Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2015.6.4.54 - Nicolas Coolman (31-05-15)
~ Lancé par AnTo1o (05-06-15 04:23:23)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.1 (Defaut)
GCIE: Google Chrome v43.0.2357.81
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : VCC43
Windows License : OK
~ Windows Remaining Initializations Number : 997
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
avast! SecureLine v1.0.139.2
avast! SecureLine v1.0.139.2
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.06
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 61 Stepping 4, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 12210 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 613 GB (91%) free of 673 GB
---\\ Mode de connexion au système
~ Computer Name: ANTO1O
~ User Name: AnTo1o
~ All Users Names: HomeGroupUser$, AnTo1o, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\AnTo1o\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\AnTo1o\AppData\Roaming\
~ %Desktop% : C:\Users\AnTo1o\Desktop\
~ %Favorites% : C:\Users\AnTo1o\Favorites\
~ %LocalAppData% : C:\Users\AnTo1o\AppData\Local\
~ %StartMenu% : C:\Users\AnTo1o\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 613 Go of 673 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 25 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 40 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28-01-15 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22-08-13 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21-04-15 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18-03-14 - 10:54:52.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18-03-14 - 10:54:52.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04-11-14 - 13:42:10.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-08-13 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-08-13 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-08-13 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.04-11-14 - 13:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22-08-13 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18-03-14 - 10:54:55.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.04-11-14 - 13:43:42.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-08-13 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22-08-13 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-08-13 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18-03-14 - 10:37:57.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/7
~ Mes Favoris (My Favorites) : 1/15
~ Mes Documents (My Documents) : 1/4
~ Mon Bureau (My Desktop) : 0/6
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.A416FBE18A8FF5C942B5E4A65A66EAE0] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704] [PID.6844]
[MD5.444FEE93C045940CDA53BA0C20B2A69A] - (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224] [PID.1400]
[MD5.86FAB02AFB6A800D047EB55597808D28] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552] [PID.3552]
[MD5.73FCAA8154F8FD71E71E7DC52A1BAF2A] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192] [PID.5932]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312] [PID.5372]
[MD5.43B5696A844FB705D1E9595E8C3351B6] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864] [PID.3020]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1408]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.5448]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\AnTo1o\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\prefs.js
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\user.js
M3 - MFPP: Plugins - [AnTo1o] -- C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\searchplugins\WebSearch.xml
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\abs@avira.com] [] Segurança do navegador Avira v1.4.9 (..)
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\DUOz@BG.org] [] PriceoMinus v2.0 (..) =>PriceMinus
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\tk@SgKYI.com] [] PericELeuss v5.2 (..) =>PUP.PriceLess
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] abs@avira.com
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] DUOz@BG.org
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] jid1-FB1bBgFMk5H6Wg@jetpack.xpi
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] L4@eqF7W.org
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] tk@SgKYI.com
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] {588b71a1-b0bc-422a-9c3a-658c73ef0290}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\generic_search.xml
~ Firefox Browser: 36 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.Istart
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\QuickLaunch [AnTo1o]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\TaskBar [AnTo1o]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [AnTo1o]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
~ Global Startup: 4 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [SimplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F9D622B1055019D889338F395A5C9BA9] . (.The Chromium Authors - Chromium.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [GoogleChromeAutoLaunch_F9D622B1055019D889338F395A5C9BA9] . (.The Chromium Authors - Chromium.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C94EB6-3840-4CA1-9733-C37CA046A7A3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpNameServer = 40.23.1.201 40.23.1.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpDomain = D1-Line.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C94EB6-3840-4CA1-9733-C37CA046A7A3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpNameServer = 40.23.1.201 40.23.1.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpDomain = D1-Line.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
O23 - Service: SC 1.10.0.16 Client Service (scsvc_1.10.0.16) . (.SuperClick - SC Client Service.) - C:\Program Files (x86)\SuperClick_1.10.0.16\Service\scsvc.exe =>PUP.SuperClick
O23 - Service: avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
~ Services: 33 Legitimates Filtered in 00mn 10s
---\\ Tâches planifiées en automatique (O39)
[MD5.F1CE8A8107117151704BED2729CC0717] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [971968] =>PUA.KMSpico
[MD5.D423210C49AAE90BDDD854061DC105C1] [APT] [Chromium] (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.exe [546816]
[MD5.0BC300B18B5397DD71194E9D76EAA4D9] [APT] [DropboxOEM] (...) -- C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160]
[MD5.00000000000000000000000000000000] [APT] [Easy Driver Pro Schedule] (...) -- C:\Program Files (x86)\Probit Software\Easy Driver Pro\EDPTray.exe (.not file.) [0] =>PUP.ProbitSoftware
[MD5.00000000000000000000000000000000] [APT] [gameo_update] (...) -- C:\Users\AnTo1o\AppData\Roaming\Gameo\gameo.exe (.not file.) [0] =>PUP.Gameo
[MD5.EC62720A72C1ACD6AB638C0D7D10F431] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.EC62720A72C1ACD6AB638C0D7D10F431] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.00000000000000000000000000000000] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.DF05643A7B81B020AC6C93B7410AF514] [APT] [LHTFVNWO1] (.LolliScan.) -- C:\ProgramData\LolliScan\LolliScan.exe [812032] =>Adware.Graftor
[MD5.39D266BD7B5BA17BD4C1FEA9DDB7D144] [APT] [Reimage Reminder] (.Reimage ltd..) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [4431712] =>Rogue.ReimageRepair
[MD5.AEB53D4C5A3E079621BAE45C12C0EDA7] [APT] [ReimageUpdater] (.Reimage®.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024] =>Rogue.ReimageRepair
[MD5.9EC357EC1D412F48194DF5FE0C6D13B7] [APT] [SuperClick Auto Updater 1.10.0.16 Core] (.SuperClick.) -- C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe [59480] =>PUP.SuperClick
[MD5.9EC357EC1D412F48194DF5FE0C6D13B7] [APT] [SuperClick Auto Updater 1.10.0.16 Pending Update] (.SuperClick.) -- C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe [59480] =>PUP.SuperClick
[MD5.00000000000000000000000000000000] [APT] [WTRTDLM] (...) -- C:\ProgramData\c05e7c22ed084afab2b5a0576a51ba06\c05e7c22ed084afab2b5a0576a51ba06.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Chromium - (...) -- C:\Windows\Tasks\Chromium.job [346]
O39 - APT: Chromium - (...) -- C:\Windows\System32\Tasks\Chromium [346]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
O39 - APT: LHTFVNWO1 - (.LolliScan.) -- C:\Windows\Tasks\LHTFVNWO1.job [346] =>Adware.Graftor
O39 - APT: LHTFVNWO1 - (.LolliScan.) -- C:\Windows\System32\Tasks\LHTFVNWO1 [346] =>Adware.Graftor
~ Scheduled Task: 42 Legitimates Filtered in 00mn 08s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (scfd_1_10_0_16) . (.SuperClick - SC Driver x64.) - C:\Windows\System32\drivers\scfd_1_10_0_16.sys =>PUP.SuperClick
O41 - Driver: ({0c0d086c-f4c2-47a4-86b9-399124476953}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys =>PUP.LinkiDoo
~ Drivers: 44 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>PUA.KMSpico
O42 - Logiciel: LolliScan - (...) [HKLM][64Bits] -- LolliScan =>Adware.Graftor
O42 - Logiciel: Primary Color - (.Primary Color.) [HKLM][64Bits] -- Primary Color =>Adware.Sambreel
O42 - Logiciel: SuperClick 1.10.0.16 - (.SuperClick.) [HKLM][64Bits] -- SuperClick_1.10.0.16 =>PUP.SuperClick
~ Logic: 30 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\ClkApp]
[HKCU\Software\Clubic]
[HKCU\Software\Easy Speed Check]
[HKCU\Software\Gameo] =>PUP.Gameo
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Primary Color] =>Adware.Sambreel
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\SmileysWeLove] =>Adware.SmileyBar
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\1483dc53-8c3e-f4a2-39f4-14409ad9da43] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Cinema Video 1.8V31.05]
[HKLM\Software\Wow6432Node\HD4Good]
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Internet Speed Checker] =>PUP.InternetSpeedChecker
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\PJ]
[HKLM\Software\Wow6432Node\Primary Color] =>Adware.Sambreel
[HKLM\Software\Wow6432Node\WXLITE]
[HKLM\Software\Wow6432Node\WinPj]
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 344 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04-06-15 - 17:37:46 - [] ----D C:\Program Files (x86)\Cinema Video 1.8V31.05
O43 - CFD: 04-06-15 - 17:42:31 - [] ----D C:\Program Files (x86)\FlashControl
O43 - CFD: 04-06-15 - 17:43:34 - [] ----D C:\Program Files (x86)\HD4Good
O43 - CFD: 04-06-15 - 17:44:19 - [] ----D C:\Program Files (x86)\Internet Speed Checker =>PUP.InternetSpeedChecker
O43 - CFD: 04-06-15 - 17:45:02 - [] ----D C:\Program Files (x86)\PericELeuss =>PUP.PriceLess
O43 - CFD: 04-06-15 - 17:45:02 - [] ----D C:\Program Files (x86)\PriceoMinus =>PriceMinus
O43 - CFD: 04-06-15 - 18:50:49 - [] ----D C:\Program Files (x86)\Primary Color =>Adware.Sambreel
O43 - CFD: 01-06-15 - 01:18:51 - [] ----D C:\Program Files (x86)\SuperClick_1.10.0.16 =>PUP.SuperClick
O43 - CFD: 31-05-15 - 22:45:18 - [] ----D C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider
O43 - CFD: 01-06-15 - 02:21:13 - [] ----D C:\ProgramData\15928482670229230692
O43 - CFD: 01-06-15 - 00:53:17 - [] ----D C:\ProgramData\19c9a96d00003f9e
O43 - CFD: 31-05-15 - 23:23:43 - [] ----D C:\ProgramData\3517978400006b0f
O43 - CFD: 31-05-15 - 22:45:22 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 04-06-15 - 13:57:05 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 01-06-15 - 00:56:41 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 31-05-15 - 22:51:56 - [] ----D C:\ProgramData\Ebninoja
O43 - CFD: 04-06-15 - 18:51:18 - [] ----D C:\ProgramData\jkarallMG
O43 - CFD: 31-05-15 - 22:46:05 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 01-06-15 - 01:29:04 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair
O43 - CFD: 31-05-15 - 22:46:03 - [] ----D C:\ProgramData\WebShield =>Adware.WebShield
O43 - CFD: 31-05-15 - 17:54:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 04-11-14 - 08:52:38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 04-11-14 - 08:53:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 01-06-15 - 01:28:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair
O43 - CFD: 04-06-15 - 15:21:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 18-03-14 - 11:38:02 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04-06-15 - 19:10:36 - [] ----D C:\Users\AnTo1o\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 01-06-15 - 00:48:16 - [] ----D C:\Users\AnTo1o\AppData\Roaming\smileyswelove =>Adware.SmileyBar
O43 - CFD: 04-06-15 - 17:58:06 - [] ----D C:\Users\AnTo1o\AppData\Local\Gameo =>PUP.Gameo
O43 - CFD: 31-05-15 - 16:56:37 - [0] ----D C:\Users\AnTo1o\AppData\Local\PackageStaging
O43 - CFD: 04-06-15 - 15:07:27 - [] ----D C:\Users\AnTo1o\AppData\Local\WebShield =>Adware.WebShield
~ Program Folder: 204 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.ED85313B5C4822D76EE5D92100527BB5] - 01-06-15 - 00:29:28 ---A- . (...) -- C:\Windows\Reimage.ini [165] =>Rogue.ReimageRepair
O44 - LFC:[MD5.2CBD6D22499EB13A2666F62EF33D00E2] - 02-06-15 - 21:53:30 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16303]
O44 - LFC:[MD5.0EEE2A1F716C29F14930B2F836BE7607] - 03-06-15 - 22:47:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys [48784] =>PUP.LinkiDoo
O44 - LFC:[MD5.406E76BE63C65E0BF4B263156320254E] - 04-06-15 - 12:08:53 ---A- . (...) -- C:\Windows\System32\ScannerSettings [464]
O44 - LFC:[MD5.114CA3EAFBB2A8F1E2B4BC7B7DB5F756] - 04-06-15 - 12:18:02 ---A- . (...) -- C:\Windows\System32\ScanResults.xml [5547]
O44 - LFC:[MD5.4F42D0CE252EB958DB6EDC3FF6C0BF7E] - 04-06-15 - 12:53:07 ---A- . (...) -- C:\Windows\System32\Drivers\BCM43142A0_001.001.011.0277.0289.hex [57657]
O44 - LFC:[MD5.9D17F78BB04A3EF67426AFD087660188] - 04-06-15 - 14:12:31 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410017]
O44 - LFC:[MD5.642F3511FE93D92C062C7CF6CE6E3075] - 04-06-15 - 18:57:18 ---A- . (...) -- C:\Windows\win.ini [301]
O44 - LFC:[MD5.1DAA514FDC61ABF63AC7EBA3C2D1095C] - 27-05-15 - 11:48:20 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [4408727]
O44 - LFC:[MD5.8AC1617AB2D28FEB6AA7A99CD519E507] - 28-05-15 - 08:04:11 ---A- . (...) -- C:\Windows\System32\nvcompiler.dll [42719888]
O44 - LFC:[MD5.B887A34F4D7F6BC0446A397DF2088B77] - 28-05-15 - 08:04:11 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [30966]
O44 - LFC:[MD5.8A63A03AE53A58DCD77C31B5DD1D591A] - 31-05-15 - 15:51:33 ---A- . (...) -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [118]
O44 - LFC:[MD5.FB1F46900FBE595AA662E86E5C460FC1] - 31-05-15 - 15:51:57 ---A- . (...) -- C:\Windows\insFileSpec [205]
O44 - LFC:[MD5.3D733144477CADCF77009EF614413630] - 31-05-15 - 16:54:16 ---A- . (.Vestris Inc. - ResourceLib.) -- C:\Windows\System32\Vestris.ResourceLib.dll [90112]
O44 - LFC:[MD5.6D7FDBF9CEAC51A76750FD38CF801F30] - 31-05-15 - 16:54:30 ---A- . (...) -- C:\Windows\SECOH-QAD.dll [3584] =>PUA.KMSpico
O44 - LFC:[MD5.38DE5B216C33833AF710E88F7F64FC98] - 31-05-15 - 16:54:30 ---A- . (...) -- C:\Windows\SECOH-QAD.exe [4608] =>PUA.KMSpico
O44 - LFC:[MD5.2BF3E96EDD18C8F746D2D9B9C85240C6] - 31-05-15 - 23:48:07 ---A- . (...) -- C:\browserhelper.log [1711]
~ Files: 239 Legitimates Filtered in 00mn 59s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.CD3A8D62C2E8404B4E0CF607C824EA87] - 05-06-15 - 02:33:51 ---A- - C:\Windows\Prefetch\LOLLISCAN.EXE-24A984AD.pf =>Adware.Graftor
O45 - LFCP:[MD5.8FC90F1BDE80DB9451880326C9C01FD3] - 31-05-15 - 23:49:49 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-352DDA76.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.C0125BC018174CEEA8E8F6E10F2CD27A] - 05-06-15 - 02:51:44 ---A- - C:\Windows\Prefetch\PERFORMANCEOPTIMIZER.EXE-23A96D70.pf =>PUP.PerformanceOptimizer
O45 - LFCP:[MD5.72B39E5DC0706CB2B0DB2885617035F6] - 04-06-15 - 16:52:34 ---A- - C:\Windows\Prefetch\PRIMARYCOLOR.PURBROWSE64.EXE-6CE6ED67.pf =>Adware.Sambreel
O45 - LFCP:[MD5.D2EA7E427272D70836E63437884E8A85] - 05-06-15 - 02:32:41 ---A- - C:\Windows\Prefetch\SECOH-QAD.EXE-1841CCFD.pf =>PUA.KMSpico
O45 - LFCP:[MD5.9EDEDFACBDF8327DA82DB0B16C5A87D8] - 01-06-15 - 00:52:46 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-7FC70E3F.pf =>P2P.µTorrent
O45 - LFCP:[MD5.7E5B933B188E5F3DF84EA078D7A59C43] - 31-05-15 - 16:14:49 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-DEE7534F.pf =>P2P.µTorrent
~ Prefetcher: 7 Legitimates Filtered in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13-08-13 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:13-05-15 - 20:08:16 ---A- . (.SuperClick - SC Driver x64.) -- C:\Windows\System32\Drivers\scfd_1_10_0_16.sys [58240] =>PUP.SuperClick
O58 - SDL:22-08-13 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:15-08-14 - 21:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:03-06-15 - 22:47:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys [48784] =>PUP.LinkiDoo
~ Drivers: 70 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libegl.dll [75264]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libexif.dll [308224]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libglesv2.dll [1805312]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome.dll [39406592]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_child.dll [43344896]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_elf.dll [124416]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_watcher.dll [355328]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\delegate_execute.exe [683520]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\ffmpegsumo.dll [961536]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\metro_driver.dll [487424]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\nacl64.exe [2286080]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\natives_blob.bin [396318]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\snapshot_blob.bin [431680]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe [659456]
O61 - LFC: 04-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\Installer\uninstall.exe [546816]
O61 - LFC: 04-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\Installer\setup.exe [928768]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Ads.BackgroundStyles_8_1_RP-9f980e6d.dll [12248]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Local\Multimedia.ImageDetails.dll [18392]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreItem_8_1_RTM-b18e1027.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Landscape_8_1_RP-e50a2a67.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Portrait_8_1_RP-1f4469d2.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Snap_8_1_RP-936e182b.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\MsnJVData.Video_Styles_8_1_RTM-9da0e9ee.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Landscape_8_1_RP-9d7f86a9.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Portrait_8_1_RP-e2820368.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Snap_8_1_RP-28755c71.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageAnswer_Horizontal_8_1_RTM-dce2a546.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageAnswer_Vertical_8_1_RTM-4d5d3c50.dll [12248]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageDetails_RTM-645d8117.dll [18392]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.Home_Horizontal_8_1_RP-bb56e430.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.Home_Vertical_8_1_RP-a4518597.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.ListItem_8_1_RP-cfced051.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.AccentColorStyles_8_1_RP-f16782e7.dll [13272]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.AppButton_8_1_RP-df2cf5e1.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.Branding_8_1_RTM-1aa170b9.dll [15320]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.ButtonStyles_8_1_SpringGDR-ff8d7ba7.dll [25560]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.FactsList_8_1_RP-bf695b40.dll [15320]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.GridViewStyles_8_1_SpringGDR-deacc251.dll [30680]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.HeroStyles_8_1_RTM-45ef23fc.dll [23000]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.ImageStyles_8_1_SpringGDR-1e013bca.dll [12248]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.List_8_1_RTM-dddcb8a3.dll [17880]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.NullableImageWithCustomBackground_8_1_SpringGDR-ed3aa063.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.NullableImage_8_1_SpringGDR-61977366.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.Rating_8_1_RP-5b672b01.dll [11736]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_FocusOnly_8_1_RP-8920ab69.dll [14808]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_Selectable_8_1_RP-50f23571.dll [14808]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_Suppressed_8_1_RP-9749e2bf.dll [14296]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpGridViewStyles_8_1_RTM-585bfba1.dll [23512]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.TextStyles_8_1_SpringGDR-bc62340a.dll [35800]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.Algo_Generic_8_1_RP-473969cf.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_Landscape_8_1_RP-093821dc.dll [13272]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_Portrait_8_1_RP-f96819b8.dll [14296]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_VerticalNarrow_8_1_RP-92e040cb.dll [12248]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.MetadataWithoutSuffix_8_1_RP-9fcd7344.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.RichAlgo_Landscape_8_1_RP-30e0ff7c.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.RichAlgo_Portrait_8_1_RP-9812756d.dll [11736]
O61 - LFC: 04-06-15 - 04:25:14 ---A- . (...) -- C:\Users\AnTo1o\MAJ2\BTW12.0.1.170_Win8x_USB_ASUS\Win32\Inst.exe [261888]
O61 - LFC: 04-06-15 - 04:25:15 ---A- . (...) -- C:\Users\AnTo1o\MAJ2\BTW12.0.1.170_Win8x_USB_ASUS\Win64\Inst.exe [261888]
O61 - LFC: 31-05-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 31-05-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [411415]
~ 84 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 125 Legitimates Filtered in 00mn 07s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- firefox.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} [DefaultScope] - (Search Provided by Yahoo) - http://us.yhs4.search.yahoo.comDtGyCtDyE0DtBtBtAzyyDzz0F0F2QtN0A0LzuyE%26cr%3D1930496419%26a%3Dwny_tele_15_23%26os%3DWindows 8.1&p={searchTerms}
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {4767FC05-5431-40DF-88BD-C994035896A5} - (Propositions de recherche Amazon.fr) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {4aebadac-e28a-4d87-af90-492c7b7f9d5b} - (Search) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - (Search Provided by Yahoo) - http://us.yhs4.search.yahoo.com0E0DyByCtDyDzztDyCyEyBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyBzyzy%26cr%3D834297441%26a%3Dwncy_clu_15_23%26os%3DWindows 8.1&p={searchTerms}
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 31-05-15 - 22:45:22 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
~ Files: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{C564251D-52E5-4547-80AB-51DF10FDD8E2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{54462087-E5A9-4D10-8D84-E5DE045F30DE}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 04s
---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\Wow6432Node\23204_2015/06/01]:last="13077591657446"
~ Export Key Software: Scanned in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASAPI32 =>PUP.SuperClick
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASMANCS =>PUP.SuperClick
~ BTK: 27 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 31-05-15 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 22-04-15 827640 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
SS - | Auto 22-04-15 1185584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
SS - | Auto 13-11-13 2251992 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SS - | Demand 07-10-14 279144 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 24-04-14 203344 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 04-06-15 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04-06-15 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24-04-12 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SS - | Demand 13-05-14 887256 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 06-04-15 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 09-04-14 174368 | (iumsvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
SS - | Demand 24-04-15 625640 | (Lenovo EasyPlus Hotspot) . (.Lenovo.) - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
SS - | Demand 14-05-15 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 18-02-15 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 22-08-13 37768 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22-04-15 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe
SR - | Auto 22-04-15 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
SR - | Auto 19-01-15 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21-05-15 208632 | (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
SR - | Auto 30-08-11 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21-11-14 978688 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
SR - | Auto 25-08-14 255040 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 28-05-15 1152656 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 01-08-14 93184 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Demand 19-05-14 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 23-07-13 43320 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 09-10-14 569608 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
SR - | Auto 04-12-14 19184 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 07-10-14 328296 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 03-09-14 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 03-09-14 154584 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 03-09-14 405976 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04-06-15 2823296 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 28-05-15 1893008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 28-05-15 23006864 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 28-05-15 937288 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 28-03-14 88064 | (omniserv) . (.Softex Inc..) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
SR - | Auto 14-01-15 7410024 | (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
SR - | Auto 14-04-14 389896 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
SR - | Auto 04-09-14 292568 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 13-05-15 278616 | (scsvc_1.10.0.16) . (.SuperClick.) - C:\Program Files (x86)\SuperClick_1.10.0.16\Service\scsvc.exe =>PUP.SuperClick
SR - | Auto 15-10-14 435064 | (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
SR - | Auto 02-02-15 971968 | (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
SR - | Auto 17-06-14 191728 | (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
SR - | Auto 15-05-15 2967864 | (TuneUp.UtilitiesSvc) . (.AVG Technologies.) - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
SR - | Demand 22-07-58 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22-07-58 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22-07-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 31s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by AnTo1o at 05-06-15 04:28:03
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by AnTo1o at 05-06-15 04:28:05
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (31-05-15)
Clés trouvées (Keys found) : 20
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 15
Fichiers trouvés (Files found) : 25
[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^
[HKLM\SYSTEM\CurrentControlSet\Services\scsvc_1.10.0.16] =>PUP.SuperClick^
[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LolliScan] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Primary Color] =>Adware.Sambreel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SuperClick_1.10.0.16] =>PUP.SuperClick^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\extensions\tk@SgKYI.com =>PUP.PriceLess^
C:\Program Files (x86)\Internet Speed Checker =>PUP.InternetSpeedChecker^
C:\Program Files (x86)\PericELeuss =>PUP.PriceLess^
C:\Program Files (x86)\Primary Color =>Adware.Sambreel^
C:\Program Files (x86)\SuperClick_1.10.0.16 =>PUP.SuperClick^
C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^
C:\ProgramData\WebShield =>Adware.WebShield^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair^
C:\Users\AnTo1o\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\AnTo1o\AppData\Roaming\smileyswelove =>Adware.SmileyBar^
C:\Users\AnTo1o\AppData\Local\Gameo =>PUP.Gameo^
C:\Users\AnTo1o\AppData\Local\WebShield =>Adware.WebShield^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\ProgramData\LolliScan\LolliScan.exe =>Adware.Graftor^
C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe =>Rogue.ReimageRepair^
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair^
C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe =>PUP.SuperClick^
C:\Windows\Tasks\LHTFVNWO1.job =>Adware.Graftor^
C:\Windows\System32\Tasks\LHTFVNWO1 =>Adware.Graftor^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\Gameo] =>PUP.Gameo^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Primary Color] =>Adware.Sambreel^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKCU\Software\SmileysWeLove] =>Adware.SmileyBar^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\1483dc53-8c3e-f4a2-39f4-14409ad9da43] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Internet Speed Checker] =>PUP.InternetSpeedChecker^
[HKLM\Software\Wow6432Node\Primary Color] =>Adware.Sambreel^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 358655 Items scanned in 00mn 45s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PriceMinus
http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://www.nicolascoolman.fr/blog/ =>PUP.SuperClick
http://nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware
http://www.nicolascoolman.fr/blog/ =>PUP.Gameo
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>Adware.Sambreel
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog/ =>Adware.WebShield
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.PerformanceOptimizer
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
~ MSI: 27 link(s) detected in 00mn 00s
~ 1143 Legitimates filtered by white list
End of the scan (764 lines in 05mn 31s)(0.10)
~ Lancé par AnTo1o (05-06-15 04:23:23)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.17801
MFIE: Mozilla Firefox 38.0.1 (Defaut)
GCIE: Google Chrome v43.0.2357.81
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
~ Windows(R) Operating System, OEM_DM channel
Windows ID Activation : OK
~ Windows Partial Key : VCC43
Windows License : OK
~ Windows Remaining Initializations Number : 997
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
Windows 8.1, 64-bit (Build 9600)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
avast! SecureLine v1.0.139.2
avast! SecureLine v1.0.139.2
Windows Defender W8 (Deactivate)
---\\ Logiciels d'optimisation du système
CCleaner v5.06
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 17 NPAPI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 61 Stepping 4, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 12210 MB (71% free)
System Restore: Activé (Enable)
System drive C: has 613 GB (91%) free of 673 GB
---\\ Mode de connexion au système
~ Computer Name: ANTO1O
~ User Name: AnTo1o
~ All Users Names: HomeGroupUser$, AnTo1o, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\AnTo1o\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\AnTo1o\AppData\Roaming\
~ %Desktop% : C:\Users\AnTo1o\Desktop\
~ %Favorites% : C:\Users\AnTo1o\Favorites\
~ %LocalAppData% : C:\Users\AnTo1o\AppData\Local\
~ %StartMenu% : C:\Users\AnTo1o\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 613 Go of 673 Go)
D: Hard drive, Flash drive, Thumb drive (Free 3 Go of 25 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 40 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.C10A66189DC8C090E7C84873EDCEBC88] - (.Microsoft Corporation - Explorateur Windows.) (.28-01-15 - 00:47:12.) -- C:\Windows\Explorer.exe [2501368]
[MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Application de démarrage de Windows.) (.22-08-13 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384]
[MD5.F0289B3A341429117696F0279DA977B6] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21-04-15 - 16:27:25.) -- C:\Windows\System32\wininet.dll [2352128]
[MD5.306EB21E5B480AE9065EA55AC8C35936] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18-03-14 - 10:54:52.) -- C:\Windows\System32\Winlogon.exe [562176]
[MD5.AFCAB4DC692CCE37E283B00E2D7B438F] - (.Microsoft Corporation - Bibliothèque de licences.) (.18-03-14 - 10:54:52.) -- C:\Windows\System32\sppcomapi.dll [447488]
[MD5.374E27295F0A9DCAA8FC96370F9BEEA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04-11-14 - 13:42:10.) -- C:\Windows\system32\Drivers\AFD.sys [563200]
[MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22-08-13 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464]
[MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22-08-13 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576]
[MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22-08-13 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352]
[MD5.A03F362C5557E238CBFA914689C77248] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.04-11-14 - 13:26:34.) -- C:\Windows\system32\Drivers\DfsC.sys [134144]
[MD5.D4B7ED39C7900384D9E5C1283F1E7926] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\HDAudBus.sys [76800]
[MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - Pilote de port i8042.) (.22-08-13 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520]
[MD5.B7342B3C58E91107F6E946A93D9D4EFD] - (.Microsoft Corporation - IP Network Address Translator.) (.18-03-14 - 10:54:55.) -- C:\Windows\system32\Drivers\IpNat.sys [142848]
[MD5.7A1A3F213CDB3363D179D5014272025D] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.04-11-14 - 13:43:42.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432]
[MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22-08-13 - 12:37:02.) -- C:\Windows\system32\Drivers\netBT.sys [282624]
[MD5.038C77D577900EE39410662478BB0D50] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\ntfs.sys [2009920]
[MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Pilote de port parallèle.) (.22-08-13 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208]
[MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22-08-13 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832]
[MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.18-03-14 - 10:37:57.) -- C:\Windows\system32\Drivers\rdpdr.sys [195584]
[MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22-08-13 - 14:25:35.) -- C:\Windows\system32\Drivers\tdx.sys [107520]
[MD5.64CA2B4A49A8EAF495E435623ECCE7DB] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.04-11-14 - 13:59:45.) -- C:\Windows\system32\Drivers\volsnap.sys [310080]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 1/7
~ Mes Favoris (My Favorites) : 1/15
~ Mes Documents (My Documents) : 1/4
~ Mon Bureau (My Desktop) : 0/6
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lancés
[MD5.A416FBE18A8FF5C942B5E4A65A66EAE0] - (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704] [PID.6844]
[MD5.444FEE93C045940CDA53BA0C20B2A69A] - (.CyberLink Corp. - CyberLink YouCam Service.) -- C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224] [PID.1400]
[MD5.86FAB02AFB6A800D047EB55597808D28] - (.Hewlett-Packard Development Company, L.P. - HP CoolSense.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552] [PID.3552]
[MD5.73FCAA8154F8FD71E71E7DC52A1BAF2A] - (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [509192] [PID.5932]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [728312] [PID.5372]
[MD5.43B5696A844FB705D1E9595E8C3351B6] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864] [PID.3020]
[MD5.C4EF32C1C0473392EF4204890AF8E457] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896] [PID.1408]
[MD5.12E2FC1F74265881402DE856D01EFFFE] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8214016] [PID.5448]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\AnTo1o\AppData\Local\Google\Chrome\User Data\Default\Preferences
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\prefs.js
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\user.js
M3 - MFPP: Plugins - [AnTo1o] -- C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\searchplugins\WebSearch.xml
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\abs@avira.com] [] Segurança do navegador Avira v1.4.9 (..)
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\DUOz@BG.org] [] PriceoMinus v2.0 (..) =>PriceMinus
M2 - MFEP: prefs.js [AnTo1o - 6e0k8l2o.default\tk@SgKYI.com] [] PericELeuss v5.2 (..) =>PUP.PriceLess
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] abs@avira.com
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] DUOz@BG.org
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] jid1-FB1bBgFMk5H6Wg@jetpack.xpi
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] L4@eqF7W.org
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] tk@SgKYI.com
M2 - MFEP: Extension [AnTo1o - 6e0k8l2o.default] {588b71a1-b0bc-422a-9c3a-658c73ef0290}.xpi
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\ddg.xml
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\generic_search.xml
~ Firefox Browser: 36 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istartsurf.com =>PUP.Istart
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istartsurf.com =>PUP.Istart
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (21)
~ Hosts File: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\QuickLaunch [AnTo1o]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
O4 - GS\TaskBar [AnTo1o]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [AnTo1o]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com =>PUP.Istart
~ Global Startup: 4 Legitimates Filtered in 00mn 02s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKLM\..\Run: [SimplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_F9D622B1055019D889338F395A5C9BA9] . (.The Chromium Authors - Chromium.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe
O4 - HKLM\..\Wow6432Node\Run: [AccelerometerSysTrayApplet] . (.Hewlett-Packard Company - Hp Accelerometer System Tray.) -- C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
O4 - HKLM\..\Wow6432Node\Run: [HPMessageService] . (.Hewlett-Packard Development Company, L.P. - HP Message Service.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [CCleaner Monitoring] . (.Piriform Ltd - CCleaner.) -- C:\Program Files\CCleaner\CCleaner64.exe =>.Piriform Ltd
O4 - HKUS\S-1-5-21-3557285559-2046751746-954871750-1001\..\Run: [GoogleChromeAutoLaunch_F9D622B1055019D889338F395A5C9BA9] . (.The Chromium Authors - Chromium.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico
O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Cliquer pour appeler Lync [64Bits] - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync.) -- C:\Program Files\Microsoft Office\Office15\lync.exe
O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files (x86)\MICROS~1\Office15\ONBTTN~1.dll =>.Microsoft Corporation
O9 - Extra button: Skype Click to Call settings [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 [64Bits] - {A95fe080-8f5d-11d2-a20b-00aa003c157a} . (.Evernote Corp., 305 Walnut Street, Redwood - Evernote Clipper for Microsoft Internet Explorer.) -- C:\Program Files (x86)\Evernote\Evernote\EvernoteIEx64.dll
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{02C94EB6-3840-4CA1-9733-C37CA046A7A3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpNameServer = 40.23.1.201 40.23.1.202
O17 - HKLM\System\CCS\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpDomain = D1-Line.COM
O17 - HKLM\System\CS1\Services\Tcpip\..\{02C94EB6-3840-4CA1-9733-C37CA046A7A3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpNameServer = 40.23.1.201 40.23.1.202
O17 - HKLM\System\CS1\Services\Tcpip\..\{ECCD068A-FD1F-449E-857F-810EC3C1BDB9}: DhcpDomain = D1-Line.COM
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: text/xml [64Bits] - {807583E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Reimage Real Time Protector (ReimageRealTimeProtector) . (.Reimage® - Reimage Real Time Protection.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
O23 - Service: SC 1.10.0.16 Client Service (scsvc_1.10.0.16) . (.SuperClick - SC Client Service.) - C:\Program Files (x86)\SuperClick_1.10.0.16\Service\scsvc.exe =>PUP.SuperClick
O23 - Service: avast! SecureLine (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
O23 - Service: Service KMSELDI (Service KMSELDI) . (.@ByELDI - Service_KMS.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
~ Services: 33 Legitimates Filtered in 00mn 10s
---\\ Tâches planifiées en automatique (O39)
[MD5.F1CE8A8107117151704BED2729CC0717] [APT] [AutoPico Daily Restart] (.@ByELDI.) -- C:\Program Files\KMSpico\AutoPico.exe [971968] =>PUA.KMSpico
[MD5.D423210C49AAE90BDDD854061DC105C1] [APT] [Chromium] (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\APPLIC~1\450242~1.0\INSTAL~1\UNINST~1.exe [546816]
[MD5.0BC300B18B5397DD71194E9D76EAA4D9] [APT] [DropboxOEM] (...) -- C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [462160]
[MD5.00000000000000000000000000000000] [APT] [Easy Driver Pro Schedule] (...) -- C:\Program Files (x86)\Probit Software\Easy Driver Pro\EDPTray.exe (.not file.) [0] =>PUP.ProbitSoftware
[MD5.00000000000000000000000000000000] [APT] [gameo_update] (...) -- C:\Users\AnTo1o\AppData\Roaming\Gameo\gameo.exe (.not file.) [0] =>PUP.Gameo
[MD5.EC62720A72C1ACD6AB638C0D7D10F431] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.EC62720A72C1ACD6AB638C0D7D10F431] [APT] [IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon] (...) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368]
[MD5.00000000000000000000000000000000] [APT] [LaunchPreSignup] (...) -- C:\Program Files (x86)\OLBPre\OLBPre.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.DF05643A7B81B020AC6C93B7410AF514] [APT] [LHTFVNWO1] (.LolliScan.) -- C:\ProgramData\LolliScan\LolliScan.exe [812032] =>Adware.Graftor
[MD5.39D266BD7B5BA17BD4C1FEA9DDB7D144] [APT] [Reimage Reminder] (.Reimage ltd..) -- C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [4431712] =>Rogue.ReimageRepair
[MD5.AEB53D4C5A3E079621BAE45C12C0EDA7] [APT] [ReimageUpdater] (.Reimage®.) -- C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7410024] =>Rogue.ReimageRepair
[MD5.9EC357EC1D412F48194DF5FE0C6D13B7] [APT] [SuperClick Auto Updater 1.10.0.16 Core] (.SuperClick.) -- C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe [59480] =>PUP.SuperClick
[MD5.9EC357EC1D412F48194DF5FE0C6D13B7] [APT] [SuperClick Auto Updater 1.10.0.16 Pending Update] (.SuperClick.) -- C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe [59480] =>PUP.SuperClick
[MD5.00000000000000000000000000000000] [APT] [WTRTDLM] (...) -- C:\ProgramData\c05e7c22ed084afab2b5a0576a51ba06\c05e7c22ed084afab2b5a0576a51ba06.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: Chromium - (...) -- C:\Windows\Tasks\Chromium.job [346]
O39 - APT: Chromium - (...) -- C:\Windows\System32\Tasks\Chromium [346]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082]
O39 - APT: LHTFVNWO1 - (.LolliScan.) -- C:\Windows\Tasks\LHTFVNWO1.job [346] =>Adware.Graftor
O39 - APT: LHTFVNWO1 - (.LolliScan.) -- C:\Windows\System32\Tasks\LHTFVNWO1 [346] =>Adware.Graftor
~ Scheduled Task: 42 Legitimates Filtered in 00mn 08s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (scfd_1_10_0_16) . (.SuperClick - SC Driver x64.) - C:\Windows\System32\drivers\scfd_1_10_0_16.sys =>PUP.SuperClick
O41 - Driver: ({0c0d086c-f4c2-47a4-86b9-399124476953}w64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys =>PUP.LinkiDoo
~ Drivers: 44 Legitimates Filtered in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: KMSpico - (...) [HKLM][64Bits] -- {8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1 =>PUA.KMSpico
O42 - Logiciel: LolliScan - (...) [HKLM][64Bits] -- LolliScan =>Adware.Graftor
O42 - Logiciel: Primary Color - (.Primary Color.) [HKLM][64Bits] -- Primary Color =>Adware.Sambreel
O42 - Logiciel: SuperClick 1.10.0.16 - (.SuperClick.) [HKLM][64Bits] -- SuperClick_1.10.0.16 =>PUP.SuperClick
~ Logic: 30 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\ArenaHD] =>PUP.CrossRider
[HKCU\Software\ClkApp]
[HKCU\Software\Clubic]
[HKCU\Software\Easy Speed Check]
[HKCU\Software\Gameo] =>PUP.Gameo
[HKCU\Software\HighDefAction] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKCU\Software\Primary Color] =>Adware.Sambreel
[HKCU\Software\ProductSetup] =>Adware.InstallCore
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\SmileysWeLove] =>Adware.SmileyBar
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive
[HKCU\Software\Tutorials] =>PUP.AgenceExclusive
[HKCU\Software\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\HighDefAction] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\LolliScan] =>Adware.Graftor
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Wow6432Node\1483dc53-8c3e-f4a2-39f4-14409ad9da43] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Cinema Video 1.8V31.05]
[HKLM\Software\Wow6432Node\HD4Good]
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.BrowserExtensions
[HKLM\Software\Wow6432Node\Internet Speed Checker] =>PUP.InternetSpeedChecker
[HKLM\Software\Wow6432Node\MaxPower]
[HKLM\Software\Wow6432Node\PJ]
[HKLM\Software\Wow6432Node\Primary Color] =>Adware.Sambreel
[HKLM\Software\Wow6432Node\WXLITE]
[HKLM\Software\Wow6432Node\WinPj]
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider
[HKLM\Software\YorkNewCin] =>PUP.CrossRider
~ Key Software: 344 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 04-06-15 - 17:37:46 - [] ----D C:\Program Files (x86)\Cinema Video 1.8V31.05
O43 - CFD: 04-06-15 - 17:42:31 - [] ----D C:\Program Files (x86)\FlashControl
O43 - CFD: 04-06-15 - 17:43:34 - [] ----D C:\Program Files (x86)\HD4Good
O43 - CFD: 04-06-15 - 17:44:19 - [] ----D C:\Program Files (x86)\Internet Speed Checker =>PUP.InternetSpeedChecker
O43 - CFD: 04-06-15 - 17:45:02 - [] ----D C:\Program Files (x86)\PericELeuss =>PUP.PriceLess
O43 - CFD: 04-06-15 - 17:45:02 - [] ----D C:\Program Files (x86)\PriceoMinus =>PriceMinus
O43 - CFD: 04-06-15 - 18:50:49 - [] ----D C:\Program Files (x86)\Primary Color =>Adware.Sambreel
O43 - CFD: 01-06-15 - 01:18:51 - [] ----D C:\Program Files (x86)\SuperClick_1.10.0.16 =>PUP.SuperClick
O43 - CFD: 31-05-15 - 22:45:18 - [] ----D C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider
O43 - CFD: 01-06-15 - 02:21:13 - [] ----D C:\ProgramData\15928482670229230692
O43 - CFD: 01-06-15 - 00:53:17 - [] ----D C:\ProgramData\19c9a96d00003f9e
O43 - CFD: 31-05-15 - 23:23:43 - [] ----D C:\ProgramData\3517978400006b0f
O43 - CFD: 31-05-15 - 22:45:22 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
O43 - CFD: 04-06-15 - 13:57:05 - [] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 01-06-15 - 00:56:41 - [] ----D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
O43 - CFD: 31-05-15 - 22:51:56 - [] ----D C:\ProgramData\Ebninoja
O43 - CFD: 04-06-15 - 18:51:18 - [] ----D C:\ProgramData\jkarallMG
O43 - CFD: 31-05-15 - 22:46:05 - [] ----D C:\ProgramData\LolliScan =>Adware.Graftor
O43 - CFD: 01-06-15 - 01:29:04 - [] ----D C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair
O43 - CFD: 31-05-15 - 22:46:03 - [] ----D C:\ProgramData\WebShield =>Adware.WebShield
O43 - CFD: 31-05-15 - 17:54:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico
O43 - CFD: 04-11-14 - 08:52:38 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music, Photos and Videos
O43 - CFD: 04-11-14 - 08:53:15 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
O43 - CFD: 01-06-15 - 01:28:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair
O43 - CFD: 04-06-15 - 15:21:17 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
O43 - CFD: 18-03-14 - 11:38:02 - [0] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04-06-15 - 19:10:36 - [] ----D C:\Users\AnTo1o\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 01-06-15 - 00:48:16 - [] ----D C:\Users\AnTo1o\AppData\Roaming\smileyswelove =>Adware.SmileyBar
O43 - CFD: 04-06-15 - 17:58:06 - [] ----D C:\Users\AnTo1o\AppData\Local\Gameo =>PUP.Gameo
O43 - CFD: 31-05-15 - 16:56:37 - [0] ----D C:\Users\AnTo1o\AppData\Local\PackageStaging
O43 - CFD: 04-06-15 - 15:07:27 - [] ----D C:\Users\AnTo1o\AppData\Local\WebShield =>Adware.WebShield
~ Program Folder: 204 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.ED85313B5C4822D76EE5D92100527BB5] - 01-06-15 - 00:29:28 ---A- . (...) -- C:\Windows\Reimage.ini [165] =>Rogue.ReimageRepair
O44 - LFC:[MD5.2CBD6D22499EB13A2666F62EF33D00E2] - 02-06-15 - 21:53:30 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [16303]
O44 - LFC:[MD5.0EEE2A1F716C29F14930B2F836BE7607] - 03-06-15 - 22:47:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys [48784] =>PUP.LinkiDoo
O44 - LFC:[MD5.406E76BE63C65E0BF4B263156320254E] - 04-06-15 - 12:08:53 ---A- . (...) -- C:\Windows\System32\ScannerSettings [464]
O44 - LFC:[MD5.114CA3EAFBB2A8F1E2B4BC7B7DB5F756] - 04-06-15 - 12:18:02 ---A- . (...) -- C:\Windows\System32\ScanResults.xml [5547]
O44 - LFC:[MD5.4F42D0CE252EB958DB6EDC3FF6C0BF7E] - 04-06-15 - 12:53:07 ---A- . (...) -- C:\Windows\System32\Drivers\BCM43142A0_001.001.011.0277.0289.hex [57657]
O44 - LFC:[MD5.9D17F78BB04A3EF67426AFD087660188] - 04-06-15 - 14:12:31 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [410017]
O44 - LFC:[MD5.642F3511FE93D92C062C7CF6CE6E3075] - 04-06-15 - 18:57:18 ---A- . (...) -- C:\Windows\win.ini [301]
O44 - LFC:[MD5.1DAA514FDC61ABF63AC7EBA3C2D1095C] - 27-05-15 - 11:48:20 ---A- . (...) -- C:\Windows\System32\nvcoproc.bin [4408727]
O44 - LFC:[MD5.8AC1617AB2D28FEB6AA7A99CD519E507] - 28-05-15 - 08:04:11 ---A- . (...) -- C:\Windows\System32\nvcompiler.dll [42719888]
O44 - LFC:[MD5.B887A34F4D7F6BC0446A397DF2088B77] - 28-05-15 - 08:04:11 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [30966]
O44 - LFC:[MD5.8A63A03AE53A58DCD77C31B5DD1D591A] - 31-05-15 - 15:51:33 ---A- . (...) -- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat [118]
O44 - LFC:[MD5.FB1F46900FBE595AA662E86E5C460FC1] - 31-05-15 - 15:51:57 ---A- . (...) -- C:\Windows\insFileSpec [205]
O44 - LFC:[MD5.3D733144477CADCF77009EF614413630] - 31-05-15 - 16:54:16 ---A- . (.Vestris Inc. - ResourceLib.) -- C:\Windows\System32\Vestris.ResourceLib.dll [90112]
O44 - LFC:[MD5.6D7FDBF9CEAC51A76750FD38CF801F30] - 31-05-15 - 16:54:30 ---A- . (...) -- C:\Windows\SECOH-QAD.dll [3584] =>PUA.KMSpico
O44 - LFC:[MD5.38DE5B216C33833AF710E88F7F64FC98] - 31-05-15 - 16:54:30 ---A- . (...) -- C:\Windows\SECOH-QAD.exe [4608] =>PUA.KMSpico
O44 - LFC:[MD5.2BF3E96EDD18C8F746D2D9B9C85240C6] - 31-05-15 - 23:48:07 ---A- . (...) -- C:\browserhelper.log [1711]
~ Files: 239 Legitimates Filtered in 00mn 59s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.CD3A8D62C2E8404B4E0CF607C824EA87] - 05-06-15 - 02:33:51 ---A- - C:\Windows\Prefetch\LOLLISCAN.EXE-24A984AD.pf =>Adware.Graftor
O45 - LFCP:[MD5.8FC90F1BDE80DB9451880326C9C01FD3] - 31-05-15 - 23:49:49 ---A- - C:\Windows\Prefetch\OPTIMIZERPRO.EXE-352DDA76.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.C0125BC018174CEEA8E8F6E10F2CD27A] - 05-06-15 - 02:51:44 ---A- - C:\Windows\Prefetch\PERFORMANCEOPTIMIZER.EXE-23A96D70.pf =>PUP.PerformanceOptimizer
O45 - LFCP:[MD5.72B39E5DC0706CB2B0DB2885617035F6] - 04-06-15 - 16:52:34 ---A- - C:\Windows\Prefetch\PRIMARYCOLOR.PURBROWSE64.EXE-6CE6ED67.pf =>Adware.Sambreel
O45 - LFCP:[MD5.D2EA7E427272D70836E63437884E8A85] - 05-06-15 - 02:32:41 ---A- - C:\Windows\Prefetch\SECOH-QAD.EXE-1841CCFD.pf =>PUA.KMSpico
O45 - LFCP:[MD5.9EDEDFACBDF8327DA82DB0B16C5A87D8] - 01-06-15 - 00:52:46 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-7FC70E3F.pf =>P2P.µTorrent
O45 - LFCP:[MD5.7E5B933B188E5F3DF84EA078D7A59C43] - 31-05-15 - 16:14:49 ---A- - C:\Windows\Prefetch\UTORRENT.EXE-DEE7534F.pf =>P2P.µTorrent
~ Prefetcher: 7 Legitimates Filtered in 00mn 01s
---\\ Déni du service (Local Security Authority) (O48)
~ LSA: 3 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:13-08-13 - 00:25:46 ---A- . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\Windows\System32\Drivers\bcmfn2.sys [17624]
O58 - SDL:13-05-15 - 20:08:16 ---A- . (.SuperClick - SC Driver x64.) -- C:\Windows\System32\Drivers\scfd_1_10_0_16.sys [58240] =>PUP.SuperClick
O58 - SDL:22-08-13 - 13:43:32 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys [31072]
O58 - SDL:15-08-14 - 21:35:00 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:03-06-15 - 22:47:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{0c0d086c-f4c2-47a4-86b9-399124476953}w64.sys [48784] =>PUP.LinkiDoo
~ Drivers: 70 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libegl.dll [75264]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libexif.dll [308224]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\libglesv2.dll [1805312]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome.dll [39406592]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_child.dll [43344896]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_elf.dll [124416]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\chrome_watcher.dll [355328]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\delegate_execute.exe [683520]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\ffmpegsumo.dll [961536]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\metro_driver.dll [487424]
O61 - LFC: 02-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\nacl64.exe [2286080]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\natives_blob.bin [396318]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\snapshot_blob.bin [431680]
O61 - LFC: 02-06-15 - 04:25:09 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\chrome.exe [659456]
O61 - LFC: 04-06-15 - 04:25:08 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\Installer\uninstall.exe [546816]
O61 - LFC: 04-06-15 - 04:25:08 ---A- . (.The Chromium Authors.) -- C:\Users\AnTo1o\AppData\Local\Chromium\Application\45.0.2420.0\Installer\setup.exe [928768]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Ads.BackgroundStyles_8_1_RP-9f980e6d.dll [12248]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Local\Multimedia.ImageDetails.dll [18392]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreItem_8_1_RTM-b18e1027.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Landscape_8_1_RP-e50a2a67.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Portrait_8_1_RP-1f4469d2.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\ModernApplications.AppStoreSingleLayout_Snap_8_1_RP-936e182b.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\MsnJVData.Video_Styles_8_1_RTM-9da0e9ee.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Landscape_8_1_RP-9d7f86a9.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Portrait_8_1_RP-e2820368.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.EntryAnswer_Snap_8_1_RP-28755c71.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageAnswer_Horizontal_8_1_RTM-dce2a546.dll [11736]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageAnswer_Vertical_8_1_RTM-4d5d3c50.dll [12248]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Multimedia.ImageDetails_RTM-645d8117.dll [18392]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.Home_Horizontal_8_1_RP-bb56e430.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.Home_Vertical_8_1_RP-a4518597.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\QuerySuggestion.ListItem_8_1_RP-cfced051.dll [10712]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.AccentColorStyles_8_1_RP-f16782e7.dll [13272]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.AppButton_8_1_RP-df2cf5e1.dll [12760]
O61 - LFC: 04-06-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.Branding_8_1_RTM-1aa170b9.dll [15320]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.ButtonStyles_8_1_SpringGDR-ff8d7ba7.dll [25560]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.FactsList_8_1_RP-bf695b40.dll [15320]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.GridViewStyles_8_1_SpringGDR-deacc251.dll [30680]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.HeroStyles_8_1_RTM-45ef23fc.dll [23000]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.ImageStyles_8_1_SpringGDR-1e013bca.dll [12248]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.List_8_1_RTM-dddcb8a3.dll [17880]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.NullableImageWithCustomBackground_8_1_SpringGDR-ed3aa063.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.NullableImage_8_1_SpringGDR-61977366.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.Rating_8_1_RP-5b672b01.dll [11736]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_FocusOnly_8_1_RP-8920ab69.dll [14808]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_Selectable_8_1_RP-50f23571.dll [14808]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpAnswerBlock_Suppressed_8_1_RP-9749e2bf.dll [14296]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.SerpGridViewStyles_8_1_RTM-585bfba1.dll [23512]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Shared.TextStyles_8_1_SpringGDR-bc62340a.dll [35800]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.Algo_Generic_8_1_RP-473969cf.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_Landscape_8_1_RP-093821dc.dll [13272]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_Portrait_8_1_RP-f96819b8.dll [14296]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.AppifiedAlgo_VerticalNarrow_8_1_RP-92e040cb.dll [12248]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.MetadataWithoutSuffix_8_1_RP-9fcd7344.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.RichAlgo_Landscape_8_1_RP-30e0ff7c.dll [11224]
O61 - LFC: 04-06-15 - 04:25:10 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\ConnectedSearch\Templates\Web.RichAlgo_Portrait_8_1_RP-9812756d.dll [11736]
O61 - LFC: 04-06-15 - 04:25:14 ---A- . (...) -- C:\Users\AnTo1o\MAJ2\BTW12.0.1.170_Win8x_USB_ASUS\Win32\Inst.exe [261888]
O61 - LFC: 04-06-15 - 04:25:15 ---A- . (...) -- C:\Users\AnTo1o\MAJ2\BTW12.0.1.170_Win8x_USB_ASUS\Win64\Inst.exe [261888]
O61 - LFC: 31-05-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Internet Explorer\UrlBlockManager\urlblocklist.bin [0]
O61 - LFC: 31-05-15 - 04:25:09 ---A- . (...) -- C:\Users\AnTo1o\AppData\Local\Microsoft\Windows\1036\StructuredQuerySchema.bin [411415]
~ 84 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 125 Legitimates Filtered in 00mn 07s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - (e) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {2f23ab71-4ac6-41f2-a955-ea576e553146} [DefaultScope] - (Search Provided by Yahoo) - http://us.yhs4.search.yahoo.comDtGyCtDyE0DtBtBtAzyyDzz0F0F2QtN0A0LzuyE%26cr%3D1930496419%26a%3Dwny_tele_15_23%26os%3DWindows 8.1&p={searchTerms}
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} - (istartsurf) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {4767FC05-5431-40DF-88BD-C994035896A5} - (Propositions de recherche Amazon.fr) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {4aebadac-e28a-4d87-af90-492c7b7f9d5b} - (Search) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {8CDE19E6-71C2-4B46-89B7-35F6A18C571A} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {BB82DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {E733165D-CBCF-4FDA-883E-ADEF965B476C} - (Google) - http://www.istartsurf.com =>PUP.Istart
O69 - SBI: SearchScopes [HKCU] {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - (Search Provided by Yahoo) - http://us.yhs4.search.yahoo.com0E0DyByCtDyDzztDyCyEyBtA2QtN0A0LzuyEtN1B2Z1V1T1S1NzuyBzyzy%26cr%3D834297441%26a%3Dwncy_clu_15_23%26os%3DWindows 8.1&p={searchTerms}
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection Rogue (SRI) (O86)
O43 - CFD: 31-05-15 - 22:45:22 - [] ----D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
~ Files: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{C564251D-52E5-4547-80AB-51DF10FDD8E2}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{54462087-E5A9-4D10-8D84-E5DE045F30DE}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\AnTo1o\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 04s
---\\ Export de clés de registre aléatoires (O91)
[HKLM\Software\Wow6432Node\23204_2015/06/01]:last="13077591657446"
~ Export Key Software: Scanned in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: - {1CF1260C-4DD0-4ebb-811F-33C572699FDE}
O92 - MNS: - {374DE290-123F-4565-9164-39C4925E467B}
O92 - MNS: - {3ADD1653-EB32-4cb0-BBD7-DFA0ABB5ACCA}
O92 - MNS: - {A0953C92-50DC-43bf-BE83-3742FED03C9C}
O92 - MNS: - {A8CDFF1C-4878-43be-B5FD-F8091C1C60D0}
O92 - MNS: - {B4BFCC3A-DB2C-424C-B029-7FE99A87C641}
~ MNS: 6 Legitimates Filtered in 00mn 00s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASAPI32 =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\PerformanceOptimizer_RASMANCS =>PUP.PerformanceOptimizer
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASAPI32 =>PUP.SuperClick
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SuperClickAutoUpdateClient_RASMANCS =>PUP.SuperClick
~ BTK: 27 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 31-05-15 268464 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 22-04-15 827640 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
SS - | Auto 22-04-15 1185584 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
SS - | Auto 13-11-13 2251992 | (BcmBtRSupport) . (.Broadcom Corporation..) - C:\Windows\System32\BtwRSupportService.exe
SS - | Demand 07-10-14 279144 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 24-04-14 203344 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 04-06-15 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04-06-15 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24-04-12 169752 | (ICCS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
SS - | Demand 13-05-14 887256 | (Intel(R) Capability Licensing Service TCP IP Interface) . (.Intel(R) Corporation.) - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
SS - | Demand 06-04-15 643880 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 09-04-14 174368 | (iumsvc) . (...) - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
SS - | Demand 24-04-15 625640 | (Lenovo EasyPlus Hotspot) . (.Lenovo.) - C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe
SS - | Demand 14-05-15 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 18-02-15 315488 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Auto 22-08-13 37768 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 22-04-15 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\sched.exe
SR - | Auto 22-04-15 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Antivirus\avguard.exe
SR - | Auto 19-01-15 77128 | (Apple Mobile Device Service) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 21-05-15 208632 | (Avira.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
SR - | Auto 30-08-11 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 21-11-14 978688 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\ASUS\Bluetooth Software\btwdins.exe
SR - | Auto 25-08-14 255040 | (GamesAppIntegrationService) . (.WildTangent.) - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
SR - | Auto 28-05-15 1152656 | (GfExperienceService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
SR - | Auto 01-08-14 93184 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Demand 19-05-14 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 23-07-13 43320 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 09-10-14 569608 | (HPWMISVC) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
SR - | Auto 04-12-14 19184 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 07-10-14 328296 | (igfxCUIService1.0.0.0) . (.Intel Corporation.) - C:\Windows\System32\igfxCUIService.exe
SR - | Auto 03-09-14 131544 | (Intel(R) ME Service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 03-09-14 154584 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
SR - | Auto 03-09-14 405976 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04-06-15 2823296 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 28-05-15 1893008 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 28-05-15 23006864 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 28-05-15 937288 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 28-03-14 88064 | (omniserv) . (.Softex Inc..) - C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
SR - | Auto 14-01-15 7410024 | (ReimageRealTimeProtector) . (.Reimage®.) - C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair
SR - | Auto 14-04-14 389896 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
SR - | Auto 04-09-14 292568 | (RtkAudioService) . (.Realtek Semiconductor.) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
SR - | Auto 13-05-15 278616 | (scsvc_1.10.0.16) . (.SuperClick.) - C:\Program Files (x86)\SuperClick_1.10.0.16\Service\scsvc.exe =>PUP.SuperClick
SR - | Auto 15-10-14 435064 | (SecureLine) . (...) - C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
SR - | Auto 02-02-15 971968 | (Service KMSELDI) . (.@ByELDI.) - C:\Program Files\KMSpico\Service_KMS.exe =>PUA.KMSpico
SR - | Auto 17-06-14 191728 | (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
SR - | Auto 15-05-15 2967864 | (TuneUp.UtilitiesSvc) . (.AVG Technologies.) - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
SR - | Demand 22-07-58 0 | (WdNisSvc) . (...) - C:\Program Files (x86)\Windows Defender\NisSrv.exe
SR - | Demand 22-07-58 0 | (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 22-07-58 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
~ Services: Scanned in 00mn 31s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by AnTo1o at 05-06-15 04:28:03
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by AnTo1o at 05-06-15 04:28:05
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (31-05-15)
Clés trouvées (Keys found) : 20
Valeurs trouvées (Values found) : 5
Dossiers trouvés (Folders found) : 15
Fichiers trouvés (Files found) : 25
[HKLM\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector] =>Rogue.ReimageRepair^
[HKLM\SYSTEM\CurrentControlSet\Services\scsvc_1.10.0.16] =>PUP.SuperClick^
[HKLM\SYSTEM\CurrentControlSet\Services\Service KMSELDI] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1] =>PUA.KMSpico^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\LolliScan] =>Adware.Graftor^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Primary Color] =>Adware.Sambreel^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SuperClick_1.10.0.16] =>PUP.SuperClick^
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKCU\Software\Reimage] =>Rogue.ReimageRepair
[HKLM\Software\Reimage] =>Rogue.ReimageRepair
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\InstalledBrowserExtensions] =>PUP.CrossRider
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\IminentToolbar] =>Adware.IMBooster
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Users\AnTo1o\AppData\Roaming\Mozilla\Firefox\Profiles\6e0k8l2o.default\extensions\tk@SgKYI.com =>PUP.PriceLess^
C:\Program Files (x86)\Internet Speed Checker =>PUP.InternetSpeedChecker^
C:\Program Files (x86)\PericELeuss =>PUP.PriceLess^
C:\Program Files (x86)\Primary Color =>Adware.Sambreel^
C:\Program Files (x86)\SuperClick_1.10.0.16 =>PUP.SuperClick^
C:\Program Files (x86)\version13CheckMeUp =>PUP.CrossRider^
C:\ProgramData\LolliScan =>Adware.Graftor^
C:\ProgramData\Reimage Protector =>Rogue.ReimageRepair^
C:\ProgramData\WebShield =>Adware.WebShield^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico =>PUA.KMSpico^
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair =>Rogue.ReimageRepair^
C:\Users\AnTo1o\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\AnTo1o\AppData\Roaming\smileyswelove =>Adware.SmileyBar^
C:\Users\AnTo1o\AppData\Local\Gameo =>PUP.Gameo^
C:\Users\AnTo1o\AppData\Local\WebShield =>Adware.WebShield^
C:\Program Files\KMSpico\AutoPico.exe =>PUA.KMSpico^
C:\ProgramData\LolliScan\LolliScan.exe =>Adware.Graftor^
C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe =>Rogue.ReimageRepair^
C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe =>Rogue.ReimageRepair^
C:\Program Files (x86)\SuperClick_1.10.0.16\Update\SuperClickAutoUpdateClient.exe =>PUP.SuperClick^
C:\Windows\Tasks\LHTFVNWO1.job =>Adware.Graftor^
C:\Windows\System32\Tasks\LHTFVNWO1 =>Adware.Graftor^
[HKCU\Software\ArenaHD] =>PUP.CrossRider^
[HKCU\Software\Gameo] =>PUP.Gameo^
[HKCU\Software\HighDefAction] =>PUP.CrossRider^
[HKCU\Software\Primary Color] =>Adware.Sambreel^
[HKCU\Software\ProductSetup] =>Adware.InstallCore^
[HKCU\Software\SmileysWeLove] =>Adware.SmileyBar^
[HKCU\Software\Super Optimizer] =>PUP.SuperOptimizer^
[HKCU\Software\TutoTag] =>PUP.AgenceExclusive^
[HKCU\Software\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\LolliScan] =>Adware.Graftor^
[HKLM\Software\Wow6432Node\1483dc53-8c3e-f4a2-39f4-14409ad9da43] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\HighDefAction] =>PUP.CrossRider^
[HKLM\Software\Wow6432Node\Internet Speed Checker] =>PUP.InternetSpeedChecker^
[HKLM\Software\Wow6432Node\Primary Color] =>Adware.Sambreel^
[HKLM\Software\Wow6432Node\YorkNewCin] =>PUP.CrossRider^
[HKLM\Software\YorkNewCin] =>PUP.CrossRider^
C:\Windows\Reimage.ini =>Rogue.ReimageRepair
~ Additionnel Scan: 358655 Items scanned in 00mn 45s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ AMI: 2 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PriceMinus
http://www.nicolascoolman.fr/blog/ =>PUP.PriceLess
http://www.nicolascoolman.fr/blog/ =>PUP.Istart
http://nicolascoolman.fr/rogue-reimagerepair =>Rogue.ReimageRepair
http://www.nicolascoolman.fr/blog/ =>PUP.SuperClick
http://nicolascoolman.fr/pup-kmspico =>PUA.KMSpico
http://nicolascoolman.fr/pup-probitsoftware =>PUP.ProbitSoftware
http://www.nicolascoolman.fr/blog/ =>PUP.Gameo
http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup
http://www.nicolascoolman.fr/blog/ =>Adware.Graftor
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://www.nicolascoolman.fr/blog/ =>Adware.Sambreel
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://www.nicolascoolman.fr/blog/ =>PUP.BrowserExtensions
http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore
http://nicolascoolman.fr/adware-smileybar =>Adware.SmileyBar
http://www.nicolascoolman.fr/blog/ =>PUP.SuperOptimizer
http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive
http://nicolascoolman.fr/pup-internetspeedchecker =>PUP.InternetSpeedChecker
http://www.nicolascoolman.fr/blog/ =>Adware.WebShield
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro
http://www.nicolascoolman.fr/blog/ =>PUP.PerformanceOptimizer
http://nicolascoolman.fr/pup-v9software =>PUP.V9Software
http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
~ MSI: 27 link(s) detected in 00mn 00s
~ 1143 Legitimates filtered by white list
End of the scan (764 lines in 05mn 31s)(0.10)