cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

~ Report of ZHPDiag v2014.2.17.15 - Nicolas Coolman (17/02/2014)
~ Launched by Abokr (22/03/2014 22:58:40)
~ Web site address : http://nicolascoolman.webs.com
~ Free support forums for disinfection : http://nicolascoolman.webs.com/apps/links/
~ Translated by
~ Version State :
~ White List : Activate by program
~ Elevation of privilege : OK
~ User Account Control : Deactivate by program


---\\ Internet browsers
MSIE: Internet Explorer v10.0.9200.16635
MFIE: Mozilla Firefox 28.0
GCIE: Google Chrome v33.0.1750.154 (Defaut)

---\\ Windows product information
~ Langage: Anglais
Windows 7 Ultimate, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System protection software
Malwarebytes Anti-Malware النسخة 1.75.0.1300
Windows Defender W7

---\\ System optimization software

---\\ Sharing software PeerToPeer

---\\ Surveillance software
Adobe Flash Player 12 Plugin
Adobe Reader XI
Java 7 Update 25

---\\ Information on the system
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2037.5 MB (58% free)
System Restore: Activé (Enable)
System drive C: has 132 GB (43%) free of 303 GB

---\\ Connection to the system mode
~ Computer Name: ABOKR-PC
~ User Name: Abokr
~ All Users Names: HomeGroupUser$, Guest, Administrator, Abokr,
~ Unselected Option: O45,O61
Logged in as Administrator

---\\ Environment variables
~ System Unit : C:\
~ %AppZHP% : C:\Users\Abokr\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Abokr\AppData\Roaming\
~ %Desktop% : C:\Users\Abokr\Desktop\
~ %Favorites% : C:\Users\Abokr\Favorites\
~ %LocalAppData% : C:\Users\Abokr\AppData\Local\
~ %StartMenu% : C:\Users\Abokr\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumeration of the disk units
A: Floppy drive, Flash card reader, USB Key (Not Inserted)
C: Hard drive, Flash drive, Thumb drive (Free 132 Go of 303 Go)
D: Hard drive, Flash drive, Thumb drive (Free 89 Go of 163 Go)
E: CD-ROM drive (Not Inserted)
H: Floppy drive, Flash card reader, USB Key (Free 4 Go of 4 Go)
I: Floppy drive, Flash card reader, USB Key (Free 0 Go of 0 Go)



---\\ State of the Windows Security Center
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Search Generic System Files
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - مستكشف Windows.) (.25/02/2011 - 08:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - ‎‎تطبيق بدء تشغيل Windows.) (.14/07/2009 - 04:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.9BF7C7654EFD098EE3A27B49492A382A] - (.Microsoft Corporation - ملحقات الإنترنت لـ Win32.) (.12/06/2013 - 02:43:37.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - تطبيق تسجيل دخول Windows.) (.20/11/2010 - 15:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - مكتبة تراخيص البرامج.) (.20/11/2010 - 15:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 05:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 04:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 02:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 11:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 11:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 12:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - برنامج تشغيل منفذ i8042.) (.14/07/2009 - 02:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 02:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 05:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 11:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - NT File System Driver.) (.12/04/2013 - 16:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - برنامج تشغيل المنفذ المتوازي.) (.14/07/2009 - 02:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 02:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 13:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 02:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 11:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - برنامج تشغيل خدمة ملفات الظل الاحتياطية لوحدة التخزين.) (.20/11/2010 - 15:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/46
~ Mes musiques (My Musics) : 2/80
~ Mes Videos (My Videos) : 1/4
~ Mes Favoris (My Favorites) : 1/133
~ Mes Documents (My Documents) : 1/4636
~ Mon Bureau (My Desktop) : 4/7923
~ Menu demarrer (Programs) : 1/55
~ Hidden Files: Scanned in 00mn 21s



---\\ Process running
[MD5.FC12F1689AFDE41D48E00A8B05806BEE] - (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [442896] [PID.2652]
[MD5.1A536B01E64D26BED151C9BFA3EDCEB2] - (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [11430504] [PID.2668]
[MD5.3B264541B6AE34AFD6554872A769A0F3] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3565432] [PID.3060]
[MD5.FAA729BC3B4EC2900D14E1F0F4D30ED0] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [268248] [PID.3436]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.2364]
[MD5.A0251ED3ABBA7ACC84416738C8282ACA] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616] [PID.6188]
[MD5.5AB31D55872F13CC1D64B8454EF45C15] - (.BitTorrent Inc. - µTorrent.) -- C:\Users\Abokr\AppData\Roaming\uTorrent\uTorrent.exe [1208152] [PID.27296] =>P2P.BitTorrent
[MD5.58DF8370E0A5F992F785FEB85B093BF6] - (...) -- C:\Program Files\Re-markit\Re-markit_wd.exe [93184] [PID.30856] =>PUP.ReMarkIt
[MD5.AB44884BC129FC04D75A4649E0710203] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8338432] [PID.31376]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Abokr\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Abokr\AppData\Roaming\Mozilla\Firefox\Profiles\5m5js1tf.default\prefs.js
C:\Users\Abokr\AppData\Roaming\Mozilla\Firefox\Profiles\5m5js1tf.default\user.js
C:\Users\Abokr\AppData\Roaming\Mozilla\Firefox\Profiles\c6gs1yl5.default-1377986054771\prefs.js
C:\Users\Abokr\AppData\Roaming\Mozilla\Firefox\Profiles\fwf375pk.default\prefs.js
C:\Users\Abokr\AppData\Roaming\Mozilla\Firefox\Profiles\fwf375pk.default\user.js
M2 - MFEP: prefs.js [Abokr - c6gs1yl5.default-1377986054771\mozilla_cc@internetdownloadmanager.com] [] IDM CC v7.3.70 (..)
M2 - MFEP: prefs.js [Abokr - fwf375pk.default\mozilla_cc@internetdownloadmanager.com] [] IDM CC v7.3.58 (..)
~ Firefox Browser: 45 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.arabyonline.com
~ IE Browser: 17 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:13828 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects (O2)
O2 - BHO: MediaWatchV1home983 - {5bf02e4b-e313-4add-8911-560fb7902daa} . (.No owner - Media Watch.) -- C:\Program Files\MediaWatchV1\MediaWatchV1home983\ie\MediaWatchV1home983.dll
O2 - BHO: MediaViewV1alpha4619 - {e75705f4-484e-4580-97fe-5854326733d3} . (.No owner - Media View.) -- C:\Program Files\MediaViewV1\MediaViewV1alpha4619\ie\MediaViewV1alpha4619.dll
O2 - BHO: MediaViewV1alpha8894 - {ebe16d47-eb43-4914-aa21-9789cd7ed8a2} . (.No owner - Media View.) -- C:\Program Files\MediaViewV1\MediaViewV1alpha8894\ie\MediaViewV1alpha8894.dll
~ BHO: 20 Legitimates Filtered in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch [Abokr]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Abokr]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Abokr]: Upgrade to Paltalk Extreme.lnk - Orphan key
O4 - GS\QuickLaunch [Abokr]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Abokr\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [Abokr]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar [Abokr]: KMPlayer.exe.lnk . (.PandoraTV - The KMPlayer.) -- C:\Program Files\The KMPlayer\KMPlayer.exe
O4 - GS\TaskBar [Abokr]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Program [Abokr]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Program [Abokr]: Torch.lnk . (...) -- C:\Users\Abokr\AppData\Local\Torch\Application\torch.exe (.not file.)
O4 - GS\SystemTools [Abokr]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Abokr]: KMPlayer.lnk . (.PandoraTV - The KMPlayer.) -- C:\Program Files\The KMPlayer\KMPlayer.exe
O4 - GS\Desktop [Abokr]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Abokr\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 69 Legitimates Filtered in 00mn 01s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [RIMBBLaunchAgent.exe] . (.Research In Motion Limited - Launch Agent Service.) -- C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - إدارة صوت Realtek HD.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe =>.Samsung Electronics Co
O4 - HKCU\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKCU\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKUS\S-1-5-21-1597058447-2255405293-4085650674-1000\..\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe
O4 - HKUS\S-1-5-21-1597058447-2255405293-4085650674-1000\..\Run: [ChicaPasswordManager] C:\Program Files\ChicaLogic\Chica Password Manager\stpass.exe (.not file.)
O4 - HKUS\S-1-5-21-1597058447-2255405293-4085650674-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-1597058447-2255405293-4085650674-1000\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (.not file.)
~ Application: Scanned in 00mn 00s



---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)
O9 - Extra button: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll =>.Microsoft Corporation
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll =>.Microsoft Corporation
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E43E8C0-077E-46BA-8021-AF6CD0D8B0A2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpDomain = afaqe2e.com
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E43E8C0-077E-46BA-8021-AF6CD0D8B0A2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpDomain = afaqe2e.com
O17 - HKLM\System\CS2\Services\Tcpip\..\{5E43E8C0-077E-46BA-8021-AF6CD0D8B0A2}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{67FAA885-81E2-4C11-87FB-38B9B20E2D9F}: DhcpDomain = afaqe2e.com
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - عارض Microsoft (R) HTML.) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ AppInit_DLLs Registry value Autorun (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s



---\\ Non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: Protect Monitor (ProtectMonitor) . (...) - C:\Program Files\PCData\StartHelp.exe
O23 - Service: Re-markit (Re-markit) . (...) - C:\Program Files\Re-markit\Re-markit154.exe =>PUP.ReMarkIt
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
~ Services: 10 Legitimates Filtered in 00mn 04s



---\\ Task Planned Automatically (039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AmiUpdXp.job [356] =>PUP.Software.Updater
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Re-markit Update.job [360] =>PUP.ReMarkIt
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Re-markit_wd.job [346] =>PUP.ReMarkIt
[MD5.C430245DE4445B7B8F68E8295F6B58E8] [APT] [AmiUpdXp] (...) -- C:\Users\Abokr\AppData\Local\SwvUpdater\Updater.exe [288808] =>PUP.Software.Updater
[MD5.B5D320BEC5A1A9E8F869738530DD798C] [APT] [Re-markit Update] (...) -- C:\Program Files\Re-markit\ReMarkit_up.exe [234496] =>PUP.ReMarkIt
[MD5.58DF8370E0A5F992F785FEB85B093BF6] [APT] [Re-markit_wd] (...) -- C:\Program Files\Re-markit\Re-markit_wd.exe [93184] =>PUP.ReMarkIt
[MD5.00000000000000000000000000000000] [APT] [{3364C0FD-9E7B-419B-B9DB-0EEB676C089D}] (...) -- C:\Users\Abokr\Documents\Downloads\Programs\WinSetupFromUSB_1-0-beta7.exe (.not file.) [0]
~ Scheduled Task: 31 Legitimates Filtered in 00mn 05s



---\\ Software installed (O42)
O42 - Logiciel: Media View - (.Media View.) [HKLM] -- MediaViewV1alpha4619
O42 - Logiciel: Media View - (.Media View.) [HKLM] -- MediaViewV1alpha8894
O42 - Logiciel: Media Watch - (.Media Watch.) [HKLM] -- MediaWatchV1home983
O42 - Logiciel: PC Data App - (...) [HKLM] -- PCData App
O42 - Logiciel: Re-markit - (.Re-markit Software.) [HKLM] -- 95e0ae36-0641-4daa-b39b-f7ada9d2114d =>PUP.ReMarkIt
~ Logic: 19 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\HubTech]
[HKCU\Software\PCDataApp]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\MediaViewV1]
[HKLM\Software\MediaWatchV1]
[HKLM\Software\PCDataApp]
[HKLM\Software\bsoft]
~ Key Software: 345 Legitimates Filtered in 00mn 01s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 13/01/2012 - 03:04:53 - [0.758] ----D C:\Program Files\3aLab
O43 - CFD: 27/08/2013 - 03:18:47 - [0] ----D C:\Program Files\iNTERNET Turbo
O43 - CFD: 03/03/2014 - 09:11:16 - [0] ----D C:\Program Files\Longman
O43 - CFD: 15/03/2014 - 21:18:04 - [0.905] ----D C:\Program Files\MediaViewV1
O43 - CFD: 22/03/2014 - 21:18:05 - [0.455] ----D C:\Program Files\MediaWatchV1
O43 - CFD: 22/02/2014 - 18:20:41 - [1.153] ----D C:\Program Files\PCData
O43 - CFD: 22/02/2014 - 18:20:02 - [0.657] ----D C:\Program Files\Re-markit =>PUP.ReMarkIt
O43 - CFD: 25/09/2013 - 08:50:38 - [22.927] ----D C:\ProgramData\TenorShare
O43 - CFD: 03/03/2014 - 09:12:41 - [0.026] ----D C:\Users\Abokr\AppData\Roaming\ldoce5
O43 - CFD: 03/03/2014 - 09:12:34 - [0.018] ----D C:\Users\Abokr\AppData\Local\ldoce5
O43 - CFD: 22/02/2014 - 18:19:58 - [0.277] ----D C:\Users\Abokr\AppData\Local\SwvUpdater =>PUP.Software.Updater
~ Program Folder: 297 Legitimates Filtered in 01mn 25s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.9B261A396E3EC209EA7A8A541B3CCBB5] - 18/03/2014 - 20:48:56 ----- . (...) -- C:\UsbFix [Scan 2] ABOKR-PC.txt [6586]
O44 - LFC:[MD5.8F0348019FE0ACC53DDC271EE80A2DF2] - 18/03/2014 - 20:54:16 ---A- . (...) -- C:\UsbFix [Clean 4] ABOKR-PC.txt [8040]
~ Files: 25 Legitimates Filtered in 00mn 04s



---\\ Operations and functions at Windows Explorer startup (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.3BE1651C63954067940E7F473498AD70] - 13/09/2010 - 13:31:54 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\System32\Drivers\dgderdrv.sys [18120]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 04:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 01:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.1E2546E44387262108051DB8BD07BC13] - 22/11/2012 - 03:43:14 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [100216]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 04:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [21072]
O58 - SDL:[MD5.6E421CCC57059B0186C6259CA3B6DFC9] - 13/12/2012 - 13:50:38 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [45056]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 14/07/2009 - 00:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 14/07/2009 - 00:40:44 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:[MD5.B07663A810E861EEBFD0EAC7E82CA62D] - 13/09/2010 - 13:28:48 ---A- . (...) -- C:\Windows\System32\FsUsbExDisk.Sys [36640]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 14/07/2009 - 00:40:40 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 14/07/2009 - 00:40:43 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 14/07/2009 - 00:40:43 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 14/07/2009 - 00:40:23 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 14/07/2009 - 00:40:31 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 14/07/2009 - 00:40:35 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 14/07/2009 - 00:40:39 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 14/07/2009 - 00:40:27 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 14/07/2009 - 00:40:11 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 14/07/2009 - 00:40:15 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 14/07/2009 - 00:40:17 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 14/07/2009 - 00:40:19 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 14/07/2009 - 00:40:13 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
~ Drivers: 17 Legitimates Filtered in 00mn 41s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: UsbFix - (.El Desaparecido - www.usbfix.net - www.sosvirus.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
~ Legacy: 89 Legitimates Filtered in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (...) -- C:\Program Files\URUSoft\Subtitle Workshop\subtitleworkshop.exe
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Abokr\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Abokr\AppData\Local\Torch\Application\torch.exe (.not file.)
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {756D1D40-E491-4E1D-9BC6-5B37CEDE646E} - (VenteeRo) - http://www.arabyonline.com
O69 - SBI: SearchScopes [HKCU] {B3C441C5-39F6-4DCC-BAFC-F6E8AC313407} - (Yahoo! Search) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {E88E0043-C9D4-4e33-8555-FEE4F5B63060} - (mail.ru: Поиск в Интернете) - http://go.mail.ru
~ Keys: Scanned in 00mn 00s



---\\ Crack & Keygen Files (CKF) (O82)
C:\Users\Abokr\Documents\Downloads\Compressed\Driver.Genius.Professional.Edition.v12.0.0.1211.Cracked-REPT.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Driver.Genius.Professional.Edition.v12.0.0.1211.Cracked-REPT_2.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Photoshop CS6 Crack-Serial Number-Keygen 2013.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Sony Vegas Pro 11 + Keygen de Ativação (32bit).rar
C:\Users\Abokr\Documents\Downloads\Programs\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
C:\Users\Abokr\Downloads\Windows 7 Starter (32 Bit)\Extra Unique Programs\Windows 7 Anytime Upgrade Keygen 1.0.exe
C:\Users\Abokr\Documents\Downloads\Compressed\Driver.Genius.Professional.Edition.v12.0.0.1211.Cracked-REPT.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Driver.Genius.Professional.Edition.v12.0.0.1211.Cracked-REPT_2.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Photoshop CS6 Crack-Serial Number-Keygen 2013.rar
C:\Users\Abokr\Documents\Downloads\Compressed\Sony Vegas Pro 11 + Keygen de Ativação (32bit).rar
C:\Users\Abokr\Documents\Downloads\Programs\Sony_Vegas_Pro_11_(32_Bit)_{+_Crack_and_Keygen}_secure.exe
C:\Users\Abokr\Downloads\Windows 7 Starter (32 Bit)\Extra Unique Programs\Windows 7 Anytime Upgrade Keygen 1.0.exe
~ Files: Scanned in 00mn 25s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.F9522F2587CCA29F7A99A6053A88C9FD] [SPRF][20/05/2011] (...) -- C:\ProgramData\ezsidmv.dat [56]
~ Files: 1 Legitimates Filtered in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{5028DFBF-D415-4900-85BE-A34A4A60213C}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files\PCData\minerd.exe
O87 - FAEL: "{98BF9987-9031-452A-8AEC-0F3A43AFE73B}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files\PCData\minerd.exe
~ Firewall: 248 Legitimates Filtered in 00mn 01s



---\\ MyComputer Name Space (MNS) (O92)
O92 - MNS: iCloud Photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: 1 Legitimates Filtered in 00mn 00s



---\\ Windows Installer Scan (WIS) (O93) (NTFS)
[MD5.378D2F078F9A10D2DE82E3404E50F8E3] [WIS][10/09/2012] (.NetMR Ltd. Scotland - Market Research.) -- C:\Windows\Installer\67c79b6.msi [1891840]
~ WIS: 98 Legitimates Filtered in 00mn 09s



---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2014 257928 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 04/03/2014 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 04/06/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/06/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 20/02/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 19/03/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 21/02/2014 70828 | (ProtectMonitor) . (...) - C:\Program Files\PCData\StartHelp.exe
SS - | Disabled 13/08/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Demand 27/06/2013 585728 | (BlackBerry Device Manager) . (.Research In Motion Limited.) - C:\Program Files\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 13/09/2010 95568 | (dgdersvc) . (.Devguru Co., Ltd..) - C:\Windows\system32\dgdersvc.exe
SR - | Auto 13/09/2010 217088 | (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 22/02/2014 181248 | (Re-markit) . (...) - C:\Program Files\Re-markit\Re-markit154.exe =>PUP.ReMarkIt
SR - | Auto 14/08/2013 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 11s



---\\ Search Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Abokr at 22/03/2014 23:02:29

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x83836BBA] >> \Device\Harddisk0\DR0[0x866252A0]
kernel: MBR read successfully
user & kernel MBR OK

~ MBR: 13 Legitimates Filtered in 00mn 02s



---\\ Search Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Abokr at 22/03/2014 23:02:31

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR: Scanned in 00mn 04s



---\\ Scan Additionnel (O88)
Database Version : 13031 - (17/02/2014)
Clés trouvées (Keys found) : 15
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 2
Fichiers trouvés (Files found) : 7

[HKLM\SYSTEM\CurrentControlSet\Services\Re-markit] =>PUP.ReMarkIt^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\95e0ae36-0641-4daa-b39b-f7ada9d2114d] =>PUP.ReMarkIt^
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}] =>PUP.Software.Updater
[HKLM\Software\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}] =>PUP.Software.Updater
[HKLM\Software\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd] =>PUP.Software.Updater
[HKLM\Software\Classes\Updater.AmiUpd.1] =>PUP.Software.Updater
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}] =>PUP.Software.Updater
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>PUP.Babylon
[HKLM\Software\Classes\AppID\secman.DLL] =>PUP.Babylon
C:\Program Files\Re-markit =>PUP.ReMarkIt^
C:\Users\Abokr\AppData\Local\SwvUpdater =>PUP.Software.Updater^
C:\Users\Abokr\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent^
C:\Program Files\Re-markit\Re-markit_wd.exe =>PUP.ReMarkIt^
C:\Windows\Tasks\AmiUpdXp.job =>PUP.Software.Updater^
C:\Windows\Tasks\Re-markit Update.job =>PUP.ReMarkIt^
C:\Windows\Tasks\Re-markit_wd.job =>PUP.ReMarkIt^
C:\Users\Abokr\AppData\Local\SwvUpdater\Updater.exe =>PUP.Software.Updater^
C:\Program Files\Re-markit\ReMarkit_up.exe =>PUP.ReMarkIt^
~ Additionnel Scan: 322005 Items scanned in 00mn 27s



---\\ Summary of the detections found on your workstation
~ http://nicolascoolman.webs.com/apps/blog/show/36657231-pup-remarki =>PUP.ReMarkIt
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/32713686-pup-software-updater =>PUP.Software.Updater
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ MSI: 6 link(s) detected in 00mn 27s



~ 1375 Legitimates filtered by white list
End of the scan (552 lines in 04mn 19s)(12)

Publicité


Signaler le contenu de ce document

Publicité