Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.1.2.5 - Nicolas Coolman (02/01/2014)
~ Lancé par Roland (04/01/2014 22:36:03)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : KJQYT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.3658
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.13 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3071 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 56 GB (57%) free of 98 GB
---\\ Mode de connexion au système
~ Computer Name: ROLAND-PC
~ User Name: Roland
~ All Users Names: Roland, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Roland\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Roland\AppData\Roaming\
~ %Desktop% : D:\Roland\Desktop\
~ %Favorites% : D:\Roland\Favorites\
~ %LocalAppData% : C:\Users\Roland\AppData\Local\
~ %StartMenu% : C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 56 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 171 Go of 298 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 368 Go of 368 Go)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/32
~ Mes musiques (My Musics) : 6/61
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 5/14691
~ Mon Bureau (My Desktop) : 1/262
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.736C10E07104E1EB2714E9C9CF1CFB01] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391128] [PID.2336]
[MD5.08604D8FE6A01FB2E01241417D005214] - (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe [675840] [PID.2280]
[MD5.70189D91A5347F5E34039D06C7E58419] - (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856] [PID.3100]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959880] [PID.3144]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.3168]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3208]
[MD5.08B438A5A06CD877F19B92F6868C031D] - (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.3800]
[MD5.01EF24117E06A7BC740C62983FCB9638] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe [1430016] [PID.3912]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.4072]
[MD5.0F7A641411189D27D48393FFAD8D507A] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570080] [PID.1612]
[MD5.EC479030CEAF7E44FCB9EEDAE5FE1E84] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5492760] [PID.1612]
[MD5.4F79A021FD88110026144CF06D212B84] - (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe [258048] [PID.3452]
[MD5.A115E3540E9406551FD82DC9BD485F0F] - (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [2471448] [PID.4828] =>Toolbar.AVGSearch
[MD5.643F7A81B4FC27845886AB9650AD2C61] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176] [PID.4852]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4972]
[MD5.D235EAF46AE3E22A2F56B050D1B369B5] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920] [PID.5016]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5024]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.1992]
[MD5.AE56E8B4F2D6FA13244B64C5FD97C43B] - (.CompSoft - Howard.) -- C:\Program Files (x86)\Howard\Howard.exe [516368] [PID.9616]
[MD5.6CB991E0323CE1901C0DD5857418E0F2] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6591800] [PID.7048]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.7288]
[MD5.BC36F5EB18F6DFB127F21F7BECA90AA8] - (.Yuna Software - Messenger Plus! (for Skype).) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe [8518656] [PID.8892]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.7416]
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.8020]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.5376]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8321024] [PID.7428]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.2176]
[MD5.149E8CA66CEADE0D17AC4028A567499F] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3975088] [PID.2216]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2236]
[MD5.F89B2DACE0FBE54CF65D12B7081C19C3] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544] [PID.2388]
[MD5.B747B6BB015E552F49C634BB19540F3D] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008] [PID.2424]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.3392]
[MD5.2957ED569A2C1EDF31E95CB15C96AC2F] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000] [PID.3436]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.3540]
[MD5.57DDE1395F86EE048AB25717EEB8CAEB] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4150112] [PID.3620]
[MD5.FC449AC1571F39B961CF401FA6C55F47] - (.AVG Secure Search - ToolbarU Application (Official).) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544] [PID.3980] =>Toolbar.AVGSearch
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.4132]
[MD5.9BFD0A072459782E3638362A4473E283] - (...) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400] [PID.4172]
[MD5.B793814D30EECA059C49004234DF41B8] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe [159768] [PID.4688] =>Toolbar.AVGSearch
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\nvu6zjvh.default\prefs.js
C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\nvu6zjvh.default\user.js
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\nationzoom.xml =>Hijacker.NationZoom
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com =>Hijacker.NationZoom
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com =>Hijacker.NationZoom
~ IE Browser: 25 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 35
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0043628 [64Bits] - {11111111-1111-1111-1111-110411361128} . (.weDownload - weDownload Manager Pro BHO.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll =>PUP.weDownloadManager
O2 - BHO: Bubble Dock SurfMatch [64Bits] - {23AF19F7-1D5B-442c-B14C-3D1081953C94} Clé orpheline =>PUP.BubbleDock
O2 - BHO: AVG Security Toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé orpheline =>Adware.IMBooster
O2 - BHO: (no name) [64Bits] - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} Clé orpheline
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O2 - BHO: (no name) [64Bits] - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Clé orpheline
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis True Image Home 2011.lnk . (.Acronis - Acronis True Image.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe
O4 - GS\Desktop [Public]: Acronis Disk Director Home.lnk . (.Acronis - Disk Director 11 Management Console.) -- C:\Program Files (x86)\Acronis\DiskDirector\ManagementConsole.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\Desktop [Public]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\Desktop [Public]: SmartPCFix.lnk . (...) -- C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe (.not file.) =>Rogue.SmartPCFix
O4 - GS\Desktop [Public]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\QuickLaunch [Roland]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\QuickLaunch [Roland]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\QuickLaunch [Roland]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\TaskBar [Roland]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\TaskBar [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\TaskBar [Roland]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\Program [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\SystemTools [Roland]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
~ Global Startup: 74 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.dll
O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [Ai Nap] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
O4 - HKLM\..\Wow6432Node\Run: [QFan Help] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [Cpu Level Up help] . (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SAOB Monitor] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [tsnp2std] . (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe
O4 - HKLM\..\Wow6432Node\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Wow6432Node\Run: [YSearchProtection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [removeiLividdatamngr] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>Adware.Bandoo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.dll
~ Application: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfigx64_5_2_1_0.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (vToolbarUpdater17.2.0) . (.AVG Secure Search - ToolbarU Application (Official).) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WinkHandler (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe (.not file.) =>Adware.IMBooster
~ Services: 14 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-chromeinstaller.job [1970]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-codedownloader.job [1258]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-enabler.job [1158]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-firefoxinstaller.job [1896]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-updater.job [1352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [296] =>Adware.MyWebSearch
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job [1902] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job [1196] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-enabler.job [1096] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job [1828] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-updater.job [1192] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [296] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job [2040] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job [1310] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-enabler.job [1210] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job [2316] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-updater.job [1408] =>PUP.weDownloadManager
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{A92DFE92-C1DB-4376-AD1C-4DFD47529FEC}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{0BBAB611-EB32-4C62-9431-51B1D204906C}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-chromeinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-codedownloader] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-enabler] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-enabler.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-firefoxinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-firefoxinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-updater] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\Roland\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [MySearchDial] (...) -- C:\Users\Roland\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.MyWebSearch
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-chromeinstaller] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-codedownloader] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-enabler] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-firefoxinstaller] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-updater] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe (.not file.) [0] =>Adware.PlusHD
[MD5.6F2939B1EC17A6631106CFD013A9CD77] [APT] [SaveSense] (...) -- C:\Users\Roland\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe [199176] =>PUP.SaveSense
[MD5.67D1290F35B1367BB6EB87D58594ECC7] [APT] [weDownload Manager Pro-chromeinstaller] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe [503808] =>PUP.weDownloadManager
[MD5.A3DD7C7A52771BAF73D331953939745B] [APT] [weDownload Manager Pro-codedownloader] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe [519680] =>PUP.weDownloadManager
[MD5.249C3D0A6192B9C72E05FC3F4D9992FB] [APT] [weDownload Manager Pro-enabler] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe [338432] =>PUP.weDownloadManager
[MD5.16604AC002978C3B4AD1C030DE86D206] [APT] [weDownload Manager Pro-firefoxinstaller] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe [829952] =>PUP.weDownloadManager
[MD5.68FA455DF804F03BC031C30F2F892D59] [APT] [weDownload Manager Pro-updater] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe [351744] =>PUP.weDownloadManager
[MD5.AFFF82ADF77CA68FC4CF552B176F3D73] [APT] [Cpu Level Up Hook Lanunch] (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [582656]
~ Scheduled Task: 69 Legitimates Filtered in 00mn 05s
---\\ Logiciels installés (O42)
O42 - Logiciel: DuckCapture Standard 2.7 - (.DuckLink.) [HKLM][64Bits] -- DuckCapture_is1
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr
~ Logic: 26 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\APN DTX]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Ecommfactory]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Funmoods] =>PUP.Funmoods
[HKCU\Software\IGearSettings]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Kllabs]
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager
[HKCU\Software\d57df88e53cb910] =>Hijacker.Eazel
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\click-n-mark-5]
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 363 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/08/2013 - 23:58:12 - [0,042] ----D C:\Program Files (x86)\Alinéa
O43 - CFD: 25/10/2013 - 21:22:02 - [0,883] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 02/01/2014 - 21:11:16 - [0,008] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 11/12/2011 - 11:45:42 - [18,777] ----D C:\Program Files (x86)\DuckLink
O43 - CFD: 27/05/2013 - 07:03:41 - [0,492] ----D C:\Program Files (x86)\Howard
O43 - CFD: 03/01/2014 - 01:01:50 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 11/12/2013 - 11:41:49 - [137,703] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 02/01/2014 - 21:49:02 - [0] ----D C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 04/01/2014 - 14:06:41 - [4,093] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 05/02/2013 - 23:34:56 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 21/11/2012 - 12:16:28 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 25/10/2013 - 21:22:01 - [0] ----D C:\ProgramData\Conduit
O43 - CFD: 05/06/2013 - 12:17:26 - [0,002] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 24/12/2013 - 17:44:08 - [0,460] ----D C:\ProgramData\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 07/05/2013 - 11:05:48 - [1,198] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 02/01/2014 - 21:26:44 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 05/02/2013 - 23:34:56 - [0,024] ----D C:\Users\Roland\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 02/01/2014 - 20:58:08 - [6,649] ----D C:\Users\Roland\AppData\Roaming\Desk 365 =>Hijacker.22Find
O43 - CFD: 11/12/2011 - 11:45:45 - [0,001] ----D C:\Users\Roland\AppData\Roaming\DuckLink
O43 - CFD: 15/08/2013 - 21:13:44 - [0] ----D C:\Users\Roland\AppData\Roaming\Etvy
O43 - CFD: 05/06/2013 - 12:17:25 - [0,308] ----D C:\Users\Roland\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 17/04/2013 - 18:45:03 - [0] ----D C:\Users\Roland\AppData\Roaming\Funmoods =>PUP.Funmoods
O43 - CFD: 02/01/2014 - 21:02:48 - [0,073] ----D C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 04/01/2014 - 22:20:54 - [1,228] ----D C:\Users\Roland\AppData\Roaming\newnext.me
O43 - CFD: 05/06/2013 - 12:18:49 - [31,647] ----D C:\Users\Roland\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 24/12/2013 - 17:44:05 - [0,190] ----D C:\Users\Roland\AppData\Roaming\SaveSense =>PUP.SaveSense
O43 - CFD: 15/08/2013 - 21:13:32 - [0,002] ----D C:\Users\Roland\AppData\Roaming\Yssyic
O43 - CFD: 02/01/2014 - 21:10:28 - [0,002] ----D C:\Users\Roland\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O43 - CFD: 04/01/2014 - 10:53:49 - [0,561] ----D C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod
O43 - CFD: 02/01/2014 - 21:21:32 - [0] ----D C:\Users\Roland\AppData\Local\Conduit
O43 - CFD: 07/02/2013 - 14:18:53 - [0,060] ----D C:\Users\Roland\AppData\Local\DashBoard
O43 - CFD: 02/01/2014 - 22:52:25 - [1,224] ----D C:\Users\Roland\AppData\Local\genienext
O43 - CFD: 02/01/2014 - 21:16:46 - [0] ----D C:\Users\Roland\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 04/01/2014 - 17:54:46 - [4,055] ----D C:\Users\Roland\AppData\Local\PokerStars.FR
O43 - CFD: 24/12/2013 - 17:44:08 - [0] ----D C:\Users\Roland\AppData\Local\SaveSenseLive =>PUP.SaveSense
~ 677 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 952 Legitimates Filtered in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2FC74FEE31D520CC1FE7D8AC113D7C96] - 02/01/2014 - 21:21:32 ---A- . (...) -- C:\logFileUI.txt [1994]
O44 - LFC:[MD5.D7C994B36F2896BFAF40B41A35FF510E] - 24/12/2013 - 17:49:08 ---A- . (...) -- C:\Windows\win.ini [751]
~ Files: 11 Legitimates Filtered in 00mn 06s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.463B89DBC54276AD8E12FA923FAFB58D] - 04/01/2014 - 17:37:35 ---A- - C:\Windows\Prefetch\AXSHLEXHLPER.EXE-33866C98.pf
O45 - LFCP:[MD5.F31CD234340611B398C73858518F915D] - 04/01/2014 - 20:45:01 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CHROME-45969D36.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.9D3D838377F155547F963D67ABD97AA8] - 04/01/2014 - 20:45:01 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-FIREFO-6D651FCF.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.2A594B599AC91AA055947DC53A03D0F2] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CODEDO-E3E1E7A4.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.4A835BA53EBEFF85CDAD9E0D3DD0D8C6] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-ENABLE-92543077.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.5FAD00E3C0D5B7CF3101723260BB64F3] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-UPDATE-950ECCEB.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.CD5F34B2ADF6D24763273658AD2EFFD7] - 04/01/2014 - 21:44:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-6A905DAB.pf
~ Prefetcher: 77 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 10:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.A4D308271A72D6EDCD328CF08ED4A7F5] - 18/07/2012 - 14:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.7DB54C30F684D591F42CC966EE6BA6A3] - 23/07/2012 - 12:32:41 ---A- . (.Yune Software - MsgPlusDriver WDM Driver.) -- C:\Windows\System32\Drivers\MsgPlusDriver.sys [102160]
O58 - SDL:[MD5.B9B215F461E3A0034CFC303729E857CB] - 25/01/2007 - 18:48:40 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\sncamd.sys [33664]
O58 - SDL:[MD5.AC8F1EF394FAF226B64A8E937E6D812B] - 13/02/2008 - 11:35:46 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\snp2sxp.sys [12379136]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.64F88AF327AA74E03658AE32B48CCB8B] - 28/09/2009 - 09:22:00 ---A- . (...) -- C:\Windows\System32\Drivers\yk62x64.sys [395264]
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 13:34:42 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216]
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 13:34:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832]
O58 - SDL:[MD5.A82C01606DC27D05D9D3BFB6BB807E32] - 04/08/2009 - 09:28:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [13440]
O58 - SDL:[MD5.9F66C4BD06334BB772317C438644EF74] - 25/01/2007 - 18:48:34 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\sncamd.sys [25472]
O58 - SDL:[MD5.01B4B8B721345692D53F10B584B3D5D8] - 13/02/2008 - 11:34:50 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\snp2sxp.sys [12067328]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 16:05:00 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
~ Drivers: 17 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 02/01/2014 - 22:37:25 ---A- . (...) -- C:\Users\Roland\.android\adbkey [1704]
O61 - LFC: 02/01/2014 - 22:37:25 ---A- . (...) -- C:\Users\Roland\.android\adbkey.pub [716]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgdecider.log.1 [65649]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgui.log.1 [131107]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\BrowserSafeguard\cookies.dat [2410] =>PUP.BrowserSafeguard
O61 - LFC: 02/01/2014 - 22:37:27 ---A- . (...) -- C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Local State [27]
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\accelerate [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\1\angrybirds.db [994] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\35\Gmail.db [778] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\35\Gmail.ico [13262] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\39\ESPN.db [920] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\39\ESPN.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\3\BigFarm.db [890] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico [82726] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\41\gcalendar.db [858] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\42\pulse.db [764] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\42\pulse.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\4\Empire.db [872] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\4\Empire.ico [82726] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\62\ddtank2.db [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\62\ddtank2.ico [9662] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\desk_bkg_list.xml [1434] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\desk_list.xml [5746] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\firstrun [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\MyPC Backup_1518c4428b70e68d7c7fe3dc6fc79395.ico [381678] =>PUP.MyPCBackup
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\OptimizerPro_c2d9d05d85fc77155ab18cf7e6c1493e.ico [34494] =>PUP.OptimizerPro
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\firefox_6216140546fa71bd2f849bf522bac615.ico [85989] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\iexplore_cd43287845fd8cb65cb6f7a93ff66e9d.ico [82151] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\process_mgr.xml [220] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote.xml [5926] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\337.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\GameCenter.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Google_1eed88936b91d2b6bc341da82c727a8f.ico [9662] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\barbie.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\google.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\mario.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\twitter.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\v9.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\youtube.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_104.ico [99567] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_107.ico [79781] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\83f241e79de36dffdfbd037cd1780688_21.ico [29926] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\mysearchdial\icons_2.2.13.1338\62.ico [39438] =>Adware.MyWebSearch
O61 - LFC: 02/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\mysearchdial\icons_2.2.13.1338\80.ico [36894] =>Adware.MyWebSearch
O61 - LFC: 02/01/2014 - 22:38:05 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Softplicity\TotalPDFConverter\desktop.xml [1255]
O61 - LFC: 02/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\daemonprocess.txt [842]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgcfg.log.1 [65651]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgcore.log.1 [131207]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod\alarms.db [6144]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod\main.db [581632]
O61 - LFC: 04/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.cookie [3072]
O61 - LFC: 04/01/2014 - 22:38:05 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\WB.CFG [68]
O61 - LFC: 04/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\ZHP\Log.txt [19279] =>.Nicolas Coolman
O61 - LFC: 04/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\ZHP\TestsZHPDiag.txt [2840] =>.Nicolas Coolman
~ 68 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 1424 Legitimates Filtered in 00mn 43s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe" http://www.nationzoom.com =>Hijacker.NationZoom
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {D77A81F8-5FA2-47FE-BFB6-DF53BC357BBD} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\Nero 9.2.5+Keygen(Torrent-GoDz).rar =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked\pdf2word.exe =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked\pdf2word.v3x.loader.whitelionatx.zip =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked.zip =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\TechSmith SnagIt v9.1.0 Incl Keygen [Systic-D]\snagit.exe =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\TechSmith SnagIt v9.1.0 Incl Keygen [Systic-D]\Torrent_downloaded_from_Demonoid.com.txt =>P2P.Azureus
~ Files: Scanned in 00mn 16s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.154F3E364E5356168B976EE1A79AE648] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe [1800040] =>Rogue.SmartPCFix
[MD5.C49A588C476A6FAA2FA5E98EE8A5F533] [SPRF][02/01/2014] (.Setup © - Setup.) -- C:\Users\Roland\AppData\Local\Temp\19036uninstall.exe [305152]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.B6753B0788DAEE441BF22AA0C1BF093B] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\BetterBrowseSetup.exe [231816]
[MD5.BFE5AD9DB25C0C2B02A899EBA6B838B8] [SPRF][20/10/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\Roland\AppData\Local\Temp\bpuninstall.exe [428544]
[MD5.6433A2A9F4D570AE1172E465FB2E9DA4] [SPRF][04/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\ICReinstall_CodecPackage.exe [672752]
[MD5.2C2DEE4620EA727C47DEEC65C4B06516] [SPRF][08/12/2013] (.SIEN - Iminent.) -- C:\Users\Roland\AppData\Local\Temp\IMsetup.exe [2166112] =>Adware.IMBooster
[MD5.959FB591C9702648D3AB9265201DE83F] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\kll.bat [118]
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsa6464.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nscBC60.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsd3C89.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsd872F.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nse56DD.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsj48F6.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsjBC14.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsn15C4.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsn67BD.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsoB752.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsoD40.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspA160.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspA9EB.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspB9C0.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspC72B.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspD970.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspE5F1.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nss5543.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nst128E.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsx7A8E.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsz450F.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsz544D.exe [167812] =>Toolbar.Conduit
[MD5.31FF25717E6840E28CD5E4C721769FA0] [SPRF][24/12/2013] (.SaveSense - SaveSense.) -- C:\Users\Roland\AppData\Local\Temp\sas.exe [1412560] =>PUP.SaveSense
[MD5.956BF52613867FBC4AC2598AF5D81CC2] [SPRF][02/01/2014] (.Amônétízé Ltd - Installer.) -- C:\Users\Roland\AppData\Local\Temp\setup__4757.exe [337448]
[MD5.89BBB9AF7FB26A19A72A18CC815D6B76] [SPRF][08/12/2013] (.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe [1489940] =>PUP.SpeedAnalysis
[MD5.EA5C1D73FB6840B69E5034ACE95684AF] [SPRF][15/10/2013] (.Conduit - Search Protect by conduit.) -- C:\Users\Roland\AppData\Local\Temp\SPStub.exe [68968] =>Toolbar.Conduit
[MD5.9FB9D49C2DB7EDD1084AB765D619F5C6] [SPRF][02/01/2014] (.Conduit - Search Protect by conduit.) -- C:\Users\Roland\AppData\Local\Temp\sp_downloader.exe [66368] =>Toolbar.Conduit
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][02/01/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\Roland\AppData\Local\Temp\System.Data.SQLite.dll [1053184]
[MD5.7CA420A4688109E2AB5844A2C753C905] [SPRF][15/10/2013] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Roland\AppData\Local\Temp\tb01NE.dll [5176096] =>Toolbar.Conduit
[MD5.B0F6507F8666E89DD9F192313D88EB98] [SPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Roland\AppData\Local\Temp\uninst1.exe [389632] =>PUP.Babylon
[MD5.EB6B2A8AA7EF5324866078C2038B95B8] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\Uninstall.exe [520114]
[MD5.18BB65E7709E8CFDFB1F3E287893C282] [SPRF][04/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\uninstallkit.exe [97744]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][07/10/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_1a21.exe [987504]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][22/09/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_a912.exe [987504]
[MD5.B91FE1536AB4D680DDD77469EA3FD4BF] [SPRF][22/12/2013] (...) -- C:\Program Files (x86)\vlc-2.1.2-win32.exe [24097311]
~ Files: 47 Legitimates Filtered in 00mn 03s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{48FD5251-9C0A-4615-942B-A8BA05667D41}" | In - None - P17 - TRUE | .(.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis
O87 - FAEL: "{C0D51AF8-C7E4-45EF-8F9F-923AC2DC2449}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis
~ Firewall: 253 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "6F42B19C92612E116B691276168807B9" . (.PDF Split And Merge Basic.) -- C:\Windows\Installer\{C91B24F6-1629-11E2-B696-21676188709B}\pdfsam.ico
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 86 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Eazel
[HKCU\Software\d57df88e53cb910] =>PUP.Babylon^
~ Export Key Software: Scanned in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][24/12/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\d33bde.msi [3304960] =>PUP.SweetIM
~ WIS: 86 Legitimates Filtered in 00mn 15s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 04/01/2012 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/01/2012 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/11/2011 427640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe =>Adware.IMBooster
SR - | Auto 21/08/2010 1079368 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/12/2011 3975088 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 18/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 11/11/2013 3478544 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 24/09/2013 348008 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/06/2013 128000 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 25/05/2010 2139400 | (OS Selector) . (...) - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
SR - | Auto 13/06/2013 4150112 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 09/12/2013 1771544 | (vToolbarUpdater17.2.0) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Services: Scanned in 00mn 16s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Roland at 04/01/2014 22:38:57
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Roland at 04/01/2014 22:38:59
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
~ Emulateurs: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 220
Valeurs trouvées (Values found) : 13
Dossiers trouvés (Folders found) : 39
Fichiers trouvés (Files found) : 100
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}] =>PUP.weDownloadManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}] =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0] =>Toolbar.AVGSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler] =>Adware.IMBooster^
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}] =>PUP.Minibar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}] =>PUP.Datamngr
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BlabbersToolbar] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\funmoods] =>PUP.Funmoods
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\SOFTWARE\InstallCore\funmoods] =>PUP.Funmoods
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASAPI32] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASMANCS] =>Adware.GamePlayLabs
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}] =>PUP.ClaroSearch
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\CrossriderApp0033440.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT3307695] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422362228}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3307695] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341140}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422362228}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341140}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:removeiLividdatamngr =>Adware.Bandoo^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{F34C9277-6577-4DFF-B2D7-7D58092F272F} =>PUP.Datamngr
C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\SaveSenseLive =>PUP.SaveSense^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Roland\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Roland\AppData\Roaming\Desk 365 =>Hijacker.22Find^
C:\Users\Roland\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\Roland\AppData\Roaming\Funmoods =>PUP.Funmoods^
C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\Roland\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\Roland\AppData\Roaming\SaveSense =>PUP.SaveSense^
C:\Users\Roland\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Users\Roland\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Users\Roland\AppData\Local\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\BrowserCompanion =>PUP.Blabbers
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\Optimizer Pro =>PUP.OptimizerPro
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Roland\AppData\Roaming\BrowserCompanion =>PUP.Blabbers
C:\Users\Roland\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Roland\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Roland\AppData\Local\Software =>Adware.Boxore
C:\Users\Roland\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Roland\AppData\LocalLow\searchresultstb =>Toolbar.Agent
C:\Users\Roland\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Roland\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\Roland\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\Roland\AppData\Local\Temp\Installer =>Adware.InstallPedia
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl =>Adware.PlusHD
C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe =>Toolbar.AVGSearch^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-updater.job =>Adware.PlusHD^
C:\Windows\Tasks\SaveSense.job =>PUP.SaveSense^
C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-enabler.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-updater.job =>PUP.weDownloadManager^
C:\Users\Roland\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe =>PUP.SaveSense^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe =>PUP.weDownloadManager^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\Funmoods] =>PUP.Funmoods^
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense^
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager^
[HKCU\Software\iLivid] =>Adware.Bandoo^
[HKLM\Software\WEDL] =>PUP.weDownloadManager^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe =>Rogue.SmartPCFix^
C:\Users\Roland\AppData\Local\Temp\IMsetup.exe =>Adware.IMBooster^
C:\Users\Roland\AppData\Local\Temp\nsa6464.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nscBC60.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsd3C89.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsd872F.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nse56DD.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsj48F6.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsjBC14.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsn15C4.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsn67BD.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsoB752.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsoD40.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspA160.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspA9EB.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspB9C0.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspC72B.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspD970.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspE5F1.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nss5543.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nst128E.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsx7A8E.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsz450F.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsz544D.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\sas.exe =>PUP.SaveSense^
C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis^
C:\Users\Roland\AppData\Local\Temp\SPStub.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\sp_downloader.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\tb01NE.dll =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\uninst1.exe =>PUP.Babylon^
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\d57df88e53cb910] =>PUP.Babylon^^
C:\Windows\Installer\d33bde.msi =>PUP.SweetIM^
C:\Users\Roland\AppData\Local\Temp\HXf1Qjil.exe.part =>Toolbar.Conduit
C:\Users\Roland\AppData\Local\Temp\Umbrella.exe26192b =>Adware.IMBooster
~ Additionnel Scan: 313869 Items scanned in 00mn 34s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/38126906-hijacker-nationzoom =>Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32037290-rogue-smartpcfix =>Rogue.SmartPCFix
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/36853930-pup-savesense =>PUP.SaveSense
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/35115580-pup-vittalia =>PUP.Vittalia
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/34407192-pup-minibar =>PUP.Minibar
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/27280149-pup-blabbers =>PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ MSI: 50 link(s) detected in 00mn 34s
~ 3558 Legitimates filtered by white list
End of the scan (1189 lines in 03mn 31s)(6)
~ Lancé par Roland (04/01/2014 22:36:03)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
MFIE: Mozilla Firefox 26.0 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : KJQYT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2014 v14.0.3658
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v3.13 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3071 MB (36% free)
System Restore: Activé (Enable)
System drive C: has 56 GB (57%) free of 98 GB
---\\ Mode de connexion au système
~ Computer Name: ROLAND-PC
~ User Name: Roland
~ All Users Names: Roland, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Roland\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Roland\AppData\Roaming\
~ %Desktop% : D:\Roland\Desktop\
~ %Favorites% : D:\Roland\Favorites\
~ %LocalAppData% : C:\Users\Roland\AppData\Local\
~ %StartMenu% : C:\Users\Roland\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 56 Go of 98 Go)
D: Hard drive, Flash drive, Thumb drive (Free 171 Go of 298 Go)
E: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)
G: Hard drive, Flash drive, Thumb drive (Free 368 Go of 368 Go)
H: CD-ROM drive (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)
L: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 46 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/11/2010 - 04:25:07.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/32
~ Mes musiques (My Musics) : 6/61
~ Mes Videos (My Videos) : 2/3
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 5/14691
~ Mon Bureau (My Desktop) : 1/262
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lancés
[MD5.736C10E07104E1EB2714E9C9CF1CFB01] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [391128] [PID.2336]
[MD5.08604D8FE6A01FB2E01241417D005214] - (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe [675840] [PID.2280]
[MD5.70189D91A5347F5E34039D06C7E58419] - (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe [111856] [PID.3100]
[MD5.F6573840989C4E8ED2EBF8B0644CF500] - (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe [959880] [PID.3144]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.3168]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3208]
[MD5.08B438A5A06CD877F19B92F6868C031D] - (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.3800]
[MD5.01EF24117E06A7BC740C62983FCB9638] - (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\Ai Suite\AiNap\AiNap.exe [1430016] [PID.3912]
[MD5.4EB0C6C3EF4D8885CF2B5D0062F31E44] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376] [PID.4072]
[MD5.0F7A641411189D27D48393FFAD8D507A] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe [2570080] [PID.1612]
[MD5.EC479030CEAF7E44FCB9EEDAE5FE1E84] - (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [5492760] [PID.1612]
[MD5.4F79A021FD88110026144CF06D212B84] - (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe [258048] [PID.3452]
[MD5.A115E3540E9406551FD82DC9BD485F0F] - (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe [2471448] [PID.4828] =>Toolbar.AVGSearch
[MD5.643F7A81B4FC27845886AB9650AD2C61] - (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176] [PID.4852]
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4972]
[MD5.D235EAF46AE3E22A2F56B050D1B369B5] - (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1989920] [PID.5016]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.5024]
[MD5.47833576F0BEE0AD7B45109982B769BD] - (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe [59720] [PID.1992]
[MD5.AE56E8B4F2D6FA13244B64C5FD97C43B] - (.CompSoft - Howard.) -- C:\Program Files (x86)\Howard\Howard.exe [516368] [PID.9616]
[MD5.6CB991E0323CE1901C0DD5857418E0F2] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6591800] [PID.7048]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608] [PID.7288]
[MD5.BC36F5EB18F6DFB127F21F7BECA90AA8] - (.Yuna Software - Messenger Plus! (for Skype).) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\Messenger Plus! for Skype.exe [8518656] [PID.8892]
[MD5.1EEA6C1B35191DC177EA83672B9C3FC0] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.7416]
[MD5.0DD74786D22EDFF0CE5B8E1B1E398618] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.8020]
[MD5.5D60EE718D0C708D69DFF4B3336B68BF] - (.Adobe Systems, Inc. - Adobe Flash Player 11.9 r900.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe [1862536] [PID.5376]
[MD5.486BDC196F8914845302745A15310D62] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8321024] [PID.7428]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.2176]
[MD5.149E8CA66CEADE0D17AC4028A567499F] - (.Acronis - File Level CDP Manager Service.) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [3975088] [PID.2216]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2236]
[MD5.F89B2DACE0FBE54CF65D12B7081C19C3] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544] [PID.2388]
[MD5.B747B6BB015E552F49C634BB19540F3D] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008] [PID.2424]
[MD5.7CF1B716372B89568AE4C0FE769F5869] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872] [PID.3392]
[MD5.2957ED569A2C1EDF31E95CB15C96AC2F] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe [128000] [PID.3436]
[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.3540]
[MD5.57DDE1395F86EE048AB25717EEB8CAEB] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [4150112] [PID.3620]
[MD5.FC449AC1571F39B961CF401FA6C55F47] - (.AVG Secure Search - ToolbarU Application (Official).) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [1771544] [PID.3980] =>Toolbar.AVGSearch
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.4132]
[MD5.9BFD0A072459782E3638362A4473E283] - (...) -- C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe [2139400] [PID.4172]
[MD5.B793814D30EECA059C49004234DF41B8] - (.Pas de propriétaire - loggings Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe [159768] [PID.4688] =>Toolbar.AVGSearch
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\nvu6zjvh.default\prefs.js
C:\Users\Roland\AppData\Roaming\Mozilla\Firefox\Profiles\nvu6zjvh.default\user.js
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\nationzoom.xml =>Hijacker.NationZoom
M3 - MFPP: Plugins - [Roland] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml =>PUP.SearchResults
~ Firefox Browser: 8 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com =>Hijacker.NationZoom
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.nationzoom.com =>Hijacker.NationZoom
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.nationzoom.com =>Hijacker.NationZoom
~ IE Browser: 25 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 35
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0043628 [64Bits] - {11111111-1111-1111-1111-110411361128} . (.weDownload - weDownload Manager Pro BHO.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-bho.dll =>PUP.weDownloadManager
O2 - BHO: Bubble Dock SurfMatch [64Bits] - {23AF19F7-1D5B-442c-B14C-3D1081953C94} Clé orpheline =>PUP.BubbleDock
O2 - BHO: AVG Security Toolbar [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll (Official).) -- C:\Program Files (x86)\AVG Secure Search\17.2.0.38\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: IMinent WebBooster [64Bits] - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} Clé orpheline =>Adware.IMBooster
O2 - BHO: (no name) [64Bits] - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} Clé orpheline
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O2 - BHO: (no name) [64Bits] - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} Clé orpheline
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Acronis True Image Home 2011.lnk . (.Acronis - Acronis True Image.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageLauncher.exe
O4 - GS\Desktop [Public]: Acronis Disk Director Home.lnk . (.Acronis - Disk Director 11 Management Console.) -- C:\Program Files (x86)\Acronis\DiskDirector\ManagementConsole.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\Desktop [Public]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\Desktop [Public]: SmartPCFix.lnk . (...) -- C:\Program Files (x86)\SmartPCFix\SmartPCFix.exe (.not file.) =>Rogue.SmartPCFix
O4 - GS\Desktop [Public]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\QuickLaunch [Roland]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\QuickLaunch [Roland]: PokerStars.fr.lnk . (.PokerStars - PokerStars Update.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe
O4 - GS\QuickLaunch [Roland]: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - GS\TaskBar [Roland]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\TaskBar [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\TaskBar [Roland]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\Program [Roland]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
O4 - GS\SystemTools [Roland]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.nationzoom.com =>Hijacker.NationZoom
~ Global Startup: 74 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [Service Scheduler2 Acronis] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
O4 - HKLM\..\Run: [snp2std] . (.Sonix - CameraMonitor Application.) -- C:\Windows\vsnp2std.exe
O4 - HKCU\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKCU\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.dll
O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe =>.Advanced Micro Devices, Inc
O4 - HKLM\..\Wow6432Node\Run: [Ai Nap] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
O4 - HKLM\..\Wow6432Node\Run: [QFan Help] . (.ASUSTeK Computer Inc. - Pas de description.) -- C:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [Cpu Level Up help] . (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Wow6432Node\Run: [AdobeCS5ServiceManager] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [SAOB Monitor] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\OnlineBackupStandalone\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [TrueImageMonitor.exe] . (.Acronis - Acronis True Image Monitor.) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [tsnp2std] . (.SONIX - tsnp2std Microsoft.) -- C:\Windows\tsnp2std.exe
O4 - HKLM\..\Wow6432Node\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Wow6432Node\Run: [YSearchProtection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application (Official).) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\Run: [AVG_UI] . (.AVG Technologies CZ, s.r.o. - AVG User Interface.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [Wondershare Helper Compact.exe] . (.Wondershare - Wondershare Studio.) -- C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\RunOnce: [removeiLividdatamngr] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>Adware.Bandoo
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] Clé orpheline
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Xvid] . (...) -- C:\Program Files (x86)\Xvid\CheckUpdate.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Connexion SFR 9props.exe] . (.SFR - Propriétés de la connexion SFR.) -- C:\Program Files (x86)\SFR\Kit\9props.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [ApplePhotoStreams] . (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2272616278-204740168-897953277-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.dll
~ Application: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers.touslesdrivers.com/maconfig/MaConfigx64_5_2_1_0.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{DD6339A8-9524-43FE-8F2C-7F129E6F3D2C}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: viprotocol [64Bits] - {B658800C-F66E-4EF3-AB85-6C0C227862A9} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: (vToolbarUpdater17.2.0) . (.AVG Secure Search - ToolbarU Application (Official).) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: WinkHandler (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe (.not file.) =>Adware.IMBooster
~ Services: 14 Legitimates Filtered in 00mn 06s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job [352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-chromeinstaller.job [1970]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-codedownloader.job [1258]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-enabler.job [1158]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-firefoxinstaller.job [1896]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\click-n-mark-5-updater.job [1352]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\MySearchDial.job [296] =>Adware.MyWebSearch
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job [1902] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job [1196] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-enabler.job [1096] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job [1828] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Plus-HD-2.6-updater.job [1192] =>Adware.PlusHD
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SaveSense.job [296] =>PUP.SaveSense
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job [2040] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job [1310] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-enabler.job [1210] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job [2316] =>PUP.weDownloadManager
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\weDownload Manager Pro-updater.job [1408] =>PUP.weDownloadManager
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{A92DFE92-C1DB-4376-AD1C-4DFD47529FEC}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{0BBAB611-EB32-4C62-9431-51B1D204906C}.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-chromeinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-chromeinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-codedownloader] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-codedownloader.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-enabler] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-enabler.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-firefoxinstaller] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-firefoxinstaller.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [click-n-mark-5-updater] (...) -- C:\Program Files (x86)\click-n-mark-5\click-n-mark-5-updater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Funmoods] (...) -- C:\Users\Roland\AppData\Roaming\Funmoods\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.Funmoods
[MD5.00000000000000000000000000000000] [APT] [MySearchDial] (...) -- C:\Users\Roland\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>Adware.MyWebSearch
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-chromeinstaller] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-codedownloader] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-enabler] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-firefoxinstaller] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe (.not file.) [0] =>Adware.PlusHD
[MD5.00000000000000000000000000000000] [APT] [Plus-HD-2.6-updater] (...) -- C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-updater.exe (.not file.) [0] =>Adware.PlusHD
[MD5.6F2939B1EC17A6631106CFD013A9CD77] [APT] [SaveSense] (...) -- C:\Users\Roland\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe [199176] =>PUP.SaveSense
[MD5.67D1290F35B1367BB6EB87D58594ECC7] [APT] [weDownload Manager Pro-chromeinstaller] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe [503808] =>PUP.weDownloadManager
[MD5.A3DD7C7A52771BAF73D331953939745B] [APT] [weDownload Manager Pro-codedownloader] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe [519680] =>PUP.weDownloadManager
[MD5.249C3D0A6192B9C72E05FC3F4D9992FB] [APT] [weDownload Manager Pro-enabler] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe [338432] =>PUP.weDownloadManager
[MD5.16604AC002978C3B4AD1C030DE86D206] [APT] [weDownload Manager Pro-firefoxinstaller] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe [829952] =>PUP.weDownloadManager
[MD5.68FA455DF804F03BC031C30F2F892D59] [APT] [weDownload Manager Pro-updater] (.weDownload.) -- C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe [351744] =>PUP.weDownloadManager
[MD5.AFFF82ADF77CA68FC4CF552B176F3D73] [APT] [Cpu Level Up Hook Lanunch] (...) -- C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [582656]
~ Scheduled Task: 69 Legitimates Filtered in 00mn 05s
---\\ Logiciels installés (O42)
O42 - Logiciel: DuckCapture Standard 2.7 - (.DuckLink.) [HKLM][64Bits] -- DuckCapture_is1
O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr
~ Logic: 26 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\APN DTX]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Ecommfactory]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Funmoods] =>PUP.Funmoods
[HKCU\Software\IGearSettings]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver
[HKCU\Software\InstalledThirdPartyPrograms]
[HKCU\Software\Kllabs]
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager
[HKCU\Software\d57df88e53cb910] =>Hijacker.Eazel
[HKCU\Software\iLivid] =>Adware.Bandoo
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\로컬 응용 프로그램 마법사에서 생성된 응용 프로그램]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\InstalledThirdPartyPrograms]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager
[HKLM\Software\Wow6432Node\click-n-mark-5]
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager
~ Key Software: 363 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 29/08/2013 - 23:58:12 - [0,042] ----D C:\Program Files (x86)\Alinéa
O43 - CFD: 25/10/2013 - 21:22:02 - [0,883] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 02/01/2014 - 21:11:16 - [0,008] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 11/12/2011 - 11:45:42 - [18,777] ----D C:\Program Files (x86)\DuckLink
O43 - CFD: 27/05/2013 - 07:03:41 - [0,492] ----D C:\Program Files (x86)\Howard
O43 - CFD: 03/01/2014 - 01:01:50 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 11/12/2013 - 11:41:49 - [137,703] ----D C:\Program Files (x86)\PokerStars.FR
O43 - CFD: 02/01/2014 - 21:49:02 - [0] ----D C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 04/01/2014 - 14:06:41 - [4,093] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 05/02/2013 - 23:34:56 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 21/11/2012 - 12:16:28 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 25/10/2013 - 21:22:01 - [0] ----D C:\ProgramData\Conduit
O43 - CFD: 05/06/2013 - 12:17:26 - [0,002] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 24/12/2013 - 17:44:08 - [0,460] ----D C:\ProgramData\SaveSenseLive =>PUP.SaveSense
O43 - CFD: 07/05/2013 - 11:05:48 - [1,198] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 02/01/2014 - 21:26:44 - [0] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 05/02/2013 - 23:34:56 - [0,024] ----D C:\Users\Roland\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 02/01/2014 - 20:58:08 - [6,649] ----D C:\Users\Roland\AppData\Roaming\Desk 365 =>Hijacker.22Find
O43 - CFD: 11/12/2011 - 11:45:45 - [0,001] ----D C:\Users\Roland\AppData\Roaming\DuckLink
O43 - CFD: 15/08/2013 - 21:13:44 - [0] ----D C:\Users\Roland\AppData\Roaming\Etvy
O43 - CFD: 05/06/2013 - 12:17:25 - [0,308] ----D C:\Users\Roland\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 17/04/2013 - 18:45:03 - [0] ----D C:\Users\Roland\AppData\Roaming\Funmoods =>PUP.Funmoods
O43 - CFD: 02/01/2014 - 21:02:48 - [0,073] ----D C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 04/01/2014 - 22:20:54 - [1,228] ----D C:\Users\Roland\AppData\Roaming\newnext.me
O43 - CFD: 05/06/2013 - 12:18:49 - [31,647] ----D C:\Users\Roland\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 24/12/2013 - 17:44:05 - [0,190] ----D C:\Users\Roland\AppData\Roaming\SaveSense =>PUP.SaveSense
O43 - CFD: 15/08/2013 - 21:13:32 - [0,002] ----D C:\Users\Roland\AppData\Roaming\Yssyic
O43 - CFD: 02/01/2014 - 21:10:28 - [0,002] ----D C:\Users\Roland\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard
O43 - CFD: 04/01/2014 - 10:53:49 - [0,561] ----D C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod
O43 - CFD: 02/01/2014 - 21:21:32 - [0] ----D C:\Users\Roland\AppData\Local\Conduit
O43 - CFD: 07/02/2013 - 14:18:53 - [0,060] ----D C:\Users\Roland\AppData\Local\DashBoard
O43 - CFD: 02/01/2014 - 22:52:25 - [1,224] ----D C:\Users\Roland\AppData\Local\genienext
O43 - CFD: 02/01/2014 - 21:16:46 - [0] ----D C:\Users\Roland\AppData\Local\Lollipop =>Adware.Lollipop
O43 - CFD: 04/01/2014 - 17:54:46 - [4,055] ----D C:\Users\Roland\AppData\Local\PokerStars.FR
O43 - CFD: 24/12/2013 - 17:44:08 - [0] ----D C:\Users\Roland\AppData\Local\SaveSenseLive =>PUP.SaveSense
~ 677 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 952 Legitimates Filtered in 00mn 28s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.2FC74FEE31D520CC1FE7D8AC113D7C96] - 02/01/2014 - 21:21:32 ---A- . (...) -- C:\logFileUI.txt [1994]
O44 - LFC:[MD5.D7C994B36F2896BFAF40B41A35FF510E] - 24/12/2013 - 17:49:08 ---A- . (...) -- C:\Windows\win.ini [751]
~ Files: 11 Legitimates Filtered in 00mn 06s
---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.463B89DBC54276AD8E12FA923FAFB58D] - 04/01/2014 - 17:37:35 ---A- - C:\Windows\Prefetch\AXSHLEXHLPER.EXE-33866C98.pf
O45 - LFCP:[MD5.F31CD234340611B398C73858518F915D] - 04/01/2014 - 20:45:01 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CHROME-45969D36.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.9D3D838377F155547F963D67ABD97AA8] - 04/01/2014 - 20:45:01 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-FIREFO-6D651FCF.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.2A594B599AC91AA055947DC53A03D0F2] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-CODEDO-E3E1E7A4.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.4A835BA53EBEFF85CDAD9E0D3DD0D8C6] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-ENABLE-92543077.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.5FAD00E3C0D5B7CF3101723260BB64F3] - 04/01/2014 - 20:46:00 ---A- - C:\Windows\Prefetch\WEDOWNLOAD MANAGER PRO-UPDATE-950ECCEB.pf =>PUP.weDownloadManager
O45 - LFCP:[MD5.CD5F34B2ADF6D24763273658AD2EFFD7] - 04/01/2014 - 21:44:00 ---A- - C:\Windows\Prefetch\UPDATE~1.EXE-6A905DAB.pf
~ Prefetcher: 77 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.19B006B181E3875FD254F7B67ACF1E7C] - 16/07/2009 - 10:38:40 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\System32\Drivers\ASACPI.sys [15416]
O58 - SDL:[MD5.A4D308271A72D6EDCD328CF08ED4A7F5] - 18/07/2012 - 14:17:00 ---A- . (.Windows (R) Win 7 DDK provider - Dokan Filesystem Driver.) -- C:\Windows\System32\Drivers\dokan.sys [112296]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.7DB54C30F684D591F42CC966EE6BA6A3] - 23/07/2012 - 12:32:41 ---A- . (.Yune Software - MsgPlusDriver WDM Driver.) -- C:\Windows\System32\Drivers\MsgPlusDriver.sys [102160]
O58 - SDL:[MD5.B9B215F461E3A0034CFC303729E857CB] - 25/01/2007 - 18:48:40 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\sncamd.sys [33664]
O58 - SDL:[MD5.AC8F1EF394FAF226B64A8E937E6D812B] - 13/02/2008 - 11:35:46 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\System32\Drivers\snp2sxp.sys [12379136]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.64F88AF327AA74E03658AE32B48CCB8B] - 28/09/2009 - 09:22:00 ---A- . (...) -- C:\Windows\System32\Drivers\yk62x64.sys [395264]
O58 - SDL:[MD5.ADAA34740E9F6AFF94CC75D5CF8ED7E2] - 04/01/2008 - 13:34:42 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp32.sys [10216]
O58 - SDL:[MD5.EDAA17CE771C696655B6585F7CAD2100] - 04/01/2008 - 13:34:48 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsInsHelp64.sys [11832]
O58 - SDL:[MD5.A82C01606DC27D05D9D3BFB6BB807E32] - 04/08/2009 - 09:28:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\AsIO.sys [13440]
O58 - SDL:[MD5.9F66C4BD06334BB772317C438644EF74] - 25/01/2007 - 18:48:34 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\sncamd.sys [25472]
O58 - SDL:[MD5.01B4B8B721345692D53F10B584B3D5D8] - 13/02/2008 - 11:34:50 ---A- . (.Pas de propriétaire - USB2.0 PC Camera driver.) -- C:\Windows\SysWOW64\drivers\snp2sxp.sys [12067328]
O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 24/07/2006 - 16:05:00 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [5632]
~ Drivers: 17 Legitimates Filtered in 00mn 04s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 02/01/2014 - 22:37:25 ---A- . (...) -- C:\Users\Roland\.android\adbkey [1704]
O61 - LFC: 02/01/2014 - 22:37:25 ---A- . (...) -- C:\Users\Roland\.android\adbkey.pub [716]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgdecider.log.1 [65649]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgui.log.1 [131107]
O61 - LFC: 02/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\BrowserSafeguard\cookies.dat [2410] =>PUP.BrowserSafeguard
O61 - LFC: 02/01/2014 - 22:37:27 ---A- . (...) -- C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Local State [27]
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\accelerate [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\1\angrybirds.db [994] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\35\Gmail.db [778] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\35\Gmail.ico [13262] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\39\ESPN.db [920] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\39\ESPN.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\3\BigFarm.db [890] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico [82726] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\41\gcalendar.db [858] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\42\pulse.db [764] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\42\pulse.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\4\Empire.db [872] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\4\Empire.ico [82726] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\62\ddtank2.db [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:01 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\app\config\62\ddtank2.ico [9662] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\desk_bkg_list.xml [1434] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\desk_list.xml [5746] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\firstrun [0] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\MyPC Backup_1518c4428b70e68d7c7fe3dc6fc79395.ico [381678] =>PUP.MyPCBackup
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\OptimizerPro_c2d9d05d85fc77155ab18cf7e6c1493e.ico [34494] =>PUP.OptimizerPro
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\firefox_6216140546fa71bd2f849bf522bac615.ico [85989] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\icons\iexplore_cd43287845fd8cb65cb6f7a93ff66e9d.ico [82151] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\process_mgr.xml [220] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote.xml [5926] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\337.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\GameCenter.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Google_1eed88936b91d2b6bc341da82c727a8f.ico [9662] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\barbie.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\google.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\mario.ico [15086] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\twitter.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\v9.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\promote\youtube.ico [13942] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_104.ico [99567] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_107.ico [79781] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:02 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Desk 365\sysicons\83f241e79de36dffdfbd037cd1780688_21.ico [29926] =>Hijacker.22Find
O61 - LFC: 02/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\mysearchdial\icons_2.2.13.1338\62.ico [39438] =>Adware.MyWebSearch
O61 - LFC: 02/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\mysearchdial\icons_2.2.13.1338\80.ico [36894] =>Adware.MyWebSearch
O61 - LFC: 02/01/2014 - 22:38:05 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\Softplicity\TotalPDFConverter\desktop.xml [1255]
O61 - LFC: 02/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\daemonprocess.txt [842]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgcfg.log.1 [65651]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\Avg2014\log\avgcore.log.1 [131207]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod\alarms.db [6144]
O61 - LFC: 04/01/2014 - 22:37:26 ---A- . (...) -- C:\Users\Roland\AppData\Local\C3D71579-2DE9-400E-9E66-8F35FF5E6273.aplzod\main.db [581632]
O61 - LFC: 04/01/2014 - 22:38:04 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\newnext.me\nengine.cookie [3072]
O61 - LFC: 04/01/2014 - 22:38:05 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\WB.CFG [68]
O61 - LFC: 04/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\ZHP\Log.txt [19279] =>.Nicolas Coolman
O61 - LFC: 04/01/2014 - 22:38:09 ---A- . (...) -- C:\Users\Roland\AppData\Roaming\ZHP\TestsZHPDiag.txt [2840] =>.Nicolas Coolman
~ 68 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 1424 Legitimates Filtered in 00mn 43s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {D77A81F8-5FA2-47FE-BFB6-DF53BC357BBD} [DefaultScope] - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\Nero 9.2.5+Keygen(Torrent-GoDz).rar =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked\pdf2word.exe =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked\pdf2word.v3x.loader.whitelionatx.zip =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\pdf2word.v3.0 cracked.zip =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\TechSmith SnagIt v9.1.0 Incl Keygen [Systic-D]\snagit.exe =>P2P.Azureus
D:\Roland\Documents\Documents\Roland sauvegarde\Mes documents\Azureus Downloads\TechSmith SnagIt v9.1.0 Incl Keygen [Systic-D]\Torrent_downloaded_from_Demonoid.com.txt =>P2P.Azureus
~ Files: Scanned in 00mn 16s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.154F3E364E5356168B976EE1A79AE648] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe [1800040] =>Rogue.SmartPCFix
[MD5.C49A588C476A6FAA2FA5E98EE8A5F533] [SPRF][02/01/2014] (.Setup © - Setup.) -- C:\Users\Roland\AppData\Local\Temp\19036uninstall.exe [305152]
[MD5.858D895AD40DE9779E78C39A116F9553] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\BackupSetup.exe [10355400]
[MD5.B6753B0788DAEE441BF22AA0C1BF093B] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\BetterBrowseSetup.exe [231816]
[MD5.BFE5AD9DB25C0C2B02A899EBA6B838B8] [SPRF][20/10/2010] (.Yahoo! Inc. - BrowserPlus Uninstaller.) -- C:\Users\Roland\AppData\Local\Temp\bpuninstall.exe [428544]
[MD5.6433A2A9F4D570AE1172E465FB2E9DA4] [SPRF][04/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\ICReinstall_CodecPackage.exe [672752]
[MD5.2C2DEE4620EA727C47DEEC65C4B06516] [SPRF][08/12/2013] (.SIEN - Iminent.) -- C:\Users\Roland\AppData\Local\Temp\IMsetup.exe [2166112] =>Adware.IMBooster
[MD5.959FB591C9702648D3AB9265201DE83F] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\kll.bat [118]
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsa6464.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nscBC60.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsd3C89.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsd872F.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nse56DD.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsj48F6.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsjBC14.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsn15C4.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsn67BD.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsoB752.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsoD40.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspA160.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspA9EB.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspB9C0.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspC72B.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspD970.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nspE5F1.exe [110936] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nss5543.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nst128E.exe [167812] =>Toolbar.Conduit
[MD5.CBB0857B4E4C5D947A0933733F19AFFC] [SPRF][22/09/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsx7A8E.exe [110936] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsz450F.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Roland\AppData\Local\Temp\nsz544D.exe [167812] =>Toolbar.Conduit
[MD5.31FF25717E6840E28CD5E4C721769FA0] [SPRF][24/12/2013] (.SaveSense - SaveSense.) -- C:\Users\Roland\AppData\Local\Temp\sas.exe [1412560] =>PUP.SaveSense
[MD5.956BF52613867FBC4AC2598AF5D81CC2] [SPRF][02/01/2014] (.Amônétízé Ltd - Installer.) -- C:\Users\Roland\AppData\Local\Temp\setup__4757.exe [337448]
[MD5.89BBB9AF7FB26A19A72A18CC815D6B76] [SPRF][08/12/2013] (.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe [1489940] =>PUP.SpeedAnalysis
[MD5.EA5C1D73FB6840B69E5034ACE95684AF] [SPRF][15/10/2013] (.Conduit - Search Protect by conduit.) -- C:\Users\Roland\AppData\Local\Temp\SPStub.exe [68968] =>Toolbar.Conduit
[MD5.9FB9D49C2DB7EDD1084AB765D619F5C6] [SPRF][02/01/2014] (.Conduit - Search Protect by conduit.) -- C:\Users\Roland\AppData\Local\Temp\sp_downloader.exe [66368] =>Toolbar.Conduit
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][02/01/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\Roland\AppData\Local\Temp\System.Data.SQLite.dll [1053184]
[MD5.7CA420A4688109E2AB5844A2C753C905] [SPRF][15/10/2013] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Roland\AppData\Local\Temp\tb01NE.dll [5176096] =>Toolbar.Conduit
[MD5.B0F6507F8666E89DD9F192313D88EB98] [SPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Roland\AppData\Local\Temp\uninst1.exe [389632] =>PUP.Babylon
[MD5.EB6B2A8AA7EF5324866078C2038B95B8] [SPRF][02/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\Uninstall.exe [520114]
[MD5.18BB65E7709E8CFDFB1F3E287893C282] [SPRF][04/01/2014] (...) -- C:\Users\Roland\AppData\Local\Temp\uninstallkit.exe [97744]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][07/10/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_1a21.exe [987504]
[MD5.FD090C9793426809A037743D6255FFF3] [SPRF][22/09/2013] (.Yuna Software - Setup - Messenger Plus!.) -- C:\Users\Roland\AppData\Local\Temp\Update_a912.exe [987504]
[MD5.B91FE1536AB4D680DDD77469EA3FD4BF] [SPRF][22/12/2013] (...) -- C:\Program Files (x86)\vlc-2.1.2-win32.exe [24097311]
~ Files: 47 Legitimates Filtered in 00mn 03s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{48FD5251-9C0A-4615-942B-A8BA05667D41}" | In - None - P17 - TRUE | .(.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis
O87 - FAEL: "{C0D51AF8-C7E4-45EF-8F9F-923AC2DC2449}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - SpeedTestAnalysis.) -- C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis
~ Firewall: 253 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "6F42B19C92612E116B691276168807B9" . (.PDF Split And Merge Basic.) -- C:\Windows\Installer\{C91B24F6-1629-11E2-B696-21676188709B}\pdfsam.ico
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 86 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" =>Hijacker.Eazel
[HKCU\Software\d57df88e53cb910] =>PUP.Babylon^
~ Export Key Software: Scanned in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: Photos iCloud - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][24/12/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\d33bde.msi [3304960] =>PUP.SweetIM
~ WIS: 86 Legitimates Filtered in 00mn 15s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 04/01/2012 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 04/01/2012 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 25/11/2011 427640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Demand 20/12/2013 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WinkHandler) . (...) - C:\Program Files (x86)\Iminent\WinkHandler.exe =>Adware.IMBooster
SR - | Auto 21/08/2010 1079368 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/12/2011 3975088 | (afcdpsrv) . (.Acronis.) - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
SR - | Auto 18/08/2009 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 11/11/2013 3478544 | (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
SR - | Auto 24/09/2013 348008 | (avgwd) . (.AVG Technologies CZ, s.r.o..) - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 27/06/2013 128000 | (MsgPlusService) . (.Yuna Software.) - C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SR - | Auto 25/05/2010 2139400 | (OS Selector) . (...) - C:\Program Files (x86)\Acronis\DiskDirector\OSS\reinstall_svc.exe
SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe
SR - | Auto 13/06/2013 4150112 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 09/12/2013 1771544 | (vToolbarUpdater17.2.0) . (.AVG Secure Search.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Services: Scanned in 00mn 16s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Roland at 04/01/2014 22:38:57
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Roland at 04/01/2014 22:38:59
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 30/03/1747 - 19:43:41 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [530488]
~ Emulateurs: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13018 - (02/01/2014)
Clés trouvées (Keys found) : 220
Valeurs trouvées (Values found) : 13
Dossiers trouvés (Folders found) : 39
Fichiers trouvés (Files found) : 100
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}] =>PUP.weDownloadManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442C-B14C-3D1081953C94}] =>PUP.BubbleDock^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0] =>Toolbar.AVGSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\WinkHandler] =>Adware.IMBooster^
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23AF19F7-1D5B-442c-B14C-3D1081953C94}] =>Adware.SPointer
[HKLM\Software\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}] =>PUP.Minibar
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4b90-AC6A-D3874F591014}] =>Adware.Bandoo
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F34C9277-6577-4DFF-B2D7-7D58092F272F}] =>PUP.Datamngr
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\APN DTX] =>Toolbar.Ask
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BlabbersToolbar] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\funmoods] =>PUP.Funmoods
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Wow6432Node\iLividSRTB] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\SOFTWARE\InstallCore\funmoods] =>PUP.Funmoods
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload] =>PUP.1ClickDownloader
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{8DEC3C75-9A5D-446C-B7B5-E4AB4FDD6309}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASAPI32] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Microsoft\Tracing\I Want This_RASMANCS] =>Adware.GamePlayLabs
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Classes\Interface\{16466D47-74A8-4928-B8B2-07CD79ABFC9F}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{26D5CC0A-7A46-4D86-AF45-2EFA320B0C54}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{2D13AC8F-037E-40C5-ADA6-231BA74EA2F4}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{322EDCF5-9E7D-4021-8C67-F3FFE4961A38}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{3E254398-828F-4D51-A39E-3F6B6D96A12C}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{442DAF0C-7EAD-48D9-ABEA-E0036470D6D5}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{58EB187D-24F8-4423-BD6C-655CE4C416BD}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{6BEB066C-A791-4A21-B934-7783533FE888}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A07612DF-B1DD-484F-A1C3-36CA4CE919D2}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{A76F97B2-2C56-456A-A29E-72741595C2E8}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{B19D9D96-E59C-4936-B283-8A831CDB3A53}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{DC8AAABA-3F8B-4866-8B3A-D9368133A478}] =>PUP.ClaroSearch
[HKLM\Software\Classes\Interface\{E15519AE-99BE-42DD-BE60-FFC3C183F443}] =>PUP.ClaroSearch
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\CrossriderApp0033440.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0043628.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT3307695] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220422362228}] =>PUP.CrossRider
[HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0033440.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0043628.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3307695] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341140}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220422362228}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341140}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411361128}] =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:removeiLividdatamngr =>Adware.Bandoo^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{84FF7BD6-B47F-46F8-9130-01B2696B36CB} =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{F34C9277-6577-4DFF-B2D7-7D58092F272F} =>PUP.Datamngr
C:\Program Files (x86)\Desk 365 =>Hijacker.22Find^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\SaveSenseLive =>PUP.SaveSense^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\Roland\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\Roland\AppData\Roaming\Desk 365 =>Hijacker.22Find^
C:\Users\Roland\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\Roland\AppData\Roaming\Funmoods =>PUP.Funmoods^
C:\Users\Roland\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\Roland\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\Roland\AppData\Roaming\SaveSense =>PUP.SaveSense^
C:\Users\Roland\AppData\Local\BrowserSafeguard =>PUP.BrowserSafeguard^
C:\Users\Roland\AppData\Local\Lollipop =>Adware.Lollipop^
C:\Users\Roland\AppData\Local\SaveSenseLive =>PUP.SaveSense^
C:\Program Files (x86)\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files (x86)\BrowserCompanion =>PUP.Blabbers
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\Optimizer Pro =>PUP.OptimizerPro
C:\Program Files (x86)\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Roland\AppData\Roaming\BrowserCompanion =>PUP.Blabbers
C:\Users\Roland\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Roland\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Roland\AppData\Local\Software =>Adware.Boxore
C:\Users\Roland\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\Roland\AppData\LocalLow\searchresultstb =>Toolbar.Agent
C:\Users\Roland\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Roland\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\Roland\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\Roland\AppData\Local\Temp\Installer =>Adware.InstallPedia
C:\Users\Roland\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl =>Adware.PlusHD
C:\Program Files (x86)\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe =>Toolbar.AVGSearch^
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe =>Toolbar.AVGSearch^
C:\Windows\Tasks\MySearchDial.job =>Adware.MyWebSearch^
C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-enabler.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job =>Adware.PlusHD^
C:\Windows\Tasks\Plus-HD-2.6-updater.job =>Adware.PlusHD^
C:\Windows\Tasks\SaveSense.job =>PUP.SaveSense^
C:\Windows\Tasks\weDownload Manager Pro-chromeinstaller.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-codedownloader.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-enabler.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-firefoxinstaller.job =>PUP.weDownloadManager^
C:\Windows\Tasks\weDownload Manager Pro-updater.job =>PUP.weDownloadManager^
C:\Users\Roland\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.exe =>PUP.SaveSense^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-chromeinstaller.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-codedownloader.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-enabler.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-firefoxinstaller.exe =>PUP.weDownloadManager^
C:\Program Files (x86)\weDownload Manager Pro\weDownload Manager Pro-updater.exe =>PUP.weDownloadManager^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr^
[HKCU\Software\Datamngr] =>PUP.Datamngr^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\Funmoods] =>PUP.Funmoods^
[HKCU\Software\SaveSenseLive] =>PUP.SaveSense^
[HKCU\Software\WeDlMngr] =>PUP.weDownloadManager^
[HKCU\Software\iLivid] =>Adware.Bandoo^
[HKLM\Software\WEDL] =>PUP.weDownloadManager^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Plus-HD-2.6] =>Adware.PlusHD^
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia^
[HKLM\Software\Wow6432Node\WEDL] =>PUP.weDownloadManager^
[HKLM\Software\Wow6432Node\supWPM] =>PUP.WpManager^
C:\Users\Roland\AppData\Local\Temp\1374509789_SmartPCFixInstaller_ITNTDigiC_appsP.exe =>Rogue.SmartPCFix^
C:\Users\Roland\AppData\Local\Temp\IMsetup.exe =>Adware.IMBooster^
C:\Users\Roland\AppData\Local\Temp\nsa6464.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nscBC60.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsd3C89.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsd872F.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nse56DD.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsj48F6.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsjBC14.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsn15C4.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsn67BD.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsoB752.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsoD40.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspA160.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspA9EB.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspB9C0.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspC72B.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspD970.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nspE5F1.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nss5543.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nst128E.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsx7A8E.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsz450F.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\nsz544D.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\sas.exe =>PUP.SaveSense^
C:\Users\Roland\AppData\Local\Temp\SpeedAnalysisSetup-1-.exe =>PUP.SpeedAnalysis^
C:\Users\Roland\AppData\Local\Temp\SPStub.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\sp_downloader.exe =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\tb01NE.dll =>Toolbar.Conduit^
C:\Users\Roland\AppData\Local\Temp\uninst1.exe =>PUP.Babylon^
[HKCU\Software\d57df88e53cb910\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\d57df88e53cb910] =>PUP.Babylon^^
C:\Windows\Installer\d33bde.msi =>PUP.SweetIM^
C:\Users\Roland\AppData\Local\Temp\HXf1Qjil.exe.part =>Toolbar.Conduit
C:\Users\Roland\AppData\Local\Temp\Umbrella.exe26192b =>Adware.IMBooster
~ Additionnel Scan: 313869 Items scanned in 00mn 34s
---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/38126906-hijacker-nationzoom =>Hijacker.NationZoom
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/32930303-pup-wedownloadmanager =>PUP.weDownloadManager
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32037290-rogue-smartpcfix =>Rogue.SmartPCFix
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28138048-adware-plushd =>Adware.PlusHD
~ http://nicolascoolman.webs.com/apps/blog/show/36853930-pup-savesense =>PUP.SaveSense
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/35115580-pup-vittalia =>PUP.Vittalia
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/34407192-pup-minibar =>PUP.Minibar
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/27280149-pup-blabbers =>PUP.Blabbers
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26967630-adware-installpedia =>Adware.InstallPedia
~ MSI: 50 link(s) detected in 00mn 34s
~ 3558 Legitimates filtered by white list
End of the scan (1189 lines in 03mn 31s)(6)