Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.9.4.601 - Nicolas Coolman (04/09/2013)
~ Lanc� par samsung (05/09/2013 08:39:56)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version � jour.
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v29.0.1547.62 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Java 7 Update 13
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3004 MB (71% free)
System Restore: D�sactiv� (Disabled)
System drive C: has 85 GB (59%) free of 141 GB
---\\ Mode de connexion au syst�me
~ Computer Name: SAMSUNG-PC
~ User Name: samsung
~ All Users Names: samsung, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\samsung\AppData\Roaming\
~ %Desktop% : C:\Users\samsung\Desktop\
~ %Favorites% : C:\Users\samsung\Favorites\
~ %LocalAppData% : C:\Users\samsung\AppData\Local\
~ %StartMenu% : C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C:\ Hard drive, Flash drive, Thumb drive (Free 85 Go of 141 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 133 Go of 141 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.28/10/2009 - 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 14:58:11.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.06/09/2012 - 17:48:29.) -- C:\Windows\system32\Drivers\volsnap.sys [245616]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/1619
~ Mes musiques (My Musics) : 5/449
~ Mes Videos (My Videos) : 1/17
~ Mes Favoris (My Favorites) : 1/457
~ Mes Documents (My Documents) : 1/704
~ Mon Bureau (My Desktop) : 2/200
~ Menu demarrer (Programs) : 1/79
~ Hidden Files: Scanned in 00mn 33s
---\\ Processus lanc�s au d�marrage du syst�me
[MD5.97101B7CCCFA2BDFEFC2E0B84205D144] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864] [PID.2164]
[MD5.E4A94D17436B4E9F53CD64D08E53D964] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448] [PID.2260]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.2328]
[MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [835072] [PID.2344]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800] [PID.2352]
[MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.2652]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192] [PID.2660]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912] [PID.2668]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.2744]
[MD5.BFC91929336304802B21DC380F178444] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1113296] [PID.2768]
[MD5.6E3C60AC09E03CAEF32AE3DEFD0CC410] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1693904] [PID.2792]
[MD5.985D3D06EC34875FF34A30328EE1BFEF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.2964]
[MD5.EA5391AE556E86F2749DC82BF51694F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [175640] [PID.2976]
[MD5.267FBD8817AB1B060BF25596D3DC65D5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [169496] [PID.2988]
[MD5.744B13B59F3201DBCB52E469C4798531] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064] [PID.2996]
[MD5.11DFC7FF30B9B44F1477989C8FFF478F] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032] [PID.3008] =>PUP.SweetIM
[MD5.45945F39F2F6D08A0FAEC275E68FFC5A] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728] [PID.3024] =>PUP.SweetIM
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.3044]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3064]
[MD5.0612CE1B7B47888399E72886BB320B3A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373968] [PID.3404]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.3432]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe [485376] [PID.3460]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3480]
[MD5.0728D66EDDEE1253373E5C3025068FEB] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [179224] [PID.992]
[MD5.0EACE1D3ED62A8C15D5979CCB2640A42] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [268824] [PID.2932]
[MD5.2A4F72E6C43FAEE62A341F2FC24A442C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.5040]
[MD5.1DE123E71FF306C076147813047AF987] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7874560] [PID.5008]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.holasearch.com =>Hijacker.HolaSearch
G0 - GCSP: Preference [User Data\Default] http://www.holasearch.com =>Hijacker.HolaSearch
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.0.0.0 (D�sactiv�) =>PUP.SweetIM
~ Google Browser: 10 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propri�taire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll =>Adware.MetaStream
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com =>PUP.SweetIM
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: GamesBar - [HKLM]{6F282B65-56BF-4BD1-A8B2-A4449A05863D} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll =>Toolbar.Bing
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [APLangApp] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKLM\..\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: AIM 6.1.lnk . (.AOL LLC - AIM.) -- C:\Program Files\AIM6\aim6.exe
O4 - GS\QuickLaunch: Cradle of Rome.lnk . (...) -- C:\Program Files\MyPlayCity.com\Cradle of Rome\Cradle of Rome.exe
O4 - GS\QuickLaunch: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.) -- C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
O4 - GS\QuickLaunch: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.) -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - GS\QuickLaunch: Free Mp3 Wma Converter.lnk . (.Koyote Soft - Free Audio Converter.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - GS\QuickLaunch: Game Manager.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - Global Startup: C:\Users\samsung\Desktop\Antivirus Security Pro support.url . (...) -- C:\Users\samsung\Desktop\Antivirus Security Pro support.url
O4 - GS\Desktop: Antivirus Security Pro.lnk . (...) -- C:\ProgramData\nX3n9r6n\nX3n9r6n.exe
O4 - GS\Desktop: Juillet 2012 - Raccourci.lnk . (...) -- C:\Users\Public\Pictures\IMAGES POEMES\Juillet 2012
O4 - GS\Desktop: Mahjong In Poculis.lnk . (...) -- C:\games\In-Poculis\Mahjong In Poculis\MahjongLauncher.exe
O4 - GS\Desktop: stockvault-stuck-in-a-place103985 - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\stockvault-stuck-in-a-place103985.jpg
O4 - GS\Desktop: winrar_winrar_4.2_32_bits_francais_9632 - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\winrar_winrar_4.2_32_bits_francais_9632.exe
O4 - GS\Desktop: wrar420fr - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\wrar420fr.exe
~ Global Startup: Scanned in 00mn 01s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} -- Cl� orpheline =>Adware.GamesBar
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{38DDC203-DF02-4E75-8B3F-10D8DABC89F0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{3B62E680-05A9-45B2-9A62-A731DCFB4D64}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{4804DDDD-1480-46A6-93B3-7447B5DAC79D}] (...) -- C:\Program Files\PENDULO Studios\RUNAWAY 2 - The dream of the turtle\runaway2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{75848A28-13ED-4004-9AD9-0973D7F517EE}] (...) -- C:\Program Files\Sherlock Holmes contre Arsene Lupin\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8238FACF-03A1-4B52-A2A9-74009D72308F}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{8AB99E56-6745-45C4-A4F4-428ADE0CBDA6}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{99A63362-73AF-45B8-A720-3E419165958B}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{A4A30852-B729-4811-9242-87029BEE58AD}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{A86C59FF-D79D-4512-B511-D3964E67CDCF}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AA725A8D-8763-45FC-8650-0ABEB0A797B0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF81A4A9-FA4C-4C39-A034-BF68FBDBF015}] (...) -- C:\Program Files\Micro Application\L'Ile Noy�e\L'Ile Noyee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D29D2E0E-2E20-4954-9029-56DE22570D66}] (...) -- C:\Program Files\Grim Tales - La Malediction des Gray\Uninstall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{E83CF1B1-06EA-45FC-BD3E-8CE64E40E221}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{EE1F089B-12F0-419E-A083-EEF84B4CA9F0}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F042DBF6-FCE3-4576-9021-7B5FFAEE886E}] (...) -- C:\Program Files\Les Secrets de la Famille Flux - La Galerie Secrete\Uninstall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{F4C4FA8D-E8E3-4060-BE90-E0D37758656C}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
~ Scheduled Task: 42 Legitimates Filtered in 00mn 08s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Aura II: Les Anneaux Sacr�s - (...) [HKLM] -- BFG-Aura II - Les Anneaux Sacres
O42 - Logiciel: Cradle of Egypt - (...) [HKLM] -- BFG-Cradle of Egypt
O42 - Logiciel: MOZART version 1.0 - (...) [HKLM] -- Mozart, Le Dernier Secret_is1
O42 - Logiciel: Naissance de la Perse - (...) [HKLM] -- {39E7F3FE-5653-4C67-9DE3-3A75B18B2FA2}
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4} =>PUP.SweetIM
O42 - Logiciel: Update Manager for SweetPacks 1.0 - (.SweetIM Technologies Ltd..) [HKLM] -- {FB697452-8CA4-46B4-98B1-165C922A2EF3} =>PUP.SweetIM
~ Logic: 126 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\GamesBar] =>Adware.GamesBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKLM\Software\ASK]
[HKLM\Software\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\MetaStream] =>Adware.MetaStream
[HKLM\Software\SweetIM] =>PUP.SweetIM
~ Key Software: 208 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/05/2013 - 13:04:02 - [-1358,311] ----D C:\Program Files\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:04:10 - [136,061] ----D C:\Program Files\Cradle of Egypt
O43 - CFD: 12/05/2013 - 13:03:26 - [0,096] ----D C:\Program Files\Dam22
O43 - CFD: 12/05/2013 - 13:04:22 - [0,588] ----D C:\Program Files\GamesBar =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 13:03:23 - [1,023] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 08/07/2013 - 20:57:17 - [0,015] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 12/05/2013 - 13:03:00 - [0,207] ----D C:\Program Files\PC Performer =>Rogue.PCPerformer
O43 - CFD: 04/07/2012 - 12:24:15 - [11,167] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 29/10/2011 - 17:49:38 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/10/2012 - 15:00:26 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:25:25 - [0,081] ----D C:\ProgramData\BrowserProtect =>Hijacker.Eazel
O43 - CFD: 01/12/2011 - 19:41:46 - [0,201] ----D C:\ProgramData\GamesBar =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 11:25:02 - [0,002] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 12/05/2013 - 11:24:22 - [0,030] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 04/09/2013 - 07:56:48 - [0,631] ----D C:\ProgramData\nX3n9r6n
O43 - CFD: 12/03/2010 - 09:34:25 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 04/07/2012 - 12:24:15 - [1,284] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 12/05/2013 - 13:00:53 - [0,376] ----D C:\Users\samsung\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 24/10/2012 - 15:00:25 - [0,013] ----D C:\Users\samsung\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:24:25 - [0,016] ----D C:\Users\samsung\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
~ 1335 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1670 Legitimates Filtered in 06mn 17s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20608]
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20608]
O44 - LFC:[MD5.DE873C114B01C11F7FF8F196A4EB9CEC] - 05/09/2013 - 07:34:25 ---A- . (...) -- C:\Windows\ntbtlog.txt [82012]
~ Files: 9 Legitimates Filtered in 01mn 52s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.E6F53D6C0DEA3D375362265E175CA638] - 24/02/2010 - 11:22:10 ---A- . (.Protect Software GmbH - ProtectDisc x64/x86 Hybrid Driver.) -- C:\Windows\System32\Drivers\acedrv11.sys [185472]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 23/11/2011 - Pas de propri�taire (cel90xbe) .(...) - LEGACY_CEL90XBE
~ Legacy: 93 Legitimates Filtered in 00mn 01s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {86EEBFBA-5AD7-4941-B5A1-3DCF090BC34B} [DefaultScope] - (Recherche s�curis�e) - http://fr.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {9C8AA45B-2BF4-485B-B9F0-CD1D046EB2A8} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.35C085BFBB76B23551A9125553BB892D] [SPRF][25/08/2010] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][17/08/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.3880EEB1C736D853EB13B44898B718AB] [SPRF][03/09/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\82337.bat [94]
[MD5.745F5132AD9D75AA046883FB6979EA96] [SPRF][15/02/2007] (.AOL LLC - AOL Firewall Helper.) -- C:\Users\samsung\AppData\Local\Temp\AOLFirewallMgr.dll [95792]
[MD5.6E1799926209C193FDB2E05A271C5B49] [SPRF][08/07/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\BackupSetup.exe [10340624]
[MD5.67C2E58C28F913B0B3A298A5388ADA76] [SPRF][01/09/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\bfguni.exe [192341]
[MD5.5012F080FCCF701E2CD6B045AC7814D9] [SPRF][23/11/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\cel90xbe.sys [15872]
[MD5.E6B0306D0317C59043BA8BF9161314E9] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\CmdLineExt03.dll [40448]
[MD5.581028DE1EEC761F302B047DF95E5DC4] [SPRF][23/09/2009] (...) -- C:\Users\samsung\AppData\Local\Temp\FlashLockV228.exe [1249280]
[MD5.C4B7EC166D7330D10F7FEA2291E15157] [SPRF][25/08/2010] (...) -- C:\Users\samsung\AppData\Local\Temp\GoogleChromeInstaller.exe [579888]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_ICReinstall_setup.exe [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_setup.exe [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_setup.exe [1074664]
[MD5.3FCC0155BA9DA001D8803D321AEF65C3] [SPRF][21/03/2010] (.AOL LLC - Install Support Library.) -- C:\Users\samsung\AppData\Local\Temp\instSup.dll [63024]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll [393016] =>PUP.SweetIM
[MD5.6D1B120A2DD57F5A867A97114DE3602E] [SPRF][21/03/2010] (.AOL LLC. - ProgUpd.) -- C:\Users\samsung\AppData\Local\Temp\progupd.dll [83504]
[MD5.D6A91A20DE7C2828F433842F98725FD9] [SPRF][10/01/2012] (.Ask - Wrapper Application.) -- C:\Users\samsung\AppData\Local\Temp\setup.exe [3884200]
[MD5.992E52F7F30376894FF23B089521605C] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe [6204760] =>PUP.SweetIM
[MD5.1A3D1A7349253561EF89D017F6EDD5FC] [SPRF][04/07/2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe [2626512] =>PUP.SweetIM
[MD5.7DB4F105F12A2B4D7EEE292A13078F14] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf16.dll [12305]
[MD5.B38A66481D17FDBC4D6B8268725B963C] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf32.dll [17324]
[MD5.E67786798537591A688F967DCDDAC472] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntfNT.dll [22068]
[MD5.E03F2F24BCA457A35E1E26732AFE4A2F] [SPRF][05/11/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.4-win32.exe [22912657]
[MD5.E563A65BAEA25CEF8F49FB0228CB8555] [SPRF][24/01/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.5-win32.exe [22916830]
[MD5.38785EBA617F326B08D30D6FD8272135] [SPRF][12/08/2013] (...) -- C:\Users\samsung\AppData\Roaming\wklnhst.dat [11242]
[MD5.006C83751B9F17934B58085D0B7BDA2C] [SPRF][24/01/2007] (.America Online, Inc. - AOL Media Playback Control.) -- C:\Windows\Downloaded Program Files\ampAx3.0.84.2.dll [841304]
[MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][21/03/2010] (...) -- C:\Windows\Downloaded Program Files\unagiuninst.exe [38428]
~ Files: 50 Legitimates Filtered in 01mn 11s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{55459D38-6804-45EF-8DCE-9C41DDD1275C}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{68457E8C-4A6E-4F22-AFEF-22B7B05E6ABE}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
~ Firewall: 198 Legitimates Filtered in 00mn 03s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 104 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\13b4d5f.msi [3704832] =>PUP.SweetIM
[MD5.966926090F3A80BB8622AD569A484169] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\13b4d65.msi [3119104] =>PUP.SweetIM
[MD5.85C5DEF2B079CA6E8CA7FCBD45793BEF] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.0.) -- C:\Windows\Installer\13b4d6b.msi [2243584] =>PUP.SweetIM
~ WIS: 109 Legitimates Filtered in 00mn 17s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 24/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24/06/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\windows\system32\FsUsbExService.exe
SR - | Auto 08/03/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/03/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/08/2013 1783632 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 31/08/2012 167784 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SR - | Auto 31/08/2012 167784 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 16/11/2012 279048 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SR - | Auto 31/08/2012 167784 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 19/02/2013 203840 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 19/02/2013 169320 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 19/02/2013 172416 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
SR - | Auto 31/08/2012 167784 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 13/08/2009 44312 | (OberonGameConsoleService) . (...) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 07/07/2009 247152 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe
SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 21s
---\\ Scan Additionnel (O88)
Database Version : v2.12882 - (04/09/2013)
Cl�s trouv�es (Keys found) : 161
Valeurs trouv�es (Values found) : 3
Dossiers trouv�s (Folders found) : 22
Fichiers trouv�s (Files found) : 20
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}] =>PUP.SweetIM^
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Microsoft\Internet Explorer\extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
[HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}] =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream
[HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary] =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1] =>Adware.MetaStream
[HKLM\Software\Classes\oberontb.band] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.band.1] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO.1] =>Adware.GamesBar
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\AedgePerformanceBCN] =>Adware.SPointer
[HKCU\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\MetaStream] =>Adware.MetaStream
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Viewpoint] =>Adware.MetaStream
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar] =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer] =>Adware.MetaStream
[HKLM\Software\MozillaPlugins\@viewpoint.com/VMP] =>Adware.MetaStream
[HKCU\control panel\don't load]:wscui.cpl =>Trojan.FakeAlert
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{6F282B65-56BF-4BD1-A8B2-A4449A05863D} =>Adware.GamesBar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SweetIM =>PUP.SweetIM^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files\GamesBar =>Adware.GamesBar^
C:\Program Files\Iminent =>Adware.IMBooster^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\PC Performer =>Rogue.PCPerformer^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\BrowserProtect =>Hijacker.Eazel^
C:\ProgramData\GamesBar =>Adware.GamesBar^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Iminent =>Adware.IMBooster^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\Users\samsung\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\samsung\AppData\Roaming\Babylon =>Toolbar.Babylon^
C:\Users\samsung\AppData\Roaming\Iminent =>Adware.IMBooster^
C:\Program Files\Viewpoint =>Adware.MetaStream
C:\Program Files\vGrabber-software =>Toolbar.vGrabber
C:\ProgramData\Viewpoint =>Adware.MetaStream
C:\ProgramData\Partner =>Spyware.Partner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar =>Adware.GamesBar
C:\Users\samsung\AppData\Local\pixeasy Air =>Adware.SPointer
C:\Users\samsung\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM
C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM^
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM^
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM^
C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar^
C:\Program Files\Microsoft\BingBar\BingExt.dll =>Toolbar.Bing^
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
[HKCU\Software\GamesBar] =>Adware.GamesBar^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM^
C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM^
C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing^
C:\Windows\Installer\13b4d5f.msi =>PUP.SweetIM^
C:\Windows\Installer\13b4d65.msi =>PUP.SweetIM^
C:\Windows\Installer\13b4d6b.msi =>PUP.SweetIM^
~ Additionnel Scan: 400200 Items scanned in 01mn 29s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28136809-hijacker-holasearch =>Hijacker.HolaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream =>Adware.MetaStream
~ http://nicolascoolman.webs.com/apps/blog/show/26808625-adware-gamesbar =>Adware.GamesBar
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira =>Toolbar.Avira
~ http://nicolascoolman.webs.com/apps/blog/show/27632288-toolbar-vgrabber =>Toolbar.vGrabber
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ MSI: 21 link(s) detected in 01mn 29s
~ 2635 Legitimates filtered by white list
End of the scan (790 lines in 12mn 42s)(0)
~ Lanc� par samsung (05/09/2013 08:39:56)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version � jour.
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v29.0.1547.62 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Java 7 Update 13
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3004 MB (71% free)
System Restore: D�sactiv� (Disabled)
System drive C: has 85 GB (59%) free of 141 GB
---\\ Mode de connexion au syst�me
~ Computer Name: SAMSUNG-PC
~ User Name: samsung
~ All Users Names: samsung, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\samsung\AppData\Roaming\
~ %Desktop% : C:\Users\samsung\Desktop\
~ %Favorites% : C:\Users\samsung\Favorites\
~ %LocalAppData% : C:\Users\samsung\AppData\Local\
~ %StartMenu% : C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C:\ Hard drive, Flash drive, Thumb drive (Free 85 Go of 141 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 133 Go of 141 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 26 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.28/10/2009 - 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 14:58:11.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.06/09/2012 - 17:48:29.) -- C:\Windows\system32\Drivers\volsnap.sys [245616]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/1619
~ Mes musiques (My Musics) : 5/449
~ Mes Videos (My Videos) : 1/17
~ Mes Favoris (My Favorites) : 1/457
~ Mes Documents (My Documents) : 1/704
~ Mon Bureau (My Desktop) : 2/200
~ Menu demarrer (Programs) : 1/79
~ Hidden Files: Scanned in 00mn 33s
---\\ Processus lanc�s au d�marrage du syst�me
[MD5.97101B7CCCFA2BDFEFC2E0B84205D144] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864] [PID.2164]
[MD5.E4A94D17436B4E9F53CD64D08E53D964] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448] [PID.2260]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.2328]
[MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [835072] [PID.2344]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800] [PID.2352]
[MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.2652]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2201192] [PID.2660]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912] [PID.2668]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.2744]
[MD5.BFC91929336304802B21DC380F178444] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1113296] [PID.2768]
[MD5.6E3C60AC09E03CAEF32AE3DEFD0CC410] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [1693904] [PID.2792]
[MD5.985D3D06EC34875FF34A30328EE1BFEF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.2964]
[MD5.EA5391AE556E86F2749DC82BF51694F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [175640] [PID.2976]
[MD5.267FBD8817AB1B060BF25596D3DC65D5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [169496] [PID.2988]
[MD5.744B13B59F3201DBCB52E469C4798531] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe [1278064] [PID.2996]
[MD5.11DFC7FF30B9B44F1477989C8FFF478F] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe [115032] [PID.3008] =>PUP.SweetIM
[MD5.45945F39F2F6D08A0FAEC275E68FFC5A] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe [295728] [PID.3024] =>PUP.SweetIM
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.3044]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [295512] [PID.3064]
[MD5.0612CE1B7B47888399E72886BB320B3A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3373968] [PID.3404]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.3432]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe [485376] [PID.3460]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3480]
[MD5.0728D66EDDEE1253373E5C3025068FEB] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [179224] [PID.992]
[MD5.0EACE1D3ED62A8C15D5979CCB2640A42] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [268824] [PID.2932]
[MD5.2A4F72E6C43FAEE62A341F2FC24A442C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.5040]
[MD5.1DE123E71FF306C076147813047AF987] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7874560] [PID.5008]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.holasearch.com =>Hijacker.HolaSearch
G0 - GCSP: Preference [User Data\Default] http://www.holasearch.com =>Hijacker.HolaSearch
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.0.0.0 (D�sactiv�) =>PUP.SweetIM
~ Google Browser: 10 Legitimates Filtered in 00mn 06s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propri�taire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll =>Adware.MetaStream
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com =>PUP.SweetIM
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 24 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: GamesBar - [HKLM]{6F282B65-56BF-4BD1-A8B2-A4449A05863D} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll =>Toolbar.Bing
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [UpdatePPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [APLangApp] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKLM\..\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: AIM 6.1.lnk . (.AOL LLC - AIM.) -- C:\Program Files\AIM6\aim6.exe
O4 - GS\QuickLaunch: Cradle of Rome.lnk . (...) -- C:\Program Files\MyPlayCity.com\Cradle of Rome\Cradle of Rome.exe
O4 - GS\QuickLaunch: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.) -- C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe
O4 - GS\QuickLaunch: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.) -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe
O4 - GS\QuickLaunch: Free Mp3 Wma Converter.lnk . (.Koyote Soft - Free Audio Converter.) -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe
O4 - GS\QuickLaunch: Game Manager.lnk . (...) -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - Global Startup: C:\Users\samsung\Desktop\Antivirus Security Pro support.url . (...) -- C:\Users\samsung\Desktop\Antivirus Security Pro support.url
O4 - GS\Desktop: Antivirus Security Pro.lnk . (...) -- C:\ProgramData\nX3n9r6n\nX3n9r6n.exe
O4 - GS\Desktop: Juillet 2012 - Raccourci.lnk . (...) -- C:\Users\Public\Pictures\IMAGES POEMES\Juillet 2012
O4 - GS\Desktop: Mahjong In Poculis.lnk . (...) -- C:\games\In-Poculis\Mahjong In Poculis\MahjongLauncher.exe
O4 - GS\Desktop: stockvault-stuck-in-a-place103985 - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\stockvault-stuck-in-a-place103985.jpg
O4 - GS\Desktop: winrar_winrar_4.2_32_bits_francais_9632 - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\winrar_winrar_4.2_32_bits_francais_9632.exe
O4 - GS\Desktop: wrar420fr - Raccourci.lnk . (...) -- C:\Users\samsung\Downloads\wrar420fr.exe
~ Global Startup: Scanned in 00mn 01s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} -- Cl� orpheline =>Adware.GamesBar
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{38DDC203-DF02-4E75-8B3F-10D8DABC89F0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{3B62E680-05A9-45B2-9A62-A731DCFB4D64}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{4804DDDD-1480-46A6-93B3-7447B5DAC79D}] (...) -- C:\Program Files\PENDULO Studios\RUNAWAY 2 - The dream of the turtle\runaway2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{75848A28-13ED-4004-9AD9-0973D7F517EE}] (...) -- C:\Program Files\Sherlock Holmes contre Arsene Lupin\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8238FACF-03A1-4B52-A2A9-74009D72308F}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{8AB99E56-6745-45C4-A4F4-428ADE0CBDA6}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{99A63362-73AF-45B8-A720-3E419165958B}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{A4A30852-B729-4811-9242-87029BEE58AD}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{A86C59FF-D79D-4512-B511-D3964E67CDCF}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AA725A8D-8763-45FC-8650-0ABEB0A797B0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog�e\myst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CF81A4A9-FA4C-4C39-A034-BF68FBDBF015}] (...) -- C:\Program Files\Micro Application\L'Ile Noy�e\L'Ile Noyee.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D29D2E0E-2E20-4954-9029-56DE22570D66}] (...) -- C:\Program Files\Grim Tales - La Malediction des Gray\Uninstall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{E83CF1B1-06EA-45FC-BD3E-8CE64E40E221}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
[MD5.00000000000000000000000000000000] [APT] [{EE1F089B-12F0-419E-A083-EEF84B4CA9F0}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{F042DBF6-FCE3-4576-9021-7B5FFAEE886E}] (...) -- C:\Program Files\Les Secrets de la Famille Flux - La Galerie Secrete\Uninstall.exe (.not file.) [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{F4C4FA8D-E8E3-4060-BE90-E0D37758656C}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe [3107593]
~ Scheduled Task: 42 Legitimates Filtered in 00mn 08s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Aura II: Les Anneaux Sacr�s - (...) [HKLM] -- BFG-Aura II - Les Anneaux Sacres
O42 - Logiciel: Cradle of Egypt - (...) [HKLM] -- BFG-Cradle of Egypt
O42 - Logiciel: MOZART version 1.0 - (...) [HKLM] -- Mozart, Le Dernier Secret_is1
O42 - Logiciel: Naissance de la Perse - (...) [HKLM] -- {39E7F3FE-5653-4C67-9DE3-3A75B18B2FA2}
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4} =>PUP.SweetIM
O42 - Logiciel: Update Manager for SweetPacks 1.0 - (.SweetIM Technologies Ltd..) [HKLM] -- {FB697452-8CA4-46B4-98B1-165C922A2EF3} =>PUP.SweetIM
~ Logic: 126 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\GamesBar] =>Adware.GamesBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKLM\Software\ASK]
[HKLM\Software\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\MetaStream] =>Adware.MetaStream
[HKLM\Software\SweetIM] =>PUP.SweetIM
~ Key Software: 208 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/05/2013 - 13:04:02 - [-1358,311] ----D C:\Program Files\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:04:10 - [136,061] ----D C:\Program Files\Cradle of Egypt
O43 - CFD: 12/05/2013 - 13:03:26 - [0,096] ----D C:\Program Files\Dam22
O43 - CFD: 12/05/2013 - 13:04:22 - [0,588] ----D C:\Program Files\GamesBar =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 13:03:23 - [1,023] ----D C:\Program Files\Iminent =>Adware.IMBooster
O43 - CFD: 08/07/2013 - 20:57:17 - [0,015] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 12/05/2013 - 13:03:00 - [0,207] ----D C:\Program Files\PC Performer =>Rogue.PCPerformer
O43 - CFD: 04/07/2012 - 12:24:15 - [11,167] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 29/10/2011 - 17:49:38 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/10/2012 - 15:00:26 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:25:25 - [0,081] ----D C:\ProgramData\BrowserProtect =>Hijacker.Eazel
O43 - CFD: 01/12/2011 - 19:41:46 - [0,201] ----D C:\ProgramData\GamesBar =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 11:25:02 - [0,002] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 12/05/2013 - 11:24:22 - [0,030] ----D C:\ProgramData\Iminent =>Adware.IMBooster
O43 - CFD: 04/09/2013 - 07:56:48 - [0,631] ----D C:\ProgramData\nX3n9r6n
O43 - CFD: 12/03/2010 - 09:34:25 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 04/07/2012 - 12:24:15 - [1,284] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 12/05/2013 - 13:00:53 - [0,376] ----D C:\Users\samsung\AppData\Roaming\BabSolution =>Hijacker.BabSolution
O43 - CFD: 24/10/2012 - 15:00:25 - [0,013] ----D C:\Users\samsung\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:24:25 - [0,016] ----D C:\Users\samsung\AppData\Roaming\Iminent =>Adware.IMBooster
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
~ 1335 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1670 Legitimates Filtered in 06mn 17s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [20608]
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [20608]
O44 - LFC:[MD5.DE873C114B01C11F7FF8F196A4EB9CEC] - 05/09/2013 - 07:34:25 ---A- . (...) -- C:\Windows\ntbtlog.txt [82012]
~ Files: 9 Legitimates Filtered in 01mn 52s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.E6F53D6C0DEA3D375362265E175CA638] - 24/02/2010 - 11:22:10 ---A- . (.Protect Software GmbH - ProtectDisc x64/x86 Hybrid Driver.) -- C:\Windows\System32\Drivers\acedrv11.sys [185472]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 23/11/2011 - Pas de propri�taire (cel90xbe) .(...) - LEGACY_CEL90XBE
~ Legacy: 93 Legitimates Filtered in 00mn 01s
---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html>
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {86EEBFBA-5AD7-4941-B5A1-3DCF090BC34B} [DefaultScope] - (Recherche s�curis�e) - http://fr.search.yahoo.com =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {9C8AA45B-2BF4-485B-B9F0-CD1D046EB2A8} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.35C085BFBB76B23551A9125553BB892D] [SPRF][25/08/2010] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][17/08/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.3880EEB1C736D853EB13B44898B718AB] [SPRF][03/09/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\82337.bat [94]
[MD5.745F5132AD9D75AA046883FB6979EA96] [SPRF][15/02/2007] (.AOL LLC - AOL Firewall Helper.) -- C:\Users\samsung\AppData\Local\Temp\AOLFirewallMgr.dll [95792]
[MD5.6E1799926209C193FDB2E05A271C5B49] [SPRF][08/07/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\BackupSetup.exe [10340624]
[MD5.67C2E58C28F913B0B3A298A5388ADA76] [SPRF][01/09/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\bfguni.exe [192341]
[MD5.5012F080FCCF701E2CD6B045AC7814D9] [SPRF][23/11/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\cel90xbe.sys [15872]
[MD5.E6B0306D0317C59043BA8BF9161314E9] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\CmdLineExt03.dll [40448]
[MD5.581028DE1EEC761F302B047DF95E5DC4] [SPRF][23/09/2009] (...) -- C:\Users\samsung\AppData\Local\Temp\FlashLockV228.exe [1249280]
[MD5.C4B7EC166D7330D10F7FEA2291E15157] [SPRF][25/08/2010] (...) -- C:\Users\samsung\AppData\Local\Temp\GoogleChromeInstaller.exe [579888]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_ICReinstall_setup.exe [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_setup.exe [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_setup.exe [1074664]
[MD5.3FCC0155BA9DA001D8803D321AEF65C3] [SPRF][21/03/2010] (.AOL LLC - Install Support Library.) -- C:\Users\samsung\AppData\Local\Temp\instSup.dll [63024]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll [393016] =>PUP.SweetIM
[MD5.6D1B120A2DD57F5A867A97114DE3602E] [SPRF][21/03/2010] (.AOL LLC. - ProgUpd.) -- C:\Users\samsung\AppData\Local\Temp\progupd.dll [83504]
[MD5.D6A91A20DE7C2828F433842F98725FD9] [SPRF][10/01/2012] (.Ask - Wrapper Application.) -- C:\Users\samsung\AppData\Local\Temp\setup.exe [3884200]
[MD5.992E52F7F30376894FF23B089521605C] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe [6204760] =>PUP.SweetIM
[MD5.1A3D1A7349253561EF89D017F6EDD5FC] [SPRF][04/07/2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe [2626512] =>PUP.SweetIM
[MD5.7DB4F105F12A2B4D7EEE292A13078F14] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf16.dll [12305]
[MD5.B38A66481D17FDBC4D6B8268725B963C] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf32.dll [17324]
[MD5.E67786798537591A688F967DCDDAC472] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntfNT.dll [22068]
[MD5.E03F2F24BCA457A35E1E26732AFE4A2F] [SPRF][05/11/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.4-win32.exe [22912657]
[MD5.E563A65BAEA25CEF8F49FB0228CB8555] [SPRF][24/01/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.5-win32.exe [22916830]
[MD5.38785EBA617F326B08D30D6FD8272135] [SPRF][12/08/2013] (...) -- C:\Users\samsung\AppData\Roaming\wklnhst.dat [11242]
[MD5.006C83751B9F17934B58085D0B7BDA2C] [SPRF][24/01/2007] (.America Online, Inc. - AOL Media Playback Control.) -- C:\Windows\Downloaded Program Files\ampAx3.0.84.2.dll [841304]
[MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][21/03/2010] (...) -- C:\Windows\Downloaded Program Files\unagiuninst.exe [38428]
~ Files: 50 Legitimates Filtered in 01mn 11s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{55459D38-6804-45EF-8DCE-9C41DDD1275C}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{68457E8C-4A6E-4F22-AFEF-22B7B05E6ABE}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
~ Firewall: 198 Legitimates Filtered in 00mn 03s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing
~ Update Products: 104 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\13b4d5f.msi [3704832] =>PUP.SweetIM
[MD5.966926090F3A80BB8622AD569A484169] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\13b4d65.msi [3119104] =>PUP.SweetIM
[MD5.85C5DEF2B079CA6E8CA7FCBD45793BEF] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.0.) -- C:\Windows\Installer\13b4d6b.msi [2243584] =>PUP.SweetIM
~ WIS: 109 Legitimates Filtered in 00mn 17s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 24/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24/06/2010 233472 | (FsUsbExService) . (.Teruten.) - C:\windows\system32\FsUsbExService.exe
SR - | Auto 08/03/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/03/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/08/2013 1783632 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 31/08/2012 167784 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SR - | Auto 31/08/2012 167784 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 16/11/2012 279048 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SR - | Auto 31/08/2012 167784 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 19/02/2013 203840 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 19/02/2013 169320 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 19/02/2013 172416 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
SR - | Auto 31/08/2012 167784 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 13/08/2009 44312 | (OberonGameConsoleService) . (...) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
SR - | Auto 16/04/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 07/07/2009 247152 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe
SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 21s
---\\ Scan Additionnel (O88)
Database Version : v2.12882 - (04/09/2013)
Cl�s trouv�es (Keys found) : 161
Valeurs trouv�es (Values found) : 3
Dossiers trouv�s (Folders found) : 22
Fichiers trouv�s (Files found) : 20
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}] =>PUP.SweetIM^
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Microsoft\Internet Explorer\extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}] =>Adware.GamesBar
[HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
[HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}] =>Adware.MetaStream
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}] =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\axmetastream.metastreamctl] =>Adware.MetaStream
[HKLM\Software\Classes\axmetastream.metastreamctl.1] =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary] =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1] =>Adware.MetaStream
[HKLM\Software\Classes\oberontb.band] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.band.1] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO] =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO.1] =>Adware.GamesBar
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\AedgePerformanceBCN] =>Adware.SPointer
[HKCU\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\gamesbar] =>Adware.GamesBar
[HKLM\Software\GamesBarSetup] =>Adware.GamesBar
[HKLM\Software\MetaStream] =>Adware.MetaStream
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Viewpoint] =>Adware.MetaStream
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar] =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer] =>Adware.MetaStream
[HKLM\Software\MozillaPlugins\@viewpoint.com/VMP] =>Adware.MetaStream
[HKCU\control panel\don't load]:wscui.cpl =>Trojan.FakeAlert
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{6F282B65-56BF-4BD1-A8B2-A4449A05863D} =>Adware.GamesBar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SweetIM =>PUP.SweetIM^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Program Files\GamesBar =>Adware.GamesBar^
C:\Program Files\Iminent =>Adware.IMBooster^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\PC Performer =>Rogue.PCPerformer^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\ProgramData\Babylon =>Toolbar.Babylon^
C:\ProgramData\BrowserProtect =>Hijacker.Eazel^
C:\ProgramData\GamesBar =>Adware.GamesBar^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Iminent =>Adware.IMBooster^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\Users\samsung\AppData\Roaming\BabSolution =>Hijacker.BabSolution^
C:\Users\samsung\AppData\Roaming\Babylon =>Toolbar.Babylon^
C:\Users\samsung\AppData\Roaming\Iminent =>Adware.IMBooster^
C:\Program Files\Viewpoint =>Adware.MetaStream
C:\Program Files\vGrabber-software =>Toolbar.vGrabber
C:\ProgramData\Viewpoint =>Adware.MetaStream
C:\ProgramData\Partner =>Spyware.Partner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar =>Adware.GamesBar
C:\Users\samsung\AppData\Local\pixeasy Air =>Adware.SPointer
C:\Users\samsung\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM
C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM^
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM^
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM^
C:\Program Files\GamesBar\oberontb.dll =>Adware.GamesBar^
C:\Program Files\Microsoft\BingBar\BingExt.dll =>Toolbar.Bing^
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google^
[HKCU\Software\GamesBar] =>Adware.GamesBar^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM^
C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM^
C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico =>Toolbar.Bing^
C:\Windows\Installer\13b4d5f.msi =>PUP.SweetIM^
C:\Windows\Installer\13b4d65.msi =>PUP.SweetIM^
C:\Windows\Installer\13b4d6b.msi =>PUP.SweetIM^
~ Additionnel Scan: 400200 Items scanned in 01mn 29s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28136809-hijacker-holasearch =>Hijacker.HolaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream =>Adware.MetaStream
~ http://nicolascoolman.webs.com/apps/blog/show/26808625-adware-gamesbar =>Adware.GamesBar
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira =>Toolbar.Avira
~ http://nicolascoolman.webs.com/apps/blog/show/27632288-toolbar-vgrabber =>Toolbar.vGrabber
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ MSI: 21 link(s) detected in 01mn 29s
~ 2635 Legitimates filtered by white list
End of the scan (790 lines in 12mn 42s)(0)