Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.22.135 par Nicolas Coolman, Update du 22/04/2013
Run by j�r�my at 23/04/2013 21:52:52
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540
MFIE: Mozilla Firefox 20.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Trend Micro Titanium Internet Security v3.1.1109
Windows Defender W7
---\\ System Optimizer
CCleaner v3.23
---\\ Software Update
Adobe Flash Player 11 Plugin
Java 7 Update 15
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6124 MB (58% free)
System Restore: Activ� (Enable)
System drive C: has 791 GB (86%) free of 914 GB
---\\ Logged in mode
~ Computer Name: J�R�MY-HP
~ User Name: j�r�my
~ All Users Names: j�r�my, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\j�r�my\AppData\Roaming\
~ %Desktop% : C:\Users\j�r�my\Desktop\
~ %Favorites% : C:\Users\j�r�my\Favorites\
~ %LocalAppData% : C:\Users\j�r�my\AppData\Local\
~ %StartMenu% : C:\Users\j�r�my\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 791 Go of 914 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 18 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2012 - 01:27:11.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.11/04/2012 - 01:27:52.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B8965FB53551B5455630A4B804D0791F] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/03/2013 - 07:04:53.) -- C:\Windows\system32\Drivers\ntfs.sys [1655656]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.11/04/2012 - 01:25:49.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/6
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 2/24
~ Mon Bureau (My Desktop) : 1/707
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.621022468E8D240B15BF98E5B5E2DAEC] - (.Uniblue Systems Limited - Uniblue DriverScanner Monitor.) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [26016] [PID.3720]
[MD5.59727297D6A30FC41E0427FFB1FD72F8] - (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6399344] [PID.3728]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3888]
[MD5.407FE7D64BF0257EC28D8DA8EF77DDA4] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe [1631144] [PID.4068]
[MD5.985AA2B4944765D4E12EC1957F89B426] - (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe [960512] [PID.4076]
[MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.4084]
[MD5.35238D8E052C7CFDDE63E6C11CE852FA] - (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe [1051984] [PID.2380]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208] [PID.3224]
[MD5.A387D093B66727BF3EDF517E2F4D87C5] - (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [1466760] [PID.3708]
[MD5.0A61A3ACE26CA4FC637BC8AF8C05CC00] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032] [PID.3688] =>PUP.SweetIM
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.4012]
[MD5.EEF94AAFE49902B376A96F1B33808F6D] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255360] [PID.4148]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.4528]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.4680]
[MD5.F8BEF2394721E0B2F315F25CEDCB0084] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216] [PID.5696]
[MD5.E6C1D2F421AF7096D75D0735C7E64542] - (.Hewlett-Packard - HP TouchSmart Calendar Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [20480] [PID.2092]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.1444]
[MD5.2F0B43190DA225D624DF41587C832296] - (...) -- C:\Program Files (x86)\Dofus2\app\Dofus.exe [142336] [PID.2236]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.8096]
[MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.7908]
[MD5.858E13176C6332EC966E2299BDD870D0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6961664] [PID.6880]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1888]
[MD5.C9DCE1CB628AEED3C0C30ABBF4F1E718] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2024]
[MD5.6C85719A21B3F62C2C76280F4BD36C7B] - (.Intel Corporation - Intel IPT Host Interface Service.) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [212944] [PID.1124]
[MD5.20B5060889E5BB239AF87E3E57B97867] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952] [PID.2076]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2384]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2584]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2820]
[MD5.0AB205EDC2D0DD419D88AF0E3C2358F2] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543656] [PID.5176]
[MD5.A3AD13CA2747953DDD4C9AE4FB925BEC] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384] [PID.5588]
[MD5.BF22ACF4CF3734D61357E67F0521BC03] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5636]
[MD5.A9C45E3CFD3054EF391827BCF0BF1F61] - (.Symantec Corporation - Symantec VIPAppService.) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [81552] [PID.5944]
[MD5.B097EBA0E3FEB020BB65FE43AF5ECCFF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.6036]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\j�r�my\AppData\Roaming\Mozilla\Firefox\Profiles\1l42wt92.default\prefs.js
C:\Users\j�r�my\AppData\Roaming\Mozilla\Firefox\Profiles\3c9t4p5j.default-1366739077488\prefs.js
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R3 - URLSearchHook: (no name) [64Bits] - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly [64Bits] - {EF7BD87A-8024-11E2-F316-F3E56188709B} . (.DealPly - DealPly for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - Trend Micro Client Main Console.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\j�r�my\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [Trust Gaming Mouse] . (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [DriverScanner] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe
O4 - HKCU\..\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKCU\..\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [Garmin Lifetime Updater] . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - HKLM\..\Wow6432Node\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKLM\..\Wow6432Node\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\j�r�my\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Trust Gaming Mouse] . (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [DriverScanner] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: DriverScanner.lnk . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\Launcher.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: �Torrent.lnk . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
O4 - GS\Desktop: Ivalice Cataclysme.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: Trend Micro Titanium Internet Security.lnk . (...) -- C:\Program Files (x86)\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (.not file.)
O4 - GS\Desktop: Trust Gaming Mouse.lnk . (...) -- C:\Users\j�r�my\AppData\Roaming\Microsoft\Installer\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}\_571B0ACEFE53D55E05A91E.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: VIPAppService (VIPAppService) . (.Symantec Corporation - Symantec VIPAppService.) - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
~ Services: 17 Legitimates Filtered in 00mn 04s
---\\ T�ches planifi�es en automatique (O39)
[MD5.59727297D6A30FC41E0427FFB1FD72F8] [APT] [Advanced System Protector_startup] (.Systweak.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6399344]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\j�r�my\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.99ADB71192790BD6DEE85233ED31F659] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [78424] =>PUP.DealPly
~ Scheduled Task: 30 Legitimates Filtered in 00mn 01s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM][64Bits] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.11.0.2 - (...) [HKLM][64Bits] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
~ Logic: 165 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\BitTorrent]
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\Softonic]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
~ Key Software: 223 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/02/2013 - 17:22:02 - [18,187] ----D C:\Program Files (x86)\Advanced System Protector
O43 - CFD: 06/04/2013 - 20:33:53 - [1,206] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 04/02/2013 - 00:06:52 - [5,084] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 04/02/2013 - 00:06:34 - [0,367] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 24/02/2013 - 13:37:58 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 04/02/2013 - 00:06:36 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 06/04/2013 - 20:34:04 - [0,000] ----D C:\Users\j�r�my\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 30/01/2013 - 15:28:34 - [0,000] ----D C:\Users\j�r�my\AppData\Roaming\LOLMacro
O43 - CFD: 23/04/2013 - 21:51:11 - [3,112] ----D C:\Users\j�r�my\AppData\Roaming\uTorrent
O43 - CFD: 06/04/2013 - 20:33:53 - [0,001] ----D C:\Users\j�r�my\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 202 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.112CAFEC5462297CE40D2858F2B9C872] - 05/04/2013 - 17:19:28 ---A- - C:\Windows\Prefetch\RESOURCE.EXE-E971D367.pf
O45 - LFCP:[MD5.B112C34C80E2F028443C7C3F79272F72] - 15/04/2013 - 12:27:32 ---A- - C:\Windows\Prefetch\WHITELIST.EXE-F3D2C582.pf
O45 - LFCP:[MD5.6885235DE5CC7A76AB5DD285437FCF7A] - 15/04/2013 - 21:00:09 ---A- - C:\Windows\Prefetch\PMB.EXE-3F581971.pf
O45 - LFCP:[MD5.29B10141AB49C55006E18A4FB2628772] - 23/04/2013 - 16:26:46 ---A- - C:\Windows\Prefetch\TRUST GAMING MOUSE.EXE-18F51063.pf
O45 - LFCP:[MD5.3333C39732EB1915CC5054C3874A574B] - 23/04/2013 - 19:34:59 ---A- - C:\Windows\Prefetch\VIPAPPSERVICE.EXE-D24F84DE.pf
O45 - LFCP:[MD5.DEFE37046123F44F83461F54A0081CCA] - 23/04/2013 - 19:44:19 ---A- - C:\Windows\Prefetch\TIPREAU.EXE-40A1E96D.pf
~ Prefetcher: 96 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 23/04/2013 - 16:27:46 ---A- C:\Users\j�r�my\AppData\Roaming\app\Jerakine_lang.dat [4861]
O61 - LFC: 23/04/2013 - 18:15:54 ---A- C:\Users\j�r�my\AppData\Local\launcher.exe [9110]
O61 - LFC: 23/04/2013 - 19:11:00 ---A- C:\Users\j�r�my\AppData\Roaming\AnkamaCertificates\v2-RELEASE\5fadf90c7ec35448fca2910a14b2cc4a [1005]
O61 - LFC: 23/04/2013 - 19:24:43 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht.dat.old [4118]
O61 - LFC: 23/04/2013 - 19:24:43 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\rss.dat.old [99]
O61 - LFC: 23/04/2013 - 19:31:46 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht.dat [1960]
O61 - LFC: 23/04/2013 - 19:31:46 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\rss.dat [99]
O61 - LFC: 23/04/2013 - 19:32:57 ---A- C:\Users\j�r�my\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10568\ASPLog.txt [31784]
O61 - LFC: 23/04/2013 - 19:33:40 ---A- C:\Users\j�r�my\AppData\Roaming\Systweak\Advanced System Protector\Settings.db [12288]
O61 - LFC: 23/04/2013 - 20:00:00 ---A- C:\Users\j�r�my\AppData\Roaming\Garmin\Lifetime Map Update\SetupLog.txt [150643]
O61 - LFC: 23/04/2013 - 20:00:00 ---A- C:\Users\j�r�my\AppData\Roaming\Garmin\Lifetime Map Update\lmuconfig.xml [7949]
O61 - LFC: 23/04/2013 - 20:02:50 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\settings.dat.old [190434]
O61 - LFC: 23/04/2013 - 20:12:06 ---A- C:\Users\j�r�my\AppData\Roaming\D2Info0 [125]
O61 - LFC: 23/04/2013 - 20:32:50 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\settings.dat [190434]
O61 - LFC: 23/04/2013 - 20:44:07 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht_feed.dat.old [2]
O61 - LFC: 23/04/2013 - 20:49:12 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht_feed.dat [2]
O61 - LFC: 23/04/2013 - 20:51:11 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\resume.dat.old [48601]
O61 - LFC: 23/04/2013 - 20:53:18 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\resume.dat [48547]
~ 9 Fichiers temporaires (Temporary files)
~ Files: 298 Legitimates Filtered in 00mn 21s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\j�r�my\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_TMP_city", "PARIS");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0076");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_location", "Paris, France");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"18°C\",\"temperatureClear\":\"18°C\",\"highTe[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PairingKey.enc", "");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_USER_ID.enc", "Y2lkXzI1MzIwMTMxOTYyMDI3ODEyNTY=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.UserID", "UN18803717952531816");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.autoDisableScopes", -1);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_experience_000.enc", "MzU=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_firstuse0100.enc", "MQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_user_id_000.enc", "Q0I5MTM2MDcxOTg3MjRfMTM2MzA3Njk5MDY5N19GaXJlZm94");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cbfirsttime.enc", "VHVlIE1hciAxMiAyMDEzIDA5OjI5OjUwIEdNVCswMTAw");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.defaultSearch", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableAlerts", "always");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableSearchFromAddressBar", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundError", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.installType", "xpe");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isPerformedSmartBarTransition", "true"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.lastVersion", "10.15.0.562");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM2NjczMTM2MTk5Ng==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b24=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IldpbmRvd1Nob3BwZXIiLCJjcml0ZXJpYXMiOlt7ImNyaXRlc[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS40LjQuNg==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI1MTgxMDM5OS00MDExLTQ1ZTQtODk5Mi04YTFmNTk1MjY2MWEiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM2NjczMTM1NzE5NQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2xpdGlxdWUgc3VyIGxlIGNvbnRlbnUifSwiZ2[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTE[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_userId.enc", "ZDVjOWQzYmItYWI0YS00MTMzLWI1MGItY2JhZDkzOWVkN2M2");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_user_apps_selection.enc", "");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fwww.google.fr%2F\",\"EB_MAIN_FRAME_TITLE\":\"[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.openThankYouPage", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.openUninstallPage", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.revertSettingsEnabled", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366469326889");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1366731354411");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1365438090189");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1366622456351");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364237860964");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363198434921");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366622457015");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1365438090367");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1366622456362");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1366622456133");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1363193599406");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1365438089943");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1366731354416");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1366622457122");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.shouldFirstTimeDialog", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.startPage", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarBornServerTime", "10-3-2013");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarCurrentServerTime", "22-4-2013");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarLoginClientTime", "Wed Mar 13 2013 21:00:51 GMT+0100");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vcGhvdG8ucGhwP2ZiaWQ9NTIwMDg2NTY4MDM4MjUxJnNldD1hLjQxNT[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366731349309,\"isWithState\"[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000&st=12&barid={FA7CFF4C-6E4D-11E2-962E-80C16EED7C[...] =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1F2F85CF-D1E4-4DBC-B405-C793854EB78B} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - http://eu.ask.com
O69 - SBI: SearchScopes [HKCU] {B5D3C32B-4641-4267-811E-4B99954E994D} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {d43b3890-80c7-4010-a95d-1e77b5924dc3} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.2F36B616202C6A187B3EE78B632DD315] [SPRF][23/04/2013] (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe [9110]
[MD5.3413EF8144C7907C023134FE1CBD359A] [SPRF][23/04/2013] (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe [748032]
[MD5.F4B5C53A74C44DC0731C7BCF89CEC624] [SPRF][24/02/2013] (.Mineria - Launcher Mineria.) -- C:\Users\j�r�my\Desktop\Launcher_Mineria.exe [355409]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][24/02/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\j�r�my\Desktop\Minecraft.exe [695296]
~ Files: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{E9C0976A-FBD0-4EEC-90EF-C62A1161C105}" | In - Domain - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{F1083054-30CF-48D7-B48B-A6F984E83700}" | In - Domain - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{CE8B4A63-659D-4D4C-AB44-91BC63364FA8}" | In - Private - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{7C30B77C-6FE6-4E20-BA1E-CBB0E02C0794}" | In - Private - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{7BC07296-4FAB-409D-890D-20BFF4779BA8}" | In - None - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{609EC5ED-F923-4925-8F80-3344C3A03DBD}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{F1473EC5-626C-4B88-86A3-570EABB43BA5}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
~ Firewall: 231 Legitimates Filtered in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11647 - (22/04/2013)
Cl�s trouv�es (Keys found) : 82
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 7
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2269050] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2269050] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\Users\j�r�my\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\j�r�my\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\j�r�my\AppData\LocalLow\Conduit =>Toolbar.Conduit
~ Additionnel Scan: 237054 Items scanned in 00mn 13s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "95731AF9B2C57714D9CD00838F5BEBDF" . (.Bing Bar.) -- C:\Windows\Installer\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}\icon_installer_ico
~ Update Products: 150 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/02/2012 235520 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 16/02/2011 256336 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Demand 01/08/2011 195320 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 20/07/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 16/08/2011 16384 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto ??\??\???? 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 03/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 14/12/2012 2466304 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 17/02/2011 682040 | (HPAuto) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
SR - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SS - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 09/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 24/02/2011 212944 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 11/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto 12/08/2011 1128952 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 19/04/2013 543656 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 02/12/2012 81552 | (VIPAppService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by j�r�my at 23/04/2013 21:54:35
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1608 Legitimates filtered by white list
End of the scan (712 lines in 01mn 43s)(0)
Run by j�r�my at 23/04/2013 21:52:52
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540
MFIE: Mozilla Firefox 20.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Trend Micro Titanium Internet Security v3.1.1109
Windows Defender W7
---\\ System Optimizer
CCleaner v3.23
---\\ Software Update
Adobe Flash Player 11 Plugin
Java 7 Update 15
---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 6124 MB (58% free)
System Restore: Activ� (Enable)
System drive C: has 791 GB (86%) free of 914 GB
---\\ Logged in mode
~ Computer Name: J�R�MY-HP
~ User Name: j�r�my
~ All Users Names: j�r�my, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\j�r�my\AppData\Roaming\
~ %Desktop% : C:\Users\j�r�my\Desktop\
~ %Favorites% : C:\Users\j�r�my\Favorites\
~ %LocalAppData% : C:\Users\j�r�my\AppData\Local\
~ %StartMenu% : C:\Users\j�r�my\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 791 Go of 914 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 18 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2012 - 01:27:11.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.11/04/2012 - 01:27:52.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B8965FB53551B5455630A4B804D0791F] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/03/2013 - 07:04:53.) -- C:\Windows\system32\Drivers\ntfs.sys [1655656]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.DF8126BD41180351A093A3AD2FC8903B] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.11/04/2012 - 01:25:49.) -- C:\Windows\system32\Drivers\volsnap.sys [296320]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/6
~ Mes Favoris (My Favorites) : 1/14
~ Mes Documents (My Documents) : 2/24
~ Mon Bureau (My Desktop) : 1/707
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.621022468E8D240B15BF98E5B5E2DAEC] - (.Uniblue Systems Limited - Uniblue DriverScanner Monitor.) -- C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [26016] [PID.3720]
[MD5.59727297D6A30FC41E0427FFB1FD72F8] - (.Systweak - Advanced System Protector.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6399344] [PID.3728]
[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3888]
[MD5.407FE7D64BF0257EC28D8DA8EF77DDA4] - (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe [1631144] [PID.4068]
[MD5.985AA2B4944765D4E12EC1957F89B426] - (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe [960512] [PID.4076]
[MD5.497F27E279C0F921E2130BB89C1CB5CA] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18705664] [PID.4084]
[MD5.35238D8E052C7CFDDE63E6C11CE852FA] - (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe [1051984] [PID.2380]
[MD5.C637FC4638A96165256B28D38DE7B953] - (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208] [PID.3224]
[MD5.A387D093B66727BF3EDF517E2F4D87C5] - (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe [1466760] [PID.3708]
[MD5.0A61A3ACE26CA4FC637BC8AF8C05CC00] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032] [PID.3688] =>PUP.SweetIM
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848] [PID.4012]
[MD5.EEF94AAFE49902B376A96F1B33808F6D] - (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [2255360] [PID.4148]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.4528]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.4680]
[MD5.F8BEF2394721E0B2F315F25CEDCB0084] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216] [PID.5696]
[MD5.E6C1D2F421AF7096D75D0735C7E64542] - (.Hewlett-Packard - HP TouchSmart Calendar Service.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe [20480] [PID.2092]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.1444]
[MD5.2F0B43190DA225D624DF41587C832296] - (...) -- C:\Program Files (x86)\Dofus2\app\Dofus.exe [142336] [PID.2236]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.8096]
[MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.7908]
[MD5.858E13176C6332EC966E2299BDD870D0] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6961664] [PID.6880]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1888]
[MD5.C9DCE1CB628AEED3C0C30ABBF4F1E718] - (...) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280] [PID.2024]
[MD5.6C85719A21B3F62C2C76280F4BD36C7B] - (.Intel Corporation - Intel IPT Host Interface Service.) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe [212944] [PID.1124]
[MD5.20B5060889E5BB239AF87E3E57B97867] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952] [PID.2076]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2384]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.2584]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.2820]
[MD5.0AB205EDC2D0DD419D88AF0E3C2358F2] - (.Valve Corporation - Steam Client Service (buildbot_winslave04_s.) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe [543656] [PID.5176]
[MD5.A3AD13CA2747953DDD4C9AE4FB925BEC] - (.Hewlett-Packard - HP TouchSmart Calendar.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384] [PID.5588]
[MD5.BF22ACF4CF3734D61357E67F0521BC03] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [277784] [PID.5636]
[MD5.A9C45E3CFD3054EF391827BCF0BF1F61] - (.Symantec Corporation - Symantec VIPAppService.) -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [81552] [PID.5944]
[MD5.B097EBA0E3FEB020BB65FE43AF5ECCFF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [363800] [PID.6036]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\j�r�my\AppData\Roaming\Mozilla\Firefox\Profiles\1l42wt92.default\prefs.js
C:\Users\j�r�my\AppData\Roaming\Mozilla\Firefox\Profiles\3c9t4p5j.default-1366739077488\prefs.js
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R3 - URLSearchHook: (no name) [64Bits] - {872b5b88-9db5-4310-bdd0-ac189557e5f5} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: DealPly [64Bits] - {EF7BD87A-8024-11E2-F316-F3E56188709B} . (.DealPly - DealPly for Internet Explorer.) -- C:\Program Files (x86)\DealPly\DealPlyIE.dll =>PUP.DealPly
~ BHO: 9 Legitimates Filtered in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [Trend Micro Titanium] . (.Trend Micro Inc. - Trend Micro Client Main Console.) -- C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe
O4 - HKLM\..\Run: [Trend Micro Client Framework] . (.Trend Micro Inc. - Trend Micro Client Session Agent Monitor.) -- C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\j�r�my\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKCU\..\Run: [Trust Gaming Mouse] . (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKCU\..\Run: [DriverScanner] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe
O4 - HKCU\..\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKCU\..\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKCU\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [Norton Online Backup] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - Pas de description.) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [Garmin Lifetime Updater] . (.Garmin - Garmin Lifetime Updater.) -- C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe
O4 - HKLM\..\Wow6432Node\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [LogMeIn Hamachi Ui] . (.LogMeIn Inc. - Hamachi Client Application.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
O4 - HKLM\..\Wow6432Node\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKLM\..\Wow6432Node\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\j�r�my\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Steam] . (.Valve Corporation - Steam Client Bootstrapper (buildbot_winslav.) -- C:\Program Files (x86)\Steam\Steam.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Trust Gaming Mouse] . (.Trust - Trust Gaming Mouse.) -- C:\Program Files (x86)\Trust\Trust Gaming Mouse\Trust Gaming Mouse.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [DriverScanner] . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [launcher] . (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [updater] . (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe
O4 - HKUS\S-1-5-21-1489375252-4287800648-544363826-1000\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: DriverScanner.lnk . (.Uniblue Systems Limited - Uniblue Launcher.) -- C:\Program Files (x86)\Uniblue\DriverScanner\Launcher.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: �Torrent.lnk . (.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Dofus2.lnk . (...) -- C:\Program Files (x86)\Dofus2\app\UpLauncher.exe
O4 - GS\Desktop: Ivalice Cataclysme.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Desktop: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop: Trend Micro Titanium Internet Security.lnk . (...) -- C:\Program Files (x86)\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (.not file.)
O4 - GS\Desktop: Trust Gaming Mouse.lnk . (...) -- C:\Users\j�r�my\AppData\Roaming\Microsoft\Installer\{1EDE0243-CA4E-4613-B87B-C6B57C76C17C}\_571B0ACEFE53D55E05A91E.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{FCFB6BC8-84F6-4297-A1AA-4FB83542081E}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: VIPAppService (VIPAppService) . (.Symantec Corporation - Symantec VIPAppService.) - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
~ Services: 17 Legitimates Filtered in 00mn 04s
---\\ T�ches planifi�es en automatique (O39)
[MD5.59727297D6A30FC41E0427FFB1FD72F8] [APT] [Advanced System Protector_startup] (.Systweak.) -- C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [6399344]
[MD5.00000000000000000000000000000000] [APT] [DealPly] (...) -- C:\Users\j�r�my\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.99ADB71192790BD6DEE85233ED31F659] [APT] [DealPlyUpdate] (.DealPly.) -- C:\Program Files (x86)\DealPly\DealPlyUpdate.exe [78424] =>PUP.DealPly
~ Scheduled Task: 30 Legitimates Filtered in 00mn 01s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Advanced System Protector - (.Systweak Software.) [HKLM][64Bits] -- 00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
O42 - Logiciel: DealPly (remove only) - (.DealPly Technologies Ltd..) [HKLM][64Bits] -- DealPly =>PUP.DealPly
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM][64Bits] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM][64Bits] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.11.0.2 - (...) [HKLM][64Bits] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: �Torrent - (.BitTorrent Inc..) [HKLM][64Bits] -- uTorrent
~ Logic: 165 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\BitTorrent]
[HKCU\Software\DealPly] =>PUP.DealPly
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\Softonic]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
~ Key Software: 223 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/02/2013 - 17:22:02 - [18,187] ----D C:\Program Files (x86)\Advanced System Protector
O43 - CFD: 06/04/2013 - 20:33:53 - [1,206] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 04/02/2013 - 00:06:52 - [5,084] ----D C:\Program Files (x86)\SweetIM =>PUP.SweetIM
O43 - CFD: 04/02/2013 - 00:06:34 - [0,367] ----D C:\Program Files (x86)\sweetpacks bundle uninstaller =>PUP.SweetIM
O43 - CFD: 24/02/2013 - 13:37:58 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 04/02/2013 - 00:06:36 - [0,245] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 06/04/2013 - 20:34:04 - [0,000] ----D C:\Users\j�r�my\AppData\Roaming\DealPly =>PUP.DealPly
O43 - CFD: 30/01/2013 - 15:28:34 - [0,000] ----D C:\Users\j�r�my\AppData\Roaming\LOLMacro
O43 - CFD: 23/04/2013 - 21:51:11 - [3,112] ----D C:\Users\j�r�my\AppData\Roaming\uTorrent
O43 - CFD: 06/04/2013 - 20:33:53 - [0,001] ----D C:\Users\j�r�my\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly =>PUP.DealPly
~ Program Folder: 202 Legitimates Filtered in 00mn 02s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.112CAFEC5462297CE40D2858F2B9C872] - 05/04/2013 - 17:19:28 ---A- - C:\Windows\Prefetch\RESOURCE.EXE-E971D367.pf
O45 - LFCP:[MD5.B112C34C80E2F028443C7C3F79272F72] - 15/04/2013 - 12:27:32 ---A- - C:\Windows\Prefetch\WHITELIST.EXE-F3D2C582.pf
O45 - LFCP:[MD5.6885235DE5CC7A76AB5DD285437FCF7A] - 15/04/2013 - 21:00:09 ---A- - C:\Windows\Prefetch\PMB.EXE-3F581971.pf
O45 - LFCP:[MD5.29B10141AB49C55006E18A4FB2628772] - 23/04/2013 - 16:26:46 ---A- - C:\Windows\Prefetch\TRUST GAMING MOUSE.EXE-18F51063.pf
O45 - LFCP:[MD5.3333C39732EB1915CC5054C3874A574B] - 23/04/2013 - 19:34:59 ---A- - C:\Windows\Prefetch\VIPAPPSERVICE.EXE-D24F84DE.pf
O45 - LFCP:[MD5.DEFE37046123F44F83461F54A0081CCA] - 23/04/2013 - 19:44:19 ---A- - C:\Windows\Prefetch\TIPREAU.EXE-40A1E96D.pf
~ Prefetcher: 96 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 23/04/2013 - 16:27:46 ---A- C:\Users\j�r�my\AppData\Roaming\app\Jerakine_lang.dat [4861]
O61 - LFC: 23/04/2013 - 18:15:54 ---A- C:\Users\j�r�my\AppData\Local\launcher.exe [9110]
O61 - LFC: 23/04/2013 - 19:11:00 ---A- C:\Users\j�r�my\AppData\Roaming\AnkamaCertificates\v2-RELEASE\5fadf90c7ec35448fca2910a14b2cc4a [1005]
O61 - LFC: 23/04/2013 - 19:24:43 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht.dat.old [4118]
O61 - LFC: 23/04/2013 - 19:24:43 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\rss.dat.old [99]
O61 - LFC: 23/04/2013 - 19:31:46 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht.dat [1960]
O61 - LFC: 23/04/2013 - 19:31:46 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\rss.dat [99]
O61 - LFC: 23/04/2013 - 19:32:57 ---A- C:\Users\j�r�my\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10568\ASPLog.txt [31784]
O61 - LFC: 23/04/2013 - 19:33:40 ---A- C:\Users\j�r�my\AppData\Roaming\Systweak\Advanced System Protector\Settings.db [12288]
O61 - LFC: 23/04/2013 - 20:00:00 ---A- C:\Users\j�r�my\AppData\Roaming\Garmin\Lifetime Map Update\SetupLog.txt [150643]
O61 - LFC: 23/04/2013 - 20:00:00 ---A- C:\Users\j�r�my\AppData\Roaming\Garmin\Lifetime Map Update\lmuconfig.xml [7949]
O61 - LFC: 23/04/2013 - 20:02:50 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\settings.dat.old [190434]
O61 - LFC: 23/04/2013 - 20:12:06 ---A- C:\Users\j�r�my\AppData\Roaming\D2Info0 [125]
O61 - LFC: 23/04/2013 - 20:32:50 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\settings.dat [190434]
O61 - LFC: 23/04/2013 - 20:44:07 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht_feed.dat.old [2]
O61 - LFC: 23/04/2013 - 20:49:12 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\dht_feed.dat [2]
O61 - LFC: 23/04/2013 - 20:51:11 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\resume.dat.old [48601]
O61 - LFC: 23/04/2013 - 20:53:18 ---A- C:\Users\j�r�my\AppData\Roaming\uTorrent\resume.dat [48547]
~ 9 Fichiers temporaires (Temporary files)
~ Files: 298 Legitimates Filtered in 00mn 21s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_TMP_city", "PARIS");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_country", "FRANCE");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_locId", "FRXX0076");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_location", "Paris, France");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_region", "FR");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_temp_dis", "c");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.TWC_wind_dis", "kmh");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"18°C\",\"temperatureClear\":\"18°C\",\"highTe[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PG_ENABLE", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PG_ENABLE.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.PairingKey.enc", "");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_JUST_INSTALLED.enc", "RkFMU0U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_STATUS.enc", "RU5BQkxFRA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SF_USER_ID.enc", "Y2lkXzI1MzIwMTMxOTYyMDI3ODEyNTY=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.SearchAppState.enc", "Mg==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.UserID", "UN18803717952531816");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.autoDisableScopes", -1);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_experience_000.enc", "MzU=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_firstuse0100.enc", "MQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cb_user_id_000.enc", "Q0I5MTM2MDcxOTg3MjRfMTM2MzA3Njk5MDY5N19GaXJlZm94");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.cbfirsttime.enc", "VHVlIE1hciAxMiAyMDEzIDA5OjI5OjUwIEdNVCswMTAw");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.defaultSearch", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableAlerts", "always");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableFix404ByUser", "FALSE");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.enableSearchFromAddressBar", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundError", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundErrorByUser", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.installType", "xpe");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isCheckedStartAsHidden", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isFirstTimeToolbarLoading", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isPerformedSmartBarTransition", "true"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.lastVersion", "10.15.0.562");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appStateReportTime.enc", "MTM2NjczMTM2MTk5Ng==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appState_CouponBuddy.enc", "b24=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appState_PriceGong.enc", "b24="); =>Adware.PriceGong
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY2[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IldpbmRvd1Nob3BwZXIiLCJjcml0ZXJpYXMiOlt7ImNyaXRlc[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_currentVersion.enc", "MS40LjQuNg==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_eventsCache.enc", "eyI1MTgxMDM5OS00MDExLTQ1ZTQtODk5Mi04YTFmNTk1MjY2MWEiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJ[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_first_time.enc", "MQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_gadgetOpen.enc", "MA==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_lastLoginTime.enc", "MTM2NjczMTM1NzE5NQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJQb2xpdGlxdWUgc3VyIGxlIGNvbnRlbnUifSwiZ2[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_settings1.4.3.2.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiNjFfLTE[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_settings1.4.4.6.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_showCloseButton.enc", "dHJ1ZQ==");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_userId.enc", "ZDVjOWQzYmItYWI0YS00MTMzLWI1MGItY2JhZDkzOWVkN2M2");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.mam_gk_user_apps_selection.enc", "");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.migrateAppsAndComponents", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fwww.google.fr%2F\",\"EB_MAIN_FRAME_TITLE\":\"[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.openThankYouPage", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.openUninstallPage", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.price-gong.isManagedApp", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.revertSettingsEnabled", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.searchInNewTabEnabledByUser", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1366469326889");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1366731354411");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1365438090189");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_location_lastUpdate", "1366622456351");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.14.370.524_lastUpdate", "1364237860964");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363198434921");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_login_10.15.0.562_lastUpdate", "1366622457015");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1365438090367");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1366622456362");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1366622456133");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_setupAPI_lastUpdate", "1363193599406");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1365438089943");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1366731354416");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1366622457122");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.shouldFirstTimeDialog", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.showToolbarPermission", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.CTID", "CT2851639"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.Uninstall", "0"); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR "); =>Hijacker.SmartBar
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.startPage", "false");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarBornServerTime", "10-3-2013");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarCurrentServerTime", "22-4-2013");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.toolbarLoginClientTime", "Wed Mar 13 2013 21:00:51 GMT+0100");
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639.url_history0001.enc", "aHR0cDovL3d3dy5mYWNlYm9vay5jb20vcGhvdG8ucGhwP2ZiaWQ9NTIwMDg2NTY4MDM4MjUxJnNldD1hLjQxNT[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("CT2851639_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366731349309,\"isWithState\"[...]
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.previous.keyword.URL", ""); =>PUP.SweetIM
O69 - SBI: prefs.js [j�r�my - 1l42wt92.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000&st=12&barid={FA7CFF4C-6E4D-11E2-962E-80C16EED7C[...] =>PUP.SweetIM
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {1F2F85CF-D1E4-4DBC-B405-C793854EB78B} - (Propositions de recherche Amazon.fr) - http://www.amazon.fr
O69 - SBI: SearchScopes [HKCU] {2fa28606-de77-4029-af96-b231e3b8f827} - (Ask.com) - http://eu.ask.com
O69 - SBI: SearchScopes [HKCU] {B5D3C32B-4641-4267-811E-4B99954E994D} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {b7fca997-d0fb-4fe0-8afd-255e89cf9671} - (Yahoo) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {d43b3890-80c7-4010-a95d-1e77b5924dc3} - (Wikipedia) - http://fr.wikipedia.org
O69 - SBI: SearchScopes [HKCU] {D944BB61-2E34-4DBF-A683-47E505C587DC} - (eBay) - http://rover.ebay.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.2F36B616202C6A187B3EE78B632DD315] [SPRF][23/04/2013] (...) -- C:\Users\j�r�my\AppData\Local\launcher.exe [9110]
[MD5.3413EF8144C7907C023134FE1CBD359A] [SPRF][23/04/2013] (.Adobe Systems Incorporated - Adobe Flash Player.) -- C:\Users\j�r�my\AppData\Local\Temp\updater.exe [748032]
[MD5.F4B5C53A74C44DC0731C7BCF89CEC624] [SPRF][24/02/2013] (.Mineria - Launcher Mineria.) -- C:\Users\j�r�my\Desktop\Launcher_Mineria.exe [355409]
[MD5.605A171C61A0607BDCF6BE80ED07CF95] [SPRF][24/02/2013] (.AnjoCaido - Free launcher for Minecraft Alpha.) -- C:\Users\j�r�my\Desktop\Minecraft.exe [695296]
~ Files: Scanned in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{E9C0976A-FBD0-4EEC-90EF-C62A1161C105}" | In - Domain - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{F1083054-30CF-48D7-B48B-A6F984E83700}" | In - Domain - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{CE8B4A63-659D-4D4C-AB44-91BC63364FA8}" | In - Private - P6 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{7C30B77C-6FE6-4E20-BA1E-CBB0E02C0794}" | In - Private - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{7BC07296-4FAB-409D-890D-20BFF4779BA8}" | In - None - P17 - TRUE | .(.Pas de propri�taire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{609EC5ED-F923-4925-8F80-3344C3A03DBD}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
O87 - FAEL: "{F1473EC5-626C-4B88-86A3-570EABB43BA5}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - �Torrent.) -- C:\Users\j�r�my\AppData\Roaming\uTorrent\uTorrent.exe
~ Firewall: 231 Legitimates Filtered in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11647 - (22/04/2013)
Cl�s trouv�es (Keys found) : 82
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 7
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKCU\Software\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2269050] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2269050] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\DealPly =>PUP.DealPly
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\Users\j�r�my\AppData\Roaming\DealPly =>PUP.DealPly
C:\Users\j�r�my\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\j�r�my\AppData\LocalLow\Conduit =>Toolbar.Conduit
~ Additionnel Scan: 237054 Items scanned in 00mn 13s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "95731AF9B2C57714D9CD00838F5BEBDF" . (.Bing Bar.) -- C:\Windows\Installer\{9FA13759-5C2B-4177-9DDC-0038F8B5BEFD}\icon_installer_ico
~ Update Products: 150 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/02/2012 235520 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 16/02/2011 256336 | (Amsp) . (.Trend Micro Inc..) - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
SS - | Demand 01/08/2011 195320 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 20/07/2011 249648 | (BBUpdate) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 16/08/2011 16384 | (CalendarSynchService) . (.Hewlett-Packard.) - C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
SR - | Auto ??\??\???? 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe
SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SS - | Auto 03/02/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 03/02/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 14/12/2012 2466304 | (Hamachi2Svc) . (.LogMeIn Inc..) - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 17/02/2011 682040 | (HPAuto) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe
SR - | Auto 11/10/2010 346168 | (HPClientSvc) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
SS - | Demand 10/08/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 09/12/2011 607456 | (Intel(R) Capability Licensing Service Interface) . (.Intel(R) Corporation.) - c:\Program Files\Intel\iCLS Client\HeciServer.exe
SR - | Auto 128280 | (Intel(R) ME Service) . (...) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
SR - | Auto 24/02/2011 212944 | (jhi_service) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
SR - | Auto 16/12/2011 277784 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Demand 11/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 01/06/2010 2804568 | (NOBU) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
SR - | Auto 12/08/2011 1128952 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SS - | Auto 08/01/2013 161536 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 19/04/2013 543656 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
SR - | Auto 16/12/2011 363800 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 02/12/2012 81552 | (VIPAppService) . (.Symantec Corporation.) - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by j�r�my at 23/04/2013 21:54:35
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1608 Legitimates filtered by white list
End of the scan (712 lines in 01mn 43s)(0)