cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.17.19 - Nicolas Coolman (17/01/2014)
~ Lancé par Paulinho (18/01/2014 15:58:01)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 9YQTR
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
Avira Free Antivirus v14.0.2.286
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 10 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4061 MB (52% free)
System Restore: Activé (Enable)
System drive C: has 16 GB (13%) free of 116 GB

---\\ Mode de connexion au système
~ Computer Name: PAULINHO-PC
~ User Name: Paulinho
~ All Users Names: Paulinho, HomeGroupUser$, Administrateur,
~ Unselected Option: O45
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Paulinho\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Paulinho\AppData\Roaming\
~ %Desktop% : C:\Users\Paulinho\Desktop\
~ %Favorites% : C:\Users\Paulinho\Favorites\
~ %LocalAppData% : C:\Users\Paulinho\AppData\Local\
~ %StartMenu% : C:\Users\Paulinho\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 16 Go of 116 Go)
D: Hard drive, Flash drive, Thumb drive (Free 10 Go of 330 Go)
E: CD-ROM drive (Not Inserted)
Q: Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9B6678DB9C6A232C5A84D2FDFFF8B0E1] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 08:07:57.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/47
~ Mes musiques (My Musics) : 1/635
~ Mes Videos (My Videos) : 1/3
~ Mes Favoris (My Favorites) : 1/95
~ Mes Documents (My Documents) : 1/115
~ Mon Bureau (My Desktop) : 2/3488
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 04s



---\\ Processus lancés
[MD5.868E3486E7EC522330344152A5535783] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720] [PID.2992]
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.3092]
[MD5.C86FCC57039FB337D18786DDFECF447C] - (.ASUS - A tool used to switch network environment.) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe [1145400] [PID.3116]
[MD5.BB4CEE22CFE1C259F5C4279349EB879C] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [149824] [PID.3216]
[MD5.37DEB76A2CF005841C4E45DE2B94D84F] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3058304] [PID.4092]
[MD5.1C5A81304F4B3A24914E10E339E3D51A] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe [900440] [PID.3104] =>P2P.BitTorrent
[MD5.DFB13D3470844B6770FFB87DFC9FD340] - (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe [884744] [PID.2972]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3412]
[MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3428]
[MD5.D36DA0A5C531353C5FF5E29242649257] - (.Boingo Wireless, Inc. - Boingo Wi-Fi.) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe [365936] [PID.4192]
[MD5.EBA7FEB924D04E718870B6E1E07D2465] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [8493624] [PID.4228]
[MD5.29B129E019D5935C55541629677C2A69] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [159744] [PID.4248]
[MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016] [PID.4260]
[MD5.1DFDAAE21154299858F10DF216D6D865] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440] [PID.4276]
[MD5.FA28BD04DA2A14879F13565375E3488F] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512] [PID.4300]
[MD5.DD231039B13EC2ABDE315D76E658EF0E] - (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600] [PID.4308]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336] [PID.4384]
[MD5.6017CA94BE482BCB527D92C6D481B2CC] - (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe [287216] [PID.4452] =>PUP.Duuqu
[MD5.BAF535F843A3E790E04A7613811B55BC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.4468]
[MD5.FF00844CCD1A614C94818C10E422411B] - (.asus - ControlDeck.) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeck.exe [1079936] [PID.5764]
[MD5.9EDFB86FAA07BFED3C3D00211FAB6D82] - (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe [13446464] [PID.2080]
[MD5.CC02FE4520CA886508069245D9A6962F] - (.Microsoft Corporation - Internet Low-Mic Utility Tool.) -- C:\Program Files (x86)\Internet Explorer\IELowutil.exe [222720] [PID.2524]
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [806096] [PID.14020]
[MD5.BB4F6465EEB9ACAA5C60C36983740219] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [310352] [PID.15320] =>Toolbar.Google
[MD5.FDA1329BF7F5F92C71C692798B642BAC] - (.Avira Operations GmbH & Co. KG - Antivirus Control Center (Desktop).) -- C:\program files (x86)\avira\antivir desktop\avcenter.exe [661048] [PID.11840]
[MD5.8E5651B04BE775696B32F7F1F5DA8871] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8336896] [PID.8180]
[MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1180]
[MD5.FE79366FECD444A16CCA9979134DBEA8] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376] [PID.1380]
[MD5.FDE9C7030FB1E9E2715E113EE6A10F90] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376] [PID.1580]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.1608]
[MD5.9D519AAA21E622DF7DF27041E0917499] - (.Pas de propriétaire - DedicarzService.) -- C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe [1966960] [PID.1712]
[MD5.39B1D0A636A400304565D4521FAD6D77] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [207528] [PID.2172]
[MD5.77C5A741A7452812F278EF2C18478862] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [523944] [PID.2424]
[MD5.FD557A50A65E44041CD2FCEF4BEB04DB] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822504] [PID.2820]
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [135664] [PID.1236]
[MD5.A434FB7C05F244E8E46C23F8075082ED] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe [178744] [PID.3188]
[MD5.D62088F1C4E7B3477AD2A5F8F5C6DEF3] - (.Pas de propriétaire - Atouch64.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe [301624] [PID.3264]
[MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe [2488888] [PID.4480]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe [113208] [PID.4908]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe [174648] [PID.4936]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2664]
[MD5.5D61BE7DB55B026A5D61A3EED09D0EAD] - (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408] [PID.5948] =>Toolbar.Google
[MD5.2A3FB4C98F139038E23330D2439DB8A4] - (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\Invité\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096] [PID.5144]
[MD5.8FEDBE7A5D3E5F91FD4B96DAFA4DD197] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Invité\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1199576] [PID.168]
[MD5.5883D86F8C22B1E5F78627E4AF19B234] - (.Apple Inc. - Apple Photostreams Uploader Executable.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720] [PID.6600]
~ Processes Running: Scanned in 00mn 01s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Paulinho\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js
C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js
C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\user.js
M3 - MFPP: Plugins - [Paulinho] -- C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Mysearchdial.xml =>Adware.MyWebSearch
M3 - MFPP: Plugins - [Paulinho] -- C:\Users\Paulinho\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\WebSearch.xml
~ Firefox Browser: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com =>PUP.DoSearches
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://do-search.com =>PUP.DoSearches
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://do-search.com =>PUP.DoSearches
R3 - URLSearchHook: SFT_France Toolbar [64Bits] - {4d51f677-2a0b-43e2-b444-a2b384d24b91} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.4.1) -- C:\Program Files (x86)\SFT_France\prxtbSFT0.dll =>Toolbar.Conduit
R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (No version) -- (.not file.) =>Toolbar.Conduit
R3 - URLSearchHook: 01NET.com Toolbar [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.13.3.1) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
~ IE Browser: 26 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll =>Toolbar.Conduit
O2 - BHO: SFT_France [64Bits] - {4d51f677-2a0b-43e2-b444-a2b384d24b91} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\SFT_France\prxtbSFT0.dll =>Toolbar.Conduit
O2 - BHO: 01NET.com [64Bits] - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} Clé orpheline
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{BA14329E-9550-4989-B3F2-9732E92D17CC} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{8E5025C2-8EA3-430D-80B8-A14151068A6D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: ALZip.lnk . (.ESTsoft Corp. - ALZip.) -- C:\Program Files (x86)\ESTsoft\ALZip\ALZip.exe
O4 - GS\Desktop [Public]: ASUS Camera ScreenSaver.lnk . (.Macromedia, Inc. - Macromedia Flash Player 6.0 r21.) -- C:\Windows\ASUS Camera ScreenSaver.exe
O4 - GS\Desktop [Public]: ASUS Net4Switch.lnk . (.ASUS - A tool used to switch network environment.) -- C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - GS\Desktop [Public]: ControlDeck.lnk . (...) -- C:\Windows\Installer\{5B65EF64-1DFA-414A-8C94-7BB726158E21}\_06D3672EB8CDC4DA1C4E0C.exe
O4 - GS\Desktop [Public]: Game Park Console.lnk . (.Oberon Media Inc. - Asus GamePark Console.) -- C:\Program Files (x86)\ASUS\Game Park\GameConsole\GameParkConsole.exe
O4 - GS\Desktop [Public]: GoforFiles.lnk . (.http://goforfiles.com/ - GoforFiles Application.) -- C:\Program Files (x86)\GoforFiles\GoforFiles.exe =>P2P.GoforFiles
O4 - GS\Desktop [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\Desktop [Public]: LifeFrame.lnk . (.ASUS - LifeFrame3.) -- C:\Program Files (x86)\ASUS\ASUS LifeFrame3\LifeFrame.exe
O4 - GS\Desktop [Public]: SmartLogon Manager.lnk . (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\logonmgr.exe
O4 - GS\Desktop [Public]: Splendid Utility.Lnk . (...) -- C:\Program Files (x86)\ASUS\Splendid\Backbone.exe
O4 - GS\Program [Public]: HD VDeck.lnk . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - GS\QuickLaunch [Paulinho]: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch [Paulinho]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Paulinho]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Paulinho]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Paulinho]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Paulinho]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Paulinho]: Assistance Livebox.lnk . (.Orange - Assistance Livebox.) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - GS\Desktop [Paulinho]: D-Jix Media LE.lnk . (.D-Jix - D-Jix Media LE.) -- C:\Users\Paulinho\AppData\Roaming\D-Jix\D-Jix Media LE\D-Jix Media LE.exe
O4 - GS\Desktop [Paulinho]: KaraFun Player 2.lnk . (...) -- C:\Program Files (x86)\KaraFun Player 2\KaraFunPlayer.exe
O4 - GS\Desktop [Paulinho]: KaraFun Player.lnk . (.RECISIO - KaraFun Player - Karaoke Player.) -- C:\Program Files (x86)\KaraFun Player\KaraFunPlayer.exe
O4 - GS\Desktop [Paulinho]: KaraFun Studio.lnk . (.RECISIO - KaraFun Studio.) -- C:\Program Files (x86)\KaraFun Studio\KaraFunStudio.exe
O4 - GS\Desktop [Paulinho]: Navigateur Internet.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\Desktop [Paulinho]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 83 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: FancyStart daemon.lnk . (...) -- C:\Windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_C4A2FC3E3722966204FDD8.exe
O4 - GS\Startup [Public]: SRS Premium Sound.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe
O4 - HKLM\..\Run: [ETDWare] C:\Program Files (x86)\Elantech\ETDCtrl.exe (.not file.)
O4 - HKLM\..\Run: [ASUS WebStorage] . (...) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
O4 - HKLM\..\Run: [AmIcoSinglun64] . (.Alcor Micro Corp. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
O4 - HKLM\..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd (.not file.)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (.not file.)
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [orangeinside] . (...) -- C:\Users\Paulinho\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKCU\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\KiesKiesTrayAgent.exe (.not file.)
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [BackgroundContainer] . (.Conduit Ltd. - Background Container.) -- C:\Users\Paulinho\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll =>PUP.Babylon
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [UpdateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Wow6432Node\Run: [Boingo Wi-Fi] . (...) -- C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk
O4 - HKLM\..\Wow6432Node\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Wow6432Node\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.Pas de propriétaire - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Antivirus System Tray Tool (Desktop).) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [Startertv] Clé orpheline =>Adware.StarterTV
O4 - HKLM\..\Wow6432Node\Run: [tuto4pc_fr_42] Clé orpheline =>PUP.Eorezo
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [FrameFox Extensions] . (.Duuqu Group - FrameFox Extensions.) -- C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (.not file.)
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [orangeinside] . (...) -- C:\Users\Paulinho\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\KiesKiesTrayAgent.exe (.not file.)
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\Run: [BackgroundContainer] . (.Conduit Ltd. - Background Container.) -- C:\Users\Paulinho\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll =>PUP.Babylon
O4 - HKUS\S-1-5-21-795971725-3347369252-72252578-1001\..\RunOnce: [FlashPlayerUpdate] . (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe
~ Application: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2815A22B-3A2A-4660-9083-C9E10BCDF445}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{8A457193-DCB9-4280-9EBE-9FFAB34176C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2815A22B-3A2A-4660-9083-C9E10BCDF445}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8A457193-DCB9-4280-9EBE-9FFAB34176C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2815A22B-3A2A-4660-9083-C9E10BCDF445}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8A457193-DCB9-4280-9EBE-9FFAB34176C3}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Dedicarz Service (Dedicarz Service) . (.Pas de propriétaire - DedicarzService.) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
O23 - Service: Duuqu Update Service (dqupdate) (dqupdate) . (.Duuqu Group - Duuqu Installer.) - C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
~ Services: 14 Legitimates Filtered in 00mn 05s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job [888] =>PUP.Duuqu
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job [892] =>PUP.Duuqu
[MD5.00000000000000000000000000000000] [APT] [5013] (...) -- C:\Users\Paulinho\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineCore] (.Duuqu Group.) -- C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.136E913B1D3771B3535C3622C36B5E38] [APT] [DuuquUpdateTaskMachineUA] (.Duuqu Group.) -- C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe [98360] =>PUP.Duuqu
[MD5.00000000000000000000000000000000] [APT] [Express FilesUpdate] (...) -- C:\Program Files (x86)\ExpressFiles\EFUpdater.exe (.not file.) [0] =>Adware.ExpressFiles
[MD5.65F00E976FCF8C01D5C2B5295AEC41A6] [APT] [GoforFilesUpdate] (.http://www.goforfiles.com/.) -- C:\Program Files (x86)\GoforFiles\GFFUpdater.exe [364112] =>P2P.GoforFiles
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\Paulinho\AppData\Local\Temp\Runner.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{07B4D925-3B5B-412A-A11C-357D493AE02C}] (...) -- F:\Office 2007\Office 2007\SETUP.exe (.not file.) [0]
[MD5.06FB2F15B040E8A579F8410705DDF13C] [APT] [{63B39969-9CDF-42C8-9ADF-6E97D57C64AD}] (...) -- C:\Users\Paulinho\Desktop\CT3031774_SFT_France.exe [3283968]
[MD5.00000000000000000000000000000000] [APT] [{BCCCA9DC-4CD1-4AC3-BBBF-C8BC364D53BF}] (...) -- E:\install.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 04s



---\\ Logiciels installés (O42)
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {51C3AC18-4A93-454F-A7A4-02B18A208EEE} =>Adware.Browse2Save
O42 - Logiciel: Codec 8.3p - (...) [HKLM][64Bits] -- Codec_is1
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM][64Bits] -- conduitEngine =>Toolbar.Conduit
O42 - Logiciel: OptimizerPro - (.BetterSoft.) [HKLM][64Bits] -- OptimizerPro =>PUP.OptimizerPro
O42 - Logiciel: SFT_France Toolbar - (.SFT_France.) [HKLM][64Bits] -- SFT_France Toolbar
O42 - Logiciel: Search Assistant WebSearch 1.74 - (...) [HKLM][64Bits] -- SP_4e24eecb
O42 - Logiciel: Ss-Helper 1.74 - (...) [HKLM][64Bits] -- SP_289822ec =>Adware.SaveShare
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM][64Bits] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
~ Logic: 37 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKCU\Software\Duuqu] =>PUP.Duuqu
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles
[HKCU\Software\IM]
[HKCU\Software\IncrediMail]
[HKCU\Software\SFT_France]
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\eBook Maestro Books]
[HKCU\Software\f68fd0e26fe840] =>Hijacker.Eazel
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKCU\Software\应用程序向导生成的本地应用程序]
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\DnsBasic] =>PUP.Zwangi
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu
[HKLM\Software\Wow6432Node\ExpressFiles] =>Adware.ExpressFiles
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\SFT_France]
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
[HKLM\Software\Wow6432Node\StarterTV] =>Adware.StarterTV
[HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\ValueApps] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\f68fd0e26fe840] =>Hijacker.Eazel
[HKLM\Software\Wow6432Node\ilivid] =>Adware.Bandoo
~ Key Software: 380 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/05/2012 - 07:14:36 - [0,633] ----D C:\Program Files (x86)\1ClickDownload =>PUP.1ClickDownloader
O43 - CFD: 01/12/2013 - 17:21:42 - [0] ----D C:\Program Files (x86)\Browsebeyond =>PUP.Browsebeyond
O43 - CFD: 24/03/2013 - 13:57:05 - [1,473] ----D C:\Program Files (x86)\BrowseToSave =>Adware.Browse2Save
O43 - CFD: 15/04/2012 - 13:33:23 - [2,352] ----D C:\Program Files (x86)\Codec
O43 - CFD: 25/01/2012 - 16:43:51 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 25/01/2012 - 16:43:48 - [4,620] ----D C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 08/08/2012 - 07:13:20 - [0,068] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 03/05/2013 - 16:10:44 - [0] ----D C:\Program Files (x86)\DnsBasic =>PUP.Zwangi
O43 - CFD: 23/11/2013 - 16:59:16 - [2,156] ----D C:\Program Files (x86)\Duuqu =>PUP.Duuqu
O43 - CFD: 23/11/2013 - 17:00:29 - [0,390] ----D C:\Program Files (x86)\FrameFox
O43 - CFD: 10/12/2013 - 17:50:08 - [0] ----D C:\Program Files (x86)\GUMCAAF.tmp
O43 - CFD: 01/12/2013 - 17:18:50 - [10,255] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 24/11/2013 - 09:24:39 - [4,799] ----D C:\Program Files (x86)\SFT_France
O43 - CFD: 19/10/2013 - 14:16:26 - [0,498] ----D C:\Program Files (x86)\Ss-Helper =>Adware.SaveShare
O43 - CFD: 01/10/2013 - 14:44:03 - [0] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 25/06/2013 - 16:46:58 - [0,359] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 19/10/2013 - 14:16:26 - [0,474] ----D C:\Program Files (x86)\WebSearch
O43 - CFD: 07/08/2012 - 16:52:50 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 21/08/2013 - 12:36:59 - [0,131] ----D C:\ProgramData\Breowase22save =>Adware.Browse2Save
O43 - CFD: 21/08/2013 - 12:37:00 - [0] ----D C:\ProgramData\BrowserDefender =>Hijacker.Eazel
O43 - CFD: 01/12/2013 - 18:22:09 - [1,637] ----D C:\ProgramData\Conduit
O43 - CFD: 19/10/2013 - 14:16:26 - [0,003] ----D C:\ProgramData\DiowNlooad, keePer =>PUP.DownloadKeeper
O43 - CFD: 03/05/2013 - 16:10:44 - [0] ----D C:\ProgramData\DnsBasic =>PUP.Zwangi
O43 - CFD: 14/10/2013 - 16:34:11 - [6,355] ----D C:\ProgramData\InstallMate =>PUP.Tarma
O43 - CFD: 16/01/2011 - 22:25:41 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 03/08/2012 - 09:32:21 - [0,063] ----D C:\Users\Paulinho\AppData\Roaming\ExpressFiles =>Adware.ExpressFiles
O43 - CFD: 01/12/2013 - 14:16:04 - [2,980] ----D C:\Users\Paulinho\AppData\Local\Conduit
O43 - CFD: 15/04/2012 - 13:34:09 - [4,289] ----D C:\Users\Paulinho\AppData\Local\ConduitEngine =>Toolbar.Conduit
O43 - CFD: 23/11/2013 - 16:59:15 - [0] ----D C:\Users\Paulinho\AppData\Local\Duuqu =>PUP.Duuqu
O43 - CFD: 15/04/2012 - 12:55:30 - [0,014] ----D C:\Users\Paulinho\AppData\Local\Ilivid Player =>Adware.Bandoo
O43 - CFD: 25/06/2013 - 16:45:49 - [0,001] ----D C:\Users\Paulinho\AppData\Local\PutLockerDownloader =>Spyware.PutLocker
O43 - CFD: 14/10/2012 - 17:16:17 - [0] ----D C:\Users\Paulinho\AppData\Local\Savings Sidekick =>Adware.GamePlayLabs
O43 - CFD: 15/04/2012 - 13:34:07 - [4,286] ----D C:\Users\Paulinho\AppData\Local\SFT_France
O43 - CFD: 12/01/2014 - 10:55:22 - [0,063] ----D C:\Users\Paulinho\AppData\Local\ValueApps =>Toolbar.Conduit
O43 - CFD: 22/12/2012 - 21:58:10 - [0,002] ----D C:\Users\Paulinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV
~ 59 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 299 Legitimates Filtered in 00mn 23s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.04053450A44D732569E47B92FBCDAD94] - 12/01/2014 - 10:48:45 ---A- . (.Conduit - Pas de description.) -- C:\Windows\System32\ValueApps64.dll [445728] =>Toolbar.Conduit
~ Files: 21 Legitimates Filtered in 00mn 02s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{560e42fb-4413-11e1-928a-20cf3052e825}\AutoRun\command. (...) -- F:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.DEF365F0F6E017888C4B869D3BA4B8E0] - 30/07/2010 - 06:51:52 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [20552]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.E59037B5A671A67C579CBEF0439A5DD1] - 10/06/2010 - 07:57:53 ---A- . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Windows\System32\Drivers\ETD.sys [130048]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.E63EF8C3271D014F14E2469CE75FECB4] - 20/07/2009 - 10:29:39 ---A- . (.Pas de propriétaire - Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\kbfiltr.sys [15416]
O58 - SDL:[MD5.19D8F6FF8344C47872BA351D04A190DD] - 05/06/2009 - 11:15:55 ---A- . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\System32\Drivers\sncduvc.sys [42176]
O58 - SDL:[MD5.1D8474722CDFFBB8FCA5FA12C50A05A2] - 05/06/2009 - 11:15:55 ---A- . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\System32\Drivers\snp2uvc.sys [1806400]
O58 - SDL:[MD5.0B3F6C8F93C5C25977EA5A8B2E656357] - 04/06/2013 - 08:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [103448]
O58 - SDL:[MD5.EA8F41484CCC5BA6A1455C2AD3D1BE3C] - 04/06/2013 - 08:15:00 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys [203672]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 24/06/2010 - 14:00:14 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\System32\Drivers\TFsExDisk.sys [16392]
O58 - SDL:[MD5.C9E9D59C0099A9FF51697E9306A44240] - 13/12/2012 - 13:50:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys [54784]
O58 - SDL:[MD5.3BE1651C63954067940E7F473498AD70] - 30/07/2010 - 06:51:50 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18120]
O58 - SDL:[MD5.CE4B6956E4E12492715A53076E58761F] - 24/06/2010 - 14:00:14 ---A- . (.Teruten Inc - File System Mini Filter Drvier.) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys [16392]
~ Drivers: 16 Legitimates Filtered in 00mn 21s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 18/01/2014 - 15:59:36 ---A- . (...) -- C:\Users\Paulinho\AppData\Local\Google\Toolbar Cache\7.5.4601.54\fr\translate_languages.json.content [2033]
O61 - LFC: 18/01/2014 - 15:59:41 ---A- . (...) -- C:\Users\Paulinho\AppData\Roaming\fr.orange.assistancelivebox\Local Store\ALB.db [8192] =>.Orange Corporation
O61 - LFC: 18/01/2014 - 15:59:43 ---A- . (...) -- C:\Users\Paulinho\AppData\Roaming\ZHP\Log.txt [21184] =>.Nicolas Coolman
O61 - LFC: 18/01/2014 - 15:59:43 ---A- . (...) -- C:\Users\Paulinho\AppData\Roaming\ZHP\TestsZHPDiag.txt [2930] =>.Nicolas Coolman
~ 1 Fichiers temporaires (Temporary files)
~ Files: 579 Legitimates Filtered in 00mn 16s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 03/08/2007 - C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys (ghaio) .(...) - LEGACY_GHAIO
~ Legacy: 83 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} - (Conduit Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {32C4A5CB-DB5F-44D3-7B22-4787CA208DD7} - (Delta Search) - http://search.babylon.com =>PUP.Babylon
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKCU] {89D7FE76-7837-4069-A4A9-A345A76FE2F1} [DefaultScope] - (SearchExpress.B Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][24/12/2009] (...) -- C:\ProgramData\FullRemove.exe [131368]
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Paulinho\AppData\Local\Temp\nsj61D3.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Paulinho\AppData\Local\Temp\nsoAFF3.exe [167812] =>Toolbar.Conduit
[MD5.C67BCF6441E378371F0D6EEFB7EF0861] [SPRF][16/12/2013] (.Conduit - SP Usage Sender.) -- C:\Users\Paulinho\AppData\Local\Temp\nsqC1EC.exe [167812] =>Toolbar.Conduit
[MD5.14A2F17C1A15B40D074357A6EF2D23C9] [SPRF][25/01/2012] (.Pas de propriétaire - Codec 8.3p Setup.) -- C:\Users\Paulinho\Desktop\codec8.3.exe [4707594]
[MD5.06FB2F15B040E8A579F8410705DDF13C] [SPRF][25/01/2012] (...) -- C:\Users\Paulinho\Desktop\CT3031774_SFT_France.exe [3283968]
~ Files: 9 Legitimates Filtered in 00mn 00s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{8B9F2229-112F-41A9-B371-7B6B2A049861}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{02E04CCB-35B0-43B7-8CE5-1A952D529E0B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\expressdl.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{D9474F75-FD69-4E88-8E23-1014AE6C5EB3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{AEFBD249-D257-4CAC-9A95-75E61D9EE27F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\ExpressFiles\ExpressFiles.exe (.not file.) =>Adware.ExpressFiles
O87 - FAEL: "{BF7426BD-B2C0-49FC-84EA-AC80A5E8A5F5}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{7C84A1FB-BB7B-4F21-BE5E-D9C129E8706E}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{AE8A7BC3-F6A6-48C3-BD50-8EBE5618E6E2}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
O87 - FAEL: "{C8C1ADCC-CD7C-4DF4-A03A-5A7042523A51}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe
~ Firewall: 248 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "482AA67AD25E6E74E9F48BD5FBE8533C" . (.Iminent Toolbar For Internet Explorer.) -- C:\Documents and Settings\CATA\My Documents\My Received Files\icon.ico =>Adware.IMBooster
O90 - PUC: "FB6D58DD787439A4995AF3C00FEA8843" . (.Internet Explorer Toolbar 4.8 by SweetPacks.) -- C:\Windows\Installer\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 113 Legitimates Filtered in 00mn 00s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.759.138]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.759.138]:version="2.3.759.138" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.6.1123.78]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.6.1123.78]:version="2.6.1123.78" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.6.1125.80]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel
[HKCU\Software\f68fd0e26fe840] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\f68fd0e26fe840] => Clé orpheline
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.A25D73A4A45222261189F86AA392EAEB] [WIS][22/12/2012] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\17a15de.msi [1025536] =>Adware.IMBooster
~ WIS: 119 Legitimates Filtered in 00mn 14s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/12/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 15/12/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
SS - | Auto 23/11/2013 98360 | (dqupdate) . (.Duuqu Group.) - C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu
SS - | Demand 23/11/2013 98360 | (dqupdatem) . (.Duuqu Group.) - C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu
SS - | Auto 09/09/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 09/09/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 23/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 03/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 03/08/2007 125496 | (spmgr) . (...) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe

SR - | Auto 18/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 08/12/2009 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe
SR - | Auto 19/12/2013 440376 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/11/2013 440376 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SR - | Auto 30/07/2010 119632 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\Windows\system32\dgdersvc.exe
SR - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 16s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Paulinho at 18/01/2014 16:00:36
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Paulinho at 18/01/2014 16:00:38

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13024 - (17/01/2014)
Clés trouvées (Keys found) : 218
Valeurs trouvées (Values found) : 7
Dossiers trouvés (Folders found) : 40
Fichiers trouvés (Files found) : 31

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D51F677-2A0B-43E2-B444-A2B384D24B91}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5025C2-8EA3-430D-80B8-A14151068A6D}] =>Toolbar.Conduit^
[HKLM\SYSTEM\CurrentControlSet\Services\dqupdate) (dqupdate] =>PUP.Duuqu^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{51C3AC18-4A93-454F-A7A4-02B18A208EEE}] =>Adware.Browse2Save^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OptimizerPro] =>PUP.OptimizerPro^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_289822ec] =>Adware.SaveShare^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110011501160}] =>PUP.SpecialSavings
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4BD8E034-E0F4-4509-A753-467A8E854CD8}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A76AA284-E52D-47E6-9E4F-B85DBF8E35C3}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AC6240AE-33B6-40D3-8683-31BBE86049A0}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}] =>Toolbar.Conduit
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Classes\ilivid] =>
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo] =>Adware.GamePlayLabs
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Features\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Installer\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKCU\Software\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\conduitEngine] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\Cr_Installer] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\ilivid] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\ilivid] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Adware.SimilarSites
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4d51f677-2a0b-43e2-b444-a2b384d24b91}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4d51f677-2a0b-43e2-b444-a2b384d24b91}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4d51f677-2a0b-43e2-b444-a2b384d24b91}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SFT_France Toolbar] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}] =>PUP.ClaroSearch
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32] =>PUP.QuickShare
[HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS] =>PUP.QuickShare
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Savings Sidekick_RASAPI32] =>PUP.SavingsSidekick
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Savings Sidekick_RASMANCS] =>PUP.SavingsSidekick
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db] =>Adware.Browse2Save
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf] =>Hijacker.TornTV
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\StarterTV] =>Adware.StarterTV
[HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASAPI32] =>Adware.WebCake
[HKLM\Software\Wow6432Node\Microsoft\Tracing\WebCakeDesktop_RASMANCS] =>Adware.WebCake
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\SpeedUpMyPC] =>Rogue.SpeedUpMyPC
[HKLM\Software\Classes\protector_dll.protectorbho] =>PUP.BProtector
[HKLM\Software\Classes\protector_dll.protectorbho.1] =>PUP.BProtector
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB01620.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB01620.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2504091] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3031774] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT3281621] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB01620.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB01620.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2504091] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3031774] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3281621] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{4d51f677-2a0b-43e2-b444-a2b384d24b91} =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Startertv =>Adware.StarterTV^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
C:\Program Files (x86)\1ClickDownload =>PUP.1ClickDownloader^
C:\Program Files (x86)\Browsebeyond =>PUP.Browsebeyond^
C:\Program Files (x86)\BrowseToSave =>Adware.Browse2Save^
C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit^
C:\Program Files (x86)\DealPly =>PUP.DealPly^
C:\Program Files (x86)\DnsBasic =>PUP.Zwangi^
C:\Program Files (x86)\Duuqu =>PUP.Duuqu^
C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files (x86)\Ss-Helper =>Adware.SaveShare^
C:\Program Files (x86)\SweetIM =>PUP.SweetIM^
C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\Breowase22save =>Adware.Browse2Save^
C:\ProgramData\BrowserDefender =>Hijacker.Eazel^
C:\ProgramData\DiowNlooad, keePer =>PUP.DownloadKeeper^
C:\ProgramData\DnsBasic =>PUP.Zwangi^
C:\ProgramData\InstallMate =>PUP.Tarma^
C:\Users\Paulinho\AppData\Roaming\ExpressFiles =>Adware.ExpressFiles^
C:\Users\Paulinho\AppData\Local\ConduitEngine =>Toolbar.Conduit^
C:\Users\Paulinho\AppData\Local\Duuqu =>PUP.Duuqu^
C:\Users\Paulinho\AppData\Local\Ilivid Player =>Adware.Bandoo^
C:\Users\Paulinho\AppData\Local\PutLockerDownloader =>Spyware.PutLocker^
C:\Users\Paulinho\AppData\Local\Savings Sidekick =>Adware.GamePlayLabs^
C:\Users\Paulinho\AppData\Local\ValueApps =>Toolbar.Conduit^
C:\Users\Paulinho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\FrameFox =>Toolbar.DeltaSearch
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\WebSearch =>Hijacker.LookForiThere
C:\ProgramData\Conduit =>Toolbar.Conduit
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\Paulinho\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Paulinho\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Paulinho\AppData\LocalLow\Claro LTD =>PUP.ClaroSearch
C:\Users\Paulinho\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Paulinho\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit
C:\Users\Paulinho\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Paulinho\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\Paulinho\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\Paulinho\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbpkiefagocgkmemidfngdkamloieekf =>Hijacker.TornTV
C:\Users\Paulinho\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files (x86)\FrameFox\Extensions\InternetExplorer\framefox.exe =>PUP.Duuqu^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google^
C:\Windows\Tasks\DuuquUpdateTaskMachineCore.job =>PUP.Duuqu^
C:\Windows\Tasks\DuuquUpdateTaskMachineUA.job =>PUP.Duuqu^
C:\Program Files (x86)\Duuqu\Update\DuuquUpdate.exe =>PUP.Duuqu^
C:\Program Files (x86)\GoforFiles\GFFUpdater.exe =>P2P.GoforFiles^
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Duuqu] =>PUP.Duuqu^
[HKCU\Software\ExpressFiles] =>Adware.ExpressFiles^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive^
[HKLM\Software\DomaIQ] =>Adware.DomaIQ^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\DnsBasic] =>PUP.Zwangi^
[HKLM\Software\Wow6432Node\Duuqu] =>PUP.Duuqu^
[HKLM\Software\Wow6432Node\ExpressFiles] =>Adware.ExpressFiles^
[HKLM\Software\Wow6432Node\Supreme Savings] =>PUP.RewardsArcade^
[HKLM\Software\Wow6432Node\ValueApps] =>Toolbar.Conduit^
C:\Users\Paulinho\AppData\Local\Temp\nsj61D3.exe =>Toolbar.Conduit^
C:\Users\Paulinho\AppData\Local\Temp\nsoAFF3.exe =>Toolbar.Conduit^
C:\Users\Paulinho\AppData\Local\Temp\nsqC1EC.exe =>Toolbar.Conduit^
[HKCU\Software\f68fd0e26fe840\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\f68fd0e26fe840] =>PUP.Babylon^^
C:\Windows\Installer\17a15de.msi =>Adware.IMBooster^
~ Additionnel Scan: 299413 Items scanned in 00mn 28s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/37752731-pup-duuqu =>PUP.Duuqu
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/33477786-pup-dosearches =>PUP.DoSearches
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/29259213-adware-startertv =>Adware.StarterTV
~ http://nicolascoolman.webs.com/apps/blog/show/27469224-pup-eorezo =>PUP.EoRezo
~ http://nicolascoolman.webs.com/apps/blog/show/26753274-adware-expressfiles =>Adware.ExpressFiles
~ http://nicolascoolman.webs.com/apps/blog/show/26627530-adware-browse2save =>Adware.Browse2Save
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/31929570-adware-saveshare =>Adware.SaveShare
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/30393137-adware-domaiq =>Adware.DomaIQ
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/28363807-pup-zwangi =>PUP.Zwangi
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/28486577-pup-mocaflix =>PUP.MocaFlix
~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/34724898-pup-browsebeyond =>PUP.Browsebeyond
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/33571597-pup-downloadkeepeor =>PUP.DownloadKeeper
~ http://nicolascoolman.webs.com/apps/blog/show/29580507-spyware-putlocker =>Spyware.PutLocker
~ http://nicolascoolman.webs.com/apps/blog/show/26820943-adware-gameplaylabs =>Adware.GamePlayLabs
~ http://nicolascoolman.webs.com/apps/blog/show/27660150-hijacker-torntv =>Hijacker.TornTV
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/27480243-adware-socialskinz =>Adware.SocialSkinz
~ http://nicolascoolman.webs.com/apps/blog/show/26686441-pup-specialsavings =>PUP.SpecialSavings
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare
~ http://nicolascoolman.webs.com/apps/blog/show/26632189-adware-magnipic =>Adware.MagniPic
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/27285539-adware-webcake =>Adware.WebCake
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/33047509-rogue-speedupmypc =>Rogue.SpeedUpMyPC
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29285781-hijacker-lookforithere =>Hijacker.LookForiThere
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ MSI: 55 link(s) detected in 00mn 28s



~ 1931 Legitimates filtered by white list
End of the scan (1025 lines in 03mn 07s)(0)

Publicité


Signaler le contenu de ce document

Publicité