cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Rapport de ZHPDiag v2014.1.25.26 - Nicolas Coolman (25/01/2014)
~ Lancé par HP (06/02/2014 12:05:41)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16476
GCIE: Google Chrome v32.0.1700.76 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Professional, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 6P6GT
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2013
Windows Defender W7

---\\ Logiciels d'optimisation du système

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 12 ActiveX
Adobe Reader XI
Java 7 Update 21

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1911 MB (37% free)
System Restore: Activé (Enable)
System drive C: has 225 GB (77%) free of 292 GB

---\\ Mode de connexion au système
~ Computer Name: HP-HP
~ User Name: HP
~ All Users Names: Invité 2, HP, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\HP\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\HP\AppData\Roaming\
~ %Desktop% : C:\Users\HP\Desktop\
~ %Favorites% : C:\Users\HP\Favorites\
~ %LocalAppData% : C:\Users\HP\AppData\Local\
~ %StartMenu% : C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 225 Go of 292 Go)
D: Hard drive, Flash drive, Thumb drive (Free 1 Go of 4 Go)
E: CD-ROM drive (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Not Inserted)
I: Floppy drive, Flash card reader, USB Key (Not Inserted)
J: Floppy drive, Flash card reader, USB Key (Not Inserted)
K: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyGames: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: Modified
~ Security Center: 38 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.927FA6456AD6D7630F6854828D2FD16B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.26/11/2013 - 07:33:33.) -- C:\Windows\System32\wininet.dll [1820160]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 01:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 14:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/75
~ Mes musiques (My Musics) : 1/6
~ Mes Favoris (My Favorites) : 1/4
~ Mes Documents (My Documents) : 1/127
~ Mon Bureau (My Desktop) : 1/17
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 00s



---\\ Processus lancés
[MD5.30EC26D3FAF01CAB6B9C8BD9B606550F] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [628488] [PID.2948]
[MD5.E7FF908CAC792A6DB16F2D4BB775FC95] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920] [PID.3096]
[MD5.709D5D20E51073B63F90D0CE645DBB3F] - (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\coreshredder.exe [11265536] [PID.3216]
[MD5.831FB892A5A5F28BB69DE0AB77FA7281] - (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe [63712] [PID.3224]
[MD5.48B9248CED8A5DE4EB0917CB676CB8D5] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032] [PID.3280]
[MD5.157B5DF2CBCE17A0CEECB0FF4297700E] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [142616] [PID.3320]
[MD5.9A30BDDE96721FE6D6B2BA0593F69C81] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [177432] [PID.3368]
[MD5.FEC63BCD1A1DDE7A990223D0F12655D7] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [177944] [PID.3376]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816] [PID.3520]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3767096] [PID.3612]
[MD5.361DD893A616DD6F5D344ACB22BF1D0F] - (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe [676520] [PID.3656]
[MD5.757690C246C0973493046E52003AE7F4] - (.Pas de propriétaire - Printer Card Transfer Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxduMsdMon.exe [25256] [PID.3764]
[MD5.20F63D80BB2AF096F7D2893A1A2A3A31] - (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe [486264] [PID.3816] =>PUP.CrossRider
[MD5.A40824624D8667FE31333B0CEB936169] - (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760] [PID.3936]
[MD5.564CB6EACE4064BB4C7815435D035D6A] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1093976] [PID.3980]
[MD5.58920E6A409046BA06548D9D139CE0F0] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20584608] [PID.4040]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.4048]
[MD5.0F6D06A88A88007AAEE5F0EE1ECE42E4] - (...) -- C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe [70880] [PID.4060]
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\IEHelper\IeHelper.exe [429944] [PID.1780] =>PUP.SearchDonkey
[MD5.9E195DD48C0341CEB109B5DC567854E1] - (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files\Desk 365\desk365.exe [1013808] [PID.5268] =>Hijacker.22Find
[MD5.BCC64135BC7C594B502D7A6A31447041] - (.Crawler.com - PC Fix Speed Tray.) -- C:\Program Files\PCFixSpeed\PCFixTray.exe [382040] [PID.4136] =>PUP.PCFixSpeed
[MD5.2E2636F6A38EE6CDD925488D9B80F177] - (.Crawler, LLC - 24x7Help.) -- C:\Program Files\24x7Help\App24x7Help.exe [1773648] [PID.5900] =>PUP.24x7Help
[MD5.1E05D8C8D8E29F4F4A3F5A94081A311D] - (.PCRx.com, LLC - 24x7Help Hook Application.) -- C:\Program Files\24x7Help\App24x7Hook.exe [43600] [PID.10028] =>PUP.24x7Help
[MD5.B6E1438F6E2299715AD2308D6477C493] - (.Crawler.com - PC Fix Speed.) -- C:\Program Files\PCFixSpeed\PCFixSpeed.exe [3051096] [PID.8080] =>PUP.PCFixSpeed
[MD5.B2444CF5278D46C8F68EC77D693DDF2C] - (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files\Browsersafeguard\BrowserSafeguard.exe [417792] [PID.7152] =>PUP.BrowserSafeguard
[MD5.0A9598D2DB9656458365E552E35979ED] - (.Fusion Install - Fusion Install.) -- C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MEYY9WL9\Setup.exe [1708840] [PID.5664]
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe [429944] [PID.2360] =>PUP.SearchDonkey
[MD5.728FE96ECB3A7D3F41B4FD67BD976A1E] - (.WatchDog - Pas de description.) -- C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe [429944] [PID.4160] =>PUP.SearchDonkey
[MD5.C8A8321292A459B0A17FB39A782A5C74] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [806096] [PID.6740]
[MD5.8A2D7310E8D9D52F3E1DCE5DB1F29435] - (.Systweak Inc - RegClean Pro.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [7911256] [PID.11880] =>Rogue.RegistryPowerCleaner
[MD5.15B7A2701A22CE639728778B86D14BE9] - (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe [2919976] [PID.10260] =>PUP.MyPCBackup
[MD5.C611C6ED5ECFE4608BA79472DFE3D49C] - (.Microsoft Corporation - Microsoft Spell Checking Facility.) -- C:\Windows\System32\MsSpellCheckingFacility.exe [646144] [PID.12216]
[MD5.CA25CAEEBDBE25D85565877219F684F8] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8339968] [PID.4860]
[MD5.C9D858E20AE696E7A0D9A05B595F850A] - (.Hewlett-Packard - HPFSService Application.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe [297984] [PID.836]
[MD5.E27B4A34CAA5DA0E872477F4F71C50E2] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192] [PID.872]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [50344] [PID.1500]
[MD5.5544D66F9A0CFF5429F7A750929407E9] - (.DigitalPersona, Inc. - DigitalPersona Local Host.) -- C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [300808] [PID.1716]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.1980]
[MD5.E99CF7AD8704278B7C8A8FB84BE4B3B6] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200] [PID.2024]
[MD5.2666CFC4A063D75FE3D87BC334D7ECF5] - (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) -- C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [36864] [PID.2000]
[MD5.12386962A77AF92C22D6B0D2357658C5] - (.Parallel Lines Development, LLC - Internet Updater Service.) -- C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568] [PID.1212] =>Adware.IncrediBar
[MD5.17A9C5FFA241AAAB275EE5CACEF77686] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.1840]
[MD5.4A0B6533F035D74729942EE1D19C35C5] - (.Lexmark International, Inc. - Lexmark Connect Service Executable.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\lxduserv.exe [94208] [PID.2060]
[MD5.6B77B0B001F36AC65BBCD9CA570EA915] - (.Pas de propriétaire - Printer Communication System.) -- C:\Windows\system32\lxducoms.exe [589824] [PID.2148]
[MD5.56877067D82084DF27E4CC4C79307F82] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files\PDF Complete\pdfsvc.exe [635416] [PID.2224]
[MD5.63694C307273062A2167AE4CE80730EF] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe [398176] [PID.2276]
[MD5.D2946D9F020AE76E9CEF9B4A6DF838C0] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [1129760] [PID.4284]
[MD5.7953D636309B7F505C70667A7A2437CF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.5332]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.9228]
[MD5.2A8B93A01621E100A578E83C768AFA2C] - (.Hewlett-Packard Company - HP Support Assistant Service.) -- C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160] [PID.9448]
[MD5.358A9CCA612C68EB2F07DDAD4CE1D8D7] - (.Microsoft Corporation - Microsoft Office Software Protection Platfo.) -- C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.exe [4640000] [PID.7104]
[MD5.39531D54F2AFA4473BB4A97F64E99271] - (.Cherished Technololgy LIMITED - WPM Service.) -- C:\ProgramData\WPM\wprotectmanager.exe [493568] [PID.8628] =>PUP.WpManager
[MD5.D1EBE337782B1F32A52C0C80A98FC08B] - (.Cherished Technololgy LIMITED - IePlugin Service.) -- C:\ProgramData\IePluginService\PluginService.exe [508016] [PID.4556] =>Trojan.SProtector
[MD5.25FDF58009C2C666FE0A5BB7AA319447] - (.337 Technology Limited. - dsk service.) -- C:\Program Files\Desk 365\deskSvc.exe [425008] [PID.9832] =>Hijacker.22Find
[MD5.911986EA193B2FCA2D0F24D642ED68F8] - (.PCRx.com, LLC - 24x7Help Service.) -- C:\Program Files\24x7Help\App24x7Svc.exe [342608] [PID.748] =>PUP.24x7Help
[MD5.B24BB300895F0D1A9531FD6DF7818DB6] - (...) -- C:\Program Files\EnhanceTronic\updateEnhanceTronic.exe [80168] [PID.5788]
[MD5.B24BB300895F0D1A9531FD6DF7818DB6] - (...) -- C:\Program Files\EnhanceTronic\bin\utilEnhanceTronic.exe [80168] [PID.6360]
[MD5.CF87A1DE791347E75B98885214CED2B8] - (.Microsoft Corporation - Service de la plateforme de protection logi.) -- C:\Windows\system32\sppsvc.exe [3179520] [PID.7104]
~ Processes Running: Scanned in 00mn 05s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://start.mysearchdial.com =>Adware.MyWebSearch
G0 - GCSP: Preference [User Data\Default] http://www.awesomehp.com =>PUP.Awesomehp
G2 - GCE: Preference [User Data\Default] [cgbealecnakbhfoeeipcnoboempfkbjd] flash-Enhancer v.2.1 (Désactivé) =>Adware.FlashEnhancer
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
~ Google Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@unisys.com/npornap] - (...) -- (.not file.)
P2 - FPN: [HKCU] [@lightspark.github.com/Lightspark;version=1] - (...) -- C:\Program Files\Lightspark 0.5.3-git\nplightsparkplugin.dll (.not file.)
~ Firefox Browser: 30 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com =>Adware.MyWebSearch
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://start.mysearchdial.com =>Adware.MyWebSearch
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (...) (No version) -- (.not file.)
~ IE Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:54685;https=127.0.0.1:54685 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: PriceGong - {1631550F-191D-4826-B069-D9439253D926} . (.PriceGong - PriceGong - Price Comparison.) -- C:\Program Files\PriceGong\2.6.11\PriceGongIE.dll =>Adware.PriceGong
O2 - BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} . (.Thinknice Co. Limited - SupTab setup package.) -- C:\Program Files\SupTab\SupTab.dll
O2 - BHO: flashEnhancer - {5A60B6BB-FA81-4EFA-AB9C-A820E2143736} . (...) -- C:\Program Files\AmiExt\flashEnhancer\ie\flashEnhancer.dll =>Adware.FlashEnhancer
O2 - BHO: Free Games 111 - {C45EC9F0-8333-465D-9728-074BD41985C9} . (.BestOffers - ScriptHost.) -- C:\Program Files\Free Games 111\ScriptHost.dll
O2 - BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} . (.MySearchDial - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll =>Adware.MyWebSearch
O2 - BHO: EnhanceTronic - {f530d5e8-9d18-4cba-b7cc-95944f9ebe3d} . (.EnhanceTronic - EnhanceTronic.) -- C:\Program Files\EnhanceTronic\EnhanceTronicbho.dll
~ BHO: 26 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar: avast! Online Security - [HKLM]{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} . (.AVAST Software - IE Webrep plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: mysearchdial Toolbar - [HKLM]{3004627E-F8E9-4E8B-909D-316753CBA923} . (.MySearchDial - Pas de description.) -- C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll =>Adware.MyWebSearch
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{1017A80C-6F09-4548-A84D-EDD6AC9525F0} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: 24x7 Help.lnk . (.Crawler, LLC - 24x7Help.) -- C:\Program Files\24x7Help\App24x7Help.exe =>PUP.24x7Help
O4 - GS\Desktop [Public]: Garmin Express.lnk . (.Garmin - Express.) -- C:\Program Files\Garmin\Express\Express.exe =>.Garmin Corporation
O4 - GS\Desktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Desktop [Public]: Lexmark Productivity Studio - 5600-6600 Series.LNK . (...) -- C:\Program Files\Lexmark 5600-6600 Series\app4r.exe
O4 - GS\Desktop [Public]: Optimisez votre PC.lnk . (.Crawler.com - PC Fix Speed.) -- C:\Program Files\PCFixSpeed\PCFixSpeed.exe =>PUP.PCFixSpeed
O4 - GS\Desktop [Public]: PMB Launcher.lnk . (.Sony Corporation - PMB Launcher.) -- C:\Program Files\Sony\PMB\PMBLauncher.exe
O4 - GS\Program [Public]: Install Embedded Security for HP ProtectTools.lnk . (.Hewlett-Packard Company - Quick Shortcut Creator.) -- C:\SWSetup\ProtectTools\Embedded\QuickLnk.exe
O4 - GS\QuickLaunch [Invité 2]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Invité 2]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Invité 2]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Invité 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Invité 2]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [Invité 2]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [HP]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\QuickLaunch [HP]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\TaskBar [HP]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Program [HP]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\SystemTools [HP]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\SendTo [HP]: Desk 365.lnk . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files\Desk 365\desk365.exe =>Hijacker.22Find
O4 - GS\Desktop [HP]: Images.lnk . (...) -- C:\Users\HP\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [HP]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
O4 - GS\Desktop [HP]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [HP]: Nettoyez votre registre gratuitement!.lnk - Clé orpheline
O4 - GS\Desktop [HP]: RocketPDF.lnk . (.Krzysztof Kowalczyk - RocketPDF.) -- C:\Program Files\RocketPDF\RocketPDF.exe
O4 - GS\Desktop [HP]: SAUVEGARDE - Raccourci.lnk . (...) -- C:\SAUVEGARDE
O4 - GS\Desktop [HP]: Sync Folder.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - GS\Desktop [HP]: Update Service.lnk . (...) -- C:\Program Files\Sony Ericsson\Update Service\Update Service.exe
~ Global Startup: 96 Legitimates Filtered in 00mn 03s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [HP]: MyPC Backup.lnk . (.MyPCBackup.com - MyPC Backup.) -- C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [IMSS] . (.Pas de propriétaire - PIconStartup application.) -- C:\Program Files\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
O4 - HKLM\..\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files\PDF Complete\pdfsty.exe =>.PDF Complete Inc
O4 - HKLM\..\Run: [File Sanitizer] . (.Hewlett-Packard - File Sanitizer for HP ProtectTools.) -- C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] . (.Adobe Systems Incorporated - Adobe Photoshop Album Starter Edition 3.2 c.) -- C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
O4 - HKLM\..\Run: [lxdumon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files\Lexmark 5600-6600 Series\lxdumon.exe
O4 - HKLM\..\Run: [lxduamon] . (...) -- C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\Updater.exe =>PUP.CrossRider
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie
O4 - HKLM\..\Run: [PCFixSpeed] . (.Crawler.com - PC Fix Speed Tray.) -- C:\Program Files\PCFixSpeed\PCFixTray.exe =>PUP.PCFixSpeed
O4 - HKLM\..\Run: [24x7HELP] . (.Crawler, LLC - 24x7Help.) -- C:\Program Files\24x7Help\App24x7Help.exe =>PUP.24x7Help
O4 - HKLM\..\Run: [BrowserSafeguard] . (.BrowserSafeguard - BrowserSafeguard.) -- C:\Program Files\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard
O4 - HKCU\..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HP\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKCU\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe =>PUP.CrossRider
O4 - HKCU\..\Run: [Desk 365] . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files\Desk 365\desk365.exe =>Hijacker.22Find
O4 - HKCU\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe =>PUP.OptimizerPro
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (.not file.)
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\HP\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Updater] . (.Updater - Updater service.) -- C:\ProgramData\Updater\updater.exe =>PUP.CrossRider
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Desk 365] . (.337 Technology Limited. - Desk 365 application.) -- C:\Program Files\Desk 365\desk365.exe =>Hijacker.22Find
O4 - HKUS\S-1-5-21-3948013663-480411758-2959562095-1001\..\Run: [Optimizer Pro] . (.PC Utilities Software Limited - Optimizer Pro Launcher.) -- C:\Program Files\Optimizer Pro\OptProLauncher.exe =>PUP.OptimizerPro
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} ((no name)) - http://kitchenplanner.ikea.com/FR/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B1F5334E-3095-4D0D-BFFE-33BEE0E6828D}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: DeviceNP . (.Hewlett-Packard Limited - Pas de description.) -- C:\Windows\System32\DeviceNP.dll
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files\Optimizer Pro\OptProCrash.dll =>PUP.OptimizerPro
~ AppInit DLL: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: 24x7HelpService (24x7HelpSvc) . (.PCRx.com, LLC - 24x7Help Service.) - C:\Program Files\24x7Help\App24x7Svc.exe =>PUP.24x7Help
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) . (.Just Develop It - Backup Stack.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) . (...) - C:\Program Files\optimi~1\OptProCrashSvc.dll =>PUP.OptimizerPro
O23 - Service: Desk 365 service (desksvc) . (.337 Technology Limited. - dsk service.) - C:\Program Files\Desk 365\deskSvc.exe =>Hijacker.22Find
O23 - Service: IePlugin Service (IePluginService) . (.Cherished Technololgy LIMITED - IePlugin Service.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
O23 - Service: Internet Updater (InternetUpdater) . (.Parallel Lines Development, LLC - Internet Updater Service.) - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe =>Adware.IncrediBar
O23 - Service: Update EnhanceTronic (Update EnhanceTronic) . (...) - C:\Program Files\EnhanceTronic\updateEnhanceTronic.exe
O23 - Service: Util EnhanceTronic (Util EnhanceTronic) . (...) - C:\Program Files\EnhanceTronic\bin\utilEnhanceTronic.exe
O23 - Service: WajamUpdaterV3 (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe (.not file.) =>PUP.Wajam
O23 - Service: Wpm Service (Wpm) . (.Cherished Technololgy LIMITED - WPM Service.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
~ Services: 25 Legitimates Filtered in 00mn 08s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job [258] =>Rogue.RegistryPowerCleaner
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job [266] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [4333] (...) -- C:\Users\HP\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.0564F0BB06A0BFCAE0866E1395EDDA0C] [APT] [Advanced System Protector] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\SystweakASP.exe [591248] =>PUP.AdvancedSystemProtector
[MD5.D8D54C3F682274021C0F36BB31F747E6] [APT] [Advanced System Protector_startup] (.Systweak.) -- C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe [6598000] =>PUP.AdvancedSystemProtector
[MD5.EF40F743FF174B16F1DD809517D6D75E] [APT] [BrowserSafeguard Update Task] (...) -- C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe [3350016] =>PUP.BrowserSafeguard
[MD5.9E195DD48C0341CEB109B5DC567854E1] [APT] [Desk 365 RunAsStdUser] (.337 Technology Limited..) -- C:\Program Files\Desk 365\desk365.exe [1013808] =>Hijacker.22Find
[MD5.19A274DC242BA5C7228D398AFCA66EBA] [APT] [Installation App Launcher] (...) -- C:\Program Files\Lexmark 5600-6600 Series\lxduamon.exe [16040]
[MD5.8A2D7310E8D9D52F3E1DCE5DB1F29435] [APT] [RegClean Pro] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [7911256] =>Rogue.RegistryPowerCleaner
[MD5.8A2D7310E8D9D52F3E1DCE5DB1F29435] [APT] [RegClean Pro_DEFAULT] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [7911256] =>Rogue.RegistryPowerCleaner
[MD5.8A2D7310E8D9D52F3E1DCE5DB1F29435] [APT] [RegClean Pro_UPDATES] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [7911256] =>Rogue.RegistryPowerCleaner
[MD5.00000000000000000000000000000000] [APT] [{354B9C98-0CAC-420E-8EF8-616A4CD3E4CD}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AEAC1722-24F1-4C36-AB06-16296B76709E}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BA84ADF2-4E41-4D9A-B0A8-115ED390D54C}] (...) -- E:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E1E41C8A-02D0-48E5-83D0-FBAC89270881}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EB10C0FB-6203-4453-B2BD-D345E46A1A9F}] (...) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
~ Scheduled Task: 30 Legitimates Filtered in 00mn 05s



---\\ Logiciels installés (O42)
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1 =>PUP.AdvancedSystemProtector
O42 - Logiciel: BrowserSafeguard with RocketTab - (.Browsersafeguard.) [HKLM] -- Browsersafeguard =>PUP.BrowserSafeguard
O42 - Logiciel: Desk 365 - (.337 Technology Limited..) [HKLM] -- Desk 365 =>Hijacker.22Find
O42 - Logiciel: Extended Update - (...) [HKCU] -- UpdaterEX =>PUP.Dealply
O42 - Logiciel: Free Games 111 - (.BestOffers.) [HKLM] -- Free Games 111
O42 - Logiciel: IePluginService12.27.0.3326 - (.Cherished Technololgy LIMITED.) [HKLM] -- IePlugins =>Trojan.SProtector
O42 - Logiciel: Internet Updater - (.Parallel Lines Development, LLC.) [HKLM] -- InternetUpdater
O42 - Logiciel: MyPC Backup - (.JDi Backup Ltd.) [HKLM] -- MyPC Backup =>PUP.MyPCBackup
O42 - Logiciel: Mysearchdial - (.Mysearchdial.) [HKLM] -- mysearchdial =>Adware.MyWebSearch
O42 - Logiciel: PriceGong 2.6.11 - (.PriceGong.) [HKLM] -- PriceGong =>Adware.PriceGong
O42 - Logiciel: RegClean Pro - (.Systweak Inc.) [HKLM] -- RegClean Pro_is1 =>Rogue.RegistryPowerCleaner
O42 - Logiciel: SupTab - (...) [HKLM] -- SupTab
O42 - Logiciel: ValueApps - (.Conduit.) [HKCU] -- ValueApps =>Toolbar.Conduit
O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM] -- WPM =>PUP.WpManager
O42 - Logiciel: flash-Enhancer - (.flash-Enhancer.com.) [HKLM] -- flash-Enhancer =>Adware.FlashEnhancer
~ Logic: 31 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\24x7HELP] =>PUP.24x7Help
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKLM\Software\24x7HELP] =>PUP.24x7Help
[HKLM\Software\AmiExt] =>Adware.FlashEnhancer
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\V9]
[HKLM\Software\Wpm] =>PUP.WpManager
[HKLM\Software\deskSvc]
[HKLM\Software\mamverifier]
[HKLM\Software\supTab]
[HKLM\Software\supWPM] =>PUP.WpManager
~ Key Software: 267 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 06/02/2014 - 10:20:39 - [3,766] ----D C:\Program Files\24x7Help =>PUP.24x7Help
O43 - CFD: 06/02/2014 - 11:25:52 - [19,564] ----D C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector
O43 - CFD: 18/01/2014 - 16:48:02 - [0,922] ----D C:\Program Files\AmiExt =>Adware.FlashEnhancer
O43 - CFD: 06/02/2014 - 10:21:34 - [4,823] ----D C:\Program Files\Browsersafeguard =>PUP.BrowserSafeguard
O43 - CFD: 06/02/2014 - 10:20:27 - [10,575] ----D C:\Program Files\Desk 365 =>Hijacker.22Find
O43 - CFD: 24/01/2014 - 14:23:20 - [2,358] ----D C:\Program Files\Free Games 111
O43 - CFD: 06/02/2014 - 11:25:41 - [27,367] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 06/02/2014 - 11:24:54 - [2,975] ----D C:\Program Files\Mysearchdial =>Adware.MyWebSearch
O43 - CFD: 06/02/2014 - 10:21:17 - [0,483] ----D C:\Program Files\PriceGong =>Adware.PriceGong
O43 - CFD: 06/02/2014 - 11:25:09 - [14,369] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
O43 - CFD: 06/02/2014 - 10:20:24 - [2,315] ----D C:\Program Files\SupTab
O43 - CFD: 06/02/2014 - 10:20:41 - [33,331] ----D C:\Program Files\Common Files\337
O43 - CFD: 24/07/2010 - 14:53:39 - [0] ----D C:\ProgramData\5600-6600 Series
O43 - CFD: 06/02/2014 - 10:20:25 - [0,484] ----D C:\ProgramData\IePluginService =>Trojan.SProtector
O43 - CFD: 18/01/2014 - 16:57:40 - [1,432] ----D C:\ProgramData\InternetUpdater
O43 - CFD: 18/01/2014 - 16:46:59 - [1,230] ----D C:\ProgramData\RHelpers =>PUP.SearchDonkey
O43 - CFD: 18/01/2014 - 16:46:59 - [1,689] ----D C:\ProgramData\Updater =>PUP.CrossRider
O43 - CFD: 06/02/2014 - 10:20:06 - [0,471] ----D C:\ProgramData\WPM =>PUP.WpManager
O43 - CFD: 25/01/2014 - 11:04:11 - [43,420] ----D C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
O43 - CFD: 05/02/2014 - 11:49:27 - [1,063] ----D C:\Users\HP\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z
O43 - CFD: 06/02/2014 - 11:24:54 - [1,063] ----D C:\Users\HP\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
O43 - CFD: 05/02/2014 - 11:49:27 - [0] ----D C:\Users\HP\AppData\Roaming\5600-6600 Series
O43 - CFD: 06/02/2014 - 10:20:32 - [17,114] ----D C:\Users\HP\AppData\Roaming\Desk 365 =>Hijacker.22Find
O43 - CFD: 06/02/2014 - 11:24:54 - [0,073] ----D C:\Users\HP\AppData\Roaming\mysearchdial =>Adware.MyWebSearch
O43 - CFD: 06/02/2014 - 10:11:47 - [1,228] ----D C:\Users\HP\AppData\Roaming\newnext.me =>PUP.NextLive
O43 - CFD: 05/02/2014 - 11:48:40 - [1,224] ----D C:\Users\HP\AppData\Local\genienext
O43 - CFD: 06/02/2014 - 10:21:10 - [0,002] ----D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 05/02/2014 - 11:49:28 - [0,002] ----D C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop =>Adware.Lollipop
~ 1 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 177 Legitimates Filtered in 00mn 38s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.36B111B88AFAEFC87338330EE3D3F2B5] - 06/02/2014 - 11:25:10 ---A- . (.Systweak Inc., (www.systweak.com) - Regclean Pro.) -- C:\Windows\System32\roboot.exe [18776] =>Rogue.RegistryPowerCleaner
O44 - LFC:[MD5.0065E911F966A71A115D9A52FF3DFC99] - 06/02/2014 - 11:25:47 ---A- . (...) -- C:\Windows\System32\sasnative32.exe [17136]
~ Files: 17 Legitimates Filtered in 00mn 34s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{077b617d-37f7-11e2-8c43-d8d385771dd5}\AutoRun\command. (...) -- L:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.F385467DF95D0A73775CB3B076B8B969] - 16/10/2013 - 09:59:34 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [49944]
O58 - SDL:[MD5.1B0662514A68C3A42E60D240C5ABEF28] - 05/02/2014 - 17:44:19 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [180248]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\SafeBoot.sys [110520]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 16 Legitimates Filtered in 00mn 02s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.awesomehp.com =>PUP.Awesomehp
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {030B0BC1-5EAE-AAF0-A3BB-313580EF280E} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {2F4B60C8-B8BD-49F4-A3E1-9D89D3F3466C} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {31FE45A0-35B7-4BF0-802C-149A1259990F} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {33BB0A4E-99AF-4226-BDF6-49120163DE86} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {77AA745B-F4F8-45DA-9B14-61D2D95054C8} - (awesomehp) - http://www.awesomehp.com =>PUP.Awesomehp
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.B977E943D006E6C5A75DB326A023559B] [SPRF][11/11/2013] (.Setup © - Setup.) -- C:\Users\HP\AppData\Local\Temp\16933uninstall.exe [618496]
[MD5.B977E943D006E6C5A75DB326A023559B] [SPRF][11/11/2013] (.Setup © - Setup.) -- C:\Users\HP\AppData\Local\Temp\7375uninstall.exe [618496]
[MD5.630BA4C1855F0019C5C2FF40536240EB] [SPRF][06/02/2014] (...) -- C:\Users\HP\AppData\Local\Temp\810.6993664400102_Update.exe [94208]
[MD5.047B5AF68447F3BA140DE1AAAC4E8A51] [SPRF][06/02/2014] (...) -- C:\Users\HP\AppData\Local\Temp\BackupSetup.exe [10363208]
[MD5.FEAA167CAD403F11684733CACF58CDA4] [SPRF][17/07/2013] (.Conduit - Pas de description.) -- C:\Users\HP\AppData\Local\Temp\dlLogic.exe [78000] =>Toolbar.Conduit
[MD5.2CF83743C571F7C1269F6E76275D8FE6] [SPRF][19/12/2013] (...) -- C:\Users\HP\AppData\Local\Temp\EnableExtDll.dll [94208]
[MD5.171F1BB73D0238A7A56126D3459ECDCD] [SPRF][15/10/2008] (...) -- C:\Users\HP\AppData\Local\Temp\Extract.exe [50432]
[MD5.F781CDB8F5346F8B15A4CADC257B4EFA] [SPRF][18/01/2014] (.Amônétízé Ltd - Installer.) -- C:\Users\HP\AppData\Local\Temp\FlashPlayer__5336_i273135291_il359.exe [403496]
[MD5.3BA3C21D186D6F0AAB95EB232C8A43E7] [SPRF][12/09/2010] (...) -- C:\Users\HP\AppData\Local\Temp\GLF9715.tmp.ConduitEngineSetup.exe [157536] =>Toolbar.Conduit
[MD5.895C4812245E244B2F81C71BAD0C4E55] [SPRF][12/09/2010] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\HP\AppData\Local\Temp\GLF9715.tmp.tbRadi.dll [3863136] =>Toolbar.Conduit
[MD5.895C4812245E244B2F81C71BAD0C4E55] [SPRF][12/09/2010] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\HP\AppData\Local\Temp\GLFA26B.tmp.tbRadi.dll [3863136] =>Toolbar.Conduit
[MD5.895C4812245E244B2F81C71BAD0C4E55] [SPRF][12/09/2010] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\HP\AppData\Local\Temp\GLFCC0A.tmp.ConduitEngine.dll [3863136] =>Toolbar.Conduit
[MD5.895C4812245E244B2F81C71BAD0C4E55] [SPRF][12/09/2010] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\HP\AppData\Local\Temp\GLFFCCA.tmp.tbRadi.dll [3863136] =>Toolbar.Conduit
[MD5.C70307FCD3A20B75FE94741B1D3AC633] [SPRF][18/01/2014] (.Nosibay - Bubble Dock installer.) -- C:\Users\HP\AppData\Local\Temp\Install_BubbleDock.exe [365128] =>PUP.BubbleDock
[MD5.BF8FF3E27CF48D69ED558AD0980E5652] [SPRF][27/12/2013] (...) -- C:\Users\HP\AppData\Local\Temp\install_helper.exe [903680]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][23/10/2013] (...) -- C:\Users\HP\AppData\Local\Temp\Quarantine.exe [344355]
[MD5.B2651071FBD14BFF5FB39BD90F447D27] [SPRF][19/01/2014] (.UpdaterResponse - Pas de description.) -- C:\Users\HP\AppData\Local\Temp\setup{A18B4604-2B26-477C-9785-55FED61EA6AF}.exe [1478520]
[MD5.CC5B20E075CFEB616F8DAB390718244B] [SPRF][12/07/2010] (.Pas de propriétaire - This package provides Drive Encryption for HP ProtectTools f.) -- C:\Users\HP\AppData\Local\Temp\SP49212.exe [11712464]
[MD5.06DF957111DF5195169EE793802B68D5] [SPRF][02/08/2010] (.Pas de propriétaire - This package provides the HP Support Assistant for the suppo.) -- C:\Users\HP\AppData\Local\Temp\sp49289.exe [93018192]
[MD5.A7D35E7C299A0D02523A21338255A129] [SPRF][16/12/2010] (.Pas de propriétaire - This package provides the HP Support Assistant for the suppo.) -- C:\Users\HP\AppData\Local\Temp\sp50190.exe.exe [89935672]
[MD5.EBF20462BF4C619507D83970FB3E2204] [SPRF][08/09/2010] (.Pas de propriétaire - This package provides Drive Encryption for HP ProtectTools f.) -- C:\Users\HP\AppData\Local\Temp\SP50202.exe [11652032]
[MD5.2B73580EF3758A7CBACDAA088F2C2FF7] [SPRF][27/06/2012] (.Pas de propriétaire - This package provides the Realtek High-Definition Audio Driv.) -- C:\Users\HP\AppData\Local\Temp\SP54099.exe [88257432]
[MD5.5405413FFF79B8D9C747AA900F60F082] [SPRF][11/11/2013] (...) -- C:\Users\HP\AppData\Local\Temp\Sqlite3.dll [599419]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][06/02/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\HP\AppData\Local\Temp\System.Data.SQLite.dll [1053184]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][06/02/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\HP\AppData\Local\Temp\System.Data.SQLite15623.dll [1053184]
[MD5.006CC8260405E231C2006A0CEA2127FD] [SPRF][06/02/2014] (.Robert Simpson, et al. - System.Data.SQLite Interop Assembly.) -- C:\Users\HP\AppData\Local\Temp\System.Data.SQLite87169.dll [1053184]
[MD5.10446400C186561C616A05DC66304857] [SPRF][17/11/2012] (...) -- C:\Users\HP\AppData\Local\Temp\temp.bat [417]
[MD5.FB2C4FCACBED91AE41F1486E28F71836] [SPRF][12/05/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\HP\AppData\Local\Temp\uninst1.exe [389632] =>PUP.Babylon
[MD5.73DD10CFA4AE8761AC2E554FDA05EA19] [SPRF][06/02/2014] (.Fusion Install - Fusion Install.) -- C:\Users\HP\Desktop\Setup.exe [1708840]
~ Files: 58 Legitimates Filtered in 00mn 11s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{4092DF45-C63D-4DC4-8ACA-04F9EC29BE95}" |In - Public - P6 - TRUE | .(...) -- C:\ProgramData\eSafe\eGdpSvc.exe (.not file.) =>PUP.eSafeSecurity
~ Firewall: 199 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "1952D39F10282964DBD8760AFBCAC941" . (.SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\{F93D2591-8201-4692-BD8D-67A0BFAC9C14}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "78886CCC70E683440A53C722FEDB1CE5" . (..) -- C:\Windows\Installer\{CCC68887-6E07-4438-A035-7C22EFBDC15E}\ARPPRODUCTICON.exe
O90 - PUC: "B42F9C3329D123649A51183EBBD1D5B6" . (.Reconstitution suite a un Vol .) -- C:\Windows\Installer\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}\ARPPRODUCTICON.exe
~ Update Products: 98 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39988793C0BE26963F7C8228E7F04E23] [WIS][06/01/2014] (.Google - Google+ Auto Backup.) -- C:\Windows\Installer\1656f1.msi [3088384]
[MD5.637B765197728E2E3B3C2A4754F62517] [WIS][27/09/2010] (.SweetIM Technologies Ltd. - SweetIM Toolbar for Internet Explorer 3.9.) -- C:\Windows\Installer\3aa2b643.msi [2363392] =>PUP.SweetIM
~ WIS: 100 Legitimates Filtered in 00mn 15s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 05/02/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 27/01/2014 36392 | (BackupStack) . (.Just Develop It.) - C:\Program Files\MyPC Backup\BackupStack.exe =>PUP.MyPCBackup
SS - | Demand 07/12/2009 362040 | (FLCDLOCK) . (.Hewlett-Packard Ltd.) - C:\Windows\system32\flcdlock.exe
SS - | Auto 24/07/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/07/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 12/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Auto 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 04/02/2013 155824 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files\Sony\Sony PC Companion\PCCService.exe
SS - | Auto 10/07/1658 0 | (WajamUpdaterV3) . (...) - C:\Program Files\Wajam\Updater\WajamUpdaterV3.exe =>PUP.Wajam

SR - | Auto 12/03/2013 342608 | (24x7HelpSvc) . (.PCRx.com, LLC.) - C:\Program Files\24x7Help\App24x7Svc.exe =>PUP.24x7Help
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 05/02/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 06/02/2014 186496 | C:\Program Files\optimi~1\OptProCrashSvc.dll (ca82e1a5) . (...) - C:\Program Files\Optimizer Pro\OptProCrashSvc.dll =>PUP.OptimizerPro
SR - | Auto 06/02/2014 425008 | (desksvc) . (.337 Technology Limited..) - C:\Program Files\Desk 365\deskSvc.exe =>Hijacker.22Find
SR - | Auto 22/01/2010 300808 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SR - | Auto 19/09/2013 250200 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SR - | Auto 12/01/2010 36864 | (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - C:\Program Files\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
SR - | Auto 04/11/2013 92160 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe =>.Hewlett-Packard Co
SR - | Auto 26/01/2010 281192 | (HpFkCryptService) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
SR - | Auto 11/12/2009 297984 | (HPFSService) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\File Sanitizer\HPFSService.exe
SR - | Demand 13/05/2013 1129760 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 14/01/2014 508016 | (IePluginService) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector
SR - | Auto 15/01/2014 45568 | (InternetUpdater) . (.Parallel Lines Development, LLC.) - C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 16/10/2009 94208 | (lxduCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxduserv.exe
SR - | Auto 16/10/2009 589824 | (lxdu_device) . (...) - C:\Windows\system32\lxducoms.exe
SR - | Auto 18/06/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files\PDF Complete\pdfsvc.exe
SR - | Auto 27/11/2010 398176 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 05/02/2014 80168 | (Update EnhanceTronic) . (...) - C:\Program Files\EnhanceTronic\updateEnhanceTronic.exe
SR - | Auto 06/02/2014 80168 | (Util EnhanceTronic) . (...) - C:\Program Files\EnhanceTronic\bin\utilEnhanceTronic.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 06/02/2014 493568 | (Wpm) . (.Cherished Technololgy LIMITED.) - C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 21s



---\\ Scan Additionnel (O88)
Database Version : 13030 - (25/01/2014)
Clés trouvées (Keys found) : 70
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 28
Fichiers trouvés (Files found) : 49

[HKLM\Software\Google\Chrome\Extensions\cgbealecnakbhfoeeipcnoboempfkbjd] =>Adware.FlashEnhancer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5A60B6BB-FA81-4EFA-AB9C-A820E2143736}] =>Adware.FlashEnhancer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}] =>Adware.MyWebSearch^
[HKLM\SYSTEM\CurrentControlSet\Services\24x7HelpSvc] =>PUP.24x7Help^
[HKLM\SYSTEM\CurrentControlSet\Services\MyPC Backup) (BackupStack] =>PUP.MyPCBackup^
[HKLM\SYSTEM\CurrentControlSet\Services\ca82e1a5] =>PUP.OptimizerPro^
[HKLM\SYSTEM\CurrentControlSet\Services\desksvc] =>Hijacker.22Find^
[HKLM\SYSTEM\CurrentControlSet\Services\IePluginService] =>Trojan.SProtector^
[HKLM\SYSTEM\CurrentControlSet\Services\InternetUpdater] =>Adware.IncrediBar^
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3] =>PUP.Wajam^
[HKLM\SYSTEM\CurrentControlSet\Services\Wpm] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1] =>PUP.AdvancedSystemProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard] =>PUP.BrowserSafeguard^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365] =>Hijacker.22Find^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX] =>PUP.Dealply^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IePlugins] =>Trojan.SProtector^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup] =>PUP.MyPCBackup^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceGong] =>Adware.PriceGong^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RegClean Pro_is1] =>Rogue.RegistryPowerCleaner^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ValueApps] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\flash-Enhancer] =>Adware.FlashEnhancer^
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>PUP.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKLM\Software\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] =>PUP.V9Software
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\{835315FC-1BF6-4CA9-80CD-F6C158D40692}] =>Adware.PriceGong
[HKLM\Software\Classes\TypeLib\{8B3372D0-09F0-41A5-8D9B-134E148672FB}] =>Adware.PriceGong
[HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{D2A2595C-4FE4-4315-AA9B-19DBD6271B71}] =>Adware.PriceGong
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escort.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>PUP.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>PUP.Babylon
[HKLM\Software\Classes\AppID\PriceGongIE.DLL] =>Adware.PriceGong
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO] =>Adware.PriceGong
[HKLM\Software\Classes\PriceFactorIE.PriceGongBHO.1] =>Adware.PriceGong
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl] =>Adware.PriceGong
[HKLM\Software\Classes\PriceGongIE.PriceGongCtrl.1] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\InstallCore] =>Adware.InstallCore
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc] =>Hijacker.22find
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F7B34B38-02A6-44D5-B8CC-06EB3B8ACFC9}_is1] =>PUP.PCFixSpeed
[HKCU\Software\PCFixSpeed] =>PUP.PCFixSpeed
[HKLM\Software\PCFixSpeed] =>PUP.PCFixSpeed
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}] =>Adware.MyWebSearch
[HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro
[HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox
[HKLM\Software\Classes\esrv.mysearchdialESrvc] =>Adware.MyWebSearch
[HKLM\Software\Classes\esrv.mysearchdialESrvc.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialappCore.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialdskBnd.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr] =>Adware.MyWebSearch
[HKLM\Software\Classes\mysearchdial.mysearchdialHlpr.1] =>Adware.MyWebSearch
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Updater =>PUP.CrossRider^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^
C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbealecnakbhfoeeipcnoboempfkbjd =>Adware.FlashEnhancer^
C:\Program Files\24x7Help =>PUP.24x7Help^
C:\Program Files\Advanced System Protector =>PUP.AdvancedSystemProtector^
C:\Program Files\AmiExt =>Adware.FlashEnhancer^
C:\Program Files\Browsersafeguard =>PUP.BrowserSafeguard^
C:\Program Files\Desk 365 =>Hijacker.22Find^
C:\Program Files\MyPC Backup =>PUP.MyPCBackup^
C:\Program Files\Mysearchdial =>Adware.MyWebSearch^
C:\Program Files\PriceGong =>Adware.PriceGong^
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner^
C:\ProgramData\IePluginService =>Trojan.SProtector^
C:\ProgramData\RHelpers =>PUP.SearchDonkey^
C:\ProgramData\Updater =>PUP.CrossRider^
C:\ProgramData\WPM =>PUP.WpManager^
C:\Users\HP\AppData\Roaming\Desk 365 =>Hijacker.22Find^
C:\Users\HP\AppData\Roaming\mysearchdial =>Adware.MyWebSearch^
C:\Users\HP\AppData\Roaming\newnext.me =>PUP.NextLive^
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup =>PUP.MyPCBackup^
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop =>Adware.Lollipop^
C:\Program Files\Optimizer Pro =>PUP.OptimizerPro
C:\Program Files\PCFixSpeed =>PUP.PCFixSpeed
C:\Program Files\Common Files\337 =>Hijacker.22find
C:\ProgramData\PCFixSpeed =>PUP.PCFixSpeed
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong =>Adware.PriceGong
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 =>Hijacker.22find
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Users\HP\AppData\Roaming\Optimizer Pro =>PUP.OptimizerPro
C:\Users\HP\AppData\Roaming\PCFixSpeed =>PUP.PCFixSpeed
C:\ProgramData\Updater\updater.exe =>PUP.CrossRider^
C:\ProgramData\RHelpers\IEHelper\IeHelper.exe =>PUP.SearchDonkey^
C:\Program Files\Desk 365\desk365.exe =>Hijacker.22Find^
C:\Program Files\PCFixSpeed\PCFixTray.exe =>PUP.PCFixSpeed^
C:\Program Files\24x7Help\App24x7Help.exe =>PUP.24x7Help^
C:\Program Files\24x7Help\App24x7Hook.exe =>PUP.24x7Help^
C:\Program Files\PCFixSpeed\PCFixSpeed.exe =>PUP.PCFixSpeed^
C:\Program Files\Browsersafeguard\BrowserSafeguard.exe =>PUP.BrowserSafeguard^
C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe =>PUP.SearchDonkey^
C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe =>PUP.SearchDonkey^
C:\Program Files\RegClean Pro\RegCleanPro.exe =>Rogue.RegistryPowerCleaner^
C:\Program Files\MyPC Backup\MyPC Backup.exe =>PUP.MyPCBackup^
C:\ProgramData\InternetUpdater\InternetUpdaterService.exe =>Adware.IncrediBar^
C:\ProgramData\WPM\wprotectmanager.exe =>PUP.WpManager^
C:\ProgramData\IePluginService\PluginService.exe =>Trojan.SProtector^
C:\Program Files\Desk 365\deskSvc.exe =>Hijacker.22Find^
C:\Program Files\24x7Help\App24x7Svc.exe =>PUP.24x7Help^
C:\Windows\Tasks\RegClean Pro_DEFAULT.job =>Rogue.RegistryPowerCleaner^
C:\Windows\Tasks\RegClean Pro_UPDATES.job =>Rogue.RegistryPowerCleaner^
C:\Program Files\RegClean Pro\SystweakASP.exe =>PUP.AdvancedSystemProtector^
C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe =>PUP.AdvancedSystemProtector^
C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe =>PUP.BrowserSafeguard^
[HKCU\Software\24x7HELP] =>PUP.24x7Help^
[HKCU\Software\AmiExt] =>Adware.FlashEnhancer^
[HKCU\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKCU\Software\BrowsersafeguardInstalled] =>PUP.BrowserSafeguard^
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch^
[HKLM\Software\24x7HELP] =>PUP.24x7Help^
[HKLM\Software\AmiExt] =>Adware.FlashEnhancer^
[HKLM\Software\BonanzaDeals] =>Adware.BonanzaDeals^
[HKLM\Software\Wpm] =>PUP.WpManager^
[HKLM\Software\supWPM] =>PUP.WpManager^
C:\Users\HP\AppData\Local\Temp\dlLogic.exe =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\GLF9715.tmp.ConduitEngineSetup.exe =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\GLF9715.tmp.tbRadi.dll =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\GLFA26B.tmp.tbRadi.dll =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\GLFCC0A.tmp.ConduitEngine.dll =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\GLFFCCA.tmp.tbRadi.dll =>Toolbar.Conduit^
C:\Users\HP\AppData\Local\Temp\Install_BubbleDock.exe =>PUP.BubbleDock^
C:\Users\HP\AppData\Local\Temp\uninst1.exe =>PUP.Babylon^
C:\Windows\Installer\3aa2b643.msi =>PUP.SweetIM^
C:\Users\HP\AppData\Local\Temp\GoogleToolbarInstaller1.log =>PUP.Babylon
C:\Users\HP\AppData\Local\Temp\GoogleToolbarInstaller2.log =>PUP.Babylon
~ Additionnel Scan: 259588 Items scanned in 00mn 21s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/38839825-pup-searchdonkey =>PUP.SearchDonkey
~ http://nicolascoolman.webs.com/apps/blog/show/26630379-hijacker-22find =>Hijacker.22Find
~ http://nicolascoolman.webs.com/apps/blog/show/33519836-pup-pcfixspeed =>PUP.PCFixSpeed
~ http://nicolascoolman.webs.com/apps/blog/show/33002268-pup-24x7help =>PUP.24x7Help
~ http://nicolascoolman.webs.com/apps/blog/show/32799788-pup-browsersafeguard =>PUP.BrowserSafeguard
~ http://nicolascoolman.webs.com/apps/blog/show/29295819-rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner
~ http://nicolascoolman.webs.com/apps/blog/show/32174815-pup-mypcbackup =>PUP.MyPCBackup
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/38737316-pup-wpmanager =>PUP.WpManager
~ http://nicolascoolman.webs.com/apps/blog/show/40789592-trojan-sprotector =>Trojan.SProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/41011964-pup-awesomehp =>PUP.Awesomehp
~ http://nicolascoolman.webs.com/apps/blog/show/40653881-adware-flashenhancer =>Adware.FlashEnhancer
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/41034005-pup-mobogenie =>PUP.Mobogenie
~ http://nicolascoolman.webs.com/apps/blog/show/40528410-pup-nextlive =>PUP.NextLive
~ http://nicolascoolman.webs.com/apps/blog/show/28204239-pup-optimizerpro =>PUP.OptimizerPro
~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>PUP.Wajam
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/32816468-adware-bonanzadeals =>Adware.BonanzaDeals
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/26630902-adware-lollipop =>Adware.Lollipop
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27588628-pup-esafesecurity =>PUP.eSafeSecurity
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27672211-pup-v9software =>PUP.V9Software
~ http://nicolascoolman.webs.com/apps/blog/show/32363262-adware-browsefox =>Adware.BrowseFox
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ MSI: 35 link(s) detected in 00mn 22s



~ 1099 Legitimates filtered by white list
End of the scan (872 lines in 03mn 01s)(0)

Publicité


Signaler le contenu de ce document

Publicité