~ Rapport de ZHPDiag v2014.12.16.174 - Nicolas Coolman (16/12/2014) ~ Lancé par Alexis Guiengani (16/12/2014 23:53:51) ~ Facebook : https://www.facebook.com/nicolascoolman1 ~ Adresse du Forum http://forum.nicolascoolman.fr ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Désactivée par l'utilisateur ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox v3.0.3 (fr) (Defaut) GCIE: Google Chrome ---\\ Informations sur les produits Windows ~ Langage: Français Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ---\\ Logiciels de protection du système ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels ---\\ Informations sur le système ~ Processor: x86 Family 6 Model 15 Stepping 13, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3065 MB (33% free) System Restore: Activé (Enable) System drive C: has 40 GB (42%) free of 94 GB ---\\ Mode de connexion au système ~ Computer Name: PC-DE-ALEXISGUI ~ User Name: Alexis Guiengani ~ All Users Names: UpdatusUser, Alexis Guiengani, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Alexis Guiengani\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Alexis Guiengani\AppData\Roaming\ ~ %Desktop% : C:\Users\Alexis Guiengani\Desktop\ ~ %Favorites% : C:\Users\Alexis Guiengani\Favorites\ ~ %LocalAppData% : C:\Users\Alexis Guiengani\AppData\Local\ ~ %StartMenu% : C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 40 Go of 94 Go) D: Hard drive, Flash drive, Thumb drive (Free 195 Go of 195 Go) E: CD-ROM drive (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Security Center: 50 Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768] [MD5.AA680F0065A505118BDD9181BCE7C83D] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.24/11/2014 - 21:35:25.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368] [MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 07:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856] [MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288] [MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192] [MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/209 ~ Mes musiques (My Musics) : 1/9 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/249 ~ Mes Documents (My Documents) : 1/303 ~ Mon Bureau (My Desktop) : 21/646 ~ Menu demarrer (Programs) : 1/65 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.81D31BC0C00D7FDECBD8FDA7B80235F5] - (...) -- C:\Program Files\Search Extensions\Client.exe [1437696] [PID.4260] =>PUP.RocketTab [MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.4528] [MD5.6B6D16308F71C3B54F901DA8166F1204] - (.Norman ASA - Pas de description.) -- C:\Program Files\Norman\Npm\Bin\zlh.exe [348560] [PID.4596] [MD5.6AFD3970A41F48306874DB23991A4955] - (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [49152] [PID.4612] [MD5.3D5D73B3E89A2AEA63C5A1164BCCD228] - (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe [1662976] [PID.4620] [MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\hpwuSchd2.exe [49152] [PID.4628] [MD5.34086F1DBB4065047EA3671CB70505CC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421776] [PID.4660] [MD5.11C4FC6A5B4E5A2C35AAD42D1F3AC900] - (.Boxore OU - Boxore.) -- C:\Program Files\Boxore\Boxore Client\boxore.exe [1527808] [PID.4676] =>Adware.Boxore [MD5.16AFB34618E1286FF856DC600AC49C79] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968] [PID.4708] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.4728] [MD5.BA5819A23150B3B7C4F94125E7F11E83] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [20924064] [PID.4764] [MD5.E620F441DA4D40862E497971B1207002] - (.Smartbar - Smartbar.) -- C:\Users\Alexis Guiengani\AppData\Local\Smartbar\Application\SnapDo.exe [28192] [PID.4776] =>Hijacker.SmartBar [MD5.0B729DBAE22BCEACB1FA39B19748EBDC] - (.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\System32\p2phost.exe [192000] [PID.4784] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] - (.PC Drivers Headquarters - Driver Restore.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [PID.4792] [MD5.47C9EF1600EDD9EBD8155EB6B5206B6B] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1821984] [PID.4832] [MD5.BCAEB5C0C2F663EDDC4CE2C117F4735E] - (.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files\PremierOpinion\pmropn.exe [3514168] [PID.4972] =>Adware.PremierOpinion [MD5.6E23BBCB20003EA8806FBDE40C91A366] - (...) -- C:\Users\Alexis Guiengani\AppData\Local\ysewbb.exe [2822144] [PID.5080] [MD5.BC9C9BE7BB74D629362608ACE470E7DA] - (.Microsoft Corporation - Notification de cadeaux MSN.) -- C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Notification de cadeaux MSN\lsnfier.exe [135680] [PID.5096] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.5836] [MD5.356717D00AE6BD798706B705ADDE6CFC] - (.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files\PremierOpinion\pmropn32.exe [160568] [PID.5972] =>Adware.PremierOpinion [MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4300] [MD5.1D0A82B11235D68CF55A54B2ADECB9F1] - (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe [155648] [PID.4220] [MD5.782B1D042AA72EBA01E2A22B837965F9] - (...) -- C:\Program Files\DigiHelp\bin\DigiHelp.BrowserAdapter.exe [98536] [PID.7872] [MD5.FF8DADB675E5FD57C89B9F43F6131F1A] - (...) -- C:\Program Files\DigiHelp\bin\DigiHelp.expext.exe [101608] [PID.2616] [MD5.A366B13BD3357AD8E4AF8B7943CEC204] - (.The Chromium Authors - Chromium.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\chrome.exe [689152] [PID.5116] [MD5.8E0FB32FCFBFB51AD67984A79D34C9C7] - (.Nicolas Coolman - ZHPDiag.) -- C:\ZHPDiag\ZHPDiag.exe [8141312] [PID.11368] ~ Processes Running: Scanned in 00mn 03s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\prefs.js C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\user.js M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\searchplugins\mysearchskms.xml =>Adware.MyWebSearch M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\searchplugins\trovi-search.xml =>Hijacker.Trovigo M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\searchplugins\Web Search.xml =>Parasite.Pugi M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml =>Toolbar.eBay M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\MediaDICO-fr.xml M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Alexis Guiengani] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Alexis Guiengani - looymxwc.default] http://search.findwide.com =>Hijacker.SearchFindWide M0 - MFSP: user.js [Alexis Guiengani - looymxwc.default] http://search.findwide.com =>Hijacker.SearchFindWide M2 - MFEP: prefs.js [Alexis Guiengani - looymxwc.default\4zffxtbr@VideoDownloadConverter_4z.com] [] VideoDownloadConverter v5.71.2.58327 (..) =>Adware.VideoDownloadConverter M2 - MFEP: prefs.js [Alexis Guiengani - looymxwc.default\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com] [] MediaPlayerplus v5.71.2.58327 (..) =>PUP.CrossRider M2 - MFEP: prefs.js [Alexis Guiengani - looymxwc.default\iuyeakdfb@a-oyyo.net] [] saveirnet v1.3 (..) =>PUP.SaveNet P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKLM] [@divx.com/DivX Web Player Plug-In,version=1.0.0] - (.DivX, LLC - DivX Web Player version 3.2.4.1250.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=10] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.GlobalUpdate P2 - FPN: [HKLM] [@staging.google.com/globalUpdate Update;version=4] - (.globalUpdate - globalUpdate Update.) -- C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll =>PUP.GlobalUpdate P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=3] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore P2 - FPN: [HKLM] [@tools.Software.com/Software Update;version=9] - (.The Software Group - Software Update.) -- C:\Program Files\Software\Update\1.3.25.0\npSoftwareUpdate3.dll =>Adware.Boxore P2 - FPN: [HKLM] [@VideoDownloadConverter_4z.com/Plugin] - (...) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll (.not file.) =>Adware.VideoDownloadConverter P2 - FPN: [HKCU] [@tnt2ghost.com/Plugin] - (.Findwide - npAPI Ghost Plugin.) -- C:\Users\Alexis Guiengani\AppData\Local\TNT2\2.0.0.1702\npTNT2ghost.dll =>Hijacker.SearchFindWide P2 - FPN: [HKCU] [@tnt2npapi.com/Plugin] - (.Findwide - npAPI Plugin.) -- C:\Users\Alexis Guiengani\AppData\Local\TNT2\2.0.0.1702\npTNT2.dll =>Hijacker.SearchFindWide ~ Firefox Browser: 31 Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.gboxapp.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search.findwide.com =>Hijacker.SearchFindWide R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.awesomehp.com =>PUP.Awesomehp R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.snapdo.com =>Hijacker.SmartBar R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.findwide.com =>Hijacker.SearchFindWide R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Findwide - npAPI Plugin.) (No version) -- (.not file.) =>Hijacker.SearchFindWide ~ IE Browser: 16 Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:62573;https=127.0.0.1:62573 =>Hijacker.Proxy R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hôte est sain (The hosts file is clean) (20) ~ Hosts File: Scanned in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: CrossriderApp0054253 - {11111111-1111-1111-1111-110511421153} . (.Freeven - Fpro1.2 BHO.) -- C:\Program Files\Fpro1.2\Fpro1.2-bho.dll =>PUP.CrossRider O2 - BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} . (...) -- mscoree.dll (.not file.) =>Hijacker.SmartBar O2 - BHO: DigiHelp 1.0.0.5 - {5bee7be9-df29-4c14-a18e-2bdd06205e29} . (.DigiHelp - DigiHelp.) -- C:\Program Files\DigiHelp\DigiHelpbho.dll O2 - BHO: SaverPro - {a3b2be12-88d8-4bc8-a4f4-76f7d7528a0c} . (...) -- C:\ProgramData\SaverPro\uBJPd9KbvyNjzY.dll =>PUP.SaverPro O2 - BHO: deal4real - {abe5653a-4fd9-4007-bf1c-84338959478f} . (...) -- C:\ProgramData\deal4real\Fqb3XXLMvrPD7z.dll =>PUP.Deal4reaL O2 - BHO: greatsaving - {e90c969d-37a0-41bc-8c57-0eb98469fd75} . (...) -- C:\ProgramData\greatsaving\0lv1SqmJ2RrcdK.dll =>PUP.GreatSaving O2 - BHO: Boxore - {EFA7A511-B491-4312-BB35-4586B99E45ED} . (.Boxore - Boxore BHO.) -- C:\Program Files\Boxore\Boxore Client\IE\AdRotate32.dll =>Adware.Boxore ~ BHO: 14 Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: VideoDownloadConverter - [HKLM]{48586425-6bb7-4f51-8dc6-38c88e3ebb58} . (...) -- C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll =>Adware.VideoDownloadConverter O3 - Toolbar: Snap.Do - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation O3 - Toolbar: (no name) - [HKLM]{D614B335-199E-4A5D-ABC6-6BF72658F359} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{48586425-6BB7-4F51-8DC6-38C88E3EBB58} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline O3 - Toolbar\WebBrowser: FindWide Toolbar - [HKCU]{D614B335-199E-4A5D-ABC6-6BF72658F359} . (.Findwide - Findwide Toolbar.) -- C:\Program Files\TNT2\Profiles\10817\passport.dll =>Hijacker.SearchFindWide ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Desktop [Public]: eBay.fr.lnk - Clé orpheline =>Toolbar.eBay O4 - GS\QuickLaunch [Alexis Guiengani]: Chrome.lnk . (.The Chromium Authors - Chromium.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\chrome.exe http://feed.snapdo.com =>Hijacker.SmartBar O4 - GS\Program [Alexis Guiengani]: Chrome.lnk . (.The Chromium Authors - Chromium.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\chrome.exe http://feed.snapdo.com =>Hijacker.SmartBar O4 - GS\Program [Alexis Guiengani]: Search.lnk . (...) -- C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.) O4 - GS\Desktop [Alexis Guiengani]: Chrome.lnk . (.The Chromium Authors - Chromium.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\chrome.exe http://feed.snapdo.com =>Hijacker.SmartBar ~ Global Startup: 5 Scanned in 00mn 03s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe O4 - HKLM\..\Run: [FSCRecovery] . (.Fujitsu Siemens Computers GmbH - Fujitsu Siemens Computers Recovery Reminder.) -- c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe O4 - HKLM\..\Run: [Norman ZANDA] . (.Norman ASA - Pas de description.) -- C:\Program Files\Norman\Npm\Bin\ZLH.exe O4 - HKLM\..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe (.not file.) O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe (.not file.) O4 - HKLM\..\Run: [ANIWZCS2Service] . (.Wireless Service - ANIWZCS2 launcher for Windows..) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless G DWA-110] . (.D-Link - D-Link Wireless LAN Monitor.) -- C:\Program Files\D-Link\D-Link Wireless G DWA-110\AirGCFG.exe O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe =>.Hewlett-Packard Co O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe (.not file.) =>PUP.Mobogenie O4 - HKLM\..\Run: [fst_fr_179] Clé orpheline =>Adware.FreeSoftToday O4 - HKLM\..\Run: [Boxore Client] . (.Boxore OU - Boxore.) -- C:\Program Files\Boxore\Boxore Client\boxore.exe =>Adware.Boxore O4 - HKLM\..\Run: [DivXMediaServer] . (.DivX, LLC - DivX Media Server Launcher.) -- C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe O4 - HKLM\..\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKCU\..\Run: [Orbitum] C:\Users\Alexis Guiengani\AppData\Local\Orbitum\Application\chrome.exe (.not file.) O4 - HKCU\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Alexis Guiengani\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKCU\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Alexis Guiengani\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar O4 - HKCU\..\Run: [CollaborationHost] . (.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O4 - HKCU\..\Run: [Driver Restore] . (.PC Drivers Headquarters - Driver Restore.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe O4 - HKCU\..\Run: [Driver Detective] . (.PC Drivers Headquarters - Driver Restore.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe O4 - HKCU\..\Run: [ysewbb] . (...) -- c:\users\alexis guiengani\appdata\local\ysewbb.exe O4 - HKCU\..\RunOnce: [DigitalSites] wscript \E:vbscript \B C:\Users\ALEXIS~1\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat (.not file.) =>Hijacker.DSite O4 - HKCU\..\RunOnce: [Bkr] C:\Users\Alexis Guiengani\Microsoft\bkr.bat (.not file.) O4 - HKLM\..\policies\Explorer\Run: [Updates] . (...) -- C:\Users\Alexis Guiengani\Securities\scan.vbe O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.) O4 - HKUS\.DEFAULT\..\Run: [systray] C:\Program Files\Notation\NotationSysTray.exe (.not file.) =>Hijacker.Proxy O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (.not file.) O4 - HKUS\S-1-5-18\..\Run: [systray] C:\Program Files\Notation\NotationSysTray.exe (.not file.) =>Hijacker.Proxy O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-19\..\Run: [systray] C:\Program Files\Notation\NotationSysTray.exe (.not file.) =>Hijacker.Proxy O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKUS\S-1-5-20\..\Run: [systray] C:\Program Files\Notation\NotationSysTray.exe (.not file.) =>Hijacker.Proxy O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Orbitum] C:\Users\Alexis Guiengani\AppData\Local\Orbitum\Application\chrome.exe (.not file.) O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [NextLive] . (.NewNextDotMe - NewNext Helper Engine.) -- C:\Users\Alexis Guiengani\AppData\Roaming\newnext.me\nengine.dll =>PUP.NextLive O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe =>.Skype Technologies S.A. O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Alexis Guiengani\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [CollaborationHost] . (.Microsoft Corporation - Voisinage immédiat.) -- C:\Windows\system32\p2phost.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Driver Restore] . (.PC Drivers Headquarters - Driver Restore.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [Driver Detective] . (.PC Drivers Headquarters - Driver Restore.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\Run: [ysewbb] . (...) -- c:\users\alexis guiengani\appdata\local\ysewbb.exe O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\RunOnce: [DigitalSites] wscript \E:vbscript \B C:\Users\ALEXIS~1\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat (.not file.) =>Hijacker.DSite O4 - HKUS\S-1-5-21-3306585439-2019536838-2142734902-1000\..\RunOnce: [Bkr] C:\Users\Alexis Guiengani\Microsoft\bkr.bat (.not file.) ~ Application: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Winsock: 6 Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{14110F89-5B36-4AD9-8243-2D8B90A4A2C9}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CCS\Services\Tcpip\..\{74B0A976-9324-4716-9465-39B82934FFA6}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CCS\Services\Tcpip\..\{D66A5E20-B4C7-427A-90C6-B190C326CB33}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{14110F89-5B36-4AD9-8243-2D8B90A4A2C9}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS1\Services\Tcpip\..\{74B0A976-9324-4716-9465-39B82934FFA6}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS1\Services\Tcpip\..\{D66A5E20-B4C7-427A-90C6-B190C326CB33}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{14110F89-5B36-4AD9-8243-2D8B90A4A2C9}: DhcpNameServer = 212.27.40.241 212.27.40.242 O17 - HKLM\System\CS2\Services\Tcpip\..\{74B0A976-9324-4716-9465-39B82934FFA6}: DhcpNameServer = 192.168.0.254 O17 - HKLM\System\CS2\Services\Tcpip\..\{D66A5E20-B4C7-427A-90C6-B190C326CB33}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Client Connect LTD - Search Protect.) - C:\Program Files\search~1\search~1\bin\vc32lo~1.dll =>PUP.SearchProtect ~ AppInit DLL: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll ~ SSODL: 1 Scanned in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Fast And Safe (64af91bf) . (...) - C:\Program Files\fastan~1\FastAndSafeSvc.dll (.not file.) =>PUP.FastAndSafe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Search Protect Service (CltMngSvc) . (.Client Connect LTD - Search Protect.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect O23 - Service: Norman eLogger Service (eLoggerSvc6) . (.Norman ASA - eLogger service.) - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) . (.globalUpdate - globalUpdate Update.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NewPlayer (NewPlayer) . (...) - C:\Program Files\NewPlayer\NewPlayerLwr161.exe (.not file.) =>Adware.NewPlayer O23 - Service: Norman Network Filtering service (NNFSVC) . (.Norman ASA - Network Filtering service.) - C:\Program Files\Norman\Ngs\Bin\Nnf.exe O23 - Service: Norman ZANDA (Norman ZANDA) . (.Norman ASA - Zanda service x86.) - C:\Program Files\Norman\Npm\Bin\Zanda.exe O23 - Service: Norman Security service (NPROSECSVC) . (.Norman ASA - Security service.) - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe O23 - Service: Norman Resource Provider (NVOY) . (.Norman ASA - Nvoy (x86).) - C:\Program Files\Norman\npm\bin\nvoy.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 311.0.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: OSD Service (OsdService) . (.TODO: <公司名稱> - TODO: <檔案說明>.) - C:\Program Files\OEM\OSD_1.12\OsdService.exe O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\Windows\system32\IoctlSvc.exe O23 - Service: PremierOpinion (PremierOpinion) . (.VoiceFive, Inc. - PremierOpinion.) - C:\Program Files\PremierOpinion\pmservice.exe =>Adware.PremierOpinion O23 - Service: RG Manage Updater (RGMUpdater) . (...) - C:\Users\Alexis Guiengani\AppData\Local\RGMService\RGMUpdater.exe O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Service Software Update (Software_update) (Software_update) . (.The Software Group - Software Update.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) . (.Fujitsu Siemens Computers - Testhandler Service.) - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe O23 - Service: Update DigiHelp (Update DigiHelp) . (...) - C:\Program Files\DigiHelp\updateDigiHelp.exe O23 - Service: Util DigiHelp (Util DigiHelp) . (...) - C:\Program Files\DigiHelp\bin\utilDigiHelp.exe ~ Services: 21 Scanned in 00mn 16s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(.Microsoft Corporation - Microsoft Word.) - C:\Program Files\Microsoft Office\Office10\WINWORD.exe O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\Web\Wallpaper\img21.jpg O24 - Desktop General: WallPaper - .(...) - C:\Windows\Web\Wallpaper\img21.jpg ~ Desktop Component: 4 Scanned in 00mn 00s ---\\ Enumère les données de BootExecute (BEX) (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (aswBoot.exe /M:2037e812ca /dir:"C:\Program Files\AVAST Software\Avast") - File not found ~ BEX: 2 Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.0AB26475492027689CFA52CAE57F4253] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1] (.Freeven.) -- C:\Program Files\Fpro1.2\Fpro1.2-codedownloader.exe [509288] =>PUP.CrossRider [MD5.6ED3D6F530BFFC0A81A02B93A8DB2E92] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2] (.Freeven.) -- C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2.exe [363368] =>PUP.CrossRider [MD5.0372309D8207FCE9D47B32EDADF432FF] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3] (.Freeven.) -- C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3.exe [1895784] =>PUP.CrossRider [MD5.E08820BDA4D3A48C6D1CF5E120B3E332] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4] (.Freeven.) -- C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4.exe [834408] =>PUP.CrossRider [MD5.760047A232A5BE3FD1FAD2F567477725] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5] (.Freeven.) -- C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5.exe [306024] =>PUP.CrossRider [MD5.0AB26475492027689CFA52CAE57F4253] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6] (.Freeven.) -- C:\Program Files\Fpro1.2\Fpro1.2-novainstaller.exe [509288] =>PUP.CrossRider [MD5.8D9500743A31AB89148B0DCDBB90FA7F] [APT] [18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7] (.Freeven.) -- C:\Program Files\Fpro1.2\Fpro1.2-nova.exe [592232] =>PUP.CrossRider [MD5.F9D96F40C6F0C1048580D54A4D7658F1] [APT] [Digital Sites] (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe [126976] =>Hijacker.DSite [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Detective-RTMRules] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Detective-RTMScan] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Detective-RTMUpdater] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Restore-RTMRules] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Restore-RTMScan] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.6429D2F9ABE84CE1A54E99ABAC439923] [APT] [Driver Restore-RTMUpdater] (.PC Drivers Headquarters.) -- C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe [3988856] [MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineCore] (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate [MD5.D858BA2EE718B1DB1CED20646E641D08] [APT] [globalUpdateUpdateTaskMachineUA] (.globalUpdate.) -- C:\Program Files\globalUpdate\Update\GoogleUpdate.exe [68608] =>PUP.GlobalUpdate [MD5.162BC7DB3F350EF6174C766E193EECA1] [APT] [Install_SSD] (.Systweak Software.) -- C:\Users\Alexis Guiengani\AppData\Roaming\systweak\ssd\SSDPTstub.exe [645592] [MD5.00000000000000000000000000000000] [APT] [NewPlayer Update] (...) -- C:\Program Files\NewPlayer\NewPlayerLwr.exe (.not file.) [0] =>Adware.NewPlayer [MD5.00000000000000000000000000000000] [APT] [NewPlayer_wd] (...) -- C:\Program Files\NewPlayer\NewPlayerLwruQw.exe (.not file.) [0] =>Adware.NewPlayer [MD5.81D31BC0C00D7FDECBD8FDA7B80235F5] [APT] [RocketTab] (...) -- C:\Program Files\Search Extensions\Client.exe [1437696] =>PUP.RocketTab [MD5.611B9CE5E401BD8EDFE8805041BC4934] [APT] [RocketTab Update Task] (...) -- C:\Program Files\Search Extensions\uninstall.exe [6552612] =>PUP.RocketTab [MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineCore] (.The Software Group.) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.7D46006E77B80B55CDDD54B52B05F287] [APT] [SoftwareUpdateTaskMachineUA] (.The Software Group.) -- C:\Program Files\Software\Update\SoftwareUpdate.exe [119408] =>Adware.Boxore [MD5.00000000000000000000000000000000] [APT] [{3A3A2F2F-C674-41A6-A4DC-6B40C99945C1}] (...) -- E:\install.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{49E5B653-6563-4AE3-A2CF-4C193149B536}] (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\awesomehp\UninstallManager.exe (.not file.) [0] =>PUP.Awesomehp [MD5.00000000000000000000000000000000] [APT] [{AFC2610D-688E-44B9-A8D1-5BE1B1E64FEA}] (...) -- c:\program files\google\chrome\application\chrome.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{C2C7331F-77F5-4146-861D-2FB7C2444E28}] (...) -- C:\Program Files\Mysearchdial\1.8.21.0\uninstall.exe (.not file.) [0] =>Adware.MyWebSearch [MD5.50082BE279F15F2A1D2D5F89FD3000AE] [APT] [{CD54A973-FBDB-404E-B634-1D363C8C9CD1}] (.Mozilla Corporation.) -- c:\program files\mozilla firefox\firefox.exe [307712] [MD5.00000000000000000000000000000000] [APT] [{F75B3723-A248-409F-9D4A-7C55906AD2E7}] (...) -- c:\program files\google\chrome\application\chrome.exe (.not file.) [0] [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [561984] O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1.job [1352] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1 [1352] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2.job [1344] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2 [1344] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3.job [3450] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3 [3450] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4.job [2080] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4 [2080] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5.job [1452] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5 [1452] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6.job [1362] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6 [1362] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7 - (.Freeven.) -- C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7.job [1300] =>PUP.CrossRider O39 - APT: 18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7 - (.Freeven.) -- C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7 [1300] =>PUP.CrossRider O39 - APT: Digital Sites - (...) -- C:\Windows\Tasks\Digital Sites.job [320] =>Hijacker.DSite O39 - APT: Digital Sites - (...) -- C:\Windows\System32\Tasks\Digital Sites [320] =>Hijacker.DSite O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job [920] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineCore - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore [920] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job [924] =>PUP.GlobalUpdate O39 - APT: globalUpdateUpdateTaskMachineUA - (.globalUpdate.) -- C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA [924] =>PUP.GlobalUpdate O39 - APT: NewPlayer Update - (...) -- C:\Windows\Tasks\NewPlayer Update.job [384] =>Adware.NewPlayer O39 - APT: NewPlayer Update - (...) -- C:\Windows\System32\Tasks\NewPlayer Update [384] =>Adware.NewPlayer O39 - APT: NewPlayer_wd - (...) -- C:\Windows\Tasks\NewPlayer_wd.job [374] =>Adware.NewPlayer O39 - APT: NewPlayer_wd - (...) -- C:\Windows\System32\Tasks\NewPlayer_wd [374] =>Adware.NewPlayer O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job [922] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineCore - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore [922] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job [926] =>Adware.Boxore O39 - APT: SoftwareUpdateTaskMachineUA - (.The Software Group.) -- C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA [926] =>Adware.Boxore ~ Scheduled Task: 56 Scanned in 00mn 11s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll =>.Microsoft Corporation O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe =>.Microsoft Corporation O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Active Setup: 10 Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage du système (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: (NGS) . (.Norman ASA - Norman General Security Driver.) - c:\program files\norman\ngs\bin\ngs.sys O41 - Driver: (NPROSEC) . (.Norman ASA - Process Security Driver.) - C:\Program Files\Norman\Ngs\Bin\nprosec.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: ({3211ae5b-d056-4176-9f6e-b51496f003f1}Gt) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}Gt.sys =>PUP.LinkiDoo O41 - Driver: ({3211ae5b-d056-4176-9f6e-b51496f003f1}t) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}t.sys =>PUP.LinkiDoo O41 - Driver: ({3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt.sys =>PUP.LinkiDoo O41 - Driver: ({47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t.sys =>PUP.LinkiDoo ~ Drivers: 75 Scanned in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: ANIWZCS2 Service - (...) [HKLM] -- {4C590030-7469-453E-8589-D15DA9D03F52} O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {122ADF8C-DDA1-480C-9936-C88F2825B265} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} =>.Apple Inc O42 - Logiciel: Boxore Client - (.Boxore OU.) [HKLM] -- {BC95F9C5-A038-45EE-A739-96B8A6D79F7D} =>Adware.Boxore O42 - Logiciel: BrowserSafeguard with Rockettab - (.BrowserSafeguard with Rockettab.) [HKLM] -- RocketTab =>PUP.RocketTab O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKCU] -- Bubble Dock =>PUP.BubbleDock O42 - Logiciel: Chromium Browser - (.Chrome.) [HKCU] -- Chromium O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup O42 - Logiciel: D-Link Wireless G DWA-110 - (.D-Link.) [HKLM] -- {5F753314-628E-4C13-B8AE-BFA7FD514CBE} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DC-Bass Source 1.3.0 - (...) [HKLM] -- DC-Bass Source O42 - Logiciel: DMUninstaller - (...) [HKLM] -- DMUninstaller O42 - Logiciel: DigiHelp - (.DigiHelp.) [HKLM] -- DigiHelp O42 - Logiciel: DirectVobSub 2.40.4209 - (.MPC-HC Team.) [HKLM] -- vsfilter_is1 O42 - Logiciel: Driver Restore - (.Driver Restore.) [HKLM] -- {273130E8-117C-4237-A0FA-83EBBF11E051} O42 - Logiciel: EpsonNet Config V4 - (.SEIKO EPSON CORPORATION.) [HKLM] -- {08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA} O42 - Logiciel: Extended Update - (.Extended Update.) [HKCU] -- Digital Sites =>PUP.Dealply O42 - Logiciel: Fast And Safe - (.GTgroup.) [HKLM] -- {5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf} =>PUP.FastAndSafe O42 - Logiciel: FindWide.com - (.FindWide.com.) [HKCU] -- {200BB6B1-321B-4F86-95FC-14145A53E8DD} =>Hijacker.SearchFindWide O42 - Logiciel: Fpro1.2 - (.Freeven.) [HKLM] -- Fpro1.2 =>PUP.CrossRider O42 - Logiciel: Fujitsu Siemens Computers Recovery - (.Fujitsu Siemens Computers.) [HKLM] -- {F58B763E-9FB9-4629-AF3C-CC9744BC4BA7} O42 - Logiciel: Genesis - (...) [HKCU] -- ysewbb =>PUP.Genesis O42 - Logiciel: HP Smart Web Printing - (.HP.) [HKLM] -- HP Smart Web Printing O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {11B83AD3-7A46-4C2E-A568-9505981D4C6F} O42 - Logiciel: Haali Media Splitter - (...) [HKLM] -- HaaliMkx O42 - Logiciel: Image Editor Packages - (...) [HKCU] -- Image Editor Packages O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: LAME v3.99.3 (for Windows) - (...) [HKLM] -- LAME_is1 O42 - Logiciel: Lagarith Lossless Codec (1.3.27) - (...) [HKLM] -- {F59AC46C-10C3-4023-882C-4212A92283B3}_is1 O42 - Logiciel: LowPricesApp - (.LowPricesApp.) [HKLM] -- {37476589-E48E-439E-A706-56189E2ED4C4}_is1 =>PUP.ChampionDeals O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB936181) - (.Microsoft Corporation.) [HKLM] -- {C04E32E0-0416-434D-AFB9-6969D703A9EF} O42 - Logiciel: MSXML 4.0 SP2 (KB941833) - (.Microsoft Corporation.) [HKLM] -- {C523D256-313D-4866-B36A-F3DE528246EF} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673} O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Mozilla Firefox (3.0.3) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.0.3) O42 - Logiciel: NVIDIA Pilote 3D Vision 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote graphique 311.06 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: Nero 8 Essentials - (.Nero AG.) [HKLM] -- {854C47D1-C2A0-4492-8655-C3F8D49C1036} O42 - Logiciel: NewPlayer - (.NewPlayer.) [HKLM] -- C7BA5201-816F-9A20-8CC5-2C1574161A4B =>Adware.NewPlayer O42 - Logiciel: Norman Security Suite - (.Norman ASA.) [HKLM] -- {A36B158D-8E9D-4BD3-8BDA-4B5EDC9C2E8C} O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN O42 - Logiciel: OSD_1.12 - (.OEM.) [HKLM] -- {73289228-1853-4623-982A-EB17FF0270CA} O42 - Logiciel: OpenSource Flash Video Splitter 1.0.0.5 - (...) [HKLM] -- OpenSource Flash Video Splitter O42 - Logiciel: PremierOpinion - (.VoiceFive, Inc..) [HKLM] -- {eeb86aef-4a5d-4b75-9d74-f16d438fc286} =>Adware.PremierOpinion O42 - Logiciel: SaverPro - (.SaverPro.) [HKLM] -- {94851E46-5E5B-DD67-2593-709E8D27DC4C} =>PUP.SaverPro O42 - Logiciel: Search Protect - (.Client Connect LTD.) [HKLM] -- SearchProtect =>PUP.SearchProtect O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Skype™ 6.14 - (.Skype Technologies S.A..) [HKLM] -- {7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7} O42 - Logiciel: Snap.Do - (.ReSoft Ltd..) [HKLM] -- {AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB} =>Hijacker.SmartBar O42 - Logiciel: SystemDiagnostics - (.Fujitsu Siemens Computers .) [HKLM] -- {2F926AE7-9FB7-4B34-906F-9C29A6D146A7} O42 - Logiciel: Task Killer (remove only) - (...) [HKLM] -- Task Killer O42 - Logiciel: Ultimate Codecs Setup Wizard Packages - (...) [HKCU] -- Ultimate Codecs Setup Wizard Packages =>Adware.InstallCore O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: VCRedistSetup - (.Nero AG.) [HKLM] -- {3921A67A-5AB1-4E48-9444-C71814CF3027} O42 - Logiciel: VideoDownloadConverter Firefox Toolbar - (.Mindspark Interactive Network.) [HKLM] -- VideoDownloadConverter_4zbar Uninstall Firefox =>Adware.VideoDownloadConverter O42 - Logiciel: VideoDownloadConverter Internet Explorer Toolbar - (.Mindspark Interactive Network.) [HKLM] -- VideoDownloadConverter_4zbar Uninstall Internet Explorer =>Adware.VideoDownloadConverter O42 - Logiciel: WPM17.8.0.3325 - (.Cherished Technololgy LIMITED.) [HKLM] -- WPM =>PUP.WpManager O42 - Logiciel: awesomehp uninstaller - (.awesomehp.) [HKLM] -- awesomehp uninstaller =>PUP.Awesomehp O42 - Logiciel: deal4real - (."".) [HKLM] -- {2FA77785-00C3-A920-6452-D4FE5C9C129F} =>PUP.Deal4reaL O42 - Logiciel: e-Carte Bleue Société Générale - (...) [HKLM] -- {EC3CAFA6-1CDC-46D1-AD8D-B66CFDE59EE0} O42 - Logiciel: ffdshow v1.1.4399 [2012-03-22] - (...) [HKLM] -- ffdshow_is1 O42 - Logiciel: greatsaving - (."".) [HKLM] -- {439763FF-59EC-FF1D-B0B5-CB9E213A7A5C} =>PUP.GreatSaving O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6AD9F5F3-5BD0-4000-BD9C-B536CF86D988} O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} O42 - Logiciel: saveiranet - (.savernaeto.) [HKLM] -- {614925F9-841A-53FE-A28F-DC30FA07239B} =>PUP.SaveNet O42 - Logiciel: uPlayer - (.Full Spectrum Interactive.) [HKLM] -- {06810DC6-3501-40FE-BCB3-1A7BE6398A36} ~ Logic: 58 Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ANI] [HKCU\Software\ASProtect] [HKCU\Software\Adobe] [HKCU\Software\Ahead] [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\Fpro1.2] =>PUP.CrossRider [HKCU\Software\AppDataLow\Software\GenericAddon] =>PUP.GenericAddon [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] [HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Boxore] =>Adware.Boxore [HKCU\Software\Bugsplat] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\DSP-worx] [HKCU\Software\DSiteProducts] =>Hijacker.DSite [HKCU\Software\DigiHelp] [HKCU\Software\Digital River] [HKCU\Software\DivX] [HKCU\Software\EPSON] [HKCU\Software\EasyBits] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Hewlett-Packard] [HKCU\Software\HookNetwork] [HKCU\Software\IM Providers] [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKCU\Software\LAV] [HKCU\Software\Licenses] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\MimarSinan] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nosibay] [HKCU\Software\OB] [HKCU\Software\ODBC] [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro [HKCU\Software\Policies] [HKCU\Software\RGMService] [HKCU\Software\RSD Software, Inc.] [HKCU\Software\RegisteredApplications] [HKCU\Software\RocketTabInstalled] =>PUP.RocketTab [HKCU\Software\SearchProtectINT] =>PUP.SearchProtect [HKCU\Software\SearchProtectWS] =>PUP.SearchProtect [HKCU\Software\Skype] [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\Software] [HKCU\Software\Systweak] [HKCU\Software\TNT2] [HKCU\Software\Trolltech] [HKCU\Software\TutoTag] =>PUP.AgenceExclusive [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKCU\Software\VoipStunt] [HKCU\Software\Windows Live Writer] [HKCU\Software\Wow6432Node] [HKCU\Software\genesis] =>PUP.Genesis [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate [HKCU\Software\kde.org] [HKCU\Software\yahooinstall] [HKLM\Software\ANI] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Ahead] [HKLM\Software\Alpha Networks] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Audible] [HKLM\Software\Boxore] =>Adware.Boxore [HKLM\Software\BrowserChoice] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\D-Link] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\EPSON] [HKLM\Software\FreeSoftToday] =>Adware.FreeSoftToday [HKLM\Software\Fujitsu Siemens Computers] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate [HKLM\Software\Google] [HKLM\Software\HP] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IM Providers] [HKLM\Software\Iminent] =>Adware.IMBooster [HKLM\Software\InstalledBrowserExtensions] =>Adware.VidSaver [HKLM\Software\Intel] [HKLM\Software\Khronos] [HKLM\Software\Lame For Audacity] [HKLM\Software\Licenses] [HKLM\Software\Macromedia] [HKLM\Software\McAfee.com] [HKLM\Software\Messier_45_Merope] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NeroDigital] [HKLM\Software\Nero] [HKLM\Software\Norman Data Defense Systems] [HKLM\Software\ODBC] [HKLM\Software\OldTimer Tools] [HKLM\Software\Policies] [HKLM\Software\RegisteredApplications] [HKLM\Software\SEIKO EPSON CORPORATION] [HKLM\Software\SJBBB] [HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp [HKLM\Software\SRS Labs] [HKLM\Software\Skype] [HKLM\Software\Software] [HKLM\Software\Sonic] [HKLM\Software\Systweak] [HKLM\Software\Taronja] [HKLM\Software\TrendMicro] [HKLM\Software\Tutorials] =>PUP.AgenceExclusive [HKLM\Software\Uniblue] [HKLM\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKLM\Software\Volatile] [HKLM\Software\WOW6432Node] [HKLM\Software\Waves Audio] [HKLM\Software\Xvid Team] [HKLM\Software\anset] [HKLM\Software\awesomehpSoftware] =>PUP.Awesomehp [HKLM\Software\e-Carte Bleue Société Générale] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\mysearchdial] =>Adware.MyWebSearch [HKLM\Software\supTab] =>PUP.SupTab [HKLM\Software\supWPM] =>PUP.WpManager ~ Key Software: 283 Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 12/12/2014 - 05:01:56 - [] ----D C:\Program Files\ANI O43 - CFD: 12/12/2014 - 05:01:56 - [] ----D C:\Program Files\Apple Software Update =>.Apple Inc O43 - CFD: 11/12/2014 - 22:46:29 - [] ----D C:\Program Files\AVAST Software O43 - CFD: 07/12/2014 - 23:42:49 - [] ----D C:\Program Files\Bench =>PUP.GiganticSavings O43 - CFD: 07/12/2014 - 21:34:50 - [] ----D C:\Program Files\Boxore =>Adware.Boxore O43 - CFD: 07/12/2014 - 23:41:56 - [] ----D C:\Program Files\Browser Guard O43 - CFD: 11/12/2014 - 22:34:46 - [] ----D C:\Program Files\Common Files O43 - CFD: 21/08/2009 - 15:35:33 - [] ----D C:\Program Files\D-Link O43 - CFD: 16/12/2014 - 23:05:15 - [] ----D C:\Program Files\DigiHelp O43 - CFD: 11/12/2014 - 22:31:45 - [] ----D C:\Program Files\DirectVobSub O43 - CFD: 11/12/2014 - 22:36:28 - [] ----D C:\Program Files\DivX O43 - CFD: 11/12/2014 - 21:20:18 - [] ----D C:\Program Files\Driver Restore O43 - CFD: 11/12/2014 - 22:31:39 - [] ----D C:\Program Files\DSP-worx O43 - CFD: 25/08/2009 - 11:44:35 - [] ----D C:\Program Files\e-Carte Bleue Société Générale O43 - CFD: 19/04/2013 - 13:24:55 - [] ----D C:\Program Files\EpsonNet O43 - CFD: 11/12/2014 - 22:31:51 - [] ----D C:\Program Files\ffdshow O43 - CFD: 10/11/2008 - 11:15:34 - [] -SH-D C:\Program Files\Fichiers communs O43 - CFD: 11/12/2014 - 22:52:44 - [] ----D C:\Program Files\Fpro1.2 =>PUP.CrossRider O43 - CFD: 10/11/2008 - 11:22:26 - [] ----D C:\Program Files\Fujitsu Siemens Computers O43 - CFD: 11/12/2014 - 21:23:47 - [] ----D C:\Program Files\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 11/12/2014 - 20:04:43 - [] ----D C:\Program Files\globalUpdate(114) =>PUP.GlobalUpdate O43 - CFD: 11/12/2014 - 21:51:47 - [] ----D C:\Program Files\Google O43 - CFD: 11/12/2014 - 22:31:40 - [] ----D C:\Program Files\Haali O43 - CFD: 24/08/2009 - 20:00:02 - [] ----D C:\Program Files\HP O43 - CFD: 22/12/2013 - 10:45:49 - [] ----D C:\Program Files\Image Converter O43 - CFD: 11/12/2014 - 21:23:04 - [] ----D C:\Program Files\InfoTrigger =>PUP.InfoTrigger O43 - CFD: 19/04/2013 - 13:24:55 - [] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 12/12/2014 - 14:19:59 - [] ----D C:\Program Files\Internet Explorer O43 - CFD: 15/08/2012 - 17:38:43 - [] ----D C:\Program Files\iPod O43 - CFD: 15/08/2012 - 17:39:54 - [] ----D C:\Program Files\iTunes O43 - CFD: 11/12/2014 - 22:31:42 - [] ----D C:\Program Files\Lame For Audacity O43 - CFD: 01/05/2013 - 13:02:31 - [] ----D C:\Program Files\Microsoft O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\Microsoft Games O43 - CFD: 21/09/2009 - 12:20:01 - [] ----D C:\Program Files\Microsoft Office O43 - CFD: 16/06/2009 - 20:07:53 - [] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 10/11/2008 - 15:46:54 - [] ----D C:\Program Files\Microsoft Visual Studio O43 - CFD: 11/10/2012 - 10:08:21 - [] ----D C:\Program Files\Microsoft Works O43 - CFD: 28/06/2010 - 05:15:49 - [] ----D C:\Program Files\Microsoft.NET O43 - CFD: 22/12/2013 - 11:55:31 - [] ----D C:\Program Files\Mobogenie =>PUP.Mobogenie O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Movie Maker O43 - CFD: 16/12/2014 - 23:46:42 - [] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\MSBuild O43 - CFD: 15/12/2009 - 15:41:06 - [] ----D C:\Program Files\MSECache O43 - CFD: 10/11/2008 - 12:37:43 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 11/12/2014 - 20:04:59 - [] ----D C:\Program Files\MyPC Backup =>PUP.MyPCBackup O43 - CFD: 03/07/2008 - 04:31:05 - [] ----D C:\Program Files\Nero O43 - CFD: 03/07/2008 - 04:32:29 - [0] ----D C:\Program Files\NeroInstall.bak O43 - CFD: 16/05/2014 - 08:51:58 - [] ----D C:\Program Files\NewPlayer =>Adware.NewPlayer O43 - CFD: 19/03/2012 - 14:18:30 - [] ----D C:\Program Files\Norman O43 - CFD: 11/12/2014 - 21:20:22 - [] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 10/11/2008 - 11:23:52 - [] ----D C:\Program Files\OEM O43 - CFD: 11/12/2014 - 22:31:39 - [] ----D C:\Program Files\OpenSource Flash Video Splitter O43 - CFD: 16/05/2014 - 03:34:17 - [0] ----D C:\Program Files\predm =>Adware.Downware O43 - CFD: 16/12/2014 - 23:54:11 - [] ----D C:\Program Files\PremierOpinion =>Adware.PremierOpinion O43 - CFD: 02/11/2006 - 13:37:34 - [] ----D C:\Program Files\Reference Assemblies O43 - CFD: 16/05/2014 - 16:39:54 - [0] ----D C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner O43 - CFD: 11/12/2014 - 21:48:58 - [] ----D C:\Program Files\Search Extensions =>PUP.RocketTab O43 - CFD: 11/12/2014 - 21:20:22 - [] ----D C:\Program Files\SearchProtect =>PUP.SearchProtect O43 - CFD: 27/02/2014 - 08:11:22 - [] R---D C:\Program Files\Skype O43 - CFD: 11/12/2014 - 21:20:22 - [] ----D C:\Program Files\Software O43 - CFD: 02/01/2014 - 19:42:33 - [] ----D C:\Program Files\Task Killer O43 - CFD: 11/12/2014 - 21:20:23 - [] ----D C:\Program Files\TNT2 O43 - CFD: 30/04/2013 - 15:07:42 - [] ----D C:\Program Files\trend micro O43 - CFD: 21/09/2013 - 22:08:21 - [] ----D C:\Program Files\Ultralingua O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 11/12/2014 - 21:20:23 - [] ----D C:\Program Files\Uninstaller O43 - CFD: 11/12/2014 - 21:20:26 - [] ----D C:\Program Files\uPlayer O43 - CFD: 23/08/2013 - 18:11:16 - [] ----D C:\Program Files\Video Download Converter =>Adware.VideoDownloadConverter O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Windows Calendar O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Windows Collaboration O43 - CFD: 18/07/2011 - 11:21:11 - [] ----D C:\Program Files\Windows Defender O43 - CFD: 12/12/2014 - 14:20:01 - [] ----D C:\Program Files\Windows Journal O43 - CFD: 16/05/2014 - 09:02:25 - [] ----D C:\Program Files\Windows Live O43 - CFD: 12/04/2012 - 18:08:03 - [] ----D C:\Program Files\Windows Mail =>.Microsoft Corporation O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Windows Media Player =>.Microsoft Corporation O43 - CFD: 10/11/2008 - 11:15:34 - [] ----D C:\Program Files\Windows NT O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Windows Photo Gallery O43 - CFD: 19/07/2011 - 19:15:31 - [] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 18/07/2011 - 11:21:12 - [] ----D C:\Program Files\Windows Sidebar O43 - CFD: 12/12/2014 - 00:01:46 - [0] ----D C:\Program Files\Xvid O43 - CFD: 16/05/2014 - 09:13:51 - [] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 15/08/2012 - 17:38:42 - [] ----D C:\Program Files\Common Files\Apple O43 - CFD: 03/07/2008 - 04:37:08 - [] ----D C:\Program Files\Common Files\DESIGNER O43 - CFD: 11/12/2014 - 22:35:54 - [] ----D C:\Program Files\Common Files\DivX Shared O43 - CFD: 10/11/2008 - 11:22:26 - [] ----D C:\Program Files\Common Files\Fujitsu Siemens Computers O43 - CFD: 24/08/2009 - 19:58:51 - [] ----D C:\Program Files\Common Files\Hewlett-Packard O43 - CFD: 21/08/2009 - 15:37:00 - [] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 23/12/2013 - 07:02:33 - [] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 03/07/2008 - 04:31:43 - [] ----D C:\Program Files\Common Files\Nero O43 - CFD: 02/11/2006 - 12:18:33 - [] ----D C:\Program Files\Common Files\Services O43 - CFD: 27/02/2014 - 08:11:22 - [] ----D C:\Program Files\Common Files\Skype O43 - CFD: 02/11/2006 - 12:18:33 - [] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 10/11/2011 - 21:57:25 - [] ----D C:\Program Files\Common Files\System O43 - CFD: 16/06/2009 - 19:52:44 - [] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 12/12/2014 - 00:02:34 - [0] ----D C:\ProgramData\1790955706 O43 - CFD: 01/07/2014 - 09:20:13 - [0] ----D C:\ProgramData\2308189059 O43 - CFD: 12/12/2014 - 00:02:35 - [] ----D C:\ProgramData\412301046 O43 - CFD: 14/12/2014 - 14:57:18 - [] ----D C:\ProgramData\9cb039b36bf83299 O43 - CFD: 16/05/2014 - 09:13:50 - [] ----D C:\ProgramData\Adobe O43 - CFD: 31/07/2011 - 12:50:12 - [] ----D C:\ProgramData\Apple O43 - CFD: 31/07/2011 - 12:46:53 - [] ----D C:\ProgramData\Apple Computer O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Application Data O43 - CFD: 11/12/2014 - 22:46:29 - [] ----D C:\ProgramData\AVAST Software O43 - CFD: 10/11/2008 - 11:15:34 - [] -SH-D C:\ProgramData\Bureau O43 - CFD: 02/06/2009 - 09:26:51 - [] --H-D C:\ProgramData\CanonBJ O43 - CFD: 22/12/2013 - 22:33:23 - [] --H-D C:\ProgramData\Common Files O43 - CFD: 14/12/2014 - 14:37:10 - [] ----D C:\ProgramData\deal4real =>PUP.Deal4reaL O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Desktop O43 - CFD: 11/12/2014 - 22:36:33 - [] ----D C:\ProgramData\DivX O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Documents O43 - CFD: 11/12/2014 - 21:20:26 - [] ----D C:\ProgramData\Driver Restore O43 - CFD: 07/12/2014 - 22:20:36 - [] ----D C:\ProgramData\EPSON O43 - CFD: 01/07/2014 - 09:20:08 - [] ----D C:\ProgramData\Fast And Safe =>PUP.FastAndSafe O43 - CFD: 10/11/2008 - 11:15:34 - [] -SH-D C:\ProgramData\Favoris O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Favorites O43 - CFD: 11/12/2014 - 21:23:04 - [] ----D C:\ProgramData\FRVtxxYcthg O43 - CFD: 10/11/2008 - 11:22:12 - [] ----D C:\ProgramData\fsc-reg O43 - CFD: 29/01/2013 - 19:51:40 - [] ----D C:\ProgramData\Google O43 - CFD: 14/12/2014 - 14:57:10 - [] ----D C:\ProgramData\greatsaving =>PUP.GreatSaving O43 - CFD: 24/08/2009 - 20:05:18 - [] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 01/02/2013 - 11:36:10 - [] ----D C:\ProgramData\HP O43 - CFD: 12/12/2014 - 10:32:08 - [] ----D C:\ProgramData\LowPricesApp =>PUP.ChampionDeals O43 - CFD: 25/12/2011 - 22:20:30 - [] ----D C:\ProgramData\McAfee O43 - CFD: 10/11/2008 - 11:15:34 - [] -SH-D C:\ProgramData\Menu Démarrer O43 - CFD: 28/02/2014 - 01:17:56 - [] -S--D C:\ProgramData\Microsoft O43 - CFD: 21/09/2009 - 12:20:06 - [] ----D C:\ProgramData\Microsoft Help O43 - CFD: 10/11/2008 - 11:15:34 - [] -SH-D C:\ProgramData\Modèles O43 - CFD: 05/05/2012 - 18:39:44 - [] ----D C:\ProgramData\Mozilla O43 - CFD: 03/07/2008 - 04:31:05 - [] ----D C:\ProgramData\Nero O43 - CFD: 16/12/2014 - 18:53:14 - [] ----D C:\ProgramData\NVIDIA O43 - CFD: 11/12/2014 - 21:27:23 - [] ----D C:\ProgramData\PC Drivers HeadQuarters O43 - CFD: 11/12/2014 - 22:52:44 - [] ----D C:\ProgramData\saveiranet =>PUP.SaveNet O43 - CFD: 11/12/2014 - 21:20:26 - [] ----D C:\ProgramData\SaverPro =>PUP.SaverPro O43 - CFD: 27/02/2014 - 08:11:53 - [] ----D C:\ProgramData\Skype O43 - CFD: 02/11/2006 - 14:02:03 - [] -SH-D C:\ProgramData\Start Menu O43 - CFD: 16/05/2014 - 03:18:40 - [0] ----D C:\ProgramData\TEMP O43 - CFD: 02/11/2006 - 14:02:04 - [] -SH-D C:\ProgramData\Templates O43 - CFD: 11/12/2014 - 21:27:46 - [0] ----D C:\ProgramData\UAB O43 - CFD: 21/09/2013 - 22:08:32 - [] ----D C:\ProgramData\Ultralingua7 O43 - CFD: 24/08/2009 - 20:07:36 - [] ----D C:\ProgramData\WEBREG O43 - CFD: 20/02/2014 - 19:46:37 - [] ----D C:\ProgramData\WPM =>PUP.WpManager O43 - CFD: 31/07/2011 - 12:47:39 - [] ----D C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521} O43 - CFD: 25/02/2011 - 08:32:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 25/02/2011 - 08:32:03 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 21/08/2009 - 15:36:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link O43 - CFD: 11/12/2014 - 22:31:46 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub O43 - CFD: 11/12/2014 - 22:35:59 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX O43 - CFD: 11/12/2014 - 21:20:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Restore O43 - CFD: 21/01/2008 - 03:42:47 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Extras and Upgrades O43 - CFD: 11/12/2014 - 22:31:53 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow O43 - CFD: 10/11/2008 - 11:22:26 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fujitsu Siemens Computers O43 - CFD: 21/01/2008 - 03:42:49 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games O43 - CFD: 11/12/2014 - 22:31:48 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter O43 - CFD: 16/05/2014 - 03:42:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP O43 - CFD: 15/08/2012 - 17:39:55 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes O43 - CFD: 02/11/2006 - 13:56:46 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 23/08/2012 - 17:49:09 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in O43 - CFD: 11/10/2012 - 10:08:21 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Works O43 - CFD: 11/12/2014 - 22:23:01 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox O43 - CFD: 03/07/2008 - 04:32:25 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8 O43 - CFD: 19/03/2012 - 14:18:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norman Security Suite O43 - CFD: 02/07/2014 - 14:12:10 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation O43 - CFD: 10/11/2008 - 15:47:15 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outils Microsoft Office O43 - CFD: 15/12/2014 - 21:44:12 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion O43 - CFD: 27/02/2014 - 08:11:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype O43 - CFD: 11/12/2014 - 21:35:50 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 02/11/2006 - 13:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC O43 - CFD: 02/01/2014 - 19:42:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Task Killer O43 - CFD: 23/08/2013 - 18:11:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Download Converter =>Adware.VideoDownloadConverter O43 - CFD: 29/04/2013 - 18:59:37 - [] R---D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live O43 - CFD: 16/12/2014 - 23:46:07 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZHP =>.Nicolas Coolman O43 - CFD: 22/12/2013 - 10:46:34 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z O43 - CFD: 11/12/2014 - 22:32:00 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\1H1Q1V1N1N1O1R =>Adware.InstallCore O43 - CFD: 16/05/2014 - 03:30:16 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Activeris =>PUP.Activeris O43 - CFD: 07/01/2012 - 06:51:37 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Adobe O43 - CFD: 30/01/2013 - 22:38:46 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Advernet =>Hijacker.Proxy O43 - CFD: 31/07/2011 - 12:56:55 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Apple Computer O43 - CFD: 11/12/2014 - 22:49:39 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\AVAST Software O43 - CFD: 11/12/2014 - 22:31:43 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\CDXReader O43 - CFD: 22/12/2013 - 10:45:54 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\DigitalSites =>Hijacker.DSite O43 - CFD: 11/12/2014 - 22:35:52 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\DivX O43 - CFD: 25/03/2011 - 16:18:03 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Google O43 - CFD: 24/08/2009 - 20:06:38 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\HP O43 - CFD: 10/11/2008 - 11:24:02 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Identities O43 - CFD: 21/08/2009 - 15:34:38 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\InstallShield O43 - CFD: 11/12/2014 - 22:31:53 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\LavFilters O43 - CFD: 10/11/2008 - 13:00:50 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Macromedia O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Media Center Programs O43 - CFD: 23/08/2013 - 23:04:32 - [] -S--D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft O43 - CFD: 10/11/2008 - 21:14:16 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla O43 - CFD: 17/06/2009 - 22:46:49 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Nero O43 - CFD: 16/12/2014 - 18:58:35 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\newnext.me =>PUP.NextLive O43 - CFD: 02/07/2014 - 14:43:44 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Nosibay =>PUP.BubbleDock O43 - CFD: 16/05/2014 - 16:42:53 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\PeerNetworking O43 - CFD: 16/12/2014 - 23:22:30 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Skype O43 - CFD: 31/07/2011 - 19:04:43 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\skypePM O43 - CFD: 16/05/2014 - 16:39:53 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Systweak O43 - CFD: 11/12/2014 - 21:20:52 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Task Killer O43 - CFD: 13/12/2012 - 12:14:46 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Template O43 - CFD: 13/06/2009 - 21:00:25 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\VoipStunt O43 - CFD: 22/06/2009 - 21:00:05 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Windows Live Writer O43 - CFD: 16/12/2014 - 23:54:54 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\ZHP =>.Nicolas Coolman O43 - CFD: 28/08/2013 - 23:05:29 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Adobe O43 - CFD: 17/06/2009 - 22:47:09 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Ahead O43 - CFD: 31/07/2011 - 12:45:14 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Apple O43 - CFD: 21/07/2013 - 15:54:59 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Apple Computer O43 - CFD: 10/11/2008 - 11:23:19 - [] -SH-D C:\Users\Alexis Guiengani\AppData\Local\Application Data O43 - CFD: 16/05/2014 - 17:04:34 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Apps O43 - CFD: 11/12/2014 - 20:19:56 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\BoBrowser =>PUP.BoBrowser O43 - CFD: 11/12/2014 - 21:26:34 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Boxore =>Adware.Boxore O43 - CFD: 07/12/2014 - 23:41:52 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Browser Guard O43 - CFD: 22/12/2013 - 10:48:43 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\cache O43 - CFD: 07/12/2014 - 23:44:51 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Chromatic Browser =>PUP.ChromaticBrowser O43 - CFD: 11/12/2014 - 21:35:37 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Chrome O43 - CFD: 07/12/2014 - 23:45:37 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\com O43 - CFD: 07/12/2014 - 23:44:45 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Comodo O43 - CFD: 16/05/2014 - 17:04:56 - [0] ----D C:\Users\Alexis Guiengani\AppData\Local\Deployment O43 - CFD: 22/12/2013 - 10:48:42 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\genienext =>PUP.NextLive O43 - CFD: 16/05/2014 - 03:17:55 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\globalUpdate =>PUP.GlobalUpdate O43 - CFD: 10/11/2008 - 11:23:19 - [] -SH-D C:\Users\Alexis Guiengani\AppData\Local\Historique O43 - CFD: 16/05/2014 - 03:18:45 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\LPT =>Adware.Incredibar O43 - CFD: 22/04/2013 - 20:58:48 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Macromedia O43 - CFD: 02/07/2014 - 08:57:42 - [0] ----D C:\Users\Alexis Guiengani\AppData\Local\mBGL`e O43 - CFD: 29/04/2013 - 20:12:10 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Microsoft O43 - CFD: 16/07/2011 - 08:52:18 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Microsoft Games O43 - CFD: 20/05/2009 - 14:27:25 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Microsoft Help O43 - CFD: 10/11/2008 - 11:25:32 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\MigWiz O43 - CFD: 22/12/2013 - 11:55:31 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Mobogenie =>PUP.Mobogenie O43 - CFD: 10/11/2008 - 21:14:13 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Mozilla O43 - CFD: 07/12/2014 - 23:41:53 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\MySearchs =>Adware.MyWebSearch O43 - CFD: 07/12/2012 - 13:51:28 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Orbitum O43 - CFD: 11/12/2014 - 21:20:50 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\PC_Drivers_Headquarters O43 - CFD: 16/12/2014 - 22:53:24 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\RGMService O43 - CFD: 10/11/2008 - 11:23:31 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Seven Zip O43 - CFD: 27/02/2014 - 08:12:09 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Skype O43 - CFD: 11/12/2014 - 21:29:16 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Smartbar O43 - CFD: 03/07/2014 - 11:26:22 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Software O43 - CFD: 16/12/2014 - 23:54:55 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Temp O43 - CFD: 10/11/2008 - 11:23:19 - [] -SH-D C:\Users\Alexis Guiengani\AppData\Local\Temporary Internet Files O43 - CFD: 11/12/2014 - 21:20:50 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\TNT2 O43 - CFD: 12/12/2014 - 05:00:49 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\TNT2(163) O43 - CFD: 07/12/2014 - 23:44:46 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Torch O43 - CFD: 23/08/2013 - 23:01:51 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\TrafficSpaceLLC O43 - CFD: 11/12/2014 - 20:14:31 - [0] ----D C:\Users\Alexis Guiengani\AppData\Local\TVWizard =>PUP.TVWizard O43 - CFD: 21/09/2013 - 22:20:55 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Ultralingua7 O43 - CFD: 27/08/2013 - 18:34:18 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\VideoDownloadConverter_4z =>Adware.VideoDownloadConverter O43 - CFD: 24/03/2009 - 14:02:39 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\VirtualStore O43 - CFD: 21/02/2014 - 12:30:49 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Windows Live O43 - CFD: 22/06/2009 - 21:00:09 - [] ----D C:\Users\Alexis Guiengani\AppData\Local\Windows Live Writer O43 - CFD: 11/12/2014 - 21:20:51 - [] R---D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 11/12/2014 - 21:20:51 - [] R---D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 11/12/2014 - 21:20:51 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock =>PUP.BubbleDock O43 - CFD: 11/12/2014 - 21:35:36 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome O43 - CFD: 11/12/2014 - 22:31:40 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter O43 - CFD: 11/12/2014 - 21:20:51 - [] R---D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 11/12/2014 - 21:20:51 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OSD O43 - CFD: 16/12/2014 - 18:57:41 - [] R---D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 02/01/2014 - 19:42:33 - [0] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Task Killer O43 - CFD: 11/12/2014 - 21:20:51 - [] ----D C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uPlayer ~ Program Folder: 259 Scanned in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.A2083D925A6677229CDE79E9F14A1FBC] - 03/12/2014 - 03:06:01 ---A- . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll [278528] O44 - LFC:[MD5.523082917044CE50ABD95D76E972182F] - 11/12/2014 - 03:28:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt.sys [55816] =>PUP.LinkiDoo O44 - LFC:[MD5.2C32C8C2CFC226E62322ABC8C150AB36] - 11/12/2014 - 17:33:00 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}Gt.sys [55816] =>PUP.LinkiDoo O44 - LFC:[MD5.2B9182C750167A498221486BC3E4EDAC] - 11/12/2014 - 21:11:19 ---A- . (...) -- C:\rgmloader.log [681] O44 - LFC:[MD5.2833F623494FC1EFC0EAC4401CBBF2F2] - 11/12/2014 - 21:44:17 ---A- . (.Microsoft Corporation - Pilote Win32 multi-utilisateurs.) -- C:\Windows\System32\win32k.sys [2054656] O44 - LFC:[MD5.0C96812AAEDA38C89DC6C3F0AE7B6930] - 11/12/2014 - 21:49:18 ---A- . (.Microsoft Corporation - DLL serveur LSA.) -- C:\Windows\System32\lsasrv.dll [1259008] O44 - LFC:[MD5.4E404505B3F62ECFBDBCBBCF0A72DBC5] - 11/12/2014 - 21:51:18 ---A- . (.Microsoft Corporation - Fast FAT File System Driver.) -- C:\Windows\System32\Drivers\fastfat.sys [143360] O44 - LFC:[MD5.2908C2D90B78FDC24326B7854079E44E] - 11/12/2014 - 21:52:16 ---A- . (.Microsoft Corporation - Pas de description.) -- C:\Windows\System32\oleaut32.dll [564224] O44 - LFC:[MD5.BE377621E2D2B483F8EF447079E55585] - 11/12/2014 - 21:59:01 ---A- . (.Microsoft Corporation - Audio Engine.) -- C:\Windows\System32\AudioEng.dll [396800] O44 - LFC:[MD5.56B73070DB745E192307EB7AB6C55CD5] - 11/12/2014 - 21:59:01 ---A- . (.Microsoft Corporation - Audio Ks Endpoint.) -- C:\Windows\System32\AUDIOKSE.dll [274432] O44 - LFC:[MD5.A0344CD5E3F552340AB226E864E1710B] - 11/12/2014 - 21:59:01 ---A- . (.Microsoft Corporation - Media Foundation Crash Dump Encryption DLL.) -- C:\Windows\System32\EncDump.dll [170496] O44 - LFC:[MD5.8E98A99187FF17FC1D48E6FAFFD870BE] - 11/12/2014 - 21:59:01 ---A- . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\audiosrv.dll [316928] O44 - LFC:[MD5.FD7A26BF790751B527E632BD9346DDFD] - 11/12/2014 - 22:02:10 ---A- . (.Microsoft Corporation - Microsoft IME.) -- C:\Windows\System32\IMJP10K.DLL [729600] O44 - LFC:[MD5.9852A1B92487147563D83B638F1E8D37] - 11/12/2014 - 22:03:05 ---A- . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\System32\gdi32.dll [297984] O44 - LFC:[MD5.BC4C024BDC8B676CC58BCE1D5BA7BC04] - 11/12/2014 - 22:05:01 ---A- . (.Microsoft Corporation - Gestionnaire de liaisons d’objets2.) -- C:\Windows\System32\packager.dll [67072] O44 - LFC:[MD5.1DE1C07B256961012DCE0674EA488DE7] - 11/12/2014 - 22:05:15 ---A- . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll [499200] O44 - LFC:[MD5.37A4DF3BCA563FB7537B881AE91BA9C4] - 11/12/2014 - 22:10:33 ---A- . (.Microsoft Corporation - MSXML 3.0 SP10.) -- C:\Windows\System32\msxml3.dll [1249280] O44 - LFC:[MD5.06A9049BA8B9F20D755CF03FD12E8AFD] - 11/12/2014 - 22:10:33 ---A- . (.Microsoft Corporation - XML Resources.) -- C:\Windows\System32\msxml3r.dll [2048] O44 - LFC:[MD5.F074BF1F79D749FCB8C2B739651CD816] - 11/12/2014 - 22:13:59 ---A- . (.Microsoft Corporation - Microsoft Windows Codecs Library.) -- C:\Windows\System32\WindowsCodecs.dll [974848] O44 - LFC:[MD5.D7E28676D83AE6568CCF99BD01700734] - 11/12/2014 - 22:14:29 ---A- . (.Microsoft Corporation - Fichier DLL de ressources des fuseaux horai.) -- C:\Windows\System32\tzres.dll [2048] O44 - LFC:[MD5.DBD84E59D631569EC3E756EF144E8431] - 11/12/2014 - 22:15:35 ---A- . (.Microsoft Corporation - Gestionnaire des connexions distantes Termi.) -- C:\Windows\System32\termsrv.dll [449536] O44 - LFC:[MD5.15F315B53C69930BF907D9A0FFCB6206] - 11/12/2014 - 22:15:36 ---A- . (.Microsoft Corporation - DLL du schéma d’audit de sécurité.) -- C:\Windows\System32\adtschema.dll [619520] O44 - LFC:[MD5.51992CC4DF2DB150950C6CB505556B9A] - 11/12/2014 - 22:15:37 ---A- . (.Microsoft Corporation - DLL des événements d'audit de la sécurité.) -- C:\Windows\System32\msaudite.dll [146432] O44 - LFC:[MD5.653DFC2662680AB61232E1531147558A] - 11/12/2014 - 22:16:51 ---A- . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\System32\mscories.dll [81560] O44 - LFC:[MD5.842DE20A6487D830A458DDB5E0363F13] - 11/12/2014 - 22:16:51 ---A- . (.Microsoft Corporation - Microsoft .NET Runtime IE resources.) -- C:\Windows\System32\mscorier.dll [156824] O44 - LFC:[MD5.8580484193CE0A0788830FBAB97CF13B] - 11/12/2014 - 22:16:51 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\System32\dfshim.dll [1131664] O44 - LFC:[MD5.E66A29C118DE2FE3E5766E5C7A2E8E2B] - 11/12/2014 - 22:17:49 ---A- . (.Microsoft Corporation - Windows Presentation Foundation Terminal Se.) -- C:\Windows\System32\TsWpfWrp.exe [35480] O44 - LFC:[MD5.667A4DAAD3AA57B1051484BAC057CF7C] - 11/12/2014 - 22:17:54 ---A- . (.Microsoft Corporation - Windows CardSpace User Interface Agent.) -- C:\Windows\System32\icardagt.exe [619664] O44 - LFC:[MD5.A86F5EEC0ACEC16906532F2B1A7C00B6] - 11/12/2014 - 22:17:54 ---A- . (.Microsoft Corporation - Windows CardSpace.) -- C:\Windows\System32\icardres.dll [8856] O44 - LFC:[MD5.3662E6500C477AC0DFAECE4CF7B163B8] - 11/12/2014 - 22:17:55 ---A- . (.Microsoft Corporation - Microsoft InfoCards.) -- C:\Windows\System32\infocardapi.dll [99480] O44 - LFC:[MD5.DDC0B6672AB7862A3C2D7AA2ADB6B645] - 11/12/2014 - 22:31:38 ---A- . (.Pas de propriétaire - Setup/Uninstall.) -- C:\Windows\unins000.exe [715038] O44 - LFC:[MD5.FA425C74CE2EB719B2A77A7A2ADDAE32] - 11/12/2014 - 22:31:39 ---A- . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll [216064] O44 - LFC:[MD5.9CF7A70A4C14AAE7FA650C6F085C23C9] - 11/12/2014 - 22:31:40 ---A- . (...) -- C:\Windows\unins000.dat [1802] O44 - LFC:[MD5.72C57D8501528179C6957E2F541CE215] - 11/12/2014 - 22:31:45 ---A- . (...) -- C:\Windows\System32\unrar.dll [178688] O44 - LFC:[MD5.C0992C27E792440DA1DD5CFE8EE03E32] - 11/12/2014 - 22:31:50 ---A- . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll [79360] O44 - LFC:[MD5.3F0A7F435BAB0ED4070BBCE73F1918F3] - 11/12/2014 - 22:49:23 ---A- . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll [1139712] O44 - LFC:[MD5.F18D4C903AE56BD9852D1D9E02CF1730] - 11/12/2014 - 22:49:24 ---A- . (.Microsoft Corporation - Panneau de configuration Internet.) -- C:\Windows\System32\inetcpl.cpl [1427968] O44 - LFC:[MD5.AA680F0065A505118BDD9181BCE7C83D] - 11/12/2014 - 22:49:25 ---A- . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\System32\wininet.dll [1129472] O44 - LFC:[MD5.5C3D2065153E4A4273DEDD87A8BC1805] - 11/12/2014 - 22:49:25 ---A- . (.Microsoft Corporation - JScript Proxy Auto-Configuration.) -- C:\Windows\System32\jsproxy.dll [65536] O44 - LFC:[MD5.4D6B5B1CE39F6A2477FDE3117D84BDAB] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Convertisseur Microsoft HTML.) -- C:\Windows\System32\html.iec [367104] O44 - LFC:[MD5.70DD19C20344660B1D32057603A9820D] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Hôte des applications HTML de Microsoft(R).) -- C:\Windows\System32\mshta.exe [11776] O44 - LFC:[MD5.E633199D0EE2682618FA5B762D892F04] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Microsoft Feeds Manager.) -- C:\Windows\System32\msfeeds.dll [607744] O44 - LFC:[MD5.D3FE7135827884946E5ED4E4DD96B472] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\Windows\System32\msfeedssync.exe [10752] O44 - LFC:[MD5.7247B8F630630FCF495B809962D52970] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Microsoft® HTML Editing Component.) -- C:\Windows\System32\mshtmled.dll [73216] O44 - LFC:[MD5.117980ADC4A9E349571810D20B14BFB8] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Synchronisation en arrière-plan des flux Mi.) -- C:\Windows\System32\msfeedsbs.dll [41472] O44 - LFC:[MD5.91F488C0ED1D8B1FDC112F95A4965CC6] - 11/12/2014 - 22:49:27 ---A- . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll [12369920] O44 - LFC:[MD5.ED7DBB46D75BD5DE33E9E06C7CCDC4E8] - 11/12/2014 - 22:49:28 ---A- . (.Microsoft Corporation - Microsoft® MSHTML Typelib.) -- C:\Windows\System32\mshtml.tlb [2382848] O44 - LFC:[MD5.5310BF0FF12033B7F79F163805BE721A] - 11/12/2014 - 22:49:29 ---A- . (.Microsoft Corporation - Outil d’installation sans assistance d’IE 7.) -- C:\Windows\System32\ieUnatt.exe [142848] O44 - LFC:[MD5.D32B633111A9F99F8DCE36F1A6278FC7] - 11/12/2014 - 22:49:30 ---A- . (.Microsoft Corporation - Internet Shortcut Shell Extension DLL.) -- C:\Windows\System32\url.dll [231936] O44 - LFC:[MD5.829532FD1584422EB7F4C49F767D1E4B] - 11/12/2014 - 22:49:30 ---A- . (.Microsoft Corporation - Navigateur Internet.) -- C:\Windows\System32\ieframe.dll [9740800] O44 - LFC:[MD5.898479188B3DBCB7F2BAC888D6456636] - 11/12/2014 - 22:49:30 ---A- . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\System32\iertutil.dll [1802752] O44 - LFC:[MD5.C23F63949092BC7086BD23743A28C46B] - 11/12/2014 - 22:49:31 ---A- . (.Microsoft Corporation - Moteur de l’interface utilisateur d’Interne.) -- C:\Windows\System32\ieui.dll [176640] O44 - LFC:[MD5.407FD4AAE5E119A441CCEAA4C3276DDF] - 11/12/2014 - 22:49:32 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript.dll [717824] O44 - LFC:[MD5.4C0FA381EC7348F05432B2976924A031] - 11/12/2014 - 22:49:32 ---A- . (.Microsoft Corporation - Microsoft (R) JScript.) -- C:\Windows\System32\jscript9.dll [1810944] O44 - LFC:[MD5.5281C1E96FDE868A822260478694BA54] - 11/12/2014 - 22:49:33 ---A- . (.Microsoft Corporation - Microsoft ® VBScript.) -- C:\Windows\System32\vbscript.dll [421376] O44 - LFC:[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - 11/12/2014 - 22:53:07 ---A- . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) -- C:\Windows\System32\Drivers\afd.sys [273408] O44 - LFC:[MD5.69407A3E716210A27CD1DAC2DBC8D658] - 11/12/2014 - 22:56:31 ---A- . (.Microsoft Corporation - Édition DirectShow..) -- C:\Windows\System32\qedit.dll [506880] O44 - LFC:[MD5.31F57ACBE76A0E17976E18614DE58399] - 11/12/2014 - 22:56:49 ---A- . (.Microsoft Corporation - Canonical Display Driver.) -- C:\Windows\System32\cdd.dll [37376] O44 - LFC:[MD5.5C2C209CDEFBC51D83D66E8A53B2BE89] - 11/12/2014 - 22:56:49 ---A- . (.Microsoft Corporation - DirectX Graphics Kernel.) -- C:\Windows\System32\Drivers\dxgkrnl.sys [638400] O44 - LFC:[MD5.1BD89641D9B1012796AFADAB9A659974] - 11/12/2014 - 22:59:59 ---A- . (.Microsoft Corporation - Interface utilisateur d’authentification Wi.) -- C:\Windows\System32\authui.dll [1993728] O44 - LFC:[MD5.5E50B8E904FCB8DFC7C29BD3FEB7A593] - 11/12/2014 - 23:00:00 ---A- . (.Microsoft Corporation - Interface utilisateur de consentement pour.) -- C:\Windows\System32\consent.exe [82432] O44 - LFC:[MD5.8F7D200717A58E9800D391F4C2101577] - 11/12/2014 - 23:00:00 ---A- . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O44 - LFC:[MD5.11CFE871D27B4C3485E84BE9E48FFF5E] - 11/12/2014 - 23:00:00 ---A- . (.Microsoft Corporation - Windows Installer.) -- C:\Windows\System32\msi.dll [2263552] O44 - LFC:[MD5.8FAD1550A16432D56CF6F40953797345] - 11/12/2014 - 23:00:00 ---A- . (.Microsoft Corporation - Windows® installer.) -- C:\Windows\System32\msihnd.dll [332800] O44 - LFC:[MD5.0A23A2084BD3C20FD75CB6D0CA86B6E1] - 12/12/2014 - 09:51:14 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [305096] O44 - LFC:[MD5.41317A2874D09884D43C2B89D182F7AB] - 12/12/2014 - 20:27:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}t.sys [55816] =>PUP.LinkiDoo O44 - LFC:[MD5.A0C3223B793BF2EA7CC1E0283BD6C0F4] - 15/12/2014 - 00:30:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t.sys [55816] =>PUP.LinkiDoo O44 - LFC:[MD5.E1FD178D2DFA88A53D8A9C2190D88CD0] - 16/12/2014 - 18:53:02 ---A- . (...) -- C:\Windows\PFRO.log [187036] O44 - LFC:[MD5.EF9651A586B4AC8F1591D0A56D22124F] - 16/12/2014 - 18:53:08 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.70B9BD8D2CDB1AB42D4842CB29A357CC] - 16/12/2014 - 18:53:46 ---A- . (...) -- C:\Windows\System32\Drivers\SPPD.sys [18872] O44 - LFC:[MD5.23A6B11F1B1D11E122A71A4CE180824C] - 16/12/2014 - 18:59:42 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1615904] O44 - LFC:[MD5.0BAA2DDFFC213CEE3161B427F66D52A3] - 16/12/2014 - 18:59:42 ---A- . (...) -- C:\Windows\System32\perfc009.dat [120050] O44 - LFC:[MD5.94340D1AF612484B1ACD84031170DFFE] - 16/12/2014 - 18:59:42 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [146290] O44 - LFC:[MD5.2B3D8BC3C4218A5E0ED744CE44A3D6C7] - 16/12/2014 - 18:59:42 ---A- . (...) -- C:\Windows\System32\perfh009.dat [634484] O44 - LFC:[MD5.D7DDF2322D966056349FFBB39F70B060] - 16/12/2014 - 18:59:42 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [722488] O44 - LFC:[MD5.76452F4C3DBE1A51C30BFE42221B3AA3] - 16/12/2014 - 23:05:28 ---A- . (...) -- C:\Windows\win.ini [377] O44 - LFC:[MD5.759FD40A0E036F51F10ED4FAB95A8CDB] - 16/12/2014 - 23:22:33 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1613522] ~ Files: 79 Scanned in 00mn 16s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.372B63594CE71FB977CEF66087B8F6F5] - 16/12/2014 - 22:21:06 ---A- - C:\Windows\Prefetch\FPRO1.2-CODEDOWNLOADER.EXE-D8D6B4D9.pf =>PUP.CrossRider O45 - LFCP:[MD5.EAD10B30E59BC4A46C2956125B1C4B90] - 16/12/2014 - 19:20:10 ---A- - C:\Windows\Prefetch\FPRO1.2-NOVA.EXE-DFA06CFB.pf =>PUP.CrossRider O45 - LFCP:[MD5.AFA597CE2BC96A346F36C5303DEB0529] - 16/12/2014 - 22:20:04 ---A- - C:\Windows\Prefetch\FPRO1.2-NOVAINSTALLER.EXE-EE51C941.pf =>PUP.CrossRider ~ Prefetcher: 3 Scanned in 00mn 01s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll ~ LSA: 7 Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ CSB: 13 Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPSK) (O51) O51 - MPSK:{212c1c9e-fd51-11e0-9928-00030da6cd24}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) O51 - MPSK:{212c1caa-fd51-11e0-9928-00030da6cd24}\AutoRun\command. (...) -- F:\PcOptions.exe (.not file.) O51 - MPSK:{212c1cbc-fd51-11e0-9928-00030da6cd24}\AutoRun\command. (...) -- F:\PcOptions.exe (.not file.) O51 - MPSK:{2df62028-1bb4-11e2-9c28-00030da6cd24}\AutoRun\command. (...) -- G:\PcOptions.exe (.not file.) O51 - MPSK:{5091b163-9a2a-11e0-8b3f-00030da6cd24}\AutoRun\command. (...) -- G:\LaunchU3.exe (.not file.) O51 - MPSK:{6807fe1c-fbfb-11e0-998d-00030da6cd24}\AutoRun\command. (...) -- F:\PcOptions.exe (.not file.) O51 - MPSK:{7d3fa8bc-fc82-11df-9528-00030da6cd24}\AutoRun\command - Clé orpheline O51 - MPSK:{bd95bc3a-3f91-11de-ae9e-00030da6cd24}\AutoRun\command. (...) -- F:\filesystem\pagefile.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les pilotes (HKLM)(TDSD) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm O52 - TDSD: \Drivers32\"VIDC.LAGS"="lagarith.dll" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\Windows\System32\sl_anet.acm O52 - TDSD: \drivers.desc\"lagarith.dll"="Lagarith lossless codec [LAGS]" . (.Pas de propriétaire - Lagarith.) -- C:\Windows\System32\lagarith.dll O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - ffdshow VFW.) -- C:\Windows\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ TDSD: 9 Scanned in 00mn 01s ---\\ Enumération des clés de registre SecurityProviders (MCSP) (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll ~ MSCP: 2 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "SoftwareSASGeneration"=1 O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0 ~ MWPS: 18 Scanned in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 ~ MWPE Keys: 2 Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968] O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\System32\Drivers\adpahci.sys [300600] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\System32\Drivers\adpu160m.sys [101432] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\System32\Drivers\adpu320.sys [149560] O58 - SDL:19/12/2007 - 18:45:00 ----- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\System32\Drivers\ahcix86s.sys [170000] O58 - SDL:02/12/2011 - 10:32:29 ---A- . (.Norman ASA - ALE Network Filter Driver.) -- C:\Windows\System32\Drivers\ale_nf.sys [99088] O58 - SDL:02/12/2011 - 10:32:54 ---A- . (.Norman ASA - ALE Network Filter Driver.) -- C:\Windows\System32\Drivers\ale_nf64.sys [108864] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\System32\Drivers\aliide.sys [17464] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\System32\Drivers\arc.sys [79416] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\System32\Drivers\arcsas.sys [79928] O58 - SDL:02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltLo.sys [13568] O58 - SDL:02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\System32\Drivers\BrFiltUp.sys [5248] O58 - SDL:02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\System32\Drivers\BrSerId.sys [71808] O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\System32\Drivers\BrSerWdm.sys [62336] O58 - SDL:02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\System32\Drivers\BrUsbMdm.sys [12160] O58 - SDL:02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\System32\Drivers\BrUsbSer.sys [11904] O58 - SDL:05/10/2006 - 03:42:42 ----- . (.Sonic Solutions - CDR4 CD and DVD Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdr4_xp.sys [2432] O58 - SDL:05/10/2006 - 03:42:42 ----- . (.Sonic Solutions - CDRAL Place Holder Driver (see PxHelp).) -- C:\Windows\System32\Drivers\cdralw2k.sys [2560] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\cmdide.sys [19000] O58 - SDL:02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\System32\Drivers\djsvs.sys [71272] O58 - SDL:31/01/2007 - 00:01:00 ---A- . (.Ralink Technology Inc. - Ralink 802.11 Wireless Adapter Driver.) -- C:\Windows\System32\Drivers\Dr71WU.sys [256000] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel(R) PRO/1000.) -- C:\Windows\System32\Drivers\E1G60I32.sys [118784] O58 - SDL:21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584] O58 - SDL:18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\System32\Drivers\GEARAspiWDM.sys [26600] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\System32\Drivers\HpCISSs.sys [40504] O58 - SDL:29/09/2007 - 23:03:12 ----- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStor.sys [308248] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\System32\Drivers\iaStorV.sys [235064] O58 - SDL:02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\System32\Drivers\iirsp.sys [41576] O58 - SDL:02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944] O58 - SDL:02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944] O58 - SDL:03/04/2008 - 13:58:46 ----- . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\System32\Drivers\jraid.sys [76688] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_fc.sys [96312] O58 - SDL:21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_sas.sys [89656] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\System32\Drivers\lsi_scsi.sys [96312] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\System32\Drivers\megasas.sys [31288] O58 - SDL:21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\System32\Drivers\MegaSR.sys [386616] O58 - SDL:02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\System32\Drivers\Mraid35x.sys [33384] O58 - SDL:01/05/2008 - 07:35:54 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\Windows\System32\Drivers\NETw5v32.sys [3660800] O58 - SDL:02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\System32\Drivers\nfrd960.sys [45160] O58 - SDL:26/08/2011 - 10:03:28 ---A- . (.Norman ASA - Norman Network Security Driver.) -- C:\Windows\System32\Drivers\nnetsec.sys [53928] O58 - SDL:11/08/2011 - 13:52:59 ---A- . (.Norman ASA - Norman Network Security Driver.) -- C:\Windows\System32\Drivers\nnetsecl.sys [30856] O58 - SDL:11/08/2011 - 13:52:59 ---A- . (.Norman ASA - Norman Network Security Driver.) -- C:\Windows\System32\Drivers\nnetsecl64.sys [34440] O58 - SDL:02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\System32\Drivers\ntrigdigi.sys [20608] O58 - SDL:25/02/2013 - 23:22:06 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 311.06.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [8939296] O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [102968] O58 - SDL:21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [45112] O58 - SDL:20/11/2008 - 20:19:06 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\Windows\System32\Drivers\pxhelp20.sys [43872] O58 - SDL:21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\System32\Drivers\ql2300.sys [1122360] O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\System32\Drivers\ql40xx.sys [106088] O58 - SDL:25/04/2008 - 08:20:44 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function Driver.) -- C:\Windows\System32\Drivers\RTKVHDA.sys [2126688] O58 - SDL:28/12/2007 - 18:21:54 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\System32\Drivers\Rtlh86.sys [104448] O58 - SDL:02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\System32\Drivers\secdrv.sys [20480] O58 - SDL:21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\System32\Drivers\sisraid4.sys [74808] O58 - SDL:24/12/2009 - 17:00:40 R--A- . (.Google Inc - ADB Interface.) -- C:\Windows\System32\Drivers\smhwadb.sys [25728] O58 - SDL:14/01/2010 - 08:04:08 R--A- . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\System32\Drivers\smhwdev.sys [101120] O58 - SDL:04/02/2010 - 13:23:12 R--A- . (.Qualcomm Inc. - USB/Serial Device Driver.) -- C:\Windows\System32\Drivers\smhwser.sys [108416] O58 - SDL:16/12/2014 - 18:53:46 ---A- . (...) -- C:\Windows\System32\Drivers\SPPD.sys [18872] O58 - SDL:02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\symc8xx.sys [35944] O58 - SDL:02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_hi.sys [31848] O58 - SDL:02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\System32\Drivers\sym_u3.sys [34920] O58 - SDL:11/11/2011 - 15:29:52 ---A- . (.Norman ASA - Firewall TDIL driver.) -- C:\Windows\System32\Drivers\tdi_nf.sys [457048] O58 - SDL:05/12/2012 - 07:27:46 ---A- . (.Seiko Epson Corporation - EPSON USB Device Driver for TM/BA/EU Printers.) -- C:\Windows\System32\Drivers\TMUSBXP.sys [49408] O58 - SDL:21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648] O58 - SDL:02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816] O58 - SDL:25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [43520] O58 - SDL:21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\viaide.sys [20024] O58 - SDL:21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\System32\Drivers\vsmraid.sys [130616] O58 - SDL:11/12/2014 - 17:33:00 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}Gt.sys [55816] =>PUP.LinkiDoo O58 - SDL:12/12/2014 - 20:27:32 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}t.sys [55816] =>PUP.LinkiDoo O58 - SDL:11/12/2014 - 03:28:14 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt.sys [55816] =>PUP.LinkiDoo O58 - SDL:15/12/2014 - 00:30:08 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t.sys [55816] =>PUP.LinkiDoo O58 - SDL:02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] O58 - SDL:02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097] O58 - SDL:21/11/2007 - 10:31:26 ---A- . (...) -- C:\Windows\System32\directport.sys [7168] O58 - SDL:02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768] O58 - SDL:31/03/2008 - 12:02:34 ---A- . (.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) -- C:\Windows\System32\kbfiltr.sys [8192] O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809] O58 - SDL:02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537] O58 - SDL:02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866] O58 - SDL:02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146] O58 - SDL:02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370] O58 - SDL:02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274] O58 - SDL:02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146] O58 - SDL:02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952] O58 - SDL:02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672] O58 - SDL:02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776] O58 - SDL:02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536] O58 - SDL:02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672] ~ Drivers: 89 Scanned in 00mn 07s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 11/12/2014 - 23:55:48 ---A- . (.The Chromium Authors.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\41.0.2231.0\Installer\setup.exe [1006080] O61 - LFC: 11/12/2014 - 23:55:51 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Local\RGMService\Uninstall.exe [262048] O61 - LFC: 11/12/2014 - 23:55:55 ----- . (.PC Utilities Software Limited.) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\is765589038\727E05F9_stp\OptimizerPro.exe [8014840] =>PUP.OptimizerPro O61 - LFC: 11/12/2014 - 23:55:56 ---A- . (.PC Utilities Software Limited.) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\optprosetup.exe [7831576] O61 - LFC: 11/12/2014 - 23:55:57 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\rtnOeK9w2j.exe [6552612] O61 - LFC: 11/12/2014 - 23:55:58 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\Shuka\uninstall.exe [284094] O61 - LFC: 11/12/2014 - 23:55:58 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\smartbar\08999890-ae99-443c-9537-dc6632b64a5c\Shuka.exe [4839547] O61 - LFC: 11/12/2014 - 23:55:59 ---A- . (.Robert Simpson, et al..) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\System.Data.SQLite43490.dll [1053184] O61 - LFC: 11/12/2014 - 23:56:02 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Local\ysewbb.exe [2822144] O61 - LFC: 11/12/2014 - 23:56:07 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [126976] =>Hijacker.DSite O61 - LFC: 11/12/2014 - 23:56:13 ---A- . (...) -- C:\Users\Alexis Guiengani\Application Data\DigitalSites\UpdateProc\UpdateTask.exe [126976] =>Hijacker.DSite O61 - LFC: 11/12/2014 - 23:56:15 ---A- . (...) -- C:\Users\Alexis Guiengani\Desktop\UltimateCodecsSetup (1).exe [799008] O61 - LFC: 11/12/2014 - 23:56:15 ---A- . (...) -- C:\Users\Alexis Guiengani\Downloads\UltimateCodecsSetup.exe [799008] O61 - LFC: 11/12/2014 - 23:56:15 ---A- . (.Nicolas Coolman.) -- C:\Users\Alexis Guiengani\Desktop\ZHPDiag2-2014.12.9.172.exe [5243904] =>.Nicolas Coolman O61 - LFC: 16/12/2014 - 23:55:59 ---A- . (.Robert Simpson, et al..) -- C:\Users\Alexis Guiengani\AppData\Local\Temp\System.Data.SQLite34c9f672-1109-4110-8624-da8c81c3083d.dll [1053184] O61 - LFC: 16/12/2014 - 23:56:13 ---A- . (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\newnext.me\cache\spark.bin [649] =>PUP.NextLive O61 - LFC: 16/12/2014 - 23:56:14 ---A- . (...) -- C:\Users\Alexis Guiengani\Application Data\newnext.me\cache\spark.bin [649] =>PUP.NextLive O61 - LFC: 16/12/2014 - 23:56:15 ---A- . (.Nicolas Coolman.) -- C:\Users\Alexis Guiengani\Downloads\ZHPDiag2.exe [6867625] =>.Nicolas Coolman ~ 9403 Fichiers temporaires (Temporary files) ~ 3628 Fichiers cookies (Cookies files) ~ Files: 18 Scanned in 00mn 28s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 21/11/2007 - C:\Windows\system32\directport.sys (GpdDevDPort) .(...) - LEGACY_GPDDEVDPORT O64 - Services: CurCS - 31/03/2008 - C:\Windows\system32\kbfiltr.sys (GpdKbFilter) .(.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) - LEGACY_GPDKBFILTER O64 - Services: CurCS - 12/07/2011 - c:\program files\norman\ngs\bin\ngs.sys (NGS) .(.Norman ASA - Norman General Security Driver.) - LEGACY_NGS O64 - Services: CurCS - 11/11/2011 - C:\Program Files\Norman\Ngs\Bin\nprosec.sys (NPROSEC) .(.Norman ASA - Process Security Driver.) - LEGACY_NPROSEC O64 - Services: CurCS - 11/11/2011 - C:\Program Files\Norman\Ngs\Bin\nregsec.sys (nregsec) .(.Norman ASA - Registry Filter Driver.) - LEGACY_NREGSEC O64 - Services: CurCS - 02/11/2006 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 11/12/2014 - C:\Windows\System32\drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}Gt.sys ({3211ae5b-d056-4176-9f6e-b51496f003f1}Gt) .(.StdLib - StdLib.) - LEGACY_{3211AE5B-D056-4176-9F6E-B51496F003F1}GT =>PUP.LinkiDoo O64 - Services: CurCS - 12/12/2014 - C:\Windows\System32\drivers\{3211ae5b-d056-4176-9f6e-b51496f003f1}t.sys ({3211ae5b-d056-4176-9f6e-b51496f003f1}t) .(.StdLib - StdLib.) - LEGACY_{3211AE5B-D056-4176-9F6E-B51496F003F1}T =>PUP.LinkiDoo O64 - Services: CurCS - 11/12/2014 - C:\Windows\System32\drivers\{3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt.sys ({3283b201-5c22-4a7d-8767-24ec5d376ea3}Gt) .(.StdLib - StdLib.) - LEGACY_{3283B201-5C22-4A7D-8767-24EC5D376EA3}GT =>PUP.LinkiDoo O64 - Services: CurCS - 15/12/2014 - C:\Windows\System32\drivers\{47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t.sys ({47a3b56f-80e6-4ea5-8093-7656ffd5c11a}t) .(.StdLib - StdLib.) - LEGACY_{47A3B56F-80E6-4EA5-8093-7656FFD5C11A}T =>PUP.LinkiDoo ~ Legacy: 79 Scanned in 00mn 00s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.scr> [HKLM\..\open\Command] (...) -- "%1" /S O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe ~ FASS Keys: 11 Scanned in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.The Chromium Authors - Chromium.) -- C:\Users\Alexis Guiengani\AppData\Local\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.awesomehp.com =>PUP.Awesomehp ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.aflt", "dsites1202"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtCyC0E0A0AyEtB0E0BtDtD0FtA0EtN0D0Tzu0SyBtBtCtN1L2XzutBtFtBtFtCyEtFtCt[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.cr", "265843075"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.dfltLng", ""); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.dfltSrch", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.dnsErr", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.excTlbr", false); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.hmpg", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.hmpgUrl", "http://start.mysearchdial.com/?f=1&a=dsites1202&cd=2XzuyEtN2Y1L1QzutDtDtCyC0E0A0AyEt[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.id", "0016EAA42EB00F3E"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.instlDay", "16061"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.instlRef", ""); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.newTabUrl", "http://start.mysearchdial.com/?f=2&a=dsites1202&cd=2XzuyEtN2Y1L1QzutDtDtCyC0E0A0Ay[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.prdct", "mysearchdial"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.tlbrId", "base"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.tlbrSrchUrl", "http://start.mysearchdial.com/?f=3&a=dsites1202&cd=2XzuyEtN2Y1L1QzutDtDtCyC0E0A0[...] =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.vrsn", "1.8.21.0"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial.vrsni", "1.8.21.0"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial_i.hmpg", true); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial_i.newTab", false); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial_i.smplGrp", "none"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.010:45:52"); =>Adware.MyWebSearch O69 - SBI: prefs.js [Alexis Guiengani - looymxwc.default] user_pref("plugin.state.npconduitfirefoxplugin", 0); O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (Web Search) - http://feed.snapdo.com =>Hijacker.SmartBar O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom O69 - SBI: SearchScopes [HKCU] {73A28ACE-4DFD-4E60-AEDF-CDA54EBCD31B} - (Yahoo!) - http://search.yahoo.com O69 - SBI: SearchScopes [HKCU] {D66238DD-F9D3-49DA-850A-EAB825696951} - (FindWide) - http://search.findwide.com =>Hijacker.SearchFindWide O69 - SBI: SearchScopes [HKUS\.DEFAULT] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com O69 - SBI: SearchScopes [HKUS\S-1-5-18] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les service demarrés par Svchost (SSS) (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [444928] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [316928] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll [449536] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [247808] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [200704] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [68096] ~ Services: 31 Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.7C68CEF3499DAE8E149B153029772128] [SPRF][10/11/2008] (...) -- C:\ProgramData\ezsidmv.dat [56] [MD5.C101DC44BB13FA0FC440378661A9EAB3] [SPRF][18/11/2011] (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\skype.dat [86016] [MD5.ABED40E70E089741377A42565DD27052] [SPRF][14/12/2012] (...) -- C:\Users\Alexis Guiengani\AppData\Roaming\wklnhst.dat [1544] [MD5.A438973468755861E5B9186977C43BF2] [SPRF][10/11/2008] (.Mozilla - Firefox.) -- C:\Users\Alexis Guiengani\Desktop\Firefox Setup 3.0.3.exe [7606832] [MD5.5D2ECAB125B230A9979FD282385B03FD] [SPRF][11/12/2014] (.Pas de propriétaire - Software internet Setup.) -- C:\Users\Alexis Guiengani\Desktop\UltimateCodecsSetup (1).exe [799008] [MD5.8A6ED9CF9EF9DD82BE41A4BF334418DA] [SPRF][16/06/2009] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Alexis Guiengani\Desktop\window live messenger.exe [1161576] [MD5.6BE7E799B2C8B6E4F60F0A1E67FC63AA] [SPRF][11/12/2014] (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Alexis Guiengani\Desktop\ZHPDiag2-2014.12.9.172.exe [5243904] ~ Files: 7 Scanned in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{539D656D-3976-4B2D-AA9B-4313B83FD87B}" | In - None - P17 - TRUE | .(.Findwide - Pas de description.) -- C:\Users\Alexis Guiengani\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe =>Hijacker.SearchFindWide O87 - FAEL: "{0525C084-EE6A-40A9-8983-1D157E0FD48E}" | In - Public - P6 - TRUE | .(.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files\PremierOpinion\pmropn.exe =>Adware.PremierOpinion O87 - FAEL: "{0E7BB075-3711-4D4B-9900-D1F77C44A66A}" | In - Public - P17 - TRUE | .(.VoiceFive, Inc. - PremierOpinion.) -- C:\Program Files\PremierOpinion\pmropn.exe =>Adware.PremierOpinion ~ Firewall: 3 Scanned in 00mn 05s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "5C9F59CB830AEE547A93698B6A7DF9D7" . (.Boxore Client.) -- C:\Windows\Installer\{BC95F9C5-A038-45EE-A739-96B8A6D79F7D}\Boxore.ico =>Adware.Boxore ~ Update Products: 1 Scanned in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: Dossiers Web - {BDEADF00-C265-11D0-BCED-00A0C90AB50F} ~ MNS: 1 Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.D2F8431328A2CDDAE9DC8DBB4D11AB2F] [WIS][07/12/2014] (.Boxore OU - Boxore Client Installer.) -- C:\Windows\Installer\216a4c.msi [612352] =>Adware.Boxore [MD5.0389F751636C41ECA75AFA7DE1AFB417] [WIS][16/05/2014] (.ReSoft Ltd. - Snap.Do.) -- C:\Windows\Installer\dd0ac.msi [2022912] =>Hijacker.SmartBar ~ WIS: 2 Scanned in 00mn 03s ---\\ Recherche de clés de registre CLSID (O101) [HKCR\CLSID\{11111111-1111-1111-1111-110511421153}] (Fpro1.2) =>PUP.CrossRider [HKCR\CLSID\{22222222-2222-2222-2222-220522422253}] (CrossriderApp0054253.Sandbox) =>PUP.CrossRider [HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SmartbarInternetExplorerBHOEngine) =>Hijacker.SmartBar [HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}] (VideoDownloadConverter) =>Adware.VideoDownloadConverter [HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate [HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate [HKCR\CLSID\{abe5653a-4fd9-4007-bf1c-84338959478f}] (deal4real) =>PUP.Deal4reaL [HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar [HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate [HKCR\CLSID\{D614B335-199E-4A5D-ABC6-6BF72658F359}] (FindWide Toolbar) =>Hijacker.SearchFindWide [HKCR\CLSID\{e90c969d-37a0-41bc-8c57-0eb98469fd75}] (greatsaving) =>PUP.GreatSaving [HKCR\CLSID\{EFA7A511-B491-4312-BB35-4586B99E45ED}] (Boxore) =>Adware.Boxore ~ BCK: 6189 Scanned in 00mn 46s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Auto 16/05/2014 68608 | (globalUpdate) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate SS - | Demand 16/05/2014 68608 | (globalUpdatem) . (.globalUpdate.) - C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate SS - | Auto 10/07/1658 0 | (NewPlayer) . (...) - C:\Program Files\NewPlayer\NewPlayerLwr161.exe =>Adware.NewPlayer SS - | Demand 28/02/2008 529704 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe SS - | Demand 10/07/1658 0 | (NVCScheduler) . (...) - C:\Program Files\Norman\Npm\bin\NVCSCHED.exe SS - | Auto 23/10/2013 172192 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe SS - | Auto 03/07/2014 119408 | (Software_update) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SS - | Demand 03/07/2014 119408 | (Software_update_m) . (.The Software Group.) - C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore SR - | Auto 10/07/1658 0 | (64af91bf) . (...) - C:\Program Files\fastan~1\FastAndSafeSvc.dll SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 27/11/2014 3312960 | (CltMngSvc) . (.Client Connect LTD.) - C:\Program Files\SearchProtect\Main\bin\CltMngSvc.exe =>PUP.SearchProtect SR - | Auto 24/10/2011 76232 | (eLoggerSvc6) . (.Norman ASA.) - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe SR - | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 29/04/2008 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe SR - | Auto 14/11/2011 231216 | (NNFSVC) . (.Norman ASA.) - C:\Program Files\Norman\Ngs\Bin\Nnf.exe SR - | Demand 03/02/2012 116056 | (Norman NJeeves) . (...) - C:\Program Files\Norman\Npm\bin\NJEEVES.exe SR - | Auto 13/02/2012 431320 | (Norman ZANDA) . (.Norman ASA.) - C:\Program Files\Norman\Npm\Bin\Zanda.exe SR - | Auto 30/09/2011 90144 | (NPROSECSVC) . (.Norman ASA.) - C:\Program Files\Norman\Ngs\Bin\Nprosec.exe SR - | Auto 19/10/2011 100936 | (NVOY) . (.Norman ASA.) - C:\Program Files\Norman\npm\bin\nvoy.exe SR - | Auto 18/01/2013 639776 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 25/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Auto 22/02/2008 94208 | (OsdService) . (.TODO: <公司名稱>.) - C:\Program Files\OEM\OSD_1.12\OsdService.exe SR - | Auto 19/12/2006 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\Windows\system32\IoctlSvc.exe SR - | Auto 31/10/2014 213816 | (PremierOpinion) . (.VoiceFive, Inc..) - C:\Program Files\PremierOpinion\pmservice.exe =>Adware.PremierOpinion SR - | Auto 27/10/2014 28160 | (RGMUpdater) . (...) - C:\Users\Alexis Guiengani\AppData\Local\RGMService\RGMUpdater.exe SR - | Demand 11/04/2011 99312 | (Scheduler) . (.Norman ASA.) - C:\Program Files\Norman\Npm\Bin\scheduler.exe SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 16/12/2014 523496 | (Update DigiHelp) . (...) - C:\Program Files\DigiHelp\updateDigiHelp.exe SR - | Auto 16/12/2014 523496 | (Util DigiHelp) . (...) - C:\Program Files\DigiHelp\bin\utilDigiHelp.exe SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 49s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ MBR: 1 Scanned in 00mn 02s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Alexis Guiengani at 16/12/2014 23:58:59 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ---\\ Scan Additionnel (O88) Database Version : 13026 - (16/12/2014) Clés trouvées (Keys found) : 91 Valeurs trouvées (Values found) : 5 Dossiers trouvés (Folders found) : 51 Fichiers trouvés (Files found) : 89 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421153}] =>PUP.CrossRider^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Hijacker.SmartBar^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3B2BE12-88D8-4BC8-A4F4-76F7D7528A0C}] =>PUP.SaverPro^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABE5653A-4FD9-4007-BF1C-84338959478F}] =>PUP.Deal4reaL^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E90C969D-37A0-41BC-8C57-0EB98469FD75}] =>PUP.GreatSaving^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFA7A511-B491-4312-BB35-4586B99E45ED}] =>Adware.Boxore^ [HKLM\SYSTEM\CurrentControlSet\Services\64af91bf] =>PUP.FastAndSafe^ [HKLM\SYSTEM\CurrentControlSet\Services\CltMngSvc] =>PUP.SearchProtect^ [HKLM\SYSTEM\CurrentControlSet\Services\globalUpdate) (globalUpdate] =>PUP.GlobalUpdate^ [HKLM\SYSTEM\CurrentControlSet\Services\NewPlayer] =>Adware.NewPlayer^ [HKLM\SYSTEM\CurrentControlSet\Services\PremierOpinion] =>Adware.PremierOpinion^ [HKLM\SYSTEM\CurrentControlSet\Services\Software_update) (Software_update] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC95F9C5-A038-45EE-A739-96B8A6D79F7D}] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab] =>PUP.RocketTab^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Bubble Dock] =>PUP.BubbleDock^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites] =>PUP.Dealply^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}] =>PUP.FastAndSafe^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{200BB6B1-321B-4F86-95FC-14145A53E8DD}] =>Hijacker.SearchFindWide^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fpro1.2] =>PUP.CrossRider^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ysewbb] =>PUP.Genesis^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1] =>PUP.ChampionDeals^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\C7BA5201-816F-9A20-8CC5-2C1574161A4B] =>Adware.NewPlayer^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}] =>Adware.PremierOpinion^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{94851E46-5E5B-DD67-2593-709E8D27DC4C}] =>PUP.SaverPro^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect] =>PUP.SearchProtect^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB65D81D-303A-4DDB-AC7C-12C9CD9F67FB}] =>Hijacker.SmartBar^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Ultimate Codecs Setup Wizard Packages] =>Adware.InstallCore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Firefox] =>Adware.VideoDownloadConverter^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Internet Explorer] =>Adware.VideoDownloadConverter^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WPM] =>PUP.WpManager^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\awesomehp uninstaller] =>PUP.Awesomehp^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2FA77785-00C3-A920-6452-D4FE5C9C129F}] =>PUP.Deal4reaL^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{439763FF-59EC-FF1D-B0B5-CB9E213A7A5C}] =>PUP.GreatSaving^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{614925F9-841A-53FE-A28F-DC30FA07239B}] =>PUP.SaveNet^ [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar [HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch [HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch [HKLM\Software\Classes\SpeedUpMyPC] =>PUP.SpeedUpMyPC [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd [HKCU\Software\Boxore] =>Adware.Boxore [HKLM\Software\Boxore] =>Adware.Boxore [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\VDC_is1] =>Adware.VideoDownloadConverter [HKLM\Software\Iminent] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>Toolbar.Conduit [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKLM\Software\Tutorials] =>Spyware.AgenceExclusive [HKLM\SOFTWARE\SOFTWARE\UPDATE\CLIENTS\{5B54E9B6-D6C4-11E0-8E9D-92FB4824019B}] =>Adware.Boxore [HKCU\Software\InstallCore] =>Adware.InstallCore [HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKCU\Software\InstalledBrowserExtensions\] =>PUP.CrossRider [HKLM\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff] =>Adware.MyWebSearch [HKCU\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKCU\Software\AppDataLow\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKLM\Software\VideoDownloadConverter_4z] =>Adware.VideoDownloadConverter [HKCU\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKLM\Software\InstalledBrowserExtensions] =>PUP.CrossRider [HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}] =>PUP.OptimizerPro [HKLM\Software\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}] =>Adware.BrowseFox [HKLM\Software\Classes\CrossriderApp0054253.BHO] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0054253.BHO.1] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0054253.Sandbox] =>PUP.CrossRider [HKLM\Software\Classes\CrossriderApp0054253.Sandbox.1] =>PUP.CrossRider [HKLM\Software\Classes\Toolbar.CT2095689] =>Toolbar.Conduit [HKLM\Software\Classes\CLSID\{11111111-1111-1111-1111-110511421153}] =>PUP.CrossRider [HKLM\Software\Classes\CLSID\{22222222-2222-2222-2222-220522422253}] =>PUP.CrossRider [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\iminent] =>Adware.IMBooster [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0DA5D75B5B33B4B83724742699814F] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AAC05EAA51DC78A41A1DCE3B31038584] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C506B89D971FBA3418F37674F3BC1244] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FEA78903E905F6C41BA2E3CC615507CA] =>Adware.Boxore^ [HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{CFBFAE00-17A6-11D0-99CB-00C04FD64497} =>Hijacker.SearchFindWide^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{48586425-6bb7-4f51-8dc6-38c88e3ebb58} =>Adware.VideoDownloadConverter^ [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:mobilegeni daemon =>PUP.Mobogenie^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:NextLive =>PUP.NextLive^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]:DigitalSites =>Hijacker.DSite^ C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com =>Adware.VideoDownloadConverter^ C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com =>PUP.CrossRider^ C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\extensions\iuyeakdfb@a-oyyo.net =>PUP.SaveNet^ C:\Program Files\Bench =>PUP.GiganticSavings^ C:\Program Files\Boxore =>Adware.Boxore^ C:\Program Files\Fpro1.2 =>PUP.CrossRider^ C:\Program Files\globalUpdate =>PUP.GlobalUpdate^ C:\Program Files\globalUpdate(114) =>PUP.GlobalUpdate^ C:\Program Files\InfoTrigger =>PUP.InfoTrigger^ C:\Program Files\Mobogenie =>PUP.Mobogenie^ C:\Program Files\MyPC Backup =>PUP.MyPCBackup^ C:\Program Files\NewPlayer =>Adware.NewPlayer^ C:\Program Files\predm =>Adware.Downware^ C:\Program Files\PremierOpinion =>Adware.PremierOpinion^ C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner^ C:\Program Files\Search Extensions =>PUP.RocketTab^ C:\Program Files\SearchProtect =>PUP.SearchProtect^ C:\Program Files\Video Download Converter =>Adware.VideoDownloadConverter^ C:\ProgramData\deal4real =>PUP.Deal4reaL^ C:\ProgramData\Fast And Safe =>PUP.FastAndSafe^ C:\ProgramData\greatsaving =>PUP.GreatSaving^ C:\ProgramData\LowPricesApp =>PUP.ChampionDeals^ C:\ProgramData\saveiranet =>PUP.SaveNet^ C:\ProgramData\SaverPro =>PUP.SaverPro^ C:\ProgramData\WPM =>PUP.WpManager^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PremierOpinion =>Adware.PremierOpinion^ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Download Converter =>Adware.VideoDownloadConverter^ C:\Users\Alexis Guiengani\AppData\Roaming\1H1Q1V1N1N1O1R =>Adware.InstallCore^ C:\Users\Alexis Guiengani\AppData\Roaming\Activeris =>PUP.Activeris^ C:\Users\Alexis Guiengani\AppData\Roaming\Advernet =>Hijacker.Proxy^ C:\Users\Alexis Guiengani\AppData\Roaming\DigitalSites =>Hijacker.DSite^ C:\Users\Alexis Guiengani\AppData\Roaming\newnext.me =>PUP.NextLive^ C:\Users\Alexis Guiengani\AppData\Roaming\Nosibay =>PUP.BubbleDock^ C:\Users\Alexis Guiengani\AppData\Local\BoBrowser =>PUP.BoBrowser^ C:\Users\Alexis Guiengani\AppData\Local\Boxore =>Adware.Boxore^ C:\Users\Alexis Guiengani\AppData\Local\Chromatic Browser =>PUP.ChromaticBrowser^ C:\Users\Alexis Guiengani\AppData\Local\genienext =>PUP.NextLive^ C:\Users\Alexis Guiengani\AppData\Local\globalUpdate =>PUP.GlobalUpdate^ C:\Users\Alexis Guiengani\AppData\Local\LPT =>Adware.Incredibar^ C:\Users\Alexis Guiengani\AppData\Local\Mobogenie =>PUP.Mobogenie^ C:\Users\Alexis Guiengani\AppData\Local\MySearchs =>Adware.MyWebSearch^ C:\Users\Alexis Guiengani\AppData\Local\TVWizard =>PUP.TVWizard^ C:\Users\Alexis Guiengani\AppData\Local\VideoDownloadConverter_4z =>Adware.VideoDownloadConverter^ C:\Users\Alexis Guiengani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock =>PUP.BubbleDock^ C:\Program Files\Software =>Adware.Boxore C:\Users\Alexis Guiengani\AppData\Local\Smartbar =>Hijacker.SmartBar C:\Users\Alexis Guiengani\AppData\Local\Software =>Adware.Boxore C:\Users\Alexis Guiengani\AppData\LocalLow\FilmFanatic =>Toolbar.Agent C:\Users\Alexis Guiengani\AppData\LocalLow\Smartbar =>Hijacker.SmartBar C:\Users\Alexis Guiengani\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar C:\Users\Alexis Guiengani\AppData\Roaming\Mozilla\Firefox\Profiles\looymxwc.default\VideoDownloadConverter_4z =>Adware.VideoDownloadConverter C:\Program Files\Search Extensions\Client.exe =>PUP.RocketTab^ C:\Program Files\Boxore\Boxore Client\boxore.exe =>Adware.Boxore^ C:\Users\Alexis Guiengani\AppData\Local\Smartbar\Application\SnapDo.exe =>Hijacker.SmartBar^ C:\Program Files\PremierOpinion\pmropn.exe =>Adware.PremierOpinion^ C:\Program Files\PremierOpinion\pmropn32.exe =>Adware.PremierOpinion^ C:\Program Files\Fpro1.2\Fpro1.2-codedownloader.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\Fpro1.2-novainstaller.exe =>PUP.CrossRider^ C:\Program Files\Fpro1.2\Fpro1.2-nova.exe =>PUP.CrossRider^ C:\Users\Alexis Guiengani\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.exe =>Hijacker.DSite^ C:\Program Files\globalUpdate\Update\GoogleUpdate.exe =>PUP.GlobalUpdate^ C:\Program Files\Search Extensions\uninstall.exe =>PUP.RocketTab^ C:\Program Files\Software\Update\SoftwareUpdate.exe =>Adware.Boxore^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-1 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-2 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-3 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-4 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-5 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-6 =>PUP.CrossRider^ C:\Windows\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7.job =>PUP.CrossRider^ C:\Windows\System32\Tasks\18a7bca1-4fb4-4a4f-a70d-6afe24c95f28-7 =>PUP.CrossRider^ C:\Windows\Tasks\Digital Sites.job =>Hijacker.DSite^ C:\Windows\System32\Tasks\Digital Sites =>Hijacker.DSite^ C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job =>PUP.GlobalUpdate^ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore =>PUP.GlobalUpdate^ C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job =>PUP.GlobalUpdate^ C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA =>PUP.GlobalUpdate^ C:\Windows\Tasks\NewPlayer Update.job =>Adware.NewPlayer^ C:\Windows\System32\Tasks\NewPlayer Update =>Adware.NewPlayer^ C:\Windows\Tasks\NewPlayer_wd.job =>Adware.NewPlayer^ C:\Windows\System32\Tasks\NewPlayer_wd =>Adware.NewPlayer^ C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job =>Adware.Boxore^ C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineCore =>Adware.Boxore^ C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job =>Adware.Boxore^ C:\Windows\System32\Tasks\SoftwareUpdateTaskMachineUA =>Adware.Boxore^ [HKCU\Software\AppDataLow\Software\Fpro1.2] =>PUP.CrossRider^ [HKCU\Software\AppDataLow\Software\GenericAddon] =>PUP.GenericAddon^ [HKCU\Software\DSiteProducts] =>Hijacker.DSite^ [HKCU\Software\Optimizer Pro] =>PUP.OptimizerPro^ [HKCU\Software\RocketTabInstalled] =>PUP.RocketTab^ [HKCU\Software\SearchProtectINT] =>PUP.SearchProtect^ [HKCU\Software\SearchProtectWS] =>PUP.SearchProtect^ [HKCU\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\TutoTag] =>PUP.AgenceExclusive^ [HKCU\Software\genesis] =>PUP.Genesis^ [HKCU\Software\globalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\FreeSoftToday] =>Adware.FreeSoftToday^ [HKLM\Software\GlobalUpdate] =>PUP.GlobalUpdate^ [HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp^ [HKLM\Software\awesomehpSoftware] =>PUP.Awesomehp^ [HKLM\Software\mysearchdial] =>Adware.MyWebSearch^ [HKLM\Software\supTab] =>PUP.SupTab^ [HKLM\Software\supWPM] =>PUP.WpManager^ C:\Windows\Installer\216a4c.msi =>Adware.Boxore^ C:\Windows\Installer\dd0ac.msi =>Hijacker.SmartBar^ [HKCR\CLSID\{11111111-1111-1111-1111-110511421153}] (Fpro1.2) =>PUP.CrossRider^ [HKCR\CLSID\{22222222-2222-2222-2222-220522422253}] (CrossriderApp0054253.Sandbox) =>PUP.CrossRider^ [HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SmartbarInternetExplorerBHOEngine) =>Hijacker.SmartBar^ [HKCR\CLSID\{48586425-6bb7-4f51-8dc6-38c88e3ebb58}] (VideoDownloadConverter) =>Adware.VideoDownloadConverter^ [HKCR\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^ [HKCR\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}] (globalUpdate.OneClickProcessLauncher) =>PUP.GlobalUpdate^ [HKCR\CLSID\{abe5653a-4fd9-4007-bf1c-84338959478f}] (deal4real) =>PUP.Deal4reaL^ [HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (Snap.Do) =>Hijacker.SmartBar^ [HKCR\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}] (globalUpdate Update Plugin) =>PUP.GlobalUpdate^ [HKCR\CLSID\{D614B335-199E-4A5D-ABC6-6BF72658F359}] (FindWide Toolbar) =>Hijacker.SearchFindWide^ [HKCR\CLSID\{e90c969d-37a0-41bc-8c57-0eb98469fd75}] (greatsaving) =>PUP.GreatSaving^ [HKCR\CLSID\{EFA7A511-B491-4312-BB35-4586B99E45ED}] (Boxore) =>Adware.Boxore^ C:\Users\Alexis Guiengani\AppData\Local\Temp\uninst1.exe =>PUP.Babylon C:\Users\Alexis Guiengani\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe =>PUP.SweetIM C:\Users\Alexis Guiengani\AppData\Local\Temp\SIMEEI2Installer.exe =>PUP.SweetIM C:\Users\Alexis Guiengani\AppData\Local\Temp\SIMEEIInstaller.exe =>PUP.SweetIM C:\Users\Alexis Guiengani\AppData\Local\Temp\wajam_install.exe =>PUP.Wajam C:\Users\Alexis Guiengani\AppData\Local\Temp\mgsqlite3.dll =>PUP.SweetIM C:\Users\Alexis Guiengani\AppData\Local\Temp\SearchProtectINT.exe =>Toolbar.Conduit ~ Additionnel Scan: 505288 Items scanned in 56mn 53s ---\\ Informations complémentaires sur les modules ~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5) ~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2) ~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3) ~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4) ~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51) ~ AMI: 5 Scanned in 00mn 00s ---\\ Récapitulatif des détections trouvées sur votre station http://www.nicolascoolman.fr/blog/ =>PUP.RocketTab http://nicolascoolman.fr/adware-boxore =>Adware.Boxore http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar http://nicolascoolman.fr/adware-premieropinion =>Adware.PremierOpinion http://nicolascoolman.fr/adware-mywebsearch =>Adware.MyWebSearch http://nicolascoolman.fr/hijacker-trovigo =>Hijacker.Trovigo http://nicolascoolman.fr/parasite-pugi =>Parasite.Pugi http://nicolascoolman.fr/hijacker-searchfindwide =>Hijacker.SearchFindWide http://www.nicolascoolman.fr/blog/ =>Adware.VideoDownloadConverter http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider http://www.nicolascoolman.fr/blog/ =>PUP.SaveNet http://nicolascoolman.fr/pup-globalupdate =>PUP.GlobalUpdate http://nicolascoolman.fr/pup-awesomehp =>PUP.Awesomehp http://nicolascoolman.fr/hijacker-proxy =>Hijacker.Proxy http://www.nicolascoolman.fr/blog/ =>PUP.SaverPro http://www.nicolascoolman.fr/blog/ =>PUP.Deal4reaL http://www.nicolascoolman.fr/blog/ =>PUP.GreatSaving http://nicolascoolman.fr/pup-mobogenie =>PUP.Mobogenie http://nicolascoolman.fr/adware-freesofttoday =>Adware.FreeSoftToday http://nicolascoolman.fr/pup-nextlive =>PUP.NextLive http://nicolascoolman.fr/hijacker-dsite =>Hijacker.DSite http://nicolascoolman.fr/pup-searchprotect =>PUP.SearchProtect http://nicolascoolman.fr/pup-fastandsafe =>PUP.FastAndSafe http://www.nicolascoolman.fr/blog/ =>Adware.NewPlayer http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo http://nicolascoolman.fr/pup-bubbledock =>PUP.BubbleDock http://nicolascoolman.fr/pup-dealply =>PUP.Dealply http://nicolascoolman.fr/pup-genesis =>PUP.Genesis http://www.nicolascoolman.fr/blog/ =>PUP.ChampionDeals http://nicolascoolman.fr/adware-installcore =>Adware.InstallCore http://nicolascoolman.fr/pup-wpmanager =>PUP.WpManager http://www.nicolascoolman.fr/blog/ =>PUP.GenericAddon http://nicolascoolman.fr/adware-vidsaver =>Adware.VidSaver http://nicolascoolman.fr/pup-optimizerpro =>PUP.OptimizerPro http://nicolascoolman.fr/spyware-agenceexclusive =>PUP.AgenceExclusive http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp http://nicolascoolman.fr/pup-suptab =>PUP.SupTab http://nicolascoolman.fr/pup-giganticsavings =>PUP.GiganticSavings http://nicolascoolman.fr/pup-infotrigger =>PUP.InfoTrigger http://nicolascoolman.fr/pup-mypcbackup =>PUP.MyPCBackup http://nicolascoolman.fr/adware-downware =>Adware.Downware http://nicolascoolman.fr/rogue-registrypowercleaner =>Rogue.RegistryPowerCleaner http://nicolascoolman.fr/pup-activeris =>PUP.Activeris http://www.nicolascoolman.fr/blog/ =>PUP.BoBrowser http://www.nicolascoolman.fr/blog/ =>PUP.ChromaticBrowser http://nicolascoolman.fr/adware-incredibar =>Adware.Incredibar http://nicolascoolman.fr/pup-tvwizard =>PUP.TVWizard http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent http://nicolascoolman.fr/pup-toparcadehits =>PUP.ToparcadeHits http://www.nicolascoolman.fr/blog/ =>Adware.Agent http://www.nicolascoolman.fr/blog/ =>PUP.SpeedUpMyPC http://nicolascoolman.fr/adware-predictad =>Adware.PredictAd http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit http://www.nicolascoolman.fr/blog/ =>Spyware.AgenceExclusive http://nicolascoolman.fr/pup-tarma =>PUP.Tarma http://nicolascoolman.fr/adware-browsefox =>Adware.BrowseFox http://nicolascoolman.fr/pup-babylon =>PUP.Babylon http://nicolascoolman.fr/pup-sweetim =>PUP.SweetIM http://nicolascoolman.fr/pup-wajam =>PUP.Wajam ~ MSI: 61 link(s) detected in 00mn 00s ---\\ Alert Messages WARNING : Hijacker Proxy found, Clean with ZHPCleaner Tool End of the scan (1863 lines in 51mn 29s)(0)