Publicité
Publicité
Format du document : text/plain
Prévisualisation
Script zhpfix
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified
G1 - GCS: Preference [User Data\Default] http://search.babylon.com =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [amfclgbdpgndipgoegfpkkgobahigbcl] Shopping Helper Smartbar v.1.4, (Activ�) =>Hijacker.SmartBar
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.3 (Activ�) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [mpcknfcdcgpffjddjeceioobdelceffo] Filesfrog Update Checker v.2.0.1 (Activ�) =>Adware.MegaSearch
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com] [] Plus-HD-1.6 v4.5.2.0 (..) =>Adware.PlusHD
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\toolbar@alot.com] [] ALOT Toolbar v2.4.18500 (..)
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20100830W (..) =>Toolbar.Google
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\{7cfeca73-7f54-a554-5353-c79e3038b97d}] [] Shopping Helper Smartbar v7.1.20100830W (..) =>Hijacker.SmartBar
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Music Remote - [HKLM]{D2C31D2B-35BE-4C2B-ACCB-A78877274E60} . (.KangoExtensions - Kango BHO.) -- C:\Program Files\Music Remote\1.0\KangoBHO.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-8087-36EE87E26986} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{31C322DC-5878-452E-A2D8-C4AAB9973C9A} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D2C31D2B-35BE-4C2B-ACCB-A78877274E60} Cl� orpheline
O4 - GS\Desktop [henri]: cacaoweb - Raccourci.lnk . (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKLM\..\Run: [RegistryMechanic] Cl� orpheline
O4 - HKLM\..\Run: [EoClock] Cl� orpheline
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-585597244-702006781-1601228100-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ParetoLogic Registration.job [442] =>PUP.Paretologic
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ParetoLogic Update Version2.job [416] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version2] (...) -- C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [{19F3A2CB-6A6D-48ED-A9F8-19A6D9B6145C}] (...) -- c:\Users\henri\LOGICIELS T�L�CHARG�S\VanBasco Karaoke 252.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C5992AC-C5DC-4494-8DB5-46E3D98AB17A}] (...) -- C:\Users\henri\Desktop\MechCompWEN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{424D3790-CE23-404E-9A45-169BDBEC47B2}] (...) -- C:\Users\henri\Desktop\GoogleSketchUpWFR.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4BF6AF25-75AB-464E-98DA-C2B4BBB5807A}] (...) -- C:\Users\henri\Desktop\VyzexPocketPOD1p05Setup\Vyzex Pocket POD 1.05 Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4C84F9F6-510D-4C12-BD40-F4528B627217}] (...) -- C:\Users\henri\Desktop\vanBasco's Karaoke Player\uninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8967CFDE-5EE8-4ED4-8FFD-A8AAD97C9EE4}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vkaraoke.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8E352242-DD78-4C6B-926E-81787EE3A53C}] (...) -- C:\Users\henri\Desktop\audacity-win-1.2.6.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB2CD42F-5B82-42A6-B2D0-B5A9E1B02AA7}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vanbasco_french.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AD0A1954-5B48-4CFE-A8C9-FCB7C5B30BCF}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vanBasco's Karaoke Player\uninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B27451CF-631C-40E2-B399-BCD4944BD70D}] (...) -- C:\Users\henri\Desktop\installer-54163-33-Cartoon-Maker-French.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B40D39B5-2A22-4957-9F6D-03E7B787BD3A}] (...) -- C:\Users\henri\Desktop\installer-65504-33-Audacity-French.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B99A6DCD-9052-455D-B114-92BBB0676FE1}] (...) -- I:\start.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C6644533-CE7A-4013-8C7D-80DC3D2149A6}] (...) -- C:\Users\henri\Desktop\OOo_2.4.0_Win32Intel_install_wJRE_fr.exe (.not file.) [0]
O42 - Logiciel: Shopping Helper Smartbar - (.ReSoft Ltd..) [HKLM] -- {9726F9E3-EE13-4601-B2AF-81B1413BD8AF} =>Hijacker.SmartBar
O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU] -- {31958fd8-b84a-41db-91f8-2ce3cf858e37} =>Hijacker.SmartBar
O43 - CFD: 20/05/2008 - 19:46:58 - [0] ----D C:\Users\henri\AppData\Roaming\MessengerSkinner =>PUP.MessengerSkinner
O43 - CFD: 01/07/2012 - 14:49:44 - [0] ----D C:\Users\henri\AppData\Local\TempSweetIM_Temp_Folder_15377502 =>PUP.SweetIM
O51 - MPSK:{185a2c9a-bde2-11dd-9443-001d7d21d3f6}\AutoRun\command. (...) -- C:\Windows\system32\E:\copy.exe (.not file.)
O51 - MPSK:{b1514e51-4b57-11dd-8498-001d7d21d3f6}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
O51 - MPSK:{b5bf062a-4f6b-11dd-a538-001d7d21d3f6}\AutoRun\command. (...) -- J:\LaunchU3.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O87 - FAEL: "TCP Query User{A9E98296-CD1B-4AC4-B498-236BD3CBA94A}C:\program files\oovoo\oovoo.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\oovoo\oovoo.exe (.not file.)
O87 - FAEL: "UDP Query User{3A725F75-5558-4B0E-9446-E49F8CDAF997}C:\program files\oovoo\oovoo.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\oovoo\oovoo.exe (.not file.)
O87 - FAEL: "{AD4F8081-BD53-49F3-AE89-63691B1422F8}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{84E4D4C8-6741-4D32-9C35-820B01D91DCA}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{7569F88A-D0E3-4349-A653-CAD3FC9B0CA5}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (2).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{5B535642-0509-4819-A988-66A730C68E97}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (2).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{FE7AA92C-884E-461D-BDC9-28F5FAAE7EE4}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetIMSetup (3).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{3EB30D71-DD98-44F2-B4EC-F962F8CE3C8D}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetIMSetup (3).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{A2D60A83-D68A-4D9E-850A-87AF33BFAD18}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{19CD86AA-B9D0-45DD-B719-407B791C4A5A}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{345AE5EB-1FB3-4EED-90A1-A64FC8EA570D}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{01606E58-3632-4D57-95B0-65513BEF15D1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{116991D5-FAB6-46D1-9892-D93FD249FDA2}C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{D023F495-3DCB-4427-991D-726E03DBFE9D}C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "617DD6FF01B79624F991FF0BA74CDC59" . (.Bing Bar.) -- C:\Windows\Installer\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}\icon_installer_ico =>Toolbar.Bing
[MD5.D25DA733104E6A1BDD66EC4748AC1B6E] [WIS][19/10/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\1b05573.msi [474624] =>Adware.Boxore
[MD5.4B25968F268FC5CC1D85589111FABDB4] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\285f106.msi [24576] =>Adware.Boxore
SR - | Auto 16/12/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
SR - | Demand 16/12/2013 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
[HKLM\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl] =>Hijacker.SmartBar^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\mpcknfcdcgpffjddjeceioobdelceffo] =>Adware.MegaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9726F9E3-EE13-4601-B2AF-81B1413BD8AF}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{31958fd8-b84a-41db-91f8-2ce3cf858e37}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0566a191-d675-4911-9c7e-50edbef90f32}] =>Adware.Zango
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201102}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl =>Hijacker.SmartBar^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo =>Adware.MegaSearch^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com =>Adware.PlusHD^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\jid1-FCM5fDwCW5M3AQ@jetpack =>Spyware.SmartDisplay^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} =>Toolbar.Google^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\{7cfeca73-7f54-a554-5353-c79e3038b97d} =>Hijacker.SmartBar^
C:\Users\henri\AppData\Roaming\MessengerSkinner =>PUP.MessengerSkinner^
C:\Users\henri\AppData\Local\TempSweetIM_Temp_Folder_15377502 =>PUP.SweetIM^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\Extensions\toolbar@alot.com =>Toolbar.Agent
C:\Windows\Tasks\ParetoLogic Registration.job =>PUP.Paretologic^
C:\Windows\Tasks\ParetoLogic Update Version2.job =>PUP.Paretologic^
C:\Windows\Installer\1b05573.msi =>Adware.Boxore^
C:\Windows\Installer\285f106.msi =>Adware.Boxore^
C:\Users\henri\Downloads\cacaoweb.exe =>PUP.CacaoWeb
SysRestore
FirewallRAZ
EmptyCLSID
EmptyTemp
EmptyFlash
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowPrinters: Modified
G1 - GCS: Preference [User Data\Default] http://search.babylon.com =>PUP.Babylon
G2 - GCE: Preference [User Data\Default] [amfclgbdpgndipgoegfpkkgobahigbcl] Shopping Helper Smartbar v.1.4, (Activ�) =>Hijacker.SmartBar
G2 - GCE: Preference [User Data\Default] [licjnkifamhpbaefhdpacpmihicfbomb] PricePeep v.2.2.0.3 (Activ�) =>Adware.PricePeep
G2 - GCE: Preference [User Data\Default] [mpcknfcdcgpffjddjeceioobdelceffo] Filesfrog Update Checker v.2.0.1 (Activ�) =>Adware.MegaSearch
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com] [] Plus-HD-1.6 v4.5.2.0 (..) =>Adware.PlusHD
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\jid1-FCM5fDwCW5M3AQ@jetpack] [] Smart Display v1.2 (..) =>Spyware.SmartDisplay
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\toolbar@alot.com] [] ALOT Toolbar v2.4.18500 (..)
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\{3112ca9c-de6d-4884-a869-9855de68056c}] [] Google Toolbar for Firefox v7.1.20100830W (..) =>Toolbar.Google
M2 - MFEP: prefs.js [henri - 4f1xmeuj.default\{7cfeca73-7f54-a554-5353-c79e3038b97d}] [] Shopping Helper Smartbar v7.1.20100830W (..) =>Hijacker.SmartBar
O3 - Toolbar: avast! Online Security - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Music Remote - [HKLM]{D2C31D2B-35BE-4C2B-ACCB-A78877274E60} . (.KangoExtensions - Kango BHO.) -- C:\Program Files\Music Remote\1.0\KangoBHO.dll
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: Bing Bar - [HKLM]{eec0f710-38b5-4aba-99bf-ec87564a4e13} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.3.124.0\BingExt.dll =>Toolbar.Bing
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{A057A204-BACC-4D26-8087-36EE87E26986} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{31C322DC-5878-452E-A2D8-C4AAB9973C9A} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D2C31D2B-35BE-4C2B-ACCB-A78877274E60} Cl� orpheline
O4 - GS\Desktop [henri]: cacaoweb - Raccourci.lnk . (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKLM\..\Run: [RegistryMechanic] Cl� orpheline
O4 - HKLM\..\Run: [EoClock] Cl� orpheline
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-585597244-702006781-1601228100-1002\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ParetoLogic Registration.job [442] =>PUP.Paretologic
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ParetoLogic Update Version2.job [416] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [ParetoLogic Update Version2] (...) -- C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe (.not file.) [0] =>PUP.Paretologic
[MD5.00000000000000000000000000000000] [APT] [{19F3A2CB-6A6D-48ED-A9F8-19A6D9B6145C}] (...) -- c:\Users\henri\LOGICIELS T�L�CHARG�S\VanBasco Karaoke 252.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C5992AC-C5DC-4494-8DB5-46E3D98AB17A}] (...) -- C:\Users\henri\Desktop\MechCompWEN.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{424D3790-CE23-404E-9A45-169BDBEC47B2}] (...) -- C:\Users\henri\Desktop\GoogleSketchUpWFR.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4BF6AF25-75AB-464E-98DA-C2B4BBB5807A}] (...) -- C:\Users\henri\Desktop\VyzexPocketPOD1p05Setup\Vyzex Pocket POD 1.05 Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4C84F9F6-510D-4C12-BD40-F4528B627217}] (...) -- C:\Users\henri\Desktop\vanBasco's Karaoke Player\uninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8967CFDE-5EE8-4ED4-8FFD-A8AAD97C9EE4}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vkaraoke.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8E352242-DD78-4C6B-926E-81787EE3A53C}] (...) -- C:\Users\henri\Desktop\audacity-win-1.2.6.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AB2CD42F-5B82-42A6-B2D0-B5A9E1B02AA7}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vanbasco_french.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AD0A1954-5B48-4CFE-A8C9-FCB7C5B30BCF}] (...) -- C:\Users\henri\LOGICIELS T�L�CHARG�S\vanBasco's Karaoke Player\uninst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B27451CF-631C-40E2-B399-BCD4944BD70D}] (...) -- C:\Users\henri\Desktop\installer-54163-33-Cartoon-Maker-French.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B40D39B5-2A22-4957-9F6D-03E7B787BD3A}] (...) -- C:\Users\henri\Desktop\installer-65504-33-Audacity-French.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B99A6DCD-9052-455D-B114-92BBB0676FE1}] (...) -- I:\start.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C6644533-CE7A-4013-8C7D-80DC3D2149A6}] (...) -- C:\Users\henri\Desktop\OOo_2.4.0_Win32Intel_install_wJRE_fr.exe (.not file.) [0]
O42 - Logiciel: Shopping Helper Smartbar - (.ReSoft Ltd..) [HKLM] -- {9726F9E3-EE13-4601-B2AF-81B1413BD8AF} =>Hijacker.SmartBar
O42 - Logiciel: Shopping Helper Smartbar Engine - (.ReSoft Ltd..) [HKCU] -- {31958fd8-b84a-41db-91f8-2ce3cf858e37} =>Hijacker.SmartBar
O43 - CFD: 20/05/2008 - 19:46:58 - [0] ----D C:\Users\henri\AppData\Roaming\MessengerSkinner =>PUP.MessengerSkinner
O43 - CFD: 01/07/2012 - 14:49:44 - [0] ----D C:\Users\henri\AppData\Local\TempSweetIM_Temp_Folder_15377502 =>PUP.SweetIM
O51 - MPSK:{185a2c9a-bde2-11dd-9443-001d7d21d3f6}\AutoRun\command. (...) -- C:\Windows\system32\E:\copy.exe (.not file.)
O51 - MPSK:{b1514e51-4b57-11dd-8498-001d7d21d3f6}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)
O51 - MPSK:{b5bf062a-4f6b-11dd-a538-001d7d21d3f6}\AutoRun\command. (...) -- J:\LaunchU3.exe (.not file.)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O87 - FAEL: "TCP Query User{A9E98296-CD1B-4AC4-B498-236BD3CBA94A}C:\program files\oovoo\oovoo.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\oovoo\oovoo.exe (.not file.)
O87 - FAEL: "UDP Query User{3A725F75-5558-4B0E-9446-E49F8CDAF997}C:\program files\oovoo\oovoo.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\oovoo\oovoo.exe (.not file.)
O87 - FAEL: "{AD4F8081-BD53-49F3-AE89-63691B1422F8}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{84E4D4C8-6741-4D32-9C35-820B01D91DCA}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (1).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{7569F88A-D0E3-4349-A653-CAD3FC9B0CA5}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (2).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{5B535642-0509-4819-A988-66A730C68E97}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetImSetup (2).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{FE7AA92C-884E-461D-BDC9-28F5FAAE7EE4}" |In - Public - P6 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetIMSetup (3).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{3EB30D71-DD98-44F2-B4EC-F962F8CE3C8D}" |In - Public - P17 - TRUE | .(...) -- C:\Users\henri\Downloads\SweetIMSetup (3).exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{A2D60A83-D68A-4D9E-850A-87AF33BFAD18}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{19CD86AA-B9D0-45DD-B719-407B791C4A5A}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (.not file.) =>PUP.Datamngr
O87 - FAEL: "{345AE5EB-1FB3-4EED-90A1-A64FC8EA570D}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "{01606E58-3632-4D57-95B0-65513BEF15D1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) =>PUP.SweetIM
O87 - FAEL: "TCP Query User{116991D5-FAB6-46D1-9892-D93FD249FDA2}C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{D023F495-3DCB-4427-991D-726E03DBFE9D}C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\henri\appdata\roaming\cacaoweb\cacaoweb.exe (.not file.) =>PUP.CacaoWeb
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "617DD6FF01B79624F991FF0BA74CDC59" . (.Bing Bar.) -- C:\Windows\Installer\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}\icon_installer_ico =>Toolbar.Bing
[MD5.D25DA733104E6A1BDD66EC4748AC1B6E] [WIS][19/10/2013] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\1b05573.msi [474624] =>Adware.Boxore
[MD5.4B25968F268FC5CC1D85589111FABDB4] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\285f106.msi [24576] =>Adware.Boxore
SR - | Auto 16/12/2013 193696 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
SR - | Demand 16/12/2013 247968 | (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
[HKLM\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl] =>Hijacker.SmartBar^
[HKLM\Software\Google\Chrome\Extensions\licjnkifamhpbaefhdpacpmihicfbomb] =>Adware.PricePeep^
[HKLM\Software\Google\Chrome\Extensions\mpcknfcdcgpffjddjeceioobdelceffo] =>Adware.MegaSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9726F9E3-EE13-4601-B2AF-81B1413BD8AF}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{31958fd8-b84a-41db-91f8-2ce3cf858e37}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0566a191-d675-4911-9c7e-50edbef90f32}] =>Adware.Zango
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6] =>PUP.SweetIM
[HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201102}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl =>Hijacker.SmartBar^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb =>Adware.PricePeep^
C:\Users\henri\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo =>Adware.MegaSearch^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com =>Adware.PlusHD^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\jid1-FCM5fDwCW5M3AQ@jetpack =>Spyware.SmartDisplay^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} =>Toolbar.Google^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\extensions\{7cfeca73-7f54-a554-5353-c79e3038b97d} =>Hijacker.SmartBar^
C:\Users\henri\AppData\Roaming\MessengerSkinner =>PUP.MessengerSkinner^
C:\Users\henri\AppData\Local\TempSweetIM_Temp_Folder_15377502 =>PUP.SweetIM^
C:\Users\henri\AppData\Roaming\Mozilla\Firefox\Profiles\4f1xmeuj.default\Extensions\toolbar@alot.com =>Toolbar.Agent
C:\Windows\Tasks\ParetoLogic Registration.job =>PUP.Paretologic^
C:\Windows\Tasks\ParetoLogic Update Version2.job =>PUP.Paretologic^
C:\Windows\Installer\1b05573.msi =>Adware.Boxore^
C:\Windows\Installer\285f106.msi =>Adware.Boxore^
C:\Users\henri\Downloads\cacaoweb.exe =>PUP.CacaoWeb
SysRestore
FirewallRAZ
EmptyCLSID
EmptyTemp
EmptyFlash