~ Rapport de ZHPDiag v2013.10.25.66 - Nicolas Coolman (25/10/2013) ~ Lancé par user (26/10/2013 12:34:35) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16721 GCIE: Google Chrome v30.0.1599.101 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : B3YWM Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système Avira Free Antivirus v13.0.0.4042 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer µTorrent v3.3.0.29677 =>P2P.µTorrent ---\\ Surveillance de Logiciels Adobe Flash Player 9 ActiveX Adobe Reader 9.5.4 - Français Java 7 Update 40 ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1909 MB (8% free) System Restore: Activé (Enable) System drive C: has 45 GB (25%) free of 176 GB ---\\ Mode de connexion au système ~ Computer Name: USER-PC ~ User Name: user ~ All Users Names: user, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\user\AppData\Roaming\ ~ %Desktop% : C:\Users\user\Desktop\ ~ %Favorites% : C:\Users\user\Favorites\ ~ %LocalAppData% : C:\Users\user\AppData\Local\ ~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 176 Go) D: Hard drive, Flash drive, Thumb drive (Free 118 Go of 122 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows ~ Security Center: 47 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.E4FEB264B47360B7296AEA4E052F88D8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:28:06.) -- C:\Windows\System32\wininet.dll [1767936] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 12:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 00:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 13:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 08:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/5251 ~ Mes musiques (My Musics) : 1/1327 ~ Mes Videos (My Videos) : 1/29 ~ Mes Favoris (My Favorites) : 1/18 ~ Mes Documents (My Documents) : 1/13914 ~ Mon Bureau (My Desktop) : 4/831 ~ Menu demarrer (Programs) : 1/27 ~ Hidden Files: Scanned in 01mn 02s ---\\ Processus lancés [MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- c:\program files\avira\antivir desktop\avgnt.exe [347192] [PID.4732] [MD5.FE98E6FB01FE9A1A7274FD7865B82900] - (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\program files\avira\antivir desktop\avcenter.exe [328760] [PID.3532] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.14432] [MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe [844752] [PID.1492] [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.16564] [MD5.CC82669653807DFC27DF3B73ECE5EECD] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [8135168] [PID.15340] ~ Processes Running: Scanned in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [acganlmcjehnfmehkmlimgkaloifodlf] Koji NISHIDA v.2 (Activé) G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (Désactivé) =>PUP.SweetIM G2 - GCE: Preference [User Data\Default] [jplinpmadfkdgipabgcdchbdikologlh] 1Click Downloader v.1.6 (Désactivé) G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Security Toolbar v.14.1.0.10 (Désactivé) ~ Google Browser: 20 Legitimates Filtered in 04mn 09s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org ~ IE Browser: 11 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: 01NET.com - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM ~ BHO: 22 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch O3 - Toolbar: 01NET.com Toolbar - [HKLM]{8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{8E5025C2-8EA3-430D-80B8-A14151068A6D} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: BIMx pour ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\Extensions\BIM Explorer\BIM Explorer.exe O4 - GS\Desktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) -- C:\Program Files\Speccy\Speccy.exe O4 - GS\Program [Public]: Turbo Squid Tentacles 32-bit.lnk . (.Turbo Squid - Turbo Squid Tentacles Frontend.) -- C:\Program Files\Turbo Squid Tentacles\TSStore.exe O4 - GS\QuickLaunch [user]: ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD Starter.exe O4 - GS\QuickLaunch [user]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\TaskBar [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\Program [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\SystemTools [user]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - GS\Desktop [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\Desktop [user]: WinZip.lnk . (...) -- C:\Program Files\WinZip\WINZIP32.exe (.not file.) ~ Global Startup: 57 Legitimates Filtered in 00mn 04s ---\\ Applications lancées au démarrage du sytème (O4) O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [autodetect] . (.Pas de propriétaire - AutoDect.) -- C:\Program Files\Internet Haut Débit Mobile\AutoDect.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1243204835-3674121785-2205346301-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Clé orpheline O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55 O17 - HKLM\System\CCS\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55 O17 - HKLM\System\CS1\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55 O17 - HKLM\System\CS2\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe O23 - Service: (vToolbarUpdater17.0.12) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch ~ Services: 17 Legitimates Filtered in 00mn 07s ---\\ Tâches planifiées en automatique (O39) [MD5.00000000000000000000000000000000] [APT] [Norton Security Scan for user] (...) -- C:\Program Files\NORTON~2\Engine\372~1.5\Nss.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1C9E10CE-E145-4233-835C-0A2484E10848}] (...) -- E:\archicad\Crack\Archicad.v11.build.897_Crk.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{9EF6F727-5358-4ED0-AB17-E8C49645A2DF}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [0] ~ Scheduled Task: 23 Legitimates Filtered in 00mn 09s ---\\ Logiciels installés (O42) O42 - Logiciel: 1ClickDownloader - (.1ClickDownload.) [HKLM] -- 1ClickDownloader =>PUP.1ClickDownloader O42 - Logiciel: IB Updater Service - (...) [HKLM] -- WNLT =>Adware.InstallBrain O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM] -- {0C43FE6B-E881-4AFC-B384-4AEBC90047E8} =>PUP.SweetIM O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM ~ Logic: 133 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\IGearSettings] [HKCU\Software\IM] [HKCU\Software\ImInstaller] [HKCU\Software\IncrediMail] [HKCU\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\TestSelf] [HKCU\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\ASGVIS] [HKLM\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\ICL] [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\TsPluginMax] ~ Key Software: 171 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/06/2012 - 14:51:21 - [2,481] ----D C:\Program Files\1ClickDownload =>PUP.1ClickDownloader O43 - CFD: 07/01/2013 - 21:56:19 - [1,492] ----D C:\Program Files\Climate5.3 O43 - CFD: 14/08/2012 - 15:34:45 - [0,609] ----D C:\Program Files\Conduit O43 - CFD: 06/06/2013 - 14:14:27 - [11,631] ----D C:\Program Files\SweetIM =>PUP.SweetIM O43 - CFD: 18/04/2012 - 22:58:36 - [2,139] ----D C:\ProgramData\ASGVIS O43 - CFD: 06/06/2013 - 14:14:34 - [0,878] ----D C:\ProgramData\SweetIM =>PUP.SweetIM O43 - CFD: 18/05/2013 - 18:46:22 - [0,457] ----D C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org O43 - CFD: 18/05/2013 - 18:53:09 - [0,163] ----D C:\Users\user\AppData\Local\B1E O43 - CFD: 06/06/2013 - 14:14:36 - [2,533] ----D C:\Users\user\AppData\Local\Conduit O43 - CFD: 18/01/2012 - 10:32:14 - [0,428] ----D C:\Users\user\AppData\Local\GS-LW-Temp ~ 733 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 949 Legitimates Filtered in 01mn 12s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4445876A199BF8E9C03864C19C588A9B] - 26/10/2013 - 10:50:31 ----- . (...) -- C:\UsbFix [Scan 1] USER-PC.txt [11225] O44 - LFC:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 26/10/2013 - 11:04:02 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624] O44 - LFC:[MD5.60FBD844F21F7C92927D27EA0634998F] - 26/10/2013 - 11:47:17 ----- . (...) -- C:\UsbFix [Scan 3] USER-PC.txt [11571] O44 - LFC:[MD5.7794A9DBCFEA0D9B9BF18F8DB1C2D196] - 26/10/2013 - 11:52:53 ---A- . (...) -- C:\UsbFix [Clean 3] USER-PC.txt [10932] O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192] O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192] ~ Files: 60 Legitimates Filtered in 00mn 09s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{06760e05-74c6-11e1-bed5-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) O51 - MPSK:{18b4f22e-34b9-11e3-9ff4-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.) O51 - MPSK:{7ce58d35-0e76-11e2-8272-74de2b74ff58}\AutoRun\command. (...) -- F:\Système_Windows\Installer.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch ~ SMSR Keys: 11 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Drivers: 16 Legitimates Filtered in 00mn 02s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (01NET.com Customized Web Search) - http://search.conduit.com O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM ~ Keys: Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "TCP Query User{2A2965C6-39DD-4A2E-98A0-C728FCA69791}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.) O87 - FAEL: "UDP Query User{82C5B734-E8E9-420A-82B5-4AE4D6E2EA8B}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.) O87 - FAEL: "{C78F4C19-FFD5-495A-8F58-6B6A14822413}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.) O87 - FAEL: "{7E83F425-C575-4616-AD30-EF296FD9BD10}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.) O87 - FAEL: "{85C498F1-3867-4502-B356-8428EA6301EC}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.) O87 - FAEL: "{3EE08BBD-C24D-4D9B-BC05-34C5C26594F9}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.) O87 - FAEL: "{E7563B63-BD4B-4383-BE44-CCD873B0BA26}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.) O87 - FAEL: "{9E27C791-4CA1-4E56-9F68-B17062906757}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.) O87 - FAEL: "TCP Query User{E39724D7-D2DA-4483-AF2B-B0302DD810B5}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P6 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe O87 - FAEL: "UDP Query User{8AB8098D-CBF5-4E8B-BF7E-AE9156090A06}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P17 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe O87 - FAEL: "{4886BC05-70F1-48C9-B263-630B3310C92B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.) O87 - FAEL: "{8E99852D-A71B-46AD-BD39-2A32B1677606}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.) O87 - FAEL: "TCP Query User{58E2FC74-2204-4134-8355-DD57AF27A240}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.) O87 - FAEL: "UDP Query User{199259E9-417F-4AF4-AFA8-DC0D1F82535B}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.) O87 - FAEL: "TCP Query User{0D2EEF60-BCAC-4ABD-9E1E-3A07BBE8678E}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.) O87 - FAEL: "UDP Query User{897E25E8-48E3-4E1A-A25E-03855096D44C}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.) O87 - FAEL: "TCP Query User{3DF1810E-D3E8-4B67-A863-DA0C5F83BBD4}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.) O87 - FAEL: "UDP Query User{92C6DADF-B0B3-4E9C-8233-41B6CD31D71B}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.) O87 - FAEL: "TCP Query User{B1641171-D881-471D-B7FB-031E7611FE4C}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader O87 - FAEL: "UDP Query User{F40AF539-49DD-49EB-B8E5-CBFB3BCE54C2}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader O87 - FAEL: "{73BC8BE4-4D44-48E6-9A65-934A95640D32}" | In - Public - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O87 - FAEL: "{72509DB1-0DE9-40F4-A47D-1C620BBFBAFF}" | In - Public - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O87 - FAEL: "TCP Query User{D6FE3158-CBD0-4E23-ADC1-192D59A04567}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.) O87 - FAEL: "UDP Query User{8AB5A4C4-A200-497A-9A0A-A37D27FEB827}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.) O87 - FAEL: "TCP Query User{EFBE3843-8B59-4CD0-A010-2E204118148F}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.) O87 - FAEL: "UDP Query User{E5C5C27B-CA40-4C26-868D-0BFE666CBD2D}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.) O87 - FAEL: "{BB95B326-7CFC-41F5-B906-574B5C334EBB}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O87 - FAEL: "{82A9DFA8-1D94-42A4-9916-A0F1E6A55D58}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM O87 - FAEL: "{02D0355E-D1E8-4E24-9079-698CC071EAE9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.) O87 - FAEL: "{5363C77C-1C1B-4FBF-8563-F9636AA83B33}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.) O87 - FAEL: "{1F1E154A-CA11-4AEE-A0A7-80F4F09A9D33}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{A81FD846-C81E-41C1-8897-E4D001B10C99}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{531A2609-BE48-4E5C-B2C7-8AF3333B884E}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) O87 - FAEL: "{ED88F6B7-805F-4E55-BFF9-D25C649ACB70}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.) ~ Firewall: 237 Legitimates Filtered in 00mn 03s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM O90 - PUC: "C44265B016B7C0407A93E392DD4ECDC3" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit.) -- C:\Windows\Installer\{0B56244C-7B61-040C-A739-3E29DDE4DC3C}\ico_product O90 - PUC: "F1E640A77BEB8C94382E871E1F6CC506" . (.Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe ~ Update Products: 146 Legitimates Filtered in 00mn 03s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.39509F7D4B7E345BE537D01B3E1ABEB9] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\309df.msi [3760128] =>PUP.SweetIM [MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\30a44.msi [3304960] =>PUP.SweetIM [MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\30a59.msi [2997248] =>PUP.SweetIM [MD5.BBF4134424D0556F36DC086028750937] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\30a5f.msi [2579456] =>PUP.SweetIM [MD5.BFB448F9E0DCB89E0574F7087BC1FFF1] [WIS][07/01/2011] (.Google, Inc. - Google SketchUp 8 Installer.) -- C:\Windows\Installer\940f42.msi [57286144] [MD5.E0257E6D5AC3CC1DFC98A7B62A7B300C] [WIS][10/03/2008] (.Turbo Squid - Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\b96fd.msi [9166848] ~ WIS: 152 Legitimates Filtered in 00mn 49s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 23/10/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 23/10/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SS - | Disabled 23/10/2013 815160 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe SS - | Auto 09/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe SS - | Auto 09/05/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe SS - | Auto 14/02/2012 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe SS - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SS - | Demand 23/12/2011 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Auto 24/06/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 24/06/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe SS - | Auto 20/05/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Auto 16/12/2011 1796200 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe SR - | Auto 23/07/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SS - | Auto 19/03/2008 65536 | (mi-raysat_3dsMax2009_32) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe SS - | Auto 22/10/2013 655712 | (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe SS - | Auto 29/11/2012 38608 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SS - | Auto 23/07/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Auto 03/10/2013 1734680 | (vToolbarUpdater17.0.12) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 54s ---\\ Scan Additionnel (O88) Database Version : 12960 - (25/10/2013) Clés trouvées (Keys found) : 183 Valeurs trouvées (Values found) : 4 Dossiers trouvés (Folders found) : 16 Fichiers trouvés (Files found) : 7 [HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5025C2-8EA3-430D-80B8-A14151068A6D}] =>Toolbar.Conduit^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12] =>Toolbar.AVGSearch^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader] =>PUP.1ClickDownloader^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.InstallBrain^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Sweetpacks Communicator] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\vProt] =>Toolbar.AVGSearch^ [HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent [HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade [HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM [HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware.BullseyeToolbar [HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype [HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon [HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch [HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing [HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\S] =>Toolbar.Agent [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch [HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\sim-packages] =>Toolbar.Agent [HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch [HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch [HKLM\Software\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent [HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit [HKLM\Software\Iminent] =>Adware.IMBooster [HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong [HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKCU\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\WNLT] =>Adware.IncrediBar [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Adware.SimilarSites [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch [HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing [HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM [HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM [HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit [HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit [HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch [HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch [HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch [HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM [HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM [HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM [HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM [HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{EEE6C35B-6118-11DC-9C72-001320C79847} =>PUP.SweetIM^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^ [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent C:\Program Files\1ClickDownload =>PUP.1ClickDownloader^ C:\Program Files\SweetIM =>PUP.SweetIM^ C:\ProgramData\SweetIM =>PUP.SweetIM^ C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org^ C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch C:\Program Files\Conduit =>Toolbar.Conduit C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch C:\Users\user\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch C:\Users\user\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\user\AppData\Local\B1E =>Toolbar.BrotherSoft C:\Users\user\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch C:\Users\user\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\user\AppData\LocalLow\PriceGong =>Adware.PriceGong C:\Users\user\AppData\LocalLow\SweetIM =>PUP.SweetIM C:\Users\user\AppData\Local\Temp\avg@toolbar =>Toolbar.AVGSearch C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKLM\Software\Conduit] =>Toolbar.Conduit^ C:\Windows\Installer\309df.msi =>PUP.SweetIM^ C:\Windows\Installer\30a44.msi =>PUP.SweetIM^ C:\Windows\Installer\30a59.msi =>PUP.SweetIM^ C:\Windows\Installer\30a5f.msi =>PUP.SweetIM^ ~ Additionnel Scan: 462667 Items scanned in 00mn 53s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader ~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain ~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/30703839-hijacker-searchb1org =>Hijacker.SearchB1org ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods ~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade ~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar ~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype ~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing ~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong ~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites ~ MSI: 16 link(s) detected in 00mn 53s ~ 1997 Legitimates filtered by white list End of the scan (725 lines in 09mn 46s)(0)