Publicité
Publicité
Format du document : text/plain
Prévisualisation
2015/06/21 14:34:55 -0400
mbam-log-2015-06-21 (14-34-54).xml
yes
2.01.6.1022
v2015.06.21.04
v2015.06.15.01
trial
enabled
enabled
disabled
Windows XP Service Pack 3
x86
moi
NTFS
threat
completed
503036
2645
0
0
5
4
12
5
42
0
enabled
enabled
enabled
enabled
enabled
disabled
enabled
enabled
enabled
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXESecurity.Hijacksuccessc29628952a600531a247ba0f877d9b65
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\SMARTBARPUP.Optional.SmartBar.Asuccessbb9d516ca1e979bdaacbd4be63a2f50b
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXEDebuggerSecurity.HijacksuccessStripMyRights.exe /Dc29628952a600531a247ba0f877d9b65
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}URLPUP.Optional.SnapDo.Asuccesshttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/20133721635ad3b761d5f0fbc9c1ea1b9a66
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}URLPUP.Optional.SnapDo.Asuccesshttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/20137eda5c6177135ed83caf3555bb4aac54
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\SMARTBARGlobalUserIdPUP.Optional.SmartBar.Asuccess15f9a7a1-dea0-d31c-8e50-16d7d28e3a8bbb9d516ca1e979bdaacbd4be63a2f50b
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTERFirewallDisableNotifyPUM.Disabled.SecurityCenterreplaced11067f18835dbafe65066b05ce94abc47b9
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013www.google.com80d89e1fd3b7f4424ec748f77b8b7e82
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch BarPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com3721803d7e0ce452a0750b34788e50b0
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.comea6ec3fa5c2eae88fd180a354bbb50b0
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURLDefaultPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com88d0e6d78ffba98d997bc27d9076b34d
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013www.google.comed6bffbe26641f174cc9221d679f619f
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch BarPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com1c3cdfdeb0da5adca86d73cc28de659b
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com56029d201575ed4943d25ee137cf9868
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURLDefaultPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.comc692a21b1872de58b46043fc21e519e7
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowControlPanelPUM.Hijack.StartMenureplaced00170e8ebd2bfcbe4523e505aec09fd5da3
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowMyComputerPUM.Hijack.StartMenureplaced001391fa7163c4eb87ed6ba083e808656aa
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowRunPUM.Hijack.StartMenureplaced0018dcbf8c5e5a5ef4700920a3c49bd9a66
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry ReviverPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\LanguagePUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003PUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\ArtifactsPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\LogsPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\RECYCLER\S-1-5-21-1844237615-2049760794-682003330-1003\Dc179.exePUP.Optional.MultiPlugsuccesse474e7d6206af73fc7c222336b977f81
C:\RECYCLER\S-1-5-21-73586283-413027322-1606980848-1003\Dc57.exePUP.Optional.DownloadAdminsuccess2137bffef29864d240efd59459a9c33d
C:\Documents and Settings\moi\Local Settings\Temp\ICReinstall_wipsetup.exePUP.Optional.InstallCore.Asuccess1543c0fd6e1c0333da87fa708181c63a
C:\Documents and Settings\All Users\{74d4f693-67cb-c8d1-74d4-4f69367cda4d}\Fringe.S04E22.HDTV.XviD-playXD.exePUP.Optional.MultiPlugsuccessf8604f6efe8c2b0bf1988fc66b971de3
C:\Documents and Settings\moi\Local Settings\Application Data\Temp\0743Installer.exePUP.Optional.VITsuccesseb6ddedfee9c8ea8ac0cf756b54c31cf
C:\Documents and Settings\moi\Local Settings\Application Data\Temp\76daInstaller.exePUP.Optional.VITsuccess5dfb4a7378124de96a4e3b1209f8cf31
C:\Documents and Settings\moi\Bureau\Instaler\cachm790.exePUP.Optional.InstallCore.Asuccessd682b8051773023443179adbbe4418e8
C:\Documents and Settings\moi\Application Data\WOffer.boostrap.logPUP.Optional.WOffer.Asuccessb1a74d705337c86ee395f4113bc9629e
C:\Documents and Settings\moi\Bureau\Registry Reviver.lnkPUP.Optional.RegistryReviver.Asuccess2a2e02bbc3c773c3c576266c4db86d93
C:\Documents and Settings\moi\Bureau\\Registry Reviver.lnkPUP.Optional.RegistryReviver.Asuccess3f1934897119a6903efd157d699cad53
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Bulgarian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Croatian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Czech.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Danish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Dutch.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\English.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Finnish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\French.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\German.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Greek.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Hungarian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Indonesian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Italian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Japanese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Korean.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Norwegian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Polish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Portuguese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Romanian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Russian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\SimpChinese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Spanish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Swedish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Thai.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\TradChinese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Turkish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Settings.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\additionalHeaders.txtPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\lastRequest.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\lastResponse.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Logs\app.logPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Logs\logRegScan.logPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
mbam-log-2015-06-21 (14-34-54).xml
yes
2.01.6.1022
v2015.06.21.04
v2015.06.15.01
trial
enabled
enabled
disabled
Windows XP Service Pack 3
x86
moi
NTFS
threat
completed
503036
2645
0
0
5
4
12
5
42
0
enabled
enabled
enabled
enabled
enabled
disabled
enabled
enabled
enabled
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}PUP.Optional.Snapdo.Tsuccess71e7bffec3c77db9b571d7d9c73c3fc1
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXESecurity.Hijacksuccessc29628952a600531a247ba0f877d9b65
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\SMARTBARPUP.Optional.SmartBar.Asuccessbb9d516ca1e979bdaacbd4be63a2f50b
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\FIREFOX.EXEDebuggerSecurity.HijacksuccessStripMyRights.exe /Dc29628952a600531a247ba0f877d9b65
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}URLPUP.Optional.SnapDo.Asuccesshttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/20133721635ad3b761d5f0fbc9c1ea1b9a66
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}URLPUP.Optional.SnapDo.Asuccesshttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/20137eda5c6177135ed83caf3555bb4aac54
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\SMARTBARGlobalUserIdPUP.Optional.SmartBar.Asuccess15f9a7a1-dea0-d31c-8e50-16d7d28e3a8bbb9d516ca1e979bdaacbd4be63a2f50b
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTERFirewallDisableNotifyPUM.Disabled.SecurityCenterreplaced11067f18835dbafe65066b05ce94abc47b9
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013www.google.com80d89e1fd3b7f4424ec748f77b8b7e82
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch BarPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com3721803d7e0ce452a0750b34788e50b0
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.comea6ec3fa5c2eae88fd180a354bbb50b0
HKU\S-1-5-19\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURLDefaultPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com88d0e6d78ffba98d997bc27d9076b34d
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINStart PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=hp&installDate=04/12/2013www.google.comed6bffbe26641f174cc9221d679f619f
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch BarPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com1c3cdfdeb0da5adca86d73cc28de659b
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAINSearch PagePUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.com56029d201575ed4943d25ee137cf9868
HKU\S-1-5-20\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURLDefaultPUP.Optional.SnapDo.Areplacedhttp://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013http://feed.snapdo.com/?publisher=Vittalia&dpid=Vittalia&co=CA&userid=1d2fc9fd-0365-7f68-fafc-cdffe857c69b&searchtype=ds&q={searchTerms}&installDate=04/12/2013www.google.comc692a21b1872de58b46043fc21e519e7
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowControlPanelPUM.Hijack.StartMenureplaced00170e8ebd2bfcbe4523e505aec09fd5da3
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowMyComputerPUM.Hijack.StartMenureplaced001391fa7163c4eb87ed6ba083e808656aa
HKU\S-1-5-21-1844237615-2049760794-682003330-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCEDStart_ShowRunPUM.Hijack.StartMenureplaced0018dcbf8c5e5a5ef4700920a3c49bd9a66
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry ReviverPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\LanguagePUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003PUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\ArtifactsPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\LogsPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\RECYCLER\S-1-5-21-1844237615-2049760794-682003330-1003\Dc179.exePUP.Optional.MultiPlugsuccesse474e7d6206af73fc7c222336b977f81
C:\RECYCLER\S-1-5-21-73586283-413027322-1606980848-1003\Dc57.exePUP.Optional.DownloadAdminsuccess2137bffef29864d240efd59459a9c33d
C:\Documents and Settings\moi\Local Settings\Temp\ICReinstall_wipsetup.exePUP.Optional.InstallCore.Asuccess1543c0fd6e1c0333da87fa708181c63a
C:\Documents and Settings\All Users\{74d4f693-67cb-c8d1-74d4-4f69367cda4d}\Fringe.S04E22.HDTV.XviD-playXD.exePUP.Optional.MultiPlugsuccessf8604f6efe8c2b0bf1988fc66b971de3
C:\Documents and Settings\moi\Local Settings\Application Data\Temp\0743Installer.exePUP.Optional.VITsuccesseb6ddedfee9c8ea8ac0cf756b54c31cf
C:\Documents and Settings\moi\Local Settings\Application Data\Temp\76daInstaller.exePUP.Optional.VITsuccess5dfb4a7378124de96a4e3b1209f8cf31
C:\Documents and Settings\moi\Bureau\Instaler\cachm790.exePUP.Optional.InstallCore.Asuccessd682b8051773023443179adbbe4418e8
C:\Documents and Settings\moi\Application Data\WOffer.boostrap.logPUP.Optional.WOffer.Asuccessb1a74d705337c86ee395f4113bc9629e
C:\Documents and Settings\moi\Bureau\Registry Reviver.lnkPUP.Optional.RegistryReviver.Asuccess2a2e02bbc3c773c3c576266c4db86d93
C:\Documents and Settings\moi\Bureau\\Registry Reviver.lnkPUP.Optional.RegistryReviver.Asuccess3f1934897119a6903efd157d699cad53
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Bulgarian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Croatian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Czech.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Danish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Dutch.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\English.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Finnish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\French.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\German.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Greek.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Hungarian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Indonesian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Italian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Japanese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Korean.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Norwegian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Polish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Portuguese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Romanian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Russian.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\SimpChinese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Spanish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Swedish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Thai.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\TradChinese.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\Language\Turkish.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Settings.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\additionalHeaders.txtPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\lastRequest.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Artifacts\lastResponse.xmlPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Logs\app.logPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42
C:\Documents and Settings\All Users\Application Data\ReviverSoft\Registry Reviver\S-1-5-21-1844237615-2049760794-682003330-1003\Logs\logRegScan.logPUP.Optional.RegistryReviver.Asuccess342405b86b1fbd792b10a84c12f1be42