cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2013.11.4.4 - Nicolas Coolman (04/11/2013)
~ Lancé par Dominique PORTMANN (05/11/2013 21:13:03)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702 (Defaut)
MFIE: Mozilla Firefox 24.0
GCIE: Google Chrome v30.0.1599.101

---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : KO

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ Logiciels d'optimisation du système
CCleaner v3.28 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ Informations sur le système
~ Processor: x86 Family 15 Model 44 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 959 MB (58% free)
System Restore: Activé (Enable)
System drive H: has 38 GB (50%) free of 75 GB

---\\ Mode de connexion au système
~ Computer Name: D-9820A9F4A59F4
~ User Name: Dominique PORTMANN
~ All Users Names: SUPPORT_388945a0, HelpAssistant, Dominique PORTMANN, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : H:\
~ %AppZHP% : H:\Documents and Settings\Dominique PORTMANN\Application Data\ZHP\
~ %AppData% : H:\Documents and Settings\Dominique PORTMANN\Application Data\
~ %Desktop% : H:\Documents and Settings\Dominique PORTMANN\Bureau\
~ %Favorites% : H:\Documents and Settings\Dominique PORTMANN\Favoris\
~ %LocalAppData% : H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\
~ %StartMenu% : H:\Documents and Settings\Dominique PORTMANN\Menu Démarrer\
~ %Windir% : H:\WINDOWS\
~ %System% : H:\WINDOWS\system32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 2 Go of 49 Go)
D: CD-ROM drive (Not Inserted)
E: Hard drive, Flash drive, Thumb drive (Free 4 Go of 100 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Hard drive, Flash drive, Thumb drive (Free 38 Go of 75 Go)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\Explorer.exe [1037824]
[MD5.F8DD21FC65131E064FBF11F01E4F4BFD] - (.Microsoft Corporation - Internet Extensions for Win32.) (.23/09/2013 - 19:23:33.) -- H:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- H:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- H:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- H:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- H:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- H:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 03s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 3/2801
~ Mes musiques (My Musics) : 1/2
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/63
~ Mes Documents (My Documents) : 3/4385
~ Mon Bureau (My Desktop) : 1/657
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 13s



---\\ Processus lancés
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- H:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1228]
[MD5.D40B85303BCFF96A717392B06FB015C4] - (.Freemake - FreemakeUtilsService.) -- H:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [100864] [PID.1888]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- H:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.1968]
[MD5.F67C21CC4195F6AFC447418FE163E156] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5087584] [PID.176]
[MD5.9512B0ED87A530A786B4DDB97D22DB17] - (.TomTom - Windows Service for TomTom HOME.) -- H:\Program Files\TomTom HOME 2\TomTomHOMEService.exe [93072] [PID.400]
[MD5.37F339B64F19E2775284ED7161B96683] - (.Microsoft Corporation - Zune Bus Enumerator Service.) -- h:\Program Files\Zune\ZuneBusEnum.exe [57056] [PID.536]
[MD5.AB055E4E8A49E06469B137C93C8E11C6] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Program Files\TeamViewer\Version8\TeamViewer.exe [12631904] [PID.2188]
[MD5.E623B98CC2F6275C027CCBDF13749A77] - (.TeamViewer GmbH - TeamViewer 8.) -- H:\Program Files\TeamViewer\Version8\tv_w32.exe [195936] [PID.2348]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2856]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.3052]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- H:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3116]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- H:\Program Files\AVAST Software\Avast\avastUI.exe [4767304] [PID.3300]
[MD5.8A6ECE22270BD9D4CFD4553E26B5C69A] - (.ScanSoft, Inc. - OCR Aware.) -- H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [75304] [PID.3564]
[MD5.9B4C1812595C389AB9CCF1FF3B315248] - (.Apple Computer, Inc. - Pas de description.) -- H:\Program Files\QuickTime\qttask.exe [98304] [PID.3600]
[MD5.80FD4D46B0E9B620CF757A9A5C789329] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- H:\WINDOWS\SOUNDMAN.exe [577536] [PID.3644]
[MD5.4E0E89F1073271AA9A810DDD446FF347] - (.S3 Graphics, Inc. - Pas de description.) -- H:\WINDOWS\system32\VTTimer.exe [53248] [PID.3732]
[MD5.5FAE8FCC42B201AA3A9B54F12EB78A50] - (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- H:\WINDOWS\system32\VTtrayp.exe [176128] [PID.3744]
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- H:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe [958576] [PID.3752]
[MD5.5BD2DA256A68E99622D6968330DCC461] - (.Microsoft Corporation - Zune Auto-Launcher.) -- H:\Program Files\Zune\ZuneLauncher.exe [159456] [PID.3776]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.3796]
[MD5.5425B0E1A2FBEE08E5FE3F8A54FE487F] - (.Nokia - Nokia Launch Application.) -- H:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632] [PID.3852]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.3880] =>Toolbar.Google
[MD5.CFBBF2CF26F7E55EC11D4B1DB17A9F38] - (.TomTom - System Tray application for TomTom HOME.) -- H:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208] [PID.3932]
[MD5.C3BB6CF8F9EE199005A2AAE2815AD756] - (.Nokia - ServiceLayer Module.) -- H:\Program Files\PC Connectivity Solution\ServiceLayer.exe [724376] [PID.2248]
[MD5.CE565CA700A87863DC792163E2942628] - (.Nokia - Serial Media Server.) -- H:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe [126872] [PID.2436]
[MD5.A2CB714DCF8F0E134F2429AF673C7C08] - (.Oracle Corporation - Java(TM) Update Checker.) -- H:\Program Files\Fichiers communs\Java\Java Update\jucheck.exe [506744] [PID.3664]
[MD5.DE1CDB333A402B279F04D627122FA08E] - (.Microsoft Corporation - Zune Wireless Configuration Service.) -- h:\Program Files\Zune\ZuneWlanCfgSvc.exe [444640] [PID.3384]
[MD5.E7F68672F1A5616B06C202D4ABF4B696] - (...) -- H:\Program Files\tuto4pc_fr_71\tuto4pc_fr_71.exe [3993072] [PID.4892] =>PUP.Eorezo
[MD5.FA078D37E92E454C8372BEE7C8F6F2BA] - (...) -- H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\tuto4pc_fr_71\upt4pc_fr_71.exe [3154416] [PID.2132] =>PUP.Eorezo
[MD5.89BECCA60E9A652934D65EDB72A438A4] - (.Nicolas Coolman - ZHPDiag.) -- H:\Program Files\ZHPDiag\ZHPDiag.exe [8174080] [PID.1304]
~ Processes Running: Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
H:\Documents and Settings\Dominique PORTMANN\Application Data\Mozilla\Firefox\Profiles\c1mzz1f4.default-1375050201359\prefs.js
H:\Documents and Settings\Dominique PORTMANN\Application Data\Mozilla\Firefox\Profiles\c1mzz1f4.default-1375050201359\user.js
M3 - MFPP: Plugins - [Dominique PORTMANN] -- H:\Documents and Settings\Dominique PORTMANN\Application Data\Mozilla\Firefox\Profiles\c1mzz1f4.default-1375050201359\searchplugins\iminent.xml =>Adware.IMBooster
~ Firefox Browser: 10 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://free.fr
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=H:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=H:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} . (.Pas de propriétaire - Easy-WebPrint EWPBrowseLoader Module.) -- H:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
~ BHO: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- H:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- H:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [AllUsers]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- H:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [AllUsers]: MSN.lnk . (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- H:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe =>.Microsoft Corporation
O4 - GS\Program [AllUsers]: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- H:\Program Files\Messenger\msmsgs.exe
O4 - GS\Program [Dominique PORTMANN]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- H:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Dominique PORTMANN]: Lecteur Windows Media.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- H:\Program Files\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
~ Global Startup: 16 Legitimates Filtered in 00mn 01s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Program [AllUsers]: Microsoft Office.lnk . (.Microsoft Corporation - Microsoft Office 2000 component.) -- H:\Program Files\Microsoft Office\Office\OSA9.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- H:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- H:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O4 - HKLM\..\Run: [OpwareSE4] . (.ScanSoft, Inc. - OCR Aware.) -- H:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe =>.ScanSoft, Inc
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Computer, Inc. - Pas de description.) -- H:\Program Files\QuickTime\qttask.exe
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- H:\WINDOWS\SOUNDMAN.exe
O4 - HKLM\..\Run: [VTTimer] . (.S3 Graphics, Inc. - Pas de description.) -- H:\WINDOWS\system32\VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] . (.S3 Graphics Co., Ltd. - s3contrl (32-bit).) -- H:\WINDOWS\system32\VTtrayp.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- H:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [NSU_agent] . (...) -- H:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe =>.Nokia
O4 - HKLM\..\Run: [Zune Launcher] . (.Microsoft Corporation - Zune Auto-Launcher.) -- h:\Program Files\Zune\ZuneLauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- H:\Program Files\Fichiers communs\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [tuto4pc_fr_71] . (...) -- H:\Program Files\tuto4pc_fr_71\tuto4pc_fr_71.exe =>PUP.Eorezo
O4 - HKLM\..\Run: [upt4pc_fr_71.exe] . (...) -- H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\tuto4pc_fr_71\upt4pc_fr_71.exe =>PUP.Eorezo
O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- H:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] H:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- H:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-73586283-57989841-1801674531-1004\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- H:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
O4 - HKUS\S-1-5-21-73586283-57989841-1801674531-1004\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- H:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-73586283-57989841-1801674531-1004\..\Run: [msnmsgr] H:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-73586283-57989841-1801674531-1004\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-73586283-57989841-1801674531-1004\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- H:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- H:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Piratage de l'Option 'Rétablir les paramètres Web' (O14)
O14 - IERESET.INF: START_PAGE_URL=START_PAGE_URL=http://home.free.fr/
~ IE Paramètres WEB: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{997DE163-D72D-45E0-A126-97118E33CFCF}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{997DE163-D72D-45E0-A126-97118E33CFCF}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{997DE163-D72D-45E0-A126-97118E33CFCF}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- H:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- H:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- H:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- H:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- H:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- H:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- H:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- H:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - H:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Services: 8 Legitimates Filtered in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: FreeBox Pilote USB - (...) [HKLM] -- FreeBoxUSB
O42 - Logiciel: glindorus 1.0.0 - (.glindorus.) [HKLM] -- glindorus =>PUP.Glindorus
O42 - Logiciel: tuto4pc_fr_71 - (.TUTO4PC.) [HKLM] -- tuto4pc_fr_71_is1 =>PUP.Eorezo
~ Logic: 129 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\glindorus] =>PUP.Glindorus
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\TUTO4PC] =>PUP.Eorezo
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
~ Key Software: 181 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 05/11/2013 - 20:02:49 - [0,792] ----D H:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 05/11/2013 - 20:03:16 - [0] ----D H:\Program Files\IminentToolbar =>Adware.IMBooster
O43 - CFD: 30/08/2013 - 18:31:32 - [4,648] ----D H:\Program Files\PDF6
O43 - CFD: 05/11/2013 - 20:10:41 - [6,618] ----D H:\Program Files\tuto4pc_fr_71 =>PUP.Eorezo
O43 - CFD: 05/12/2012 - 11:23:11 - [23,027] -SH-D H:\Documents and Settings\All Users\Application Data\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 05/11/2013 - 19:59:23 - [0,274] ----D H:\Documents and Settings\Dominique PORTMANN\Application Data\Iminent =>Adware.IMBooster
O43 - CFD: 16/09/2013 - 18:51:12 - [0,077] ----D H:\Documents and Settings\Dominique PORTMANN\Application Data\PDF6
O43 - CFD: 05/11/2013 - 20:04:23 - [0] ----D H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Lollipop =>Adware.Lollipop
O43 - CFD: 05/11/2013 - 20:13:53 - [3,011] ----D H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\tuto4pc_fr_71 =>PUP.Eorezo
~ Program Folder: 162 Legitimates Filtered in 00mn 21s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.B5EA82CBF7ECB74362D33E286B9A562E] - 04/11/2013 - 22:25:46 ---A- . (...) -- H:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.02F88E503EE4D04F5A2C870419346E99] - 04/11/2013 - 22:25:49 ---A- . (...) -- H:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.76DFC317FFD6161F43EA46C2291707FB] - 05/11/2013 - 20:02:43 ---A- . (...) -- H:\WINDOWS\system32\InstallUtil.InstallLog [918]
O44 - LFC:[MD5.74E5A2983D77EE8A9FF3A4DB1E459818] - 05/11/2013 - 21:13:22 ---A- . (...) -- H:\Documents [160]
~ Files: 18 Legitimates Filtered in 00mn 02s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{149f97ce-297f-11e2-a717-000fea43a741}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.657A61979F40D67CA29716149766FFA7] - 06/03/2013 - 23:33:24 ---A- . (...) -- H:\WINDOWS\system32\Drivers\aswRvrt.sys [49248]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- H:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: SEAF By C_XX - (.C_XX.) [HKLM] -- SEAF
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 9 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- H:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- H:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- H:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- H:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: prefs.js [Dominique PORTMANN - c1mzz1f4.default-1375050201359] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {06B226AF-7EF7-483E-8E97-A6BE977E2D2B} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.94E28010255D126FE7BFE4E55C06492C] [SPRF][07/11/2012] (.Pas de propriétaire - AVAST Software Setup Engine.) -- H:\Documents and Settings\Dominique PORTMANN\Bureau\avast_free_antivirus_setup.exe [97495576]
[MD5.3383EBF998C499121FB032C172C22431] [SPRF][05/04/2013] (...) -- H:\Documents and Settings\Dominique PORTMANN\Bureau\IKEA_Home_Planner.exe [20470272]
[MD5.F7E5B18B4724023E52FD535F756E8869] [SPRF][11/05/2013] (...) -- H:\Documents and Settings\Dominique PORTMANN\Bureau\setup_Photocite_Collection_48.exe [1593040]
[MD5.968CB5AD19EC73C9C6F991A80CE5F7EC] [SPRF][10/01/2013] (...) -- H:\Documents and Settings\Dominique PORTMANN\Bureau\winmail.dat [22378]
[MD5.A9220115BF8D64017F66887732304B24] [SPRF][04/11/2013] (...) -- H:\Program Files\adwcleaner.exe [1073258]
[MD5.D02522EF74A48A276277BAF017548A22] [SPRF][10/03/2013] (...) -- H:\Program Files\Apache_OpenOffice_incubating_3.4.1_Win_x86_install_fr.exe [126019687]
[MD5.1CA436C06413E94A40A37E1800E4CF11] [SPRF][12/05/2013] (...) -- H:\Program Files\Decoshow_Install.exe [408469507]
[MD5.38615D250BC3F3CD0541048C15339420] [SPRF][10/03/2013] (...) -- H:\Program Files\delfix.exe [706714]
[MD5.252FE1CC9A37497FEEEF7A9FA81874EE] [SPRF][15/03/2013] (.Pas de propriétaire - Installer Application.) -- H:\Program Files\NokiaSoftwareUpdaterSetup_FR.exe [50287448]
[MD5.CBC5B16C7D0B106585D5BD9FB787D9FD] [SPRF][30/08/2013] (.Pas de propriétaire - Installer.) -- H:\Program Files\PDF6Setup.exe [778528]
[MD5.95A960B7C3C05CB9BBF0EDD80086F770] [SPRF][10/03/2013] (.C_XX - SEAF.) -- H:\Program Files\seaf.exe [498868]
[MD5.1F67ED6AF8D93EF6DD626D3EFAEDBB8F] [SPRF][06/01/2013] (.Softonic - Softonic Downloader.) -- H:\Program Files\SoftonicDownloader_pour_windows-live-messenger.exe [373480] =>Toolbar.Conduit
[MD5.2517D996A23694187A0E5C7CEFF9BD10] [SPRF][28/11/2012] (.TeamViewer GmbH - Pas de description.) -- H:\Program Files\TeamViewer_Setup_fr.exe [3934296]
[MD5.229F992A70708FAB32180B338418C312] [SPRF][06/09/2013] (...) -- H:\Program Files\TomTomHOME2winlatest.exe [30914760]
~ Files: 23 Legitimates Filtered in 01mn 42s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 08/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - H:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 06/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - H:\Program Files\AVAST Software\Avast\AvastSvc.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - H:\WINDOWS\system32\dmadmin.exe
SR - | Auto 07/09/2012 100864 | (Freemake Improver) . (.Freemake.) - H:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SS - | Auto 07/11/2012 136176 | (gupdate) . (.Google Inc..) - H:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/11/2012 136176 | (gupdatem) . (.Google Inc..) - H:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 07/11/2012 194032 | (gusvc) . (.Google.) - H:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/04/2013 181664 | (JavaQuickStarterService) . (.Oracle Corporation.) - H:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 28/10/2012 312264 | (maconfservice) . (.CybelSoft.) - H:\Program Files\ma-config.com\maconfservice.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - H:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - H:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 29/10/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - H:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Demand 11/06/2012 724376 | (ServiceLayer) . (.Nokia.) - H:\Program Files\PC Connectivity Solution\ServiceLayer.exe
SR - | Auto 01/10/2013 5087584 | (TeamViewer8) . (.TeamViewer GmbH.) - H:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 02/07/2013 93072 | (TomTomHOMEService) . (.TomTom.) - H:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
~ Services: Scanned in 00mn 10s



---\\ Scan Additionnel (O88)
Database Version : 12971 - (04/11/2013)
Clés trouvées (Keys found) : 67
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 8
Fichiers trouvés (Files found) : 7

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\glindorus] =>PUP.Glindorus^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_71_is1] =>PUP.Eorezo^
[HKLM\Software\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Tutorials] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKCU\Software\USyndication] =>Trojan.USyndication
[HKCU\Software\usyndication.com] =>Trojan.USyndication
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{938958E8-355C-49FF-92B0-53C1B87ACEA9}] =>PUP.SpecialSavings
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\iminent] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\tuto4pc_fr_71_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:tuto4pc_fr_71 =>PUP.Eorezo^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
H:\Program Files\Iminent =>Adware.IMBooster^
H:\Program Files\IminentToolbar =>Adware.IMBooster^
H:\Program Files\tuto4pc_fr_71 =>PUP.Eorezo^
H:\Documents and Settings\Dominique PORTMANN\Application Data\Iminent =>Adware.IMBooster^
H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Lollipop =>Adware.Lollipop^
H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\tuto4pc_fr_71 =>PUP.Eorezo^
H:\Documents and Settings\All Users\Menu Démarrer\Programmes\Tuto4PC =>PUP.Eorezo
H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\Software =>Adware.Boxore
H:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
H:\Program Files\tuto4pc_fr_71\tuto4pc_fr_71.exe =>PUP.Eorezo^
H:\Documents and Settings\Dominique PORTMANN\Local Settings\Application Data\tuto4pc_fr_71\upt4pc_fr_71.exe =>PUP.Eorezo^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKCU\Software\glindorus] =>PUP.Glindorus^
[HKLM\Software\TUTO4PC] =>PUP.Eorezo^
H:\Program Files\SoftonicDownloader_pour_windows-live-messenger.exe =>Toolbar.Conduit^
~ Additionnel Scan: 171201 Items scanned in 00mn 38s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/33429762-pup-glindorus =>PUP.Glindorus
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/27328365-trojan-usyndication =>Trojan.USyndication
~ http://nicolascoolman.webs.com/apps/blog/show/26686441-pup-specialsavings =>PUP.SpecialSavings
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ MSI: 12 link(s) detected in 00mn 38s



~ 840 Legitimates filtered by white list
End of the scan (568 lines in 03mn 34s)(0)

Publicité


Signaler le contenu de ce document

Publicité