrint.exe O4 - GS\Program [Public]: Magic Desktop.lnk . (.EasyBits Software AS - EasyBits Security Shield.) -- C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe =>.EasyBits Software AS O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\Program [Public]: Power2Go.lnk . (.CyberLink Corp. - Power2Go.) -- C:\Program Files (x86)\Cyberlink\Power2Go\Power2Go.exe O4 - GS\Program [Public]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus O4 - GS\QuickLaunch [isabelle]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\QuickLaunch [isabelle]: Video Converter Studio.lnk . (.Apowersoft - Video Converter Studio.) -- C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe O4 - GS\QuickLaunch [isabelle]: Vuze.lnk . (...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) =>P2P.Azureus O4 - GS\TaskBar [isabelle]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\TaskBar [isabelle]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp O4 - GS\Desktop [isabelle]: HP Support Assistant.lnk . (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe =>.Hewlett-Packard Co O4 - GS\QuickLaunch [isa]: France-cotation.lnk - Clé orpheline O4 - GS\QuickLaunch [isa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\TaskBar [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\TaskBar [isa]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O4 - GS\Program [isa]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Program [isa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\SystemTools [isa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Desktop [isa]: Accelerer PC.lnk . (...) -- C:\Program Files (x86)\Accelerer PC\PCSpeedUp-Start.bat "C:\Program Files (x86)\Accelerer PC" "C:\Program Files (x86)\Accelerer PC\PCSpeedUp.xap" PCSU (.not file.) =>Rogue.PCSpeedUp O4 - GS\Desktop [isa]: Assistance Livebox.lnk . (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe O4 - GS\Desktop [isa]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\isabelle\AppData\Local\Google\Chrome\Application\chrome.exe ~ Global Startup: 98 Legitimates Filtered in 00mn 00s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [FullScreen] C:\BLOCK\CFG\flexbuild\FullScreen\launchFS.cmd (.not file.) O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe =>.Hewlett-Packard Co O4 - HKLM\..\RunOnce: [NCPluginUpdater] . (.Hewlett-Packard - NCPluginUpdater.) -- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.) O4 - HKCU\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKCU\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe O4 - HKCU\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation O4 - HKCU\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe =>.PDF Complete Inc O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe =>.EasyBits Software AS O4 - HKLM\..\Wow6432Node\Run: [ORAHSSSessionManager] C:\Program Files (x86)\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe (.not file.) O4 - HKLM\..\Wow6432Node\Run: [LWS] . (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe =>.Logitech Inc O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [fst_fr_50] Clé orpheline =>PUA.FSTfr9 O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\K-Lite Codec Pack\QuickTime\QTTask.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\isabelle\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EasyFlirt Messenger] C:\Program Files (x86)\EasyFlirt Messenger\EasyFlirt Messenger.exe (.not file.) O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Logitech Vid] . (.Logitech Inc. - Logitech Vid HD.) -- C:\Program Files (x86)\Logitech\Vid HD\Vid.exe O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\isabelle\AppData\Local\Facebook\Update\FacebookUpdate.exe O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [DriverBoost] . (.PC Drivers Headquarters - DriverBoost.) -- C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [ares] . (.Ares Development Group - Ares p2p for windows.) -- C:\Program Files (x86)\Ares\Ares.exe O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000001] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation O4 - HKUS\S-1-5-21-2186549345-3802387882-2836175870-1005\..\Run: [EPLTarget\P0000000000000002] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILFE.exe =>.Epson Seiko Corporation ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{02A1085A-4D36-4A06-8E86-3CB4246DD49F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{F62D9A33-ECC1-4437-9B7F-30C7D4032A76}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job [727] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job [727] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {92D24E67-F95F-41E0-89B6-CE4936AB8F62}.job [913] O39 - APT:Automatic Planified Task - C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {BC96B2D5-71AF-48A9-81D3-9E02F5091E1E}.job [913] [MD5.00000000000000000000000000000000] [APT] [AutoUpdaterTask] (...) -- C:\Program Files (x86)\Auto Updater\AutoUpdater.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{17CB7CA3-3A2F-4389-B851-999DA6072C53}] (...) -- C:\Users\isabelle\Downloads\epson375181eu.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3B78CA07-0D28-49DB-BCB4-B8FE021E2560}] (...) -- E:\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{5153C7ED-5C58-4E37-86ED-AAF712A2AE26}] (...) -- C:\Program Files (x86)\PriceGong\uninst.exe (.not file.) [0] =>Adware.PriceGong [MD5.00000000000000000000000000000000] [APT] [{7537CFB2-0856-43E8-842C-07F14E9F7957}] (...) -- C:\Users\isabelle\AppData\Roaming\awesomehp\UninstallManager.exe (.not file.) [0] =>PUP.Awesomehp [MD5.00000000000000000000000000000000] [APT] [{7C023849-FAE4-46C4-8E71-0CFE7F6C1E52}] (...) -- C:\Users\isabelle\Desktop\zygo\Zygo CP V2008\Autorun.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DD060FEE-904D-4447-9EB8-58DA544D4DE1}] (...) -- C:\Users\isabelle\Downloads\epson324565eu.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{DF4D3D60-0FE6-4190-82CC-414F6DA8E316}] (...) -- C:\Users\isabelle\Downloads\jxpiinstall.exe (.not file.) [0] ~ Scheduled Task: 51 Legitimates Filtered in 00mn 05s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (acpsfniy) . (. - .) - C:\Windows\system32\drivers\acpsfniy.sys (.not file.) O41 - Driver: (cognwcsi) . (. - .) - C:\Windows\system32\drivers\cognwcsi.sys (.not file.) O41 - Driver: (didnuuqs) . (. - .) - C:\Windows\system32\drivers\didnuuqs.sys (.not file.) ~ Drivers: 66 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Accelerer PC - Désinstallation complète - (.Speedchecker Limited.) [HKLM][64Bits] -- PCSU-SL_is1 =>Rogue.PCSpeedUp ~ Logic: 18 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\31255InstEnd] [HKCU\Software\Ares] [HKCU\Software\DM73] [HKCU\Software\ELIGCHK] [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\TVANTS] [HKCU\Software\VIO ;)] [HKCU\Software\lollipop] =>Adware.Lollipop [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Postbox] [HKLM\Software\Wow6432Node\Taronja] [HKLM\Software\Wow6432Node\anset] [HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta ~ Key Software: 241 Legitimates Filtered in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 06/08/2012 - 23:33:08 - [6,885] ----D C:\Program Files (x86)\Ares O43 - CFD: 01/10/2013 - 20:29:53 - [11,962] ----D C:\Program Files (x86)\i-beta =>PUP.i-Beta O43 - CFD: 04/11/2013 - 20:32:18 - [0] ----D C:\Program Files (x86)\qualitink =>Adware.Qualitink O43 - CFD: 03/03/2014 - 22:30:45 - [0,001] ----D C:\ProgramData\Trymedia =>Adware.Trymedia O43 - CFD: 26/01/2014 - 18:01:12 - [43,420] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F} O43 - CFD: 01/10/2013 - 20:29:49 - [0,510] ----D C:\Users\isabelle\AppData\Roaming\Postbox O43 - CFD: 06/08/2012 - 23:33:09 - [0,032] ----D C:\Users\isabelle\AppData\Local\Ares O43 - CFD: 06/02/2014 - 18:51:52 - [0] ----D C:\Users\isabelle\AppData\Local\genienext =>PUP.NextLive O43 - CFD: 09/03/2014 - 22:15:12 - [0] ----D C:\Users\isabelle\AppData\Local\Lollipop =>Adware.Lollipop O43 - CFD: 01/10/2013 - 20:42:57 - [3,961] ----D C:\Users\isabelle\AppData\Local\Postbox ~ 1011 Dossier CLSID vide (CLSID Empty Folder) ~ Program Folder: 1276 Legitimates Filtered in 00mn 16s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{8a936bcf-0b61-11e1-ae93-d48564a3eab8}\AutoRun\command. (...) -- E:\Handset_USB_Driver.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 19 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.2285B31039611D509F6120D691CA661F] - 29/05/2012 - 14:53:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - hpvhd 64bit support driver.) -- C:\Windows\System32\Drivers\cpqdfw.sys [27456] O58 - SDL:[MD5.10FB0FF62AF6262BF88E3607E2AE2A69] - 13/03/2010 - 00:39:14 ---A- . (...) -- C:\Windows\System32\Drivers\cqcpu.sys [24376] O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 25/10/2010 - 10:10:22 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x64).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.9B4B4838A6C8DC97416581C13CB6482C] - 07/03/2011 - 11:18:48 ---A- . (.HandSet Incorporated - HandSet CDROM Filter.) -- C:\Windows\System32\Drivers\massfilter_hs.sys [18456] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392] O58 - SDL:[MD5.FB251567F41BC61988B26731DEC19E4B] - 25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [52736] O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 25/10/2010 - 10:03:52 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392] ~ Drivers: 19 Legitimates Filtered in 00mn 00s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\isa\AppData\Local\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch O69 - SBI: SearchScopes [HKCU] {1945e092-ce7a-4b44-a259-a105b5dab2fd} [DefaultScope] - (lookineo) - http://www.lookineo.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKUS\.DEFAULT] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org O69 - SBI: SearchScopes [HKUS\S-1-5-18] {129A0CE9-13CF-423B-A38E-D1A6B02E2714} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {65793278-18D6-4D6D-AF3D-D81AC9B88FC6} - (Yahoo) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {AF5F7031-EE4E-44C6-AFF5-5C388E256810} - (Wikipedia) - http://fr.wikipedia.org ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.A4DFEE10D53C16EED2363A9ABEC4AD9F] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597050.bdinstall.bin [502] [MD5.E6729F8E631FC594B6C1375A11C193A8] [SPRF][04/11/2013] (...) -- C:\ProgramData\1383597129.bdinstall.bin [834741] [MD5.072B56CA1FE651298CFB681F5407ABAE] [SPRF][05/11/2013] (...) -- C:\ProgramData\1383684367.bdinstall.bin [244527] [MD5.3B770B147655176DC2F3292A9FCFED03] [SPRF][03/03/2014] (...) -- C:\Users\isabelle\Desktop\ets_1_3_setup.exe [125105248] ~ Files: 6 Legitimates Filtered in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{ABA6DC3D-67A1-4275-ABA0-7E66D54D63F4}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe (.not file.) =>Adware.SPointer O87 - FAEL: "{05730460-118E-4391-B0F6-FD7827CD7602}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\CrazyLoader\crazyloader.exe (.not file.) =>Adware.SPointer O87 - FAEL: "TCP Query User{2D9B3116-26F1-48C2-9241-10CC2A2F8A79}C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.) O87 - FAEL: "UDP Query User{D96C7DE5-F58E-458D-8D39-78D0DE3B2A31}C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\isabelle\appdata\local\temp\jdic_0_9_5\ieembed.exe (.not file.) O87 - FAEL: "{75462256-6137-4D71-A48B-7C58C942431B}" |In - Private - P6 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\VideoToMp3Setup.exe (.not file.) O87 - FAEL: "{6F92AB56-43A2-4BE9-806D-0CD0CC34F557}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\VideoToMp3Setup.exe (.not file.) O87 - FAEL: "{27BFB168-DF7A-4A19-A5EC-F3A751BA3EBA}" |In - Private - P6 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\mp4ConverterSetup.exe (.not file.) O87 - FAEL: "{B628B1C6-02E1-43B2-A7BB-C355C4DFCF43}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Documents\Mes téléchargements\mp4ConverterSetup.exe (.not file.) O87 - FAEL: "{ACC05E84-929E-4BE4-B40B-C10F284E95B3}" |In - Private - P6 - TRUE | .(...) -- C:\Users\isabelle\Downloads\SweetImSetup.exe (.not file.) =>PUP.SweetIM O87 - FAEL: "{5F0F90E4-899B-4F93-975D-7923F3FA3C4E}" |In - Private - P17 - TRUE | .(...) -- C:\Users\isabelle\Downloads\SweetImSetup.exe (.not file.) =>PUP.SweetIM O87 - FAEL: "TCP Query User{2D2C734E-4005-404B-BDD9-617A26C9E5FC}C:\program files (x86)\ares\ares.exe" | In - Private - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe O87 - FAEL: "UDP Query User{EDCE86B6-1F35-4C26-9B21-8F7A89E09242}C:\program files (x86)\ares\ares.exe" | In - Private - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe O87 - FAEL: "TCP Query User{8F67961A-A56E-476E-B515-779239719680}C:\program files (x86)\ares\ares.exe" | In - Public - P6 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe O87 - FAEL: "UDP Query User{937A71DE-26EF-4A68-9E9B-4B1FCBEF446E}C:\program files (x86)\ares\ares.exe" | In - Public - P17 - TRUE | .(.Ares Development Group - Ares p2p for windows.) -- C:\program files (x86)\ares\ares.exe O87 - FAEL: "{0C83194D-285E-4CAC-873D-4984DD6060C7}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity O87 - FAEL: "TCP Query User{3816CA54-9B4D-4D35-BCC5-AE690C252A2D}C:\program files (x86)\torntv.com\torntv downloader.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV O87 - FAEL: "UDP Query User{EA2F75DB-C50F-404C-BC24-4076F73F09A9}C:\program files (x86)\torntv.com\torntv downloader.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV O87 - FAEL: "{12C29085-C0D6-40BF-A9B0-94561D472F9C}" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV O87 - FAEL: "{AFFBFF36-367D-46B6-A0A4-A3B022B0F5A9}" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\torntv.com\torntv downloader.exe (.not file.) =>Hijacker.TornTV O87 - FAEL: "{1F28E5FF-5592-4028-B1B2-398972C66D72}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles O87 - FAEL: "{4C6D6F62-944D-41CE-8192-A6121C830DF5}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles O87 - FAEL: "{F102C023-29E9-43BD-BF55-94D03E50A268}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles O87 - FAEL: "{9C741B53-5C84-4510-8C45-84E62262CEA4}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles ~ Firewall: 293 Legitimates Filtered in 00mn 00s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "2EB48BE813F10594388D2C119A0A7893" . (.AM Usb Card Reader Driver.) -- C:\Windows\Installer\{8EB84BE2-1F31-4950-83D8-C211A9A08739}\ARPPRODUCTICON.exe O90 - PUC: "9B803B3A69EB433418F6D3281BA9D72E" . (.Software Updater.) -- C:\Windows\Installer\{A3B308B9-BE96-4334-816F-3D82B19A7DE2}\icon.ico ~ Update Products: 136 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.71D9872F3952C0FB64CB6100423520E8] [WIS][12/04/2010] (.Alcor - Blank Project Template.) -- C:\Windows\Installer\115d8.msi [1289216] [MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][21/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\2c9b7ace.msi [45056] =>Adware.Boxore [MD5.570FBA4141DC67442444045E7A82BF9B] [WIS][06/08/2012] (.DriverBoost - DriverBoost.) -- C:\Windows\Installer\77755.msi [4011520] ~ WIS: 140 Legitimates Filtered in 00mn 02s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe SS - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe SS - | Demand 18/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 20/05/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Auto 02/02/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 17/05/2012 144560 | (EpsonScanSvc) . (.Seiko Epson Corporation.) - C:\Windows\system32\EscSvc64.exe SR - | Auto 11/01/2007 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe SR - | Auto 15/04/2013 152640 | (EPSON_PM_RPCV4_06) . (.SEIKO EPSON CORPORATION.) - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.exe SR - | Auto 10/07/1658 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe =>.EasyBits Software AS SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 01/10/2012 703616 | (MyEPSON Connect Service) . (.SEIKO EPSON CORPORATION.) - C:\Program Files (x86)\EPSON\MyEPSON Connect\mepService.exe SR - | Auto 23/09/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 14/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe SR - | Auto 18/01/2012 450848 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13031 - (19/03/2014) Clés trouvées (Keys found) : 102 Valeurs trouvées (Values found) : 10 Dossiers trouvés (Folders found) : 8 Fichiers trouvés (Files found) : 2 [HKLM\Software\Google\Chrome\Extensions\lndipknmjijnalnkamonmljeaojdbpna] =>PUP.CrossRider^ [HKLM\Software\Google\Chrome\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd] =>PUP.i-Beta^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1] =>Rogue.PCSpeedUp^ [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKCU\Software\lollipop] =>Adware.Lollipop [HKLM\Software\Iminent] =>Adware.IMBooster [HKCU\Software\Softonic] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:fst_fr_50 =>PUA.FSTfr9^ C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lndipknmjijnalnkamonmljeaojdbpna =>PUP.CrossRider^ C:\Users\isabelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbmbgangfmfbhnngbdgkplhjnfoaeihd =>PUP.i-Beta^ C:\Program Files (x86)\i-beta =>PUP.i-Beta^ C:\Program Files (x86)\qualitink =>Adware.Qualitink^ C:\ProgramData\Trymedia =>Adware.Trymedia^ C:\Users\isabelle\AppData\Local\genienext =>PUP.NextLive^ C:\Users\isabelle\AppData\Local\Lollipop =>Adware.Lollipop^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneStopSoft.com =>PUP.Dealio [HKLM\Software\Wow6432Node\i-beta] =>PUP.i-Beta^ C:\Windows\Installer\2c9b7ace.msi =>Adware.Boxore^ ~ Additionnel Scan: 270197 Items scanned in 00mn 16s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/41011964-pup-awesomehp =>PUP.Awesomehp ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider ~ http://nicolascoolman.webs.com/apps/blog/show/33755964-pup-i-beta =>PUP.i-Beta ~ http://nicolascoolman.webs.com/apps/blog/show/26631242-hijacker-qvo6 =>Hijacker.Qvo6 ~ http://nicolascoolman.webs.com/apps/blog/show/27765487-rogue-pcspeedup =>Rogue.PCSpeedUp ~ http://nicolascoolman.webs.com/apps/blog/show/34014358-pua-fstfr9 =>PUA.FSTfr9 ~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/35187538-adware-qualitink =>Adware.Qualitink ~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia ~ http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextLive ~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM ~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity ~ http://nicolascoolman.webs.com/apps/blog/show/27660150-hijacker-torntv =>Hijacker.TornTV ~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles =>Adware.ExpressFiles ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade ~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio ~ MSI: 25 link(s) detected in 00mn 16s ~ 2404 Legitimates filtered by white list End of the scan (673 lines in 01mn 00s)(0)