~ Rapport de ZHPDiag v2013.9.4.601 - Nicolas Coolman  (04/09/2013)
~ Lancé par samsung (05/09/2013 08:39:56)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v29.0.1547.62 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 32-bit  (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 2BT4J
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
McAfee Security Scan Plus v3.0.318.3
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 ActiveX
Adobe Reader XI
Java 7 Update 13

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3004 MB (71% free)
System Restore: Désactivé (Disabled)
System drive C: has 85 GB (59%) free of 141 GB

---\\ Mode de connexion au système
~ Computer Name: SAMSUNG-PC
~ User Name: samsung
~ All Users Names: samsung, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Users\samsung\AppData\Roaming\
~ %Desktop% : C:\Users\samsung\Desktop\
~ %Favorites% : C:\Users\samsung\Favorites\
~ %LocalAppData% : C:\Users\samsung\AppData\Local\
~ %StartMenu% : C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 85 Go of 141 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 133 Go of 141 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: Modified
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  Out Of Date
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 06:33:07.) -- C:\Windows\Explorer.exe [2614784]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 - 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -- C:\Windows\System32\sppcomapi.dll [193024]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:35:40.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:33:46.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:43:41.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:12:21.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.A8F59428E9F361C7AC42A94AC1560BC9] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:58:11.) -- C:\Windows\system32\Drivers\ntfs.sys [1210728]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:12:11.) -- C:\Windows\system32\Drivers\tdx.sys [74240]
[MD5.59F06B4968E58BC83DFC56CA4517960E] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 17:48:29.) -- C:\Windows\system32\Drivers\volsnap.sys [245616]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1619
~ Mes musiques (My Musics) : 5/449
~ Mes Videos (My Videos) : 1/17
~ Mes Favoris (My Favorites) : 1/457
~ Mes Documents (My Documents) : 1/704
~ Mon Bureau (My Desktop) : 2/200
~ Menu demarrer (Programs) : 1/79
~ Hidden Files:  Scanned in 00mn 33s



---\\ Processus lancés au démarrage du système
[MD5.97101B7CCCFA2BDFEFC2E0B84205D144] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [8120864] [PID.2164]
[MD5.E4A94D17436B4E9F53CD64D08E53D964] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   [1713448] [PID.2260]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe   [91136] [PID.2328]
[MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe   [835072] [PID.2344]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe   [716800] [PID.2352]
[MD5.54FA8528EDA1B6B34615F4EA3FCB35E6] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe   [103720] [PID.2652]
[MD5.167F9E5AF87B57763DAAA27D3144C2A0] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe   [2201192] [PID.2660]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe   [300912] [PID.2668]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe   [91432] [PID.2744]
[MD5.BFC91929336304802B21DC380F178444] - (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe   [1113296] [PID.2768]
[MD5.6E3C60AC09E03CAEF32AE3DEFD0CC410] - (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe   [1693904] [PID.2792]
[MD5.985D3D06EC34875FF34A30328EE1BFEF] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [141848] [PID.2964]
[MD5.EA5391AE556E86F2749DC82BF51694F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [175640] [PID.2976]
[MD5.267FBD8817AB1B060BF25596D3DC65D5] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [169496] [PID.2988]
[MD5.744B13B59F3201DBCB52E469C4798531] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe   [1278064] [PID.2996]
[MD5.11DFC7FF30B9B44F1477989C8FFF478F] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe   [115032] [PID.3008]  =>PUP.SweetIM
[MD5.45945F39F2F6D08A0FAEC275E68FFC5A] - (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe   [295728] [PID.3024]  =>PUP.SweetIM
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.3044]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe   [295512] [PID.3064]
[MD5.0612CE1B7B47888399E72886BB320B3A] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe   [3373968] [PID.3404]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe   [272248] [PID.3432]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files\Micro Application\LauncherMA.exe   [485376] [PID.3460]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files\Microsoft Office\Office12\ONENOTEM.exe   [97680] [PID.3480]
[MD5.0728D66EDDEE1253373E5C3025068FEB] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe   [179224] [PID.992]
[MD5.0EACE1D3ED62A8C15D5979CCB2640A42] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe   [268824] [PID.2932]
[MD5.2A4F72E6C43FAEE62A341F2FC24A442C] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe   [103720] [PID.5040]
[MD5.1DE123E71FF306C076147813047AF987] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7874560] [PID.5008]
~ Processes Running:  Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www.holasearch.com  =>Hijacker.HolaSearch
G0 - GCSP: Preference [User Data\Default] http://www.holasearch.com  =>Hijacker.HolaSearch
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.0.0.0 (Désactivé)  =>PUP.SweetIM
~ Google Browser: 10 Legitimates Filtered in 00mn 06s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl.dll
P2 - FPN: [HKLM] [@viewpoint.com/VMP] - (.Pas de propriétaire - MetaStream 3 Plugin r4.) -- C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll  =>Adware.MetaStream
~ Firefox Browser: 26 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com  =>PUP.SweetIM
~ IE Browser: 11 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
~ BHO: 24 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: GamesBar - [HKLM]{6F282B65-56BF-4BD1-A8B2-A4449A05863D} . (.Oberon Media Ltd. - GamesBar.) -- C:\Program Files\GamesBar\oberontb.dll  =>Adware.GamesBar
O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\BingExt.dll  =>Toolbar.Bing
O3 - Toolbar: McAfee SiteAdvisor Toolbar - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll  =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 
O4 - HKLM\..\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe 
O4 - HKLM\..\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [UpdatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe 
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe 
O4 - HKLM\..\Run: [UpdatePPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [UpdatePSTShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [APLangApp] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe 
O4 - HKLM\..\Run: [UCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe 
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\windows\system32\igfxtray.exe 
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\windows\system32\hkcmd.exe 
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\windows\system32\igfxpers.exe 
O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe 
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe  =>PUP.SweetIM
O4 - HKLM\..\Run: [Sweetpacks Communicator] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe  =>PUP.SweetIM
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\update\realsched.exe 
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe 
O4 - HKCU\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe 
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe 
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe 
O4 - HKUS\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\windows\explorer.exe 
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: AIM 6.1.lnk . (.AOL LLC - AIM.)  -- C:\Program Files\AIM6\aim6.exe 
O4 - GS\QuickLaunch: Cradle of Rome.lnk . (...)  -- C:\Program Files\MyPlayCity.com\Cradle of Rome\Cradle of Rome.exe
O4 - GS\QuickLaunch: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.)  -- C:\Program Files\Free Audio Pack\Easy Audio Cutter\AudioCutter.exe 
O4 - GS\QuickLaunch: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.)  -- C:\Program Files\Free Audio Pack\Free CD Ripper\FreeCDRipper.exe 
O4 - GS\QuickLaunch: Free Mp3 Wma Converter.lnk . (.Koyote Soft - Free Audio Converter.)  -- C:\Program Files\Free Audio Pack\FreeConverter\FreeConverter.exe 
O4 - GS\QuickLaunch: Game Manager.lnk . (...)  -- C:\Program Files\bfgclient\bfgclient.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe 
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.)  -- C:\Program Files\Samsung\Kies\Kies.exe 
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\windows\system32\eudcedit.exe 
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\windows\system32\WFS.exe 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files\Skype\Phone\Skype.exe 
O4 - Global Startup: C:\Users\samsung\Desktop\Antivirus Security Pro support.url . (...)  -- C:\Users\samsung\Desktop\Antivirus Security Pro support.url
O4 - GS\Desktop: Antivirus Security Pro.lnk . (...)  -- C:\ProgramData\nX3n9r6n\nX3n9r6n.exe
O4 - GS\Desktop: Juillet 2012 - Raccourci.lnk . (...)  -- C:\Users\Public\Pictures\IMAGES POEMES\Juillet 2012 
O4 - GS\Desktop: Mahjong In Poculis.lnk . (...)  -- C:\games\In-Poculis\Mahjong In Poculis\MahjongLauncher.exe
O4 - GS\Desktop: stockvault-stuck-in-a-place103985 - Raccourci.lnk . (...)  -- C:\Users\samsung\Downloads\stockvault-stuck-in-a-place103985.jpg 
O4 - GS\Desktop: winrar_winrar_4.2_32_bits_francais_9632 - Raccourci.lnk . (...)  -- C:\Users\samsung\Downloads\winrar_winrar_4.2_32_bits_francais_9632.exe
O4 - GS\Desktop: wrar420fr - Raccourci.lnk . (...)  -- C:\Users\samsung\Downloads\wrar420fr.exe
~ Global Startup:  Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: GamesBar - {1A93C934-025B-4c3a-B38E-9654A7003239} -- Clé orpheline  =>Adware.GamesBar
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] http.ma-config.com
O15 - Trusted Zone: [HKCU\...\Domains] http.touslesdrivers.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{601FFCA8-F0C1-4F20-B9B1-DEB8AB432C55}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{38DDC203-DF02-4E75-8B3F-10D8DABC89F0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog‚e\myst.exe (.not file.)   [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{3B62E680-05A9-45B2-9A62-A731DCFB4D64}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe   [3107593]
[MD5.00000000000000000000000000000000] [APT] [{4804DDDD-1480-46A6-93B3-7447B5DAC79D}] (...) -- C:\Program Files\PENDULO Studios\RUNAWAY 2 - The dream of the turtle\runaway2.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{75848A28-13ED-4004-9AD9-0973D7F517EE}] (...) -- C:\Program Files\Sherlock Holmes contre Arsene Lupin\Uninstall.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{8238FACF-03A1-4B52-A2A9-74009D72308F}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.)   [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{8AB99E56-6745-45C4-A4F4-428ADE0CBDA6}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe   [3107593]
[MD5.00000000000000000000000000000000] [APT] [{99A63362-73AF-45B8-A720-3E419165958B}] (...) -- E:\setup.exe (.not file.)   [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{A4A30852-B729-4811-9242-87029BEE58AD}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe   [3107593]
[MD5.00000000000000000000000000000000] [APT] [{A86C59FF-D79D-4512-B511-D3964E67CDCF}] (...) -- C:\Program Files\Red Orb\Myst l'Apog‚e\myst.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{AA725A8D-8763-45FC-8650-0ABEB0A797B0}] (...) -- C:\Program Files\Red Orb\Myst l'Apog‚e\myst.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{CF81A4A9-FA4C-4C39-A034-BF68FBDBF015}] (...) -- C:\Program Files\Micro Application\L'Ile Noy‚e\L'Ile Noyee.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D29D2E0E-2E20-4954-9029-56DE22570D66}] (...) -- C:\Program Files\Grim Tales - La Malediction des Gray\Uninstall.exe (.not file.)   [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{E83CF1B1-06EA-45FC-BD3E-8CE64E40E221}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe   [3107593]
[MD5.00000000000000000000000000000000] [APT] [{EE1F089B-12F0-419E-A083-EEF84B4CA9F0}] (...) -- C:\Program Files\Micro Application\Dreamfall\dreamfall.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{F042DBF6-FCE3-4576-9021-7B5FFAEE886E}] (...) -- C:\Program Files\Les Secrets de la Famille Flux - La Galerie Secrete\Uninstall.exe (.not file.)   [0]
[MD5.6AF832996C93DE62D23B28D28EBE941C] [APT] [{F4C4FA8D-E8E3-4060-BE90-E0D37758656C}] (...) -- C:\Program Files\THQ\Les Chevaliers de Baphomet - Le Manuscrit de Voynich\bs3pc.exe   [3107593]
~ Scheduled Task: 42 Legitimates Filtered in 00mn 08s



---\\ Logiciels installés (O42)
O42 - Logiciel: Aura II: Les Anneaux Sacrés - (...) [HKLM] -- BFG-Aura II - Les Anneaux Sacres
O42 - Logiciel: Cradle of Egypt - (...) [HKLM] -- BFG-Cradle of Egypt
O42 - Logiciel: MOZART version 1.0 - (...) [HKLM] -- Mozart, Le Dernier Secret_is1
O42 - Logiciel: Naissance de la Perse - (...) [HKLM] -- {39E7F3FE-5653-4C67-9DE3-3A75B18B2FA2}
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {7683B745-6060-41FD-AA75-0BBB383FEAD4}  =>PUP.SweetIM
O42 - Logiciel: Update Manager for SweetPacks 1.0 - (.SweetIM Technologies Ltd..) [HKLM] -- {FB697452-8CA4-46B4-98B1-165C922A2EF3}  =>PUP.SweetIM
~ Logic: 126 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Alexa Internet]
[HKCU\Software\GamesBar]  =>Adware.GamesBar
[HKCU\Software\Softonic]  =>Toolbar.Conduit
[HKCU\Software\SweetIM]  =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar]  =>Toolbar.Yahoo
[HKLM\Software\ASK]
[HKLM\Software\AedgePerformanceBCN]  =>Adware.SPointer
[HKLM\Software\Conduit]  =>Toolbar.Conduit
[HKLM\Software\GamesBarSetup]  =>Adware.GamesBar
[HKLM\Software\MetaStream]  =>Adware.MetaStream
[HKLM\Software\SweetIM]  =>PUP.SweetIM
~ Key Software: 208 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/05/2013 - 13:04:02 - [-1358,311] ----D C:\Program Files\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:04:10 - [136,061] ----D C:\Program Files\Cradle of Egypt
O43 - CFD: 12/05/2013 - 13:03:26 - [0,096] ----D C:\Program Files\Dam22
O43 - CFD: 12/05/2013 - 13:04:22 - [0,588] ----D C:\Program Files\GamesBar  =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 13:03:23 - [1,023] ----D C:\Program Files\Iminent  =>Adware.IMBooster
O43 - CFD: 08/07/2013 - 20:57:17 - [0,015] ----D C:\Program Files\MyPC Backup  =>PUP.MyPCBackup
O43 - CFD: 12/05/2013 - 13:03:00 - [0,207] ----D C:\Program Files\PC Performer  =>Rogue.PCPerformer
O43 - CFD: 04/07/2012 - 12:24:15 - [11,167] ----D C:\Program Files\SweetIM  =>PUP.SweetIM
O43 - CFD: 29/10/2011 - 17:49:38 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/10/2012 - 15:00:26 - [0] ----D C:\ProgramData\Babylon  =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:25:25 - [0,081] ----D C:\ProgramData\BrowserProtect  =>Hijacker.Eazel
O43 - CFD: 01/12/2011 - 19:41:46 - [0,201] ----D C:\ProgramData\GamesBar  =>Adware.GamesBar
O43 - CFD: 12/05/2013 - 11:25:02 - [0,002] ----D C:\ProgramData\IBUpdaterService  =>Adware.InstallBrain
O43 - CFD: 12/05/2013 - 11:24:22 - [0,030] ----D C:\ProgramData\Iminent  =>Adware.IMBooster
O43 - CFD: 04/09/2013 - 07:56:48 - [0,631] ----D C:\ProgramData\nX3n9r6n
O43 - CFD: 12/03/2010 - 09:34:25 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 04/07/2012 - 12:24:15 - [1,284] ----D C:\ProgramData\SweetIM  =>PUP.SweetIM
O43 - CFD: 12/05/2013 - 13:00:53 - [0,376] ----D C:\Users\samsung\AppData\Roaming\BabSolution  =>Hijacker.BabSolution
O43 - CFD: 24/10/2012 - 15:00:25 - [0,013] ----D C:\Users\samsung\AppData\Roaming\Babylon  =>Toolbar.Babylon
O43 - CFD: 12/05/2013 - 11:24:25 - [0,016] ----D C:\Users\samsung\AppData\Roaming\Iminent  =>Adware.IMBooster
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aura II - Les Anneaux Sacres
O43 - CFD: 12/05/2013 - 13:05:50 - [0,003] ----D C:\Users\samsung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cradle of Egypt
~ 1335 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1670 Legitimates Filtered in 06mn 17s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0   [20608]
O44 - LFC:[MD5.D7A811D0314293DAFC923EB2772FB20C] - 05/09/2013 - 07:45:04 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0   [20608]
O44 - LFC:[MD5.DE873C114B01C11F7FF8F196A4EB9CEC] - 05/09/2013 - 07:34:25 ---A- . (...) -- C:\Windows\ntbtlog.txt   [82012]
~ Files: 9 Legitimates Filtered in 01mn 52s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.E6F53D6C0DEA3D375362265E175CA638] - 24/02/2010 - 11:22:10 ---A- . (.Protect Software GmbH - ProtectDisc x64/x86 Hybrid Driver.) -- C:\Windows\System32\Drivers\acedrv11.sys   [185472]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 23/11/2011 - Pas de propriétaire (cel90xbe)  .(...) - LEGACY_CEL90XBE
~ Legacy: 93 Legitimates Filtered in 00mn 01s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {86EEBFBA-5AD7-4941-B5A1-3DCF090BC34B} [DefaultScope] - (Recherche sécurisée) - http://fr.search.yahoo.com  =>Toolbar.Yahoo
O69 - SBI: SearchScopes [HKCU] {9C8AA45B-2BF4-485B-B9F0-CD1D046EB2A8} - (Ask Search) - http://websearch.ask.com  =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com  =>PUP.SweetIM
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.35C085BFBB76B23551A9125553BB892D] [SPRF][25/08/2010] (...) -- C:\ProgramData\ezsidmv.dat   [56]
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][17/08/2009] (...) -- C:\ProgramData\FullRemove.exe   [131368]
[MD5.3880EEB1C736D853EB13B44898B718AB] [SPRF][03/09/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\82337.bat   [94]
[MD5.745F5132AD9D75AA046883FB6979EA96] [SPRF][15/02/2007] (.AOL LLC - AOL Firewall Helper.) -- C:\Users\samsung\AppData\Local\Temp\AOLFirewallMgr.dll   [95792]
[MD5.6E1799926209C193FDB2E05A271C5B49] [SPRF][08/07/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\BackupSetup.exe   [10340624]
[MD5.67C2E58C28F913B0B3A298A5388ADA76] [SPRF][01/09/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\bfguni.exe   [192341]
[MD5.5012F080FCCF701E2CD6B045AC7814D9] [SPRF][23/11/2011] (...) -- C:\Users\samsung\AppData\Local\Temp\cel90xbe.sys   [15872]
[MD5.E6B0306D0317C59043BA8BF9161314E9] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\CmdLineExt03.dll   [40448]
[MD5.581028DE1EEC761F302B047DF95E5DC4] [SPRF][23/09/2009] (...) -- C:\Users\samsung\AppData\Local\Temp\FlashLockV228.exe   [1249280]
[MD5.C4B7EC166D7330D10F7FEA2291E15157] [SPRF][25/08/2010] (...) -- C:\Users\samsung\AppData\Local\Temp\GoogleChromeInstaller.exe   [579888]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_ICReinstall_setup.exe   [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_ICReinstall_setup.exe   [1074664]
[MD5.92EFF4CDBEEC018DE942757D3803FAC5] [SPRF][04/07/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\ICReinstall_setup.exe   [1074664]
[MD5.3FCC0155BA9DA001D8803D321AEF65C3] [SPRF][21/03/2010] (.AOL LLC - Install Support Library.) -- C:\Users\samsung\AppData\Local\Temp\instSup.dll   [63024]
[MD5.8A4AF3B0695F29186AD02E2FD766FA3B] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SQLite DLL.) -- C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll   [393016]  =>PUP.SweetIM
[MD5.6D1B120A2DD57F5A867A97114DE3602E] [SPRF][21/03/2010] (.AOL LLC. - ProgUpd.) -- C:\Users\samsung\AppData\Local\Temp\progupd.dll   [83504]
[MD5.D6A91A20DE7C2828F433842F98725FD9] [SPRF][10/01/2012] (.Ask - Wrapper Application.) -- C:\Users\samsung\AppData\Local\Temp\setup.exe   [3884200]
[MD5.992E52F7F30376894FF23B089521605C] [SPRF][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe   [6204760]  =>PUP.SweetIM
[MD5.1A3D1A7349253561EF89D017F6EDD5FC] [SPRF][04/07/2012] (.SweetIM Technologies Lt - This installer.) -- C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe   [2626512]  =>PUP.SweetIM
[MD5.7DB4F105F12A2B4D7EEE292A13078F14] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf16.dll   [12305]
[MD5.B38A66481D17FDBC4D6B8268725B963C] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntf32.dll   [17324]
[MD5.E67786798537591A688F967DCDDAC472] [SPRF][10/10/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\SIntfNT.dll   [22068]
[MD5.E03F2F24BCA457A35E1E26732AFE4A2F] [SPRF][05/11/2012] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.4-win32.exe   [22912657]
[MD5.E563A65BAEA25CEF8F49FB0228CB8555] [SPRF][24/01/2013] (...) -- C:\Users\samsung\AppData\Local\Temp\vlc-2.0.5-win32.exe   [22916830]
[MD5.38785EBA617F326B08D30D6FD8272135] [SPRF][12/08/2013] (...) -- C:\Users\samsung\AppData\Roaming\wklnhst.dat   [11242]
[MD5.006C83751B9F17934B58085D0B7BDA2C] [SPRF][24/01/2007] (.America Online, Inc. - AOL Media Playback Control.) -- C:\Windows\Downloaded Program Files\ampAx3.0.84.2.dll   [841304]
[MD5.6F678556A6FCE04FC94F3435F6313705] [SPRF][21/03/2010] (...) -- C:\Windows\Downloaded Program Files\unagiuninst.exe   [38428]
~ Files: 50 Legitimates Filtered in 01mn 11s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{55459D38-6804-45EF-8DCE-9C41DDD1275C}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe  =>PUP.SweetIM
O87 - FAEL: "{68457E8C-4A6E-4F22-AFEF-22B7B05E6ABE}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe  =>PUP.SweetIM
~ Firewall: 198 Legitimates Filtered in 00mn 03s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4340C4778499EED41AE496DC3D613EC6" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe  =>PUP.SweetIM
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico  =>Toolbar.Bing
~ Update Products: 104 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.B144B2E367FC30C5020085DABB617B82] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\13b4d5f.msi   [3704832]  =>PUP.SweetIM
[MD5.966926090F3A80BB8622AD569A484169] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\13b4d65.msi   [3119104]  =>PUP.SweetIM
[MD5.85C5DEF2B079CA6E8CA7FCBD45793BEF] [WIS][04/07/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.0.) -- C:\Windows\Installer\13b4d6b.msi   [2243584]  =>PUP.SweetIM
~ WIS: 109 Legitimates Filtered in 00mn 17s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 11/05/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 24/08/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Demand 28/02/2011 183560 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\BBSvc.exe
SR - | Auto 30/08/2011 390504 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24/06/2010 233472 |  (FsUsbExService) . (.Teruten.) - C:\windows\system32\FsUsbExService.exe
SR - | Auto 08/03/2010 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 08/03/2010 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 16/08/2012 194032 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 04/08/2013 1783632 |  (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 31/08/2012 167784 |  (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SS - | Demand 05/02/2013 235216 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe
SR - | Auto 31/08/2012 167784 |  (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 |  (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 |  (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 31/08/2012 167784 |  (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 16/11/2012 279048 |  (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SR - | Auto 31/08/2012 167784 |  (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 19/02/2013 203840 |  (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 19/02/2013 169320 |  (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 19/02/2013 172416 |  (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
SR - | Auto 31/08/2012 167784 |  (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
SR - | Auto 13/08/2009 44312 |  (OberonGameConsoleService) . (...) - C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
SR - | Auto 16/04/2013 39056 |  (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 07/07/2009 247152 |  (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SR - | Auto 25/02/2011 249648 |  (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\BingBar\SeaPort.exe
SS - | Auto 03/06/2013 162408 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Disabled 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 21s



---\\ Scan Additionnel (O88)
Database Version : v2.12882 - (04/09/2013)
Clés trouvées (Keys found) : 161
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 22
Fichiers trouvés  (Files found) : 20

[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FB697452-8CA4-46B4-98B1-165C922A2EF3}]   =>PUP.SweetIM^
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}]   =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}]   =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}]   =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}]   =>Adware.RecordNRip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}]   =>Toolbar.AskTBar
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}]   =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a93c934-025b-4c3a-b38e-9654a7003239}]   =>Adware.GamesBar
[HKLM\Software\Microsoft\Internet Explorer\extensions\{1a93c934-025b-4c3a-b38e-9654a7003239}]   =>Adware.GamesBar
[HKLM\Software\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}]   =>Adware.MetaStream
[HKLM\Software\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}]   =>Adware.MetaStream
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}]   =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}]   =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}]   =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}]   =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}]   =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}]   =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{ad76633e-e50d-4844-9e7f-4dfbc7c18467}]   =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}]   =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe]   =>PUP.SweetIM
[HKLM\Software\Classes\axmetastream.metastreamctl]   =>Adware.MetaStream
[HKLM\Software\Classes\axmetastream.metastreamctl.1]   =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary]   =>Adware.MetaStream
[HKLM\Software\Classes\AxMetaStream.MetaStreamCtlSecondary.1]   =>Adware.MetaStream
[HKLM\Software\Classes\oberontb.band]   =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.band.1]   =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO]   =>Adware.GamesBar
[HKLM\Software\Classes\oberontb.GamesBarBHO.1]   =>Adware.GamesBar
[HKLM\Software\Classes\sim-packages]   =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852]   =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\4340C4778499EED41AE496DC3D613EC6]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\4340C4778499EED41AE496DC3D613EC6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF]   =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF]   =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E]   =>Toolbar.Ask
[HKLM\Software\AedgePerformanceBCN]   =>Adware.SPointer
[HKCU\Software\gamesbar]   =>Adware.GamesBar
[HKLM\Software\gamesbar]   =>Adware.GamesBar
[HKLM\Software\GamesBarSetup]   =>Adware.GamesBar
[HKLM\Software\MetaStream]   =>Adware.MetaStream
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKCU\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Viewpoint]   =>Adware.MetaStream
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{774C0434-9948-4DEE-A14E-69CDD316E36C}]   =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}]   =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\gamesbar]   =>Adware.GamesBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer]   =>Adware.MetaStream
[HKLM\Software\MozillaPlugins\@viewpoint.com/VMP]   =>Adware.MetaStream
[HKCU\control panel\don't load]:wscui.cpl   =>Trojan.FakeAlert
[HKLM\Software\Classes\Prod.cap]   =>Toolbar.Babylon
[HKLM\Software\Classes\Installer\Features\547B38670606DF14AA57B0BB83F3AE4D]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F]   =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\254796BF4AC84B64891B61C529A2E23F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\254796BF4AC84B64891B61C529A2E23F]   =>PUP.SweetIM
[HKLM\Software\Classes\AppID\secman.DLL]   =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils]   =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1]   =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator]   =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar]   =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook]   =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{6F282B65-56BF-4BD1-A8B2-A4449A05863D}   =>Adware.GamesBar^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:SweetIM   =>PUP.SweetIM^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}   =>Toolbar.Avira
C:\Program Files\GamesBar   =>Adware.GamesBar^
C:\Program Files\Iminent   =>Adware.IMBooster^
C:\Program Files\MyPC Backup   =>PUP.MyPCBackup^
C:\Program Files\PC Performer   =>Rogue.PCPerformer^
C:\Program Files\SweetIM   =>PUP.SweetIM^
C:\ProgramData\Babylon   =>Toolbar.Babylon^
C:\ProgramData\BrowserProtect   =>Hijacker.Eazel^
C:\ProgramData\GamesBar   =>Adware.GamesBar^
C:\ProgramData\IBUpdaterService   =>Adware.InstallBrain^
C:\ProgramData\Iminent   =>Adware.IMBooster^
C:\ProgramData\SweetIM   =>PUP.SweetIM^
C:\Users\samsung\AppData\Roaming\BabSolution   =>Hijacker.BabSolution^
C:\Users\samsung\AppData\Roaming\Babylon   =>Toolbar.Babylon^
C:\Users\samsung\AppData\Roaming\Iminent   =>Adware.IMBooster^
C:\Program Files\Viewpoint   =>Adware.MetaStream
C:\Program Files\vGrabber-software   =>Toolbar.vGrabber
C:\ProgramData\Viewpoint   =>Adware.MetaStream
C:\ProgramData\Partner   =>Spyware.Partner
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar   =>Adware.GamesBar
C:\Users\samsung\AppData\Local\pixeasy Air   =>Adware.SPointer
C:\Users\samsung\AppData\Local\Temp\Iminent   =>Adware.IMBooster
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn   =>PUP.SweetIM
C:\Program Files\SweetIM\Messenger\SweetIM.exe   =>PUP.SweetIM^
C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe   =>PUP.SweetIM^
C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll   =>PUP.SweetIM^
C:\Program Files\GamesBar\oberontb.dll   =>Adware.GamesBar^
C:\Program Files\Microsoft\BingBar\BingExt.dll   =>Toolbar.Bing^
C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll   =>Toolbar.Google^
[HKCU\Software\GamesBar]   =>Adware.GamesBar^
[HKCU\Software\YahooPartnerToolbar]   =>Toolbar.Yahoo^
[HKLM\Software\Conduit]   =>Toolbar.Conduit^
C:\Users\samsung\AppData\Local\Temp\mgsqlite3.dll   =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\Shortcut_setup.exe   =>PUP.SweetIM^
C:\Users\samsung\AppData\Local\Temp\SIMEEIInstaller.exe   =>PUP.SweetIM^
C:\windows\Installer\{774C0434-9948-4DEE-A14E-69CDD316E36C}\ARPPRODUCTICON.exe   =>PUP.SweetIM^
C:\windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico   =>Toolbar.Bing^
C:\Windows\Installer\13b4d5f.msi   =>PUP.SweetIM^
C:\Windows\Installer\13b4d65.msi   =>PUP.SweetIM^
C:\Windows\Installer\13b4d6b.msi   =>PUP.SweetIM^
~ Additionnel Scan: 400200 Items scanned in 01mn 29s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28136809-hijacker-holasearch   =>Hijacker.HolaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27046242-adware-metastream   =>Adware.MetaStream
~ http://nicolascoolman.webs.com/apps/blog/show/26808625-adware-gamesbar  =>Adware.GamesBar
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing    =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google   =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo   =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer   =>Adware.SPointer
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster  =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup   =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon  =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel   =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain  =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution   =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask   =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip   =>Adware.RecordNRip
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke   =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira   =>Toolbar.Avira
~ http://nicolascoolman.webs.com/apps/blog/show/27632288-toolbar-vgrabber   =>Toolbar.vGrabber
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner   =>Spyware.Partner
~ MSI: 21 link(s) detected in 01mn 29s



~ 2635 Legitimates filtered by white list
End of the scan (790 lines in 12mn 42s)(0)