~ Rapport de ZHPDiag v2013.12.26.23 - Nicolas Coolman  (26/12/2013)
~ Lancé par guagliardo patricia (28/12/2013 16:45:06)
~ Adresse du Site Web  http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version : 
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16750
MFIE: Mozilla Firefox 14.0.1

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 8 Pro, 64-bit  (Build 9200)
Windows Server License Manager Script : OK

---\\ Logiciels de protection du système
avast! Pro Antivirus v7.0.1456.0
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Security Scan Plus v3.8.130.10
Windows Defender W8

---\\ Logiciels d'optimisation du système
CCleaner v3.23 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
Pando Media Booster v2.6.0.8
µTorrent v2.2.1 =>P2P.µTorrent

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 45

---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4024 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 57 GB (12%) free of 454 GB

---\\ Mode de connexion au système
~ Computer Name: GUAGLIARDOPATRI
~ User Name: guagliardo patricia
~ All Users Names: HomeGroupUser$, guagliardo patricia, ASPNET, Administrateur, 
~ Unselected Option: None
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\guagliardo patricia\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\guagliardo patricia\AppData\Roaming\
~ %Desktop% : C:\Users\guagliardo patricia\Desktop\
~ %Favorites% : C:\Users\guagliardo patricia\Favorites\
~ %LocalAppData% : C:\Users\guagliardo patricia\AppData\Local\
~ %StartMenu% : C:\Users\guagliardo patricia\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 57 Go of 454 Go)
D: CD-ROM drive (Not Inserted)
F: CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de démarrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.E7099336BF7531B6FCC920DCB5101259] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.25/10/2013 - 07:19:22.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Bibliothèque de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.7C0E0EDF18D6CC565D7BFBB451709FA5] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.04/09/2013 - 04:11:23.) -- C:\Windows\system32\Drivers\AFD.sys [576512]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parallèle.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de périphérique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/2246
~ Mes musiques (My Musics) : 6/6264
~ Mes Videos (My Videos) : 2/741
~ Mes Favoris (My Favorites) : 1/31
~ Mes Documents (My Documents) : 5/4165
~ Mon Bureau (My Desktop) : 2/7355
~ Menu demarrer (Programs) : 1/39
~ Hidden Files:  Scanned in 00mn 02s



---\\ Processus lancés
[MD5.50131BFA7FD0C6029E611DBA35AA7E4D] - (.Lexmark International Inc. - Lexmark Fast Pics Application.) -- C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe   [107176] [PID.3508]
[MD5.20C4535969F2006F6082CDF146CD95C4] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe   [4273976] [PID.4000]
[MD5.5B6E8E09BE6401A7E022F52FDFCB2FF8] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe   [254336] [PID.4080]
[MD5.870DF389D7676EDBB635141336A867C6] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [8302080] [PID.3672]
[MD5.A1322B21744A4E6508FBA800CF40FFC6] - (.XLAB d.o.o. - ISL AlwaysOn Tray Icon.) -- C:\Program Files (x86)\ISL Online\ISL AlwaysOn\ISLAlwaysOnTray.exe   [452528] [PID.6356]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [ffdcfjdljhbehggjdkdioajnknjcpbjb] Download Accelerator Plus (DAP) v.2.1.0.1, (Désactivé)
G2 - GCE: Preference [User Data\Default] [palpbfjgianahgbbeodmcohjdmaelbeo] Speedbit New Tab v.1.0 (Désactivé)
~ Google Browser: 12 Legitimates Filtered in 00mn 01s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\guagliardo patricia\AppData\Roaming\Mozilla\Firefox\Profiles\q0440hly.default\prefs.js
P2 - FPN:Firefox Plugin Navigator . (.Pas de propriétaire - Beanfun OCX Wrapper.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npBFPlugin.dll
~ Firefox Browser: 23 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.rpidity.com =>Adware.Boxore
~ IE Browser: 22 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 19



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: LinkVerifierBHO [64Bits] - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} . (.Speedbit Ltd. - DAP Link Verification Extension.) -- C:\Program Files (x86)\DAP\LinkVerifier.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Code de la Route.lnk . (.Micro Application - Code de la Route.)  -- C:\Program Files (x86)\Micro Application\Code de la Route\CDR.exe 
O4 - GS\Desktop [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee.)  -- C:\Program Files\McAfee Security Scan\3.8.130\McUICnt.exe 
O4 - GS\Desktop [Public]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [Public]: Desktop.lnk - Clé orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe 
O4 - GS\QuickLaunch [guagliardo patricia]: Badoo.Desktop.lnk . (.Badoo - Badoo Desktop.)  -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe 
O4 - GS\QuickLaunch [guagliardo patricia]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\QuickLaunch [guagliardo patricia]: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\TaskBar [guagliardo patricia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Program [guagliardo patricia]: Badoo Desktop.lnk . (.Badoo - Badoo Desktop.)  -- C:\ProgramData\Badoo\Badoo desktop\1.6.58.1220\Badoo.desktop.exe 
O4 - GS\Program [guagliardo patricia]: DC Universe Online Live.lnk . (.Sony Online Entertainment, LLC - LaunchPad (GameLauncher).)  -- C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online Live\LaunchPad.exe 
O4 - GS\Program [guagliardo patricia]: Facebook.lnk . (...)  -- C:\Users\guagliardo patricia\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\Program [guagliardo patricia]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files (x86)\Internet Explorer\iexplore.exe 
O4 - GS\Program [guagliardo patricia]: PC App Store.lnk . (...)  -- C:\Users\guagliardo patricia\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\Program [guagliardo patricia]: Pixsta.lnk . (...)  -- C:\Users\guagliardo patricia\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\Program [guagliardo patricia]: YouTube.lnk . (...)  -- C:\Users\guagliardo patricia\AppData\Local\Pokki\Engine\pokki.exe (.not file.)
O4 - GS\Desktop [guagliardo patricia]: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\Desktop [guagliardo patricia]: Photoshop.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS5.1.)  -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS5.1\Photoshop.exe  =>.Adobe Systems Incorporated
~ Global Startup: 71 Legitimates Filtered in 00mn 00s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: McAfee Security Scan Plus.lnk . (.McAfee, Inc. - McAfee Security Scanner Scheduler.)  -- C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe 
O4 - GS\Startup [guagliardo patricia]: OpenOffice.org 3.3.lnk . (...)  -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [Acer ePower Management] . (.Acer Incorporated - ePowerTray.) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe 
O4 - HKLM\..\Run: [lxdnmon.exe] . (.Pas de propriétaire - Printer Device Monitor.) -- C:\Program Files (x86)\Lexmark 2600 Series\lxdnmon.exe 
O4 - HKLM\..\Run: [EzPrint] . (.Lexmark International Inc. - Lexmark Fast Pics Application.) -- C:\Program Files (x86)\Lexmark 2600 Series\ezprint.exe 
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\guagliardo patricia\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [DownloadAccelerator] . (.Speedbit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files (x86)\DAP\DAP.exe 
O4 - HKCU\..\Run: [SpeedBitVideoAccelerator] . (.SPEEDbit - Pas de description.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe 
O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline 
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe 
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\e74139e2-856f-4cf0-a5a0-48b6ff683a4f.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe  =>.Adobe Systems Incorporated
O4 - HKUS\S-1-5-21-3896907525-3653476625-803573741-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\guagliardo patricia\AppData\Local\Google\Update\GoogleUpdate.exe  =>.Google Inc
O4 - HKUS\S-1-5-21-3896907525-3653476625-803573741-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-3896907525-3653476625-803573741-1000\..\Run: [DownloadAccelerator] . (.Speedbit Ltd. - Download Accelerator Plus (DAP).) -- C:\Program Files (x86)\DAP\DAP.exe 
O4 - HKUS\S-1-5-21-3896907525-3653476625-803573741-1000\..\Run: [SpeedBitVideoAccelerator] . (.SPEEDbit - Pas de description.) -- C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAccelerator.exe 
O4 - HKUS\S-1-5-21-3896907525-3653476625-803573741-1000\..\Run: [AdobeBridge] Clé orpheline 
~ Application:  Scanned in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ IE Zone Confiance:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E59D62A-9ED7-4FA4-ABEF-CB3B67EFBC62}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{5E59D62A-9ED7-4FA4-ABEF-CB3B67EFBC62}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E59D62A-9ED7-4FA4-ABEF-CB3B67EFBC62}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{5E59D62A-9ED7-4FA4-ABEF-CB3B67EFBC62}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- 
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll  =>.Microsoft Corporation
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: ISLAlwaysOn . (...) -- C:\Program Files (x86)\ISL Online\ISL AlwaysOn\aon_notify64.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ISL AlwaysOn Service (isl_always_on) . (.XLAB d.o.o. - ISL AlwaysOn Service.) - C:\Program Files (x86)\ISL Online\ISL AlwaysOn\ISLAlwaysOnService.exe
O23 - Service: VideoAcceleratorService (VideoAcceleratorService) . (.SPEEDbit - Pas de description.) - C:\Program Files (x86)\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: Wise Boot Assistant (WiseBootAssistant) . (.WiseCleaner.com - Wise BootTime Service.) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
~ Services: 18 Legitimates Filtered in 00mn 04s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Wise Turbo Checker.job   [462]
[MD5.00000000000000000000000000000000] [APT] [{56695093-76D0-404E-8E50-985CBBB301F2}] (...) -- C:\Users\guagliardo patricia\Downloads\Programs\cjr2500SC.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{592440F9-BAF3-4C91-9E13-9D583E96EBD6}] (...) -- C:\Users\guagliardo patricia\Downloads\OOo_3.3.0_Win_x86_install_fr.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{838C2594-DDBE-4109-84E6-A89CC97F7632}] (...) -- F:\Installer.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{902BA815-55FE-4587-8B78-23A6241AE23F}] (...) -- C:\Users\guagliardo patricia\Downloads\OOo_3.3.0_Win_x86_install-wJRE_fr.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{9C669BA4-0CA4-4044-9FCF-8AA9295CEB67}] (...) -- C:\Program Files (x86)\Steam\steam.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{9F797337-FD90-43E9-83B1-3E2BAAE574DC}] (...) -- C:\Users\guagliardo patricia\Desktop\android-sdk-windows\SDK Setup.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{A83D9898-9648-48A2-AB55-B49919F84D25}] (...) -- C:\Users\guagliardo patricia\Downloads\InstallWoW.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{B54E8D18-8F04-41F7-A531-91609C63C7A9}] (...) -- C:\Program Files (x86)\Lexmark 2500 Series\Install\x64\Uninst.exe (.not file.)   [0]
~ Scheduled Task: 40 Legitimates Filtered in 00mn 03s



---\\ Logiciels installés (O42)
O42 - Logiciel: Download Accelerator Plus (DAP) - (.Speedbit Ltd..) [HKLM][64Bits] -- Download Accelerator Plus (DAP)
O42 - Logiciel: ISL AlwaysOn 2.0.1 - (.Xlab d.o.o..) [HKLM][64Bits] -- ISL AlwaysOn_is1
O42 - Logiciel: SpeedBit Video Accelerator - (.SpeedBit Ltd..) [HKLM][64Bits] -- SpeedBit Video Accelerator
~ Logic: 27 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Pando Networks]
[HKCU\Software\SpeedBit]
[HKLM\Software\SpeedBit]
[HKLM\Software\Wow6432Node\CandleWorks]
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\Pando Networks]
[HKLM\Software\Wow6432Node\SpeedBit]
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
~ Key Software: 399 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/02/2012 - 21:39:56 - [1,514] ----D C:\Program Files (x86)\Candleworks
O43 - CFD: 25/01/2012 - 03:18:05 - [7,186] ----D C:\Program Files (x86)\Pando Networks
O43 - CFD: 04/10/2013 - 00:16:31 - [6,893] ----D C:\Program Files (x86)\SpeedBit Video Accelerator
O43 - CFD: 27/06/2013 - 01:26:15 - [1,482] ----D C:\Program Files (x86)\TurboStats
O43 - CFD: 03/10/2013 - 23:52:29 - [2,908] ----D C:\Program Files (x86)\Common Files\SpeedBit
O43 - CFD: 04/10/2013 - 00:10:02 - [16,957] ----D C:\ProgramData\SpeedBit
O43 - CFD: 02/02/2012 - 22:04:38 - [0] ----D C:\ProgramData\The Journal
O43 - CFD: 26/08/2012 - 00:27:47 - [0,001] ----D C:\Users\guagliardo patricia\AppData\Roaming\fr.barrierepoker.air.D043989C8F5E91300BF71855036B28F854BB8613.1
O43 - CFD: 30/10/2013 - 00:45:30 - [0] ----D C:\Users\guagliardo patricia\AppData\Roaming\wam
O43 - CFD: 12/07/2012 - 01:16:53 - [3,864] ----D C:\Users\guagliardo patricia\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O43 - CFD: 02/02/2012 - 21:17:02 - [0] ----D C:\Users\guagliardo patricia\AppData\Local\MediaGet2 =>PUP.MediaGet
~ 732 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1040 Legitimates Filtered in 00mn 16s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D2096B322A5F8D9354B61B4BFDFA7132] - 15/12/2013 - 12:37:11 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml   [385528]
O44 - LFC:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 27/12/2013 - 17:45:49 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\Windows\System32\Drivers\stexstor.sys.bak   [30960]
O44 - LFC:[MD5.FB251567F41BC61988B26731DEC19E4B] - 27/12/2013 - 17:45:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys.bak   [52736]
~ Files: 370 Legitimates Filtered in 00mn 03s



---\\ Derniers fichiers créés dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.4505208C0B005C6982DC4F6B5A2786CB] - 27/12/2013 - 17:48:29 ---A- - C:\Windows\Prefetch\dynreservedpri.db
~ Prefetcher: 15 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 05/04/2013 - 17:37:09 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys   [283200]
O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 27/12/2013 - 17:45:04 ---A- . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys.bak   [283200]
O58 - SDL:[MD5.41AC348DBD378F618CB4FDEE54270692] - 06/02/2013 - 06:42:08 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys   [102936]
O58 - SDL:[MD5.41AC348DBD378F618CB4FDEE54270692] - 27/12/2013 - 17:45:48 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys.bak   [102936]
O58 - SDL:[MD5.B4C983DA20E2970E21893BF0E4EE2AD8] - 06/02/2013 - 06:42:10 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys   [203544]
O58 - SDL:[MD5.B4C983DA20E2970E21893BF0E4EE2AD8] - 27/12/2013 - 17:45:49 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG Android Modem Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudmdm.sys.bak   [203544]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 26/07/2012 - 06:00:55 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys   [30960]
O58 - SDL:[MD5.4E85355B94CFCB67C135F6521A4895A7] - 27/12/2013 - 17:45:49 ---A- . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Windows x64.) -- C:\Windows\System32\Drivers\stexstor.sys.bak   [30960]
O58 - SDL:[MD5.FB251567F41BC61988B26731DEC19E4B] - 15/02/2012 - 10:01:50 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys   [52736]
O58 - SDL:[MD5.FB251567F41BC61988B26731DEC19E4B] - 27/12/2013 - 17:45:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl64.sys.bak   [52736]
~ Drivers: 17 Legitimates Filtered in 00mn 01s



---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 25/12/2013 - 17:01:06 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\Dessin annimés Lana\Thumbs.db   [27648]
O61 - LFC: 25/12/2013 - 17:01:08 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Freres Scott - Saison 6\Thumbs.db   [174592]
O61 - LFC: 25/12/2013 - 17:01:11 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Frères Scott - Saison 1\Thumbs.db   [158720]
O61 - LFC: 26/12/2013 - 17:01:07 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Freres Scott - Saison 3\Thumbs.db   [148992]
O61 - LFC: 26/12/2013 - 17:01:12 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Frères Scott - Saison 2\Thumbs.db   [167424]
O61 - LFC: 26/12/2013 - 17:01:25 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\Naruto Shippuden\Thumbs.db   [1497600]
O61 - LFC: 27/12/2013 - 16:56:54 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Roaming\wam\#airversion\3.9.0.1210   [0]
O61 - LFC: 27/12/2013 - 16:56:55 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Roaming\ZHP\HOSTS.txt   [741]  =>.Nicolas Coolman
O61 - LFC: 27/12/2013 - 16:57:09 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Creation Site Internet\PSD créé - By Vincent.janty\Thumbs.db   [15872]
O61 - LFC: 27/12/2013 - 16:57:09 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Creation Site Internet\creation design\Thumbs.db   [48640]
O61 - LFC: 27/12/2013 - 16:57:28 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Livre\Thumbs.db   [35840]
O61 - LFC: 27/12/2013 - 16:58:04 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\PizzaFlo\Thumbs.db   [200704]
O61 - LFC: 27/12/2013 - 16:58:04 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Pub@web\Thumbs.db   [222720]
O61 - LFC: 27/12/2013 - 16:58:04 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Scanned Documents\Thumbs.db   [249344]
O61 - LFC: 27/12/2013 - 16:58:05 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\Thumbs.db   [104960]
O61 - LFC: 27/12/2013 - 16:58:17 -SHA- . (...) -- C:\Users\guagliardo patricia\Documents\usbflo\Thumbs.db   [89600]
O61 - LFC: 27/12/2013 - 17:01:06 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\Films\Thumbs.db   [93184]
O61 - LFC: 27/12/2013 - 17:01:09 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Freres Scott - Saison 7\Thumbs.db   [142848]
O61 - LFC: 27/12/2013 - 17:01:13 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Frères Scott - Saison 4\Thumbs.db   [165376]
O61 - LFC: 27/12/2013 - 17:01:13 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Frères Scott - Saison 5\Thumbs.db   [97280]
O61 - LFC: 27/12/2013 - 17:01:26 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\Thumbs.db   [194560]
O61 - LFC: 27/12/2013 - 17:01:28 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\video numerique\Thumbs.db   [271872]
O61 - LFC: 28/12/2013 - 16:54:03 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists   [267490]
O61 - LFC: 28/12/2013 - 16:54:03 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt   [5]
O61 - LFC: 28/12/2013 - 16:54:11 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\User Data\Local State   [52179]
O61 - LFC: 28/12/2013 - 16:54:21 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Local\ISL Online Cache\temp\aon_tray.out   [218435]
O61 - LFC: 28/12/2013 - 16:56:55 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Roaming\ZHP\Log.txt   [39047]  =>.Nicolas Coolman
O61 - LFC: 28/12/2013 - 16:56:55 ---A- . (...) -- C:\Users\guagliardo patricia\AppData\Roaming\ZHP\TestsZHPDiag.txt   [3194]  =>.Nicolas Coolman
O61 - LFC: 28/12/2013 - 16:58:18 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\american-nightmare-the-purge-truefrench-dvdrip-2013.torrent   [56923]
O61 - LFC: 28/12/2013 - 16:58:18 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\audrey-lamy-dernieres-avant-vegas-french-dvdrip-2012.torrent   [57807]
O61 - LFC: 28/12/2013 - 16:58:18 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\conjuring-les-dossiers-warren-the-conjuring-french-dvdrip-2013.torrent   [57447]
O61 - LFC: 28/12/2013 - 16:58:19 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\[www.Cpasbien.me] The.Conjuring.2013.FRENCH.DVDRip.XviD-HMiDiMADRiDI\Films DVDRIP sur www.Cpasbien.me.html   [462]
O61 - LFC: 28/12/2013 - 16:58:19 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\[www.Cpasbien.me] The.Conjuring.2013.FRENCH.DVDRip.XviD-HMiDiMADRiDI\Films et series sur www.CPASBIEN.me.txt   [57]
O61 - LFC: 28/12/2013 - 16:58:19 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\[www.Cpasbien.me] The.Conjuring.2013.FRENCH.DVDRip.XviD-HMiDiMADRiDI\Les derniers Film et serie sur Cpasbien.me - cliquez ici !.html   [462]
O61 - LFC: 28/12/2013 - 16:58:19 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\l-enigme-riddle-french-dvdrip-2013.torrent   [7837]
O61 - LFC: 28/12/2013 - 16:58:19 ---A- . (...) -- C:\Users\guagliardo patricia\Downloads\the-iceman-french-dvdrip-2013.torrent   [7807]
O61 - LFC: 28/12/2013 - 17:01:10 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Freres Scott - Saison 8\Thumbs.db   [159232]
O61 - LFC: 28/12/2013 - 17:01:10 -SHA- . (...) -- C:\Users\guagliardo patricia\Videos\LES FRERES SCOTT\Les Freres Scott - Saison 9\Thumbs.db   [67584]
~ 13 Fichiers temporaires (Temporary files)
~ Files: 679 Legitimates Filtered in 15mn 11s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1  =>.Nicolas Coolman
~ ADS:  Scanned in 00mn 00s



---\\ Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Not Key.)
~ FASS Keys: 11 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\guagliardo patricia\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <Opera> <Opera>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {C3DB175B-B07E-448E-AB69-C4E59E46BA5E} - (Recherche sécurisée) - http://fr.search.yahoo.com
~ Keys:  Scanned in 00mn 00s



---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Users\guagliardo patricia\Documents\Logiciel\ciel.solution.2010+keygen\daemon-tools-lite_daemon_tools_lite_4.45.4_francais_10729.exe
~ Files:  Scanned in 02mn 16s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.1FE339E72FE03A27DD9D5A9A357CFE7D] [SPRF][24/08/2009] (...) -- C:\ProgramData\FullRemove.exe   [131368]
[MD5.D49F5C5F304700989A08224568A66374] [SPRF][07/12/2012] (...) -- C:\Users\guagliardo patricia\AppData\Local\fusioncache.dat   [107]
[MD5.AF917DC8964809236429CEFBE560EEF7] [SPRF][18/06/2013] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\cabex.dll   [98304]
[MD5.37CF0B46737A449B7F6F548F1CF98E9C] [SPRF][09/11/2013] (.SweetLabs,Inc. - Pokki.) -- C:\Users\guagliardo patricia\AppData\Local\Temp\oct897E.tmp.exe   [46410944]
[MD5.F23846435EF2D5D94C0B0EF199A04F6E] [SPRF][25/10/2013] (.SweetLabs,Inc. - Pokki.) -- C:\Users\guagliardo patricia\AppData\Local\Temp\octA384.tmp.exe   [45082344]
[MD5.F0A5B44B9B8A23E2F2950B346B5C7718] [SPRF][23/12/2013] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\Quarantine.exe   [360051]
[MD5.5A8FB4C5F12D8BE07E099FA52131466B] [SPRF][14/05/2012] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\RunWizards.exe   [129720]
[MD5.A91466B2F222DFE1DDAFF6D022F5544A] [SPRF][25/08/2010] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\unelevate.exe   [94872]
[MD5.556747728C41E5DBF669C50A1FFB854C] [SPRF][12/09/2013] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\utt5CB1.tmp.bat   [77]
[MD5.9FB9D49C2DB7EDD1084AB765D619F5C6] [SPRF][12/09/2013] (.Conduit - Search Protect by conduit.) -- C:\Users\guagliardo patricia\AppData\Local\Temp\utt712C.tmp.exe   [66368]  =>Toolbar.Conduit
[MD5.03BCF1D196E7A6B6A00A0C84EE183D60] [SPRF][12/09/2013] (.BitTorrent Inc. - µTorrent.) -- C:\Users\guagliardo patricia\AppData\Local\Temp\uttAEC7.tmp.exe   [1130576]  =>P2P.BitTorrent
[MD5.40FC645B84B435E2ADDADFC5C869C050] [SPRF][12/09/2013] (...) -- C:\Users\guagliardo patricia\AppData\Local\Temp\uttBAB8.tmp.bat   [98]
[MD5.72F3D18D5A85FFE4762DD7BABC359850] [SPRF][26/07/2012] (...) -- C:\Users\guagliardo patricia\AppData\Roaming\wklnhst.dat   [164]
[MD5.AF5C84446657B48C9B9B870C46438261] [SPRF][27/12/2013] (...) -- C:\Users\guagliardo patricia\Desktop\adwcleaner.exe   [1233962]
[MD5.066578C0ABF37BA7852727685476C37B] [SPRF][27/12/2013] (...) -- C:\Users\guagliardo patricia\Desktop\RogueKiller.exe   [3810304]
~ Files: 17 Legitimates Filtered in 00mn 01s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39509F7D4B7E345BE537D01B3E1ABEB9] [WIS][08/01/2013] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\448628.msi   [3760128]  =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][08/01/2013] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\44862c.msi   [3304960]  =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][08/01/2013] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\448630.msi   [2997248]  =>PUP.SweetIM
[MD5.BBF4134424D0556F36DC086028750937] [WIS][08/01/2013] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\448634.msi   [2579456]  =>PUP.SweetIM
[MD5.CDFCA9861FC3C5FAE6C1E5A9D6100A14] [WIS][27/11/2013] (.Winamax - Winamax Poker.) -- C:\Windows\Installer\a8dca81.msi   [22016]
~ WIS: 145 Legitimates Filtered in 00mn 16s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 08/12/2008 169312 |  (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - c:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
SS - | Demand 12/12/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Demand 19/01/2010 651720 |  (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 22/12/2011 135664 |  (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 22/12/2011 135664 |  (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 14/11/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SS - | Auto 25/05/2007 34224 |  (lxddCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxddserv.exe
SS - | Auto 28/04/2009 29184 |  (lxdnCATSCustConnectService) . (.Lexmark International, Inc..) - C:\WINDOWS\system32\spool\DRIVERS\x64\3\lxdnserv.exe
SS - | Demand 05/02/2013 428928 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe
SS - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 06/09/2013 288776 |  (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
SS - | Demand 22/07/2012 113120 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 21/08/2009 62720 |  (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SS - | Demand 06/10/2013 2456696 |  (SBUpd) . (.Speedbit Ltd..) - C:\Program Files\Common Files\SpeedBit\SBUpdate\sbu.exe
SS - | Demand 19/02/2010 517096 |  (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Demand 16/07/2012 2673064 |  (TeamViewer7) . (.TeamViewer GmbH.) - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
SS - | Demand 26/09/2011 21504 |  (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.21\bin\httpd.exe
SS - | Demand 25/01/2012 9690112 |  (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.5.20\bin\mysqld.exe
SS - | Auto 25/04/2013 580232 |  (WiseBootAssistant) . (.WiseCleaner.com.) - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
SS - | Auto 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 03/09/2013 65640 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 03/07/2012 44808 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/09/2009 844320 |  (ePowerSvc) . (.Acer Incorporated.) - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
SR - | Auto 28/08/2009 1150496 |  (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
SR - | Auto 05/06/2009 354840 |  (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
SR - | Auto 07/05/2012 67512 |  (isl_always_on) . (.XLAB d.o.o..) - C:\Program Files (x86)\ISL Online\ISL AlwaysOn\ISLAlwaysOnService.exe
SR - | Auto 25/05/2007 567216 |  (lxdd_device) . (...) - C:\WINDOWS\system32\lxddcoms.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 07/11/2013 121616 |  (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
SR - | Auto 29/08/2009 44312 |  (OberonGameConsoleService) . (...) - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe
SR - | Auto 04/07/2009 240160 |  (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
SR - | Auto 04/10/2013 298152 | C:\Program Files (x86)\SPEEDB~1\VideoAcceleratorService.exe (VideoAcceleratorService) . (.SPEEDbit.) - C:\Program Files (x86)\SpeedBit Video Accelerator\VideoAcceleratorService.exe
SR - | Auto 10/07/1658 0 |  (WinDefend) . (...) - C:\Program Files (x86)\Windows Defender\MsMpEng.exe
SR - | Auto 10/07/1658 0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe  =>.Microsoft Corporation

~ Services:  Scanned in 00mn 20s



---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by guagliardo patricia at 28/12/2013 17:04:15
~ OS 64 not supported by MBR tool

~ MBR: 0 Legitimates Filtered in 00mn 00s



---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by guagliardo patricia at 28/12/2013 17:04:17

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin

~ MBR:  Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : 13013 - (26/12/2013)
Clés trouvées (Keys found) : 82
Valeurs trouvées (Values found) : 3
Dossiers trouvés  (Folders found) : 1
Fichiers trouvés  (Files found) : 7

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5]   =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836]   =>PUP.SweetIM^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent   =>P2P.BitTorrent^
C:\Users\guagliardo patricia\AppData\Local\MediaGet2   =>PUP.MediaGet^
C:\Users\guagliardo patricia\AppData\Local\Temp\utt712C.tmp.exe   =>Toolbar.Conduit^
C:\Users\guagliardo patricia\AppData\Local\Temp\uttAEC7.tmp.exe   =>P2P.BitTorrent^
C:\Windows\Installer\448628.msi   =>PUP.SweetIM^
C:\Windows\Installer\44862c.msi   =>PUP.SweetIM^
C:\Windows\Installer\448630.msi   =>PUP.SweetIM^
C:\Windows\Installer\448634.msi   =>PUP.SweetIM^
~ Additionnel Scan: 334909 Items scanned in 00mn 33s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore  =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim   =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/28151468-pup-mediaget   =>PUP.MediaGet
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit   =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma   =>PUP.Tarma
~ MSI: 5 link(s) detected in 00mn 33s



~ 3167 Legitimates filtered by white list
End of the scan (652 lines in 19mn 45s)(1)