Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.4.14.26 - Nicolas Coolman (14/04/2014)
~ Lancé par alex (15/04/2014 14:32:38)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16863
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : GMQHT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2016
Windows Defender W8
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3909 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 460 GB (67%) free of 682 GB
---\\ Mode de connexion au système
~ Computer Name: PC-ALEX
~ User Name: alex
~ All Users Names: HomeGroupUser$, alex, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\alex\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\alex\AppData\Roaming\
~ %Desktop% : C:\Users\alex\Desktop\
~ %Favorites% : C:\Users\alex\Favorites\
~ %LocalAppData% : C:\Users\alex\AppData\Local\
~ %StartMenu% : C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 460 Go of 682 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/10958
~ Mes musiques (My Musics) : 460/4279
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 3/489
~ Mon Bureau (My Desktop) : 4/14136
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 27s
---\\ Processus lancés
[MD5.E72E98FEB4160E8B40075604EFC723EC] - (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe [1067232] [PID.3036]
[MD5.0EFF23C3D910380746D4F56BA5C746C4] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1192784] [PID.3056]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3312]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4308]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4360]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8215552] [PID.4784]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5604]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\crplbalz.default\prefs.js
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Free YouTube to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeToMP3Converter.) -- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [alex]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [alex]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [alex]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [alex]: Badoo Desktop.lnk . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - GS\Program [alex]: Corbeille.lnk - Clé orpheline
O4 - GS\Program [alex]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [alex]: Youtube Downloader HD.lnk . (...) -- C:\Program Files (x86)\Youtube Downloader HD\YouTubeDownloaderHD.exe
~ Global Startup: 47 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKLM\..\Wow6432Node\Run: [RadioController] . (.Dritek System Inc. - RF Button Helper.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-154100775-86352665-3950086217-1001\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E529D00-E454-499E-B5DD-02AD5A384C76}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E529D00-E454-499E-B5DD-02AD5A384C76}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
~ Services: 19 Legitimates Filtered in 00mn 26s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse
~ Key Software: 251 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/07/2013 - 16:30:16 - [1,346] ----D C:\Users\alex\AppData\Roaming\lm
~ Program Folder: 160 Legitimates Filtered in 00mn 23s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8411BF1A6A7F112AD97D4B4AC53256AD] - 05/04/2014 - 10:43:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib64.sys [61120] =>PUP.LinkiDoo
O44 - LFC:[MD5.846DE6DC68C6B1062E79C25D01CBFA66] - 09/04/2014 - 17:23:51 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 12/04/2014 - 15:57:29 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
~ Files: 54 Legitimates Filtered in 00mn 21s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.6FDF840B75EFE830A4BD8E1F569C2490] - 02/04/2014 - 17:53:35 ---A- - C:\Windows\Prefetch\R-3.0.3-WIN.TMP-ABC1CA94.pf
O45 - LFCP:[MD5.21081B70AF2DADEBF0B2893D75388E5C] - 02/04/2014 - 17:53:40 ---A- - C:\Windows\Prefetch\R-3.0.3-WIN.TMP-3140214B.pf
O45 - LFCP:[MD5.18E54B679ED869F463CD4634989EFD6D] - 02/04/2014 - 17:56:29 ---A- - C:\Windows\Prefetch\RGUI.EXE-74871015.pf
O45 - LFCP:[MD5.553DFB941CA8ACF4BEDEFDF5732BFA3A] - 07/04/2014 - 21:42:24 ---A- - C:\Windows\Prefetch\AUTHHOST.EXE-44C90B62.pf
O45 - LFCP:[MD5.FFA2E8F0D820D2D3F3F6D72531E06240] - 09/04/2014 - 18:14:26 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-C3CFD54A.pf
O45 - LFCP:[MD5.D49EF978A0209F1A0B183837CE3D836E] - 09/04/2014 - 20:45:43 ---A- - C:\Windows\Prefetch\FILTERAPP_C64.EXE-962B38CF.pf
O45 - LFCP:[MD5.8412DB49CD1470D27F4C246D6921B335] - 09/04/2014 - 20:59:42 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-624B0602.pf
O45 - LFCP:[MD5.3B36C30BBB21D6A100AF95ABC3BB03A5] - 10/04/2014 - 12:50:31 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.FE8FB8A55A841182530A66184BE07C1D] - 11/04/2014 - 16:28:46 ---A- - C:\Windows\Prefetch\DOPDFCL7.EXE-EDF4B6C6.pf
O45 - LFCP:[MD5.04733D2594C80FF378291D5467CAA3E7] - 12/04/2014 - 21:19:06 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.T-35B10902.pf
O45 - LFCP:[MD5.1B22B200ED769353DC3416869750133C] - 12/04/2014 - 21:19:10 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.E-03C2D621.pf
O45 - LFCP:[MD5.60B93A68D866539EB83BDD4D9675469A] - 12/04/2014 - 21:19:11 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.T-9C2F79A4.pf
O45 - LFCP:[MD5.DE0BB4672366350182B1BC59E2FC91F0] - 12/04/2014 - 21:19:48 ---A- - C:\Windows\Prefetch\YOUTUBEDOWNLOADERHD.EXE-FB59C4BB.pf
O45 - LFCP:[MD5.27626550C3637C7E3E4DDB300FD4693D] - 14/04/2014 - 09:57:56 ---A- - C:\Windows\Prefetch\DSIWMIS.EXE-238692B9.pf
O45 - LFCP:[MD5.AB7DCCE2B1FAE623B73F43D0690A98CA] - 14/04/2014 - 12:47:37 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf
O45 - LFCP:[MD5.4EF7A9E5FD811BDAF518878435C54FB7] - 14/04/2014 - 13:03:49 ---A- - C:\Windows\Prefetch\W9XPOPEN.EXE-3BCF8146.pf
O45 - LFCP:[MD5.4A0A6921520132FC186165EB8AC6E7E2] - 14/04/2014 - 13:03:54 ---A- - C:\Windows\Prefetch\WININST_6.EXE-B6CED721.pf
O45 - LFCP:[MD5.2E5C24D4A49A889224AE95AC075743E4] - 14/04/2014 - 13:12:37 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_MICRO-95B18528.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.F9B350DCD346C8F5605321C3E9160BF2] - 14/04/2014 - 13:28:37 ---A- - C:\Windows\Prefetch\WININST_7.1.EXE-1AA2A4B1.pf
O45 - LFCP:[MD5.34A54BDCD92023C9D91833406EC53A81] - 14/04/2014 - 13:28:48 ---A- - C:\Windows\Prefetch\04 PYCAIRO-1.4.12-1.WIN32-PY2-284764EC.pf
O45 - LFCP:[MD5.4359E11DFA7238940552F971DE00E313] - 14/04/2014 - 13:29:25 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.D3FD8000A71214DB415285270CFC47BB] - 14/04/2014 - 13:41:59 ---A- - C:\Windows\Prefetch\FREEZIPVIEWER.EXE-573EC391.pf
O45 - LFCP:[MD5.2E9DACE99F4A3C70585593C578FDD57B] - 14/04/2014 - 14:52:13 ---A- - C:\Windows\Prefetch\UTILMEGABROWSE.EXE-AC40BD42.pf =>PUP.MegaBrowse
O45 - LFCP:[MD5.E3D5407B37E46B515F9F4F86DFEA9427] - 14/04/2014 - 15:12:20 ---A- - C:\Windows\Prefetch\RGUI.EXE-C98B93E5.pf
O45 - LFCP:[MD5.7F772AD8F89EC72CCBE5538D8460A520] - 14/04/2014 - 16:14:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-95D433D1.pf
O45 - LFCP:[MD5.903D4800003A70A173D0445805C0AFC2] - 14/04/2014 - 16:26:29 ---A- - C:\Windows\Prefetch\SYSINST.EXE-6D72EC77.pf
O45 - LFCP:[MD5.19634EDCEA36F4EB7ACECD8C4296D805] - 14/04/2014 - 16:28:27 ---A- - C:\Windows\Prefetch\02 PYGTK-2.12.1-2.WIN32-PY2.5-8CA32755.pf
O45 - LFCP:[MD5.E8EDA386A78EF62DB7B15A78C7641BA5] - 15/04/2014 - 08:15:42 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.F24541961B0D94D7BB1E16B4774EF8F0] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\BRCMCARDREADER.EXE-49383653.pf
O45 - LFCP:[MD5.F022C4F4964AFA5657D722CB647F2C62] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.878249F0AB320C8AE849C082CF5A3C91] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\HD-LOGROTATORSERVICE.EXE-CE5E7913.pf
O45 - LFCP:[MD5.854289D846063B73B076BB0FBEE44CC4] - 15/04/2014 - 13:15:25 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.E320BE22FF61846CCF55B95643B2DB3A] - 21/03/2014 - 11:17:27 ---A- - C:\Windows\Prefetch\OLRSUBMISSION.EXE-C94F6010.pf
O45 - LFCP:[MD5.9167610AD129AE3FE4280462EAE6465A] - 26/03/2014 - 12:54:22 ---A- - C:\Windows\Prefetch\UPGRADE.EXE-023944AE.pf
O45 - LFCP:[MD5.479B8D727E35E0BA096ECB07F53AA951] - 28/03/2014 - 19:08:24 ---A- - C:\Windows\Prefetch\UNINST_PRISM 6 (TRIAL).EXE-D22DA93E.pf
O45 - LFCP:[MD5.1D4719A7E74D6CB993CA8F0A8C2399C6] - 29/03/2014 - 17:14:22 ---A- - C:\Windows\Prefetch\WMP11-WINDOWSXP-X86-FR-FR.EXE-4CA69792.pf
O45 - LFCP:[MD5.1F26B2044E019588C52BD03AFE3FF461] - 29/03/2014 - 17:15:33 ---A- - C:\Windows\Prefetch\WMP11-WINDOWSXP-X86-FR-FR [1]-1FFE6CE4.pf
O45 - LFCP:[MD5.C4F89EB77D0923D765320662CF8D68C4] - 29/03/2014 - 17:21:12 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.TMP-3EEF5966.pf
O45 - LFCP:[MD5.09DAF9E4AEBB6CA624CCC3F23A18F9F5] - 29/03/2014 - 17:21:14 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.TMP-0FEC67EF.pf
O45 - LFCP:[MD5.2CF8703B8C6D166E1F3FB2F973B34D6B] - 29/03/2014 - 17:21:50 ---A- - C:\Windows\Prefetch\REGISTRATION.TMP-97435973.pf
O45 - LFCP:[MD5.E2AA25AD821F566DBC7097F74169969C] - 29/03/2014 - 17:22:02 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.EXE-D20AF44C.pf
~ Prefetcher: 41 Legitimates Filtered in 00mn 01s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 21 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.8D4B8BF93C65BDBC133B20706A3B5208] - 09/04/2014 - 17:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.0606875650850B0697D662934529F6FC] - 09/04/2014 - 17:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208928]
O58 - SDL:[MD5.27069CFFF29B7F04F4B1BB10154BE52B] - 19/10/2012 - 03:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:[MD5.0BD906A79F9CE3013F7D9D0AC45F9F9D] - 19/10/2012 - 03:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:[MD5.BBEFD1442896352FBACEC3319959B278] - 20/11/2012 - 11:48:40 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [331152]
O58 - SDL:[MD5.955FFE2B1D74A9E0E3E0E558E6A17F3B] - 28/10/2013 - 01:12:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288]
O58 - SDL:[MD5.BB94A5E2CEE5FD83BA5A72A37AECADDF] - 28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 12:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.8411BF1A6A7F112AD97D4B4AC53256AD] - 05/04/2014 - 10:43:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib64.sys [61120] =>PUP.LinkiDoo
~ Drivers: 21 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 12/04/2014 - 14:35:08 -SHA- . (...) -- C:\Users\alex\Documents\Scanned Documents\Thumbs.db [403968]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\Desktop.lnk [481]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\Downloads.lnk [912]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\RecentPlaces.lnk [383]
~ Files: 46 Legitimates Filtered in 01mn 09s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][15/04/2014] (...) -- C:\Users\alex\Desktop\adwcleaner.exe [1426178]
~ Files: 2 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{EA8FC579-585B-48FE-A17F-E8FA80DC1866}" |In - Private - P6 - TRUE | .(...) -- C:\Users\alex\AppData\Local\Temp\7zS0ACE\hppiw.exe (.not file.)
O87 - FAEL: "{4E5BDB3C-4B08-4081-97C3-3A54711C1E6C}" |In - Private - P17 - TRUE | .(...) -- C:\Users\alex\AppData\Local\Temp\7zS0ACE\hppiw.exe (.not file.)
O87 - FAEL: "TCP Query User{45416439-B004-4981-B9F1-167EABB0880F}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{6EF2FF97-A242-4190-82C0-FD37E820CA3F}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{26826DBB-F5EB-41D5-9824-5491DA3DF332}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{74BE60B1-E2EB-4A3C-89CA-927672DBB43B}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 242 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1BF4A48A307DBD84980E866B94D98210" . (..) -- C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
~ Update Products: 75 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASMANCS =>PUP.MegaBrowse
~ BTK: 59 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 16/11/2012 469648 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Demand 25/02/2014 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 17/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 28/01/2013 227456 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 02/02/2011 18656 | (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 09/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 20/08/2012 176640 | (BrcmCardReader) . (.Broadcom Corp..) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
SR - | Auto 20/12/2013 402192 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SR - | Auto 20/12/2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 10/12/2012 350544 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 23/10/2012 658064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 20/11/2012 100752 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 20/09/2012 29696 | C:\Users\alex\AppData\Local\Temp\7zS0ACE\hpslpsvc64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 18/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 19/02/2013 96880 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 09s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by alex at 15/04/2014 14:37:25
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alex at 15/04/2014 14:37:27
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse^
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse^
~ Additionnel Scan: 309709 Items scanned in 00mn 22s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/41917380-pup-megabrowse =>PUP.MegaBrowse
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ MSI: 3 link(s) detected in 00mn 00s
~ 1067 Legitimates filtered by white list
End of the scan (496 lines in 05mn 11s)(0)
~ Lancé par alex (15/04/2014 14:32:38)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16863
MFIE: Mozilla Firefox 28.0 (Defaut)
GCIE: Google Chrome v34.0.1847.116
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : GMQHT
Windows License : OK
~ Windows Remaining Initializations Number : 999
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2016
Windows Defender W8
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 51
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3909 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 460 GB (67%) free of 682 GB
---\\ Mode de connexion au système
~ Computer Name: PC-ALEX
~ User Name: alex
~ All Users Names: HomeGroupUser$, alex, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\alex\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\alex\AppData\Roaming\
~ %Desktop% : C:\Users\alex\Desktop\
~ %Favorites% : C:\Users\alex\Favorites\
~ %LocalAppData% : C:\Users\alex\AppData\Local\
~ %StartMenu% : C:\Users\alex\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 460 Go of 682 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 44 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.2B7920C7885AC45FD0E27DD860F095A1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.07/03/2014 - 01:08:30.) -- C:\Windows\System32\wininet.dll [2240000]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.431141C6859990824D17F71C30A78728] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.16/01/2014 - 00:42:58.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.7BE3EDFFA3216F989A6BDCB14795DD08] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.27/01/2014 - 04:39:40.) -- C:\Windows\system32\Drivers\ntfs.sys [1939288]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/10958
~ Mes musiques (My Musics) : 460/4279
~ Mes Favoris (My Favorites) : 1/6
~ Mes Documents (My Documents) : 3/489
~ Mon Bureau (My Desktop) : 4/14136
~ Menu demarrer (Programs) : 1/23
~ Hidden Files: Scanned in 00mn 27s
---\\ Processus lancés
[MD5.E72E98FEB4160E8B40075604EFC723EC] - (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe [1067232] [PID.3036]
[MD5.0EFF23C3D910380746D4F56BA5C746C4] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files (x86)\Launch Manager\LManager.exe [1192784] [PID.3056]
[MD5.4BFA1849DC7AA3CB99C160D9EB96C67B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640] [PID.3312]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4308]
[MD5.79C28DDF889C26FDD6162F796FD49BC4] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4360]
[MD5.775DDB699B40C42E1BD799CC0EBF3528] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8215552] [PID.4784]
[MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.5604]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\alex\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 16 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\alex\AppData\Roaming\Mozilla\Firefox\Profiles\crplbalz.default\prefs.js
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: (no name) - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Free YouTube to MP3 Converter.lnk . (.DVDVideoSoft Ltd. - FreeYouTubeToMP3Converter.) -- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe
O4 - GS\Desktop [Public]: OpenOffice 4.0.1.lnk . (.Apache Software Foundation - OpenOffice 4.0.1.) -- C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [alex]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [alex]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [alex]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [alex]: Badoo Desktop.lnk . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - GS\Program [alex]: Corbeille.lnk - Clé orpheline
O4 - GS\Program [alex]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [alex]: Youtube Downloader HD.lnk . (...) -- C:\Program Files (x86)\Youtube Downloader HD\YouTubeDownloaderHD.exe
~ Global Startup: 47 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
O4 - HKLM\..\Wow6432Node\Run: [RadioController] . (.Dritek System Inc. - RF Button Helper.) -- C:\Program Files (x86)\RadioController\RfBtnHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [BlueStacks Agent] . (.BlueStack Systems, Inc. - BlueStacks Agent.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\policies\Explorer\Run: [BtvStack] . (.Qualcomm Atheros Commnucations - Extension Core.) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
O4 - HKUS\S-1-5-21-154100775-86352665-3950086217-1001\..\Run: [Badoo Desktop] . (.Badoo - Badoo Desktop.) -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Send by Bluetooth to [64Bits] - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E529D00-E454-499E-B5DD-02AD5A384C76}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E529D00-E454-499E-B5DD-02AD5A384C76}: DhcpNameServer = 192.168.43.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpNameServer = 127.0.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{78F19859-F85E-419C-9CCE-90921F69AA86}: DhcpDomain = WDS01.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Elan Service (ETDService) . (.ELAN Microelectronics Corp. - Elan Service.) - C:\Program Files\Elantech\ETDService.exe
~ Services: 19 Legitimates Filtered in 00mn 26s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk * ) - File not found
O34 - HKLM BootExecute: (BootDefrag.exe) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse
~ Key Software: 251 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/07/2013 - 16:30:16 - [1,346] ----D C:\Users\alex\AppData\Roaming\lm
~ Program Folder: 160 Legitimates Filtered in 00mn 23s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.8411BF1A6A7F112AD97D4B4AC53256AD] - 05/04/2014 - 10:43:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib64.sys [61120] =>PUP.LinkiDoo
O44 - LFC:[MD5.846DE6DC68C6B1062E79C25D01CBFA66] - 09/04/2014 - 17:23:51 ---A- . (...) -- C:\Windows\win.ini [194]
O44 - LFC:[MD5.110BE5198A63D3FF3CE9C30F1DC12EC3] - 12/04/2014 - 15:57:29 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386722]
~ Files: 54 Legitimates Filtered in 00mn 21s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.6FDF840B75EFE830A4BD8E1F569C2490] - 02/04/2014 - 17:53:35 ---A- - C:\Windows\Prefetch\R-3.0.3-WIN.TMP-ABC1CA94.pf
O45 - LFCP:[MD5.21081B70AF2DADEBF0B2893D75388E5C] - 02/04/2014 - 17:53:40 ---A- - C:\Windows\Prefetch\R-3.0.3-WIN.TMP-3140214B.pf
O45 - LFCP:[MD5.18E54B679ED869F463CD4634989EFD6D] - 02/04/2014 - 17:56:29 ---A- - C:\Windows\Prefetch\RGUI.EXE-74871015.pf
O45 - LFCP:[MD5.553DFB941CA8ACF4BEDEFDF5732BFA3A] - 07/04/2014 - 21:42:24 ---A- - C:\Windows\Prefetch\AUTHHOST.EXE-44C90B62.pf
O45 - LFCP:[MD5.FFA2E8F0D820D2D3F3F6D72531E06240] - 09/04/2014 - 18:14:26 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-C3CFD54A.pf
O45 - LFCP:[MD5.D49EF978A0209F1A0B183837CE3D836E] - 09/04/2014 - 20:45:43 ---A- - C:\Windows\Prefetch\FILTERAPP_C64.EXE-962B38CF.pf
O45 - LFCP:[MD5.8412DB49CD1470D27F4C246D6921B335] - 09/04/2014 - 20:59:42 ---A- - C:\Windows\Prefetch\SETUP-STUB.EXE-624B0602.pf
O45 - LFCP:[MD5.3B36C30BBB21D6A100AF95ABC3BB03A5] - 10/04/2014 - 12:50:31 ---A- - C:\Windows\Prefetch\dynreservedpri.db
O45 - LFCP:[MD5.FE8FB8A55A841182530A66184BE07C1D] - 11/04/2014 - 16:28:46 ---A- - C:\Windows\Prefetch\DOPDFCL7.EXE-EDF4B6C6.pf
O45 - LFCP:[MD5.04733D2594C80FF378291D5467CAA3E7] - 12/04/2014 - 21:19:06 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.T-35B10902.pf
O45 - LFCP:[MD5.1B22B200ED769353DC3416869750133C] - 12/04/2014 - 21:19:10 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.E-03C2D621.pf
O45 - LFCP:[MD5.60B93A68D866539EB83BDD4D9675469A] - 12/04/2014 - 21:19:11 ---A- - C:\Windows\Prefetch\YOUTUBE_DOWNLOADER_HD_SETUP.T-9C2F79A4.pf
O45 - LFCP:[MD5.DE0BB4672366350182B1BC59E2FC91F0] - 12/04/2014 - 21:19:48 ---A- - C:\Windows\Prefetch\YOUTUBEDOWNLOADERHD.EXE-FB59C4BB.pf
O45 - LFCP:[MD5.27626550C3637C7E3E4DDB300FD4693D] - 14/04/2014 - 09:57:56 ---A- - C:\Windows\Prefetch\DSIWMIS.EXE-238692B9.pf
O45 - LFCP:[MD5.AB7DCCE2B1FAE623B73F43D0690A98CA] - 14/04/2014 - 12:47:37 ---A- - C:\Windows\Prefetch\LAUNCHTM.EXE-B444BC8E.pf
O45 - LFCP:[MD5.4EF7A9E5FD811BDAF518878435C54FB7] - 14/04/2014 - 13:03:49 ---A- - C:\Windows\Prefetch\W9XPOPEN.EXE-3BCF8146.pf
O45 - LFCP:[MD5.4A0A6921520132FC186165EB8AC6E7E2] - 14/04/2014 - 13:03:54 ---A- - C:\Windows\Prefetch\WININST_6.EXE-B6CED721.pf
O45 - LFCP:[MD5.2E5C24D4A49A889224AE95AC075743E4] - 14/04/2014 - 13:12:37 ---A- - C:\Windows\Prefetch\SOFTONICDOWNLOADER_POUR_MICRO-95B18528.pf =>Toolbar.Conduit
O45 - LFCP:[MD5.F9B350DCD346C8F5605321C3E9160BF2] - 14/04/2014 - 13:28:37 ---A- - C:\Windows\Prefetch\WININST_7.1.EXE-1AA2A4B1.pf
O45 - LFCP:[MD5.34A54BDCD92023C9D91833406EC53A81] - 14/04/2014 - 13:28:48 ---A- - C:\Windows\Prefetch\04 PYCAIRO-1.4.12-1.WIN32-PY2-284764EC.pf
O45 - LFCP:[MD5.4359E11DFA7238940552F971DE00E313] - 14/04/2014 - 13:29:25 ---A- - C:\Windows\Prefetch\WSHOST.EXE-05F0A3AF.pf
O45 - LFCP:[MD5.D3FD8000A71214DB415285270CFC47BB] - 14/04/2014 - 13:41:59 ---A- - C:\Windows\Prefetch\FREEZIPVIEWER.EXE-573EC391.pf
O45 - LFCP:[MD5.2E9DACE99F4A3C70585593C578FDD57B] - 14/04/2014 - 14:52:13 ---A- - C:\Windows\Prefetch\UTILMEGABROWSE.EXE-AC40BD42.pf =>PUP.MegaBrowse
O45 - LFCP:[MD5.E3D5407B37E46B515F9F4F86DFEA9427] - 14/04/2014 - 15:12:20 ---A- - C:\Windows\Prefetch\RGUI.EXE-C98B93E5.pf
O45 - LFCP:[MD5.7F772AD8F89EC72CCBE5538D8460A520] - 14/04/2014 - 16:14:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-95D433D1.pf
O45 - LFCP:[MD5.903D4800003A70A173D0445805C0AFC2] - 14/04/2014 - 16:26:29 ---A- - C:\Windows\Prefetch\SYSINST.EXE-6D72EC77.pf
O45 - LFCP:[MD5.19634EDCEA36F4EB7ACECD8C4296D805] - 14/04/2014 - 16:28:27 ---A- - C:\Windows\Prefetch\02 PYGTK-2.12.1-2.WIN32-PY2.5-8CA32755.pf
O45 - LFCP:[MD5.E8EDA386A78EF62DB7B15A78C7641BA5] - 15/04/2014 - 08:15:42 ---A- - C:\Windows\Prefetch\LMUTILPS32.EXE-9827F12C.pf
O45 - LFCP:[MD5.F24541961B0D94D7BB1E16B4774EF8F0] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\BRCMCARDREADER.EXE-49383653.pf
O45 - LFCP:[MD5.F022C4F4964AFA5657D722CB647F2C62] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\DKRUN32.EXE-8583E6AC.pf
O45 - LFCP:[MD5.878249F0AB320C8AE849C082CF5A3C91] - 15/04/2014 - 13:06:58 ---A- - C:\Windows\Prefetch\HD-LOGROTATORSERVICE.EXE-CE5E7913.pf
O45 - LFCP:[MD5.854289D846063B73B076BB0FBEE44CC4] - 15/04/2014 - 13:15:25 ---A- - C:\Windows\Prefetch\INSTUP.EXE-3AF05CB9.pf
O45 - LFCP:[MD5.E320BE22FF61846CCF55B95643B2DB3A] - 21/03/2014 - 11:17:27 ---A- - C:\Windows\Prefetch\OLRSUBMISSION.EXE-C94F6010.pf
O45 - LFCP:[MD5.9167610AD129AE3FE4280462EAE6465A] - 26/03/2014 - 12:54:22 ---A- - C:\Windows\Prefetch\UPGRADE.EXE-023944AE.pf
O45 - LFCP:[MD5.479B8D727E35E0BA096ECB07F53AA951] - 28/03/2014 - 19:08:24 ---A- - C:\Windows\Prefetch\UNINST_PRISM 6 (TRIAL).EXE-D22DA93E.pf
O45 - LFCP:[MD5.1D4719A7E74D6CB993CA8F0A8C2399C6] - 29/03/2014 - 17:14:22 ---A- - C:\Windows\Prefetch\WMP11-WINDOWSXP-X86-FR-FR.EXE-4CA69792.pf
O45 - LFCP:[MD5.1F26B2044E019588C52BD03AFE3FF461] - 29/03/2014 - 17:15:33 ---A- - C:\Windows\Prefetch\WMP11-WINDOWSXP-X86-FR-FR [1]-1FFE6CE4.pf
O45 - LFCP:[MD5.C4F89EB77D0923D765320662CF8D68C4] - 29/03/2014 - 17:21:12 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.TMP-3EEF5966.pf
O45 - LFCP:[MD5.09DAF9E4AEBB6CA624CCC3F23A18F9F5] - 29/03/2014 - 17:21:14 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.TMP-0FEC67EF.pf
O45 - LFCP:[MD5.2CF8703B8C6D166E1F3FB2F973B34D6B] - 29/03/2014 - 17:21:50 ---A- - C:\Windows\Prefetch\REGISTRATION.TMP-97435973.pf
O45 - LFCP:[MD5.E2AA25AD821F566DBC7097F74169969C] - 29/03/2014 - 17:22:02 ---A- - C:\Windows\Prefetch\AVSMEDIAPLAYER.EXE-D20AF44C.pf
~ Prefetcher: 41 Legitimates Filtered in 00mn 01s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
O55 - MWPS:[HKLM\...\Policies\System] - "DisableCAD"=1
~ MWPS: 21 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.8D4B8BF93C65BDBC133B20706A3B5208] - 09/04/2014 - 17:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:[MD5.0606875650850B0697D662934529F6FC] - 09/04/2014 - 17:22:30 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208928]
O58 - SDL:[MD5.27069CFFF29B7F04F4B1BB10154BE52B] - 19/10/2012 - 03:52:32 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4-1999 Driver.) -- C:\Windows\System32\Drivers\Dot4.sys [151968]
O58 - SDL:[MD5.0BD906A79F9CE3013F7D9D0AC45F9F9D] - 19/10/2012 - 03:52:30 ---A- . (.Windows (R) Win 7 DDK provider - IEEE-1284.4 Print Class Driver.) -- C:\Windows\System32\Drivers\Dot4Prt.sys [27040]
O58 - SDL:[MD5.BBEFD1442896352FBACEC3319959B278] - 20/11/2012 - 11:48:40 ---A- . (.ELAN Microelectronics Corp. - ETD Kernel Center.) -- C:\Windows\System32\Drivers\ETD.sys [331152]
O58 - SDL:[MD5.955FFE2B1D74A9E0E3E0E558E6A17F3B] - 28/10/2013 - 01:12:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [107288]
O58 - SDL:[MD5.BB94A5E2CEE5FD83BA5A72A37AECADDF] - 28/10/2013 - 01:12:12 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [204568]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [30960]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 12:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.8411BF1A6A7F112AD97D4B4AC53256AD] - 05/04/2014 - 10:43:42 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\wStLib64.sys [61120] =>PUP.LinkiDoo
~ Drivers: 21 Legitimates Filtered in 00mn 03s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 12/04/2014 - 14:35:08 -SHA- . (...) -- C:\Users\alex\Documents\Scanned Documents\Thumbs.db [403968]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\Desktop.lnk [481]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\Downloads.lnk [912]
O61 - LFC: 13/04/2014 - 14:35:08 ---A- . (...) -- C:\Users\alex\Links\RecentPlaces.lnk [383]
~ Files: 46 Legitimates Filtered in 01mn 09s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.04B47DEEB298AE90A0C42DEAED71F8BA] [SPRF][15/04/2014] (...) -- C:\Users\alex\Desktop\adwcleaner.exe [1426178]
~ Files: 2 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{EA8FC579-585B-48FE-A17F-E8FA80DC1866}" |In - Private - P6 - TRUE | .(...) -- C:\Users\alex\AppData\Local\Temp\7zS0ACE\hppiw.exe (.not file.)
O87 - FAEL: "{4E5BDB3C-4B08-4081-97C3-3A54711C1E6C}" |In - Private - P17 - TRUE | .(...) -- C:\Users\alex\AppData\Local\Temp\7zS0ACE\hppiw.exe (.not file.)
O87 - FAEL: "TCP Query User{45416439-B004-4981-B9F1-167EABB0880F}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{6EF2FF97-A242-4190-82C0-FD37E820CA3F}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "TCP Query User{26826DBB-F5EB-41D5-9824-5491DA3DF332}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{74BE60B1-E2EB-4A3C-89CA-927672DBB43B}C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\alex\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
~ Firewall: 242 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1BF4A48A307DBD84980E866B94D98210" . (..) -- C:\Windows\Installer\{A84A4FB1-D703-48DB-89E0-68B6499D2801}\ARPPRODUCTICON.exe
~ Update Products: 75 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\MegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateMegaBrowse_RASMANCS =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASAPI32 =>PUP.MegaBrowse
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilMegaBrowse_RASMANCS =>PUP.MegaBrowse
~ BTK: 59 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 23/10/2012 277024 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 16/11/2012 469648 | (DeviceFastLaneService) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
SS - | Demand 25/02/2014 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 17/07/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/07/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 15/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 12/02/2014 43336 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 28/01/2013 227456 | (AtherosSvc) . (.Qualcomm Atheros Commnucations.) - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
SR - | Auto 02/02/2011 18656 | (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 09/04/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 20/08/2012 176640 | (BrcmCardReader) . (.Broadcom Corp..) - C:\Program Files\Broadcom\MemoryCard\BrcmCardReader.exe
SR - | Auto 20/12/2013 402192 | (BstHdAndroidSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-Service.exe
SR - | Auto 20/12/2013 385808 | (BstHdLogRotatorSvc) . (.BlueStack Systems, Inc..) - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
SR - | Auto 10/12/2012 350544 | (DsiWMIService) . (.Dritek System Inc..) - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
SR - | Demand 23/10/2012 658064 | (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 20/11/2012 100752 | (ETDService) . (.ELAN Microelectronics Corp..) - C:\Program Files\Elantech\ETDService.exe
SR - | Auto 20/09/2012 29696 | C:\Users\alex\AppData\Local\Temp\7zS0ACE\hpslpsvc64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 20/04/2012 635104 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Demand 21/02/2014 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 18/07/2012 165760 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 18/07/2012 276864 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 26/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 19/02/2013 96880 | (RfButtonDriverService) . (.Dritek System INC..) - C:\Windows\RfBtnSvc64.exe
SR - | Auto 18/07/2012 364416 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Demand 10/07/1658 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 09s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by alex at 15/04/2014 14:37:25
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by alex at 15/04/2014 14:37:27
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13044 - (14/04/2014)
Clés trouvées (Keys found) : 0
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 2
[HKCU\Software\Mega Browse] =>PUP.MegaBrowse^
[HKLM\Software\Wow6432Node\Mega Browse] =>PUP.MegaBrowse^
~ Additionnel Scan: 309709 Items scanned in 00mn 22s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/41917380-pup-megabrowse =>PUP.MegaBrowse
http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ MSI: 3 link(s) detected in 00mn 00s
~ 1067 Legitimates filtered by white list
End of the scan (496 lines in 05mn 11s)(0)