Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.8.4.6 par Nicolas Coolman, Update du 04/08/2013
Run by Florian at 06/08/2013 00:38:50
WebSite: http://nicolascoolman.webs.com
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16635
MFIE: Mozilla Firefox v3.6.16 (fr)
GCIE: Google Chrome v28.0.1500.95 (Defaut)
OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.0.0.1
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.10
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 64-bit (Build 6000)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3884
---\\ System Optimizer
CCleaner v4.04 =>Piriform Ltd
---\\ Peer To Peer (P2P)
�Torrent v2.2.0 =>P2P.�Torrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.6 MUI
Java 7 Update 25
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4022 MB (31% free)
System Restore: Activ� (Enable)
System drive C: has 391 GB (67%) free of 579 GB
---\\ Logged in mode
~ Computer Name: FLORIAN-PC
~ User Name: Florian
~ All Users Names: UpdatusUser, HomeGroupUser$, Florian, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Florian\AppData\Roaming\
~ %Desktop% : C:\Users\Florian\Desktop\
~ %Favorites% : C:\Users\Florian\Favorites\
~ %LocalAppData% : C:\Users\Florian\AppData\Local\
~ %StartMenu% : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 391 Go of 579 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 17 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 32 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FAF6EC2460AD5FBBD38D8E1AE28B0D77] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:26:20.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/3737
~ Mes musiques (My Musics) : 21/446
~ Mes Videos (My Videos) : 1/124
~ Mes Favoris (My Favorites) : 1/38
~ Mes Documents (My Documents) : 3/3228
~ Mon Bureau (My Desktop) : 1/70
~ Menu demarrer (Programs) : 1/118
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lanc�s
[MD5.7F27323E0BA892B12C52E686E09F39D6] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384] [PID.2684]
[MD5.7894DC17942282D77668AB2C4230A5A9] - (...) -- C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe [452608] [PID.2732] =>PUP.CacaoWeb
[MD5.5DDD3DB40E10C6CC8195D9471CAEB24E] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016] [PID.3000]
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [415016] [PID.1220]
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.1144]
[MD5.103AD27530849E61EB22A0D3E9AF9AA5] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656] [PID.2304]
[MD5.EB46B8E56C1B6C73C4251EED5F0E6DD6] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe [27370808] [PID.2348]
[MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.2120]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.576]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.2972]
[MD5.42592ACDE05D7A071F645889EF3AD9F1] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.2084]
[MD5.ECCA7F72A24C7CF43131946C076689D1] - (.Google Inc. - Google Chrome.) -- C:\Users\Florian\AppData\Local\Google\Chrome\Application\chrome.exe [846288] [PID.708]
[MD5.013CBC83D1C8131EB623567EF4D3FFCC] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.5584]
[MD5.BE8080B4E062966117036CD4B89438DD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7605248] [PID.6812]
[MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024] [PID.1860]
[MD5.D5934C8B21C2BBBDD259B691DEFE33BA] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344] [PID.2324]
[MD5.1474F121C3DF1232D3E7239C03691EE6] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408] [PID.2468]
[MD5.8491FDA93507F2F27FFBA11372764086] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088] [PID.2908]
[MD5.EAD65493EDBA0EBEA2192D46B938298E] - (.Autodesk - System Level Service Utility.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360] [PID.1616]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.2088]
[MD5.AD5DF6F4FBBC798636EDC66BFEC7D0DE] - (.Pas de propri�taire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [116104] [PID.2708]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3088]
[MD5.AA0C4A2C33CE075DF2C272D678734991] - (...) -- C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [65536] [PID.3172]
[MD5.AA0C4A2C33CE075DF2C272D678734991] - (...) -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [65536] [PID.3200]
[MD5.0AF89452A8CE3928168F4E5B2208C68B] - (...) -- C:\Program Files (x86)\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [86016] [PID.3228]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.3364]
[MD5.44407283382D82C64C9195DE686D4205] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1260320] [PID.5332]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [aelbknmfcacjffmgnoaaonhgoghlmlkp] HP Product Detection Plugin v.1.0.28.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [icdbhfgaogfjhbhohgbhdfhabffhdehe] AT_JeffKoons v.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [kdidombaedgpfiiedeimiebkmbilgmlc] DefaultTab v.1.1.19, (D�sactiv�) =>Adware.Bandoo
G2 - GCE: Preference [User Data\Default] [leahdjjpjmnamomgpojikeapflgbmjab] cacaoweb v.1.13 (D�sactiv�) =>PUP.CacaoWeb
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.10.16.2.9, (D�sactiv�) =>P2P.�Torrent
~ Google Browser: 33 Legitimates Filtered in 00mn 24s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\prefs.js
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\user.js
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\search-here.xml
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Florian] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Florian] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchResults.xml
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\addon@defaulttab.com] [] Default Tab v1.4.2 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.30 (..) =>PUP.CacaoWeb
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (..)
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.2.9 (..) =>P2P.�Torrent
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com =>Toolbar.Babylon
R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.13.3.1) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Cl� orpheline
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propri�taire - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll =>PUP.Datamngr
O2 - BHO: Loader Class [64Bits] - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll =>Adware.Bandoo
O2 - BHO: Softonic Helper Object [64Bits] - {E87806B5-E908-45FD-AF5E-957D83E58E68} . (.Softonic.com - Pas de description.) -- C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll =>Toolbar.Conduit
~ BHO: 38 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propri�taire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files (x86)\real\realplayer\Update\realsched.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3548059479-1584774786-2261184982-1003\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3548059479-1584774786-2261184982-1003\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Florian\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\TaskBar: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
O4 - GS\QuickLaunch: IZArc.lnk . (...) -- C:\Program Files (x86)\IZArc\IZArc.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Samsung Story Album Viewer.lnk . (...) -- C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo: Dropbox.lnk . (...) -- C:\Users\Florian\Dropbox
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Canon Solution Menu EX.lnk . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - GS\Desktop: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Bandoo Media, inc - Data Manager.) - C:\Program Files (x86)\WIA6EB~1\Datamngr\x64\datamngr.dll =>Adware.Bandoo
~ AppInit DLL: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.DC9411D2A23F0E5B9395D93D042BCCBF] [APT] [{54040740-CE08-46C9-B2B4-AFC3D8394912}] (...) -- C:\drivers\printer\Z500-Z600\Setup.exe [304048]
[MD5.14BE35EF2A106A55000539D2794DF1A0] [APT] [{56F89125-3A90-433D-94F4-2BCAA44C0FB4}] (.Secure Digital Services.) -- C:\Users\Florian\Downloads\MyPDFConverter-setup.exe [1045848]
[MD5.00000000000000000000000000000000] [APT] [{8275723E-4A87-4353-87B7-5159677A9CFC}] (...) -- C:\Program Files (x86)\Lexmark Z500-Z600 Series\Drivers\COMMON\lexgo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9ECCB1CE-AA38-438D-82C7-AD8F3ED2DC09}] (...) -- F:\Autorun.exe (.not file.) [0]
[MD5.C5D3C3E65F70C3CF8DB9720C45404819] [APT] [{A488379A-0AE9-4244-96DF-E6EA7AF7D4F1}] (.Corel Corporation.) -- C:\Program Files (x86)\InstallShield Installation Information\{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}\setup.exe [311296]
[MD5.00000000000000000000000000000000] [APT] [{C0FB767A-0286-4E9B-A329-47FA84771348}] (...) -- F:\Setup.exe (.not file.) [0]
[MD5.14291FAA352D1ABE09D4E1DDA05F79AB] [APT] [{C3EC99CF-A934-4104-BA7B-1C48A2F50A6C}] (...) -- C:\Users\Florian\Downloads\wink20\wink20.exe [3363267]
[MD5.00000000000000000000000000000000] [APT] [{C78FE827-099E-478B-B375-58E1BC45779E}] (...) -- F:\.\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CFAC9FBB-41B8-4EB9-80C1-DE5660FFC984}] (...) -- G:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E0BD2034-6C2F-4DB3-8F83-126C55C24316}] (...) -- C:\Program Files (x86)\Lexmark Z500-Z600 Series\Drivers\COMMON\lexgo.exe (.not file.) [0]
~ Scheduled Task: 92 Legitimates Filtered in 00mn 08s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Softonic toolbar on IE - (.Softonic.) [HKLM][64Bits] -- Softonic =>Toolbar.Conduit
~ Logic: 299 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Yahoo] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\Cadalog Inc]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Default Tab] =>Adware.Bandoo
[HKCU\Software\DsAudioDevice_310]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Kerkythea Rendering System]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\StartSearch] =>PUP.StartSearch
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\Yahoo] =>Toolbar.Yahoo
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\�A�v���P�[�V���� �E�B�U�[�h�Ő������ꂽ���[�J�� �A�v���P�[�V����]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\TsPluginMax]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Daniusoft]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\TsPluginMax]
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo
~ Key Software: 355 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/06/2013 - 19:04:26 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 20/03/2011 - 19:48:32 - [8,336] ----D C:\Program Files (x86)\Kerkythea Rendering System
O43 - CFD: 10/11/2012 - 04:00:11 - [1,959] ----D C:\Program Files (x86)\Softonic =>Toolbar.Conduit
O43 - CFD: 30/01/2011 - 01:57:08 - [3,396] ----D C:\Program Files (x86)\vghd
O43 - CFD: 31/07/2012 - 17:09:12 - [0] ----D C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 16/02/2013 - 14:16:28 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/07/2013 - 01:47:15 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 31/07/2012 - 16:58:09 - [0] ----D C:\ProgramData\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 20/12/2010 - 16:50:23 - [33,621] ----D C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 27/09/2011 - 21:02:01 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
O43 - CFD: 05/08/2013 - 23:16:06 - [1788,997] ----D C:\Users\Florian\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 10/11/2012 - 23:30:16 - [0,411] ----D C:\Users\Florian\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 27/11/2011 - 18:07:35 - [0] ----D C:\Users\Florian\AppData\Roaming\eType
O43 - CFD: 02/04/2013 - 22:53:16 - [57,268] --H-D C:\Users\Florian\AppData\Roaming\RPPrivate
O43 - CFD: 31/07/2012 - 17:00:42 - [0,000] ----D C:\Users\Florian\AppData\Roaming\vghd
O43 - CFD: 10/06/2013 - 19:04:23 - [0,083] ----D C:\Users\Florian\AppData\Local\Conduit
O43 - CFD: 13/03/2011 - 01:19:18 - [30,447] ----D C:\Users\Florian\AppData\Local\Installer7752
O43 - CFD: 13/03/2011 - 01:13:22 - [33,915] ----D C:\Users\Florian\AppData\Local\Installer8160
O43 - CFD: 30/01/2011 - 02:01:32 - [0,002] ----D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGuy HD
~ 1019 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1435 Legitimates Filtered in 00mn 16s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1DD045CCAEF393E654F7BA4812EB7F22] - 05/08/2013 - 17:05:03 ---A- - C:\Windows\Prefetch\ADSKSCSRV.EXE-A2ADF1C1.pf
O45 - LFCP:[MD5.48AFC28F179F611E45CD0E7EF90D850E] - 05/08/2013 - 21:15:16 ---A- - C:\Windows\Prefetch\PEN_TOUCHUSER.EXE-9BAF7741.pf
~ Prefetcher: 109 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{b2edb1e5-7c3c-11e2-8224-002713bc908f}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{c7aabdfe-8bf7-11e1-8aae-002713bc908f}\AutoRun\command. (...) -- H:\Setup.exe (.not file.)
O51 - MPSK:{e14b7d6a-a494-11df-9af0-8ad736253154}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\BambooCore [Key] . (.Pas de propri�taire - BambooDock back-end application.) -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe =>Adware.Bandoo
O53 - SMSR:HKLM\...\startupreg\GreedyTorrent [Key] . (...) -- C:\Program Files (x86)\GreedyTorrent\GTor.exe
O53 - SMSR:HKLM\...\startupreg\SanDiskSecureAccess_Manager.exe [Key] . (.Gemalto N.V. - RunSanDiskSecureAccess_Win.) -- C:\Users\Florian\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.�Torrent
~ SMSR Keys: 38 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.5C368F4B04ED2A923E6AFCA2D37BAFF5] - 13/05/2011 - 17:57:58 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43320]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 05/08/2013 - 02:00:15 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\replicating30F3C2B699C237F170D6417C0DF12D60.cacao [59647721] =>PUP.CacaoWeb
O61 - LFC: 05/08/2013 - 17:06:03 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\npdfile.dat [94] =>PUP.CacaoWeb
O61 - LFC: 05/08/2013 - 17:52:25 ---A- C:\Users\Florian\Downloads\ccsetup404.exe [4429440]
O61 - LFC: 05/08/2013 - 23:24:56 ---A- C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [257287]
O61 - LFC: 05/08/2013 - 23:41:28 ---A- C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Local State [48857]
O61 - LFC: 05/08/2013 - 23:42:51 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\storage.db [2132] =>PUP.CacaoWeb
~ 17 Fichiers temporaires (Temporary files)
~ Files: 158 Legitimates Filtered in 06mn 32s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS3.) -- C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Florian\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.FF19Solved", "true");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.UserID", "UN58226622926278296");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installDate", "10/6/2013 19:04:32");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installSessionId", "-1");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installSp", "FALSE");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installerVersion", "1.4.2.3");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.searchRevert", "FALSE");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.versionFromInstaller", "10.16.2.9");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.bbDpng", 1); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.firstRun", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.hdrMd5", "173ED23E0A8C343251F58B7FBC2EDE19"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.lastActv", "1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.lastDP", 1); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_http", "");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_port", 0);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_referer", 2);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_type", 5);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_firsttime_4.0_", false);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_mu_auto", "");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_auto", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_box", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_captcha", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_divx", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_embed", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_proxy", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_4s", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_captcha", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mp", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mu", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mv", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_rs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_rs1", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_zs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_referer", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_rs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_tab", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_zapmu", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.locale", "fr");
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {5BD35195-CF36-45ED-BE3E-794E8689589A} - (Search Here) - http://www.mysearchresults.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {6592C4E1-DE96-4D79-BFD4-3B081C6ADDCE} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7FA9C988-09D8-46B6-903E-4B06F640CDA8} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {837225D3-8191-4BAA-8BC5-E212354E74C8} - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2415} [DefaultScope] - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s
---\\ Crack & Keygen Files (O82)
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
~ Files: Scanned in 03mn 48s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.D77FD3ED2203562909782A412DF7264C] [SPRF][03/03/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [848]
[MD5.42BADC1D2F03A8B1E4875740D3D49336] [SPRF][29/06/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\Florian\AppData\Local\Temp\7za.exe [587776]
[MD5.60C83EFCB40CDEA9836D02445D02458F] [SPRF][19/01/2011] (.Autodesk, Inc. - Autodesk component.) -- C:\Users\Florian\AppData\Local\Temp\AcDeltree.exe [161704]
[MD5.CE755676AE6D27A1EFEEFB0F3C70A929] [SPRF][20/02/2013] (.Ask.com - AskStub Application.) -- C:\Users\Florian\AppData\Local\Temp\APNStub.exe [358600]
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][22/02/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Florian\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.056ED40CC5DAEC38D2CA9BD213D437DD] [SPRF][03/08/2011] (.Nosibay - Bubble Dock installer.) -- C:\Users\Florian\AppData\Local\Temp\bubbledock.exe [168384] =>Toolbar.BubbleDock
[MD5.F39FD431BE6629896D4FA4B575CAEF2C] [SPRF][10/11/2012] (.Search Results - DefaultTabSetup.exe.) -- C:\Users\Florian\AppData\Local\Temp\DefaultTabSetup2.exe [3182736] =>Adware.Bandoo
[MD5.9495FF73014B8A17BD4798911AD097FA] [SPRF][20/09/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\Extract.bat [87]
[MD5.1B365CA6FBDEA9303D64994AE06684E1] [SPRF][06/06/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\installhelper.dll [1467392]
[MD5.DFB17F7B0B0C4CA99A703DBA71AF396B] [SPRF][05/08/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [910624]
[MD5.0E2281AEC56203CA6A9E1848F7DBDF5A] [SPRF][19/10/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [909088]
[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [SPRF][14/11/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe [909088]
[MD5.EE622B2CD2D3C5CD950D49BD1708A9D4] [SPRF][20/02/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe [909600]
[MD5.9835AF740C54D07808C5BCC0F4493114] [SPRF][13/04/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe [910112]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe [909104]
[MD5.58D644315446AE9ECC66D8B0DE7351CA] [SPRF][25/07/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe [908272]
[MD5.8E51D3D38A26EEAC819974C9295AF35F] [SPRF][29/08/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe [908272]
[MD5.A85E2E0AF857692F2811073311695A8B] [SPRF][26/10/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe [912368]
[MD5.5CC163324A11091C975B686EF4C52C73] [SPRF][16/02/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe [897448]
[MD5.A620A735458E04AE0CF471319B6D6E7D] [SPRF][01/03/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe [897448]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe [903080]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][29/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.501391773032455428097.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][30/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.503557899772420562695.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][31/07/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.503755323299951635625.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][29/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504232287220550423335.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][24/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504482749726112500851.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][01/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504548509134083319657.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][14/07/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504690811894970557051.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][30/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.505824622286508777190.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][12/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.50625412574456705042.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][11/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.507202079401980059972.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][24/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.508373271359280775187.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][21/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.508528748043153831885.dll [266240]
[MD5.14013815CDFEF90E541DD662E44FD27B] [SPRF][09/02/2012] (.Complitly - Complitly Setup.) -- C:\Users\Florian\AppData\Local\Temp\Kreapixel_addonAcPro.exe [887696] =>Adware.PredictAd
[MD5.7B7761D6B38CEA5F0C19748AB63B1B39] [SPRF][17/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\kujytuo.exe [391520] =>Virus.Kujytuo
[MD5.8E1BEE68818EC7BCF7BC5140E746BFB6] [SPRF][10/05/2013] (.RealNetworks, Inc. - RealNetworks Installer.) -- C:\Users\Florian\AppData\Local\Temp\lowproc.exe [120400]
[MD5.675CE9743CFACD1A1DA44307035279F2] [SPRF][11/06/2013] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\Florian\AppData\Local\Temp\MouseKeyboardCenterx64_1036.exe [49882832]
[MD5.7C90F77D368CABEA7B726A3758D6D761] [SPRF][08/02/2012] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Florian\AppData\Local\Temp\MyBabylonTB.exe [919664] =>Toolbar.Babylon
[MD5.1FD201DDC84D8F2A0E9340154F5DC0F2] [SPRF][16/12/2011] (.Google Inc. - Picasa.) -- C:\Users\Florian\AppData\Local\Temp\PicasaUpdater_298e.exe [14124536]
[MD5.72CF064E0B2F7EB666FBB25BE2D5DFD6] [SPRF][08/02/2012] (.Macromedia, Inc. - Macromedia Flash Player 8.0 r22.) -- C:\Users\Florian\AppData\Local\Temp\push.exe [2561093]
[MD5.3DE7C6D01B163FBBEDE001C3FEA49787] [SPRF][04/02/2011] (.Hewlett-Packard Company - Resource.) -- C:\Users\Florian\AppData\Local\Temp\Resource.exe [88120]
[MD5.3F174085D55BD3029301EF3CFBA2C11D] [SPRF][17/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\Setup.exe [815768]
[MD5.DEB5B469275C04D2D08608E04C7E9DB3] [SPRF][04/08/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [3793376] =>PUP.Datamngr
[MD5.0D736AAAB3A5ACFD3A4605730A8AA33A] [SPRF][13/07/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Florian\AppData\Local\Temp\SkypeSetup.exe [31945320]
[MD5.1FF434E7658173C709FCCD47DB54E35A] [SPRF][10/11/2012] (.Softonic - Pas de description.) -- C:\Users\Florian\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe [1697768] =>Toolbar.Conduit
[MD5.27BCA7F55743101C6AC7D2C205DFE64E] [SPRF][27/09/2011] (.Hewlett-Packard - Pas de description.) -- C:\Users\Florian\AppData\Local\Temp\sp54373.exe [48461176]
[MD5.5E489DE183B5F1BFEF58693EDA84FED8] [SPRF][11/03/2012] (.Spotify Ltd - Spotify Installer.) -- C:\Users\Florian\AppData\Local\Temp\SpotifyUpgrader.exe [18294824]
[MD5.72412B526BCC716382E62B7939DCFD8F] [SPRF][26/05/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\SRAssetsHelper.dll [1085952]
[MD5.7EC6C8E88BECD3C40AE35AAD1DF6EB0A] [SPRF][10/05/2013] (.RealNetworks, Inc. - RealDownloader Application.) -- C:\Users\Florian\AppData\Local\Temp\stubhelper.dll [90624]
[MD5.D55B57C51097122B44D08DE29D10D3CD] [SPRF][27/09/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\temp.bat [299]
[MD5.0980ED49BA5D6F1D108DDC67C5672689] [SPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Florian\AppData\Local\Temp\UninstallHPSA.exe [449592]
[MD5.0980ED49BA5D6F1D108DDC67C5672689] [SPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Florian\AppData\Local\Temp\UninstallHPTCA.exe [449592]
[MD5.3533F4EBAF75AC70AACA3DB2FF32EE25] [SPRF][18/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt5012.tmp.bat [73]
[MD5.3533F4EBAF75AC70AACA3DB2FF32EE25] [SPRF][18/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt5272.tmp.bat [73]
[MD5.CBF9C44A4C35599989CA8BDA97DDC586] [SPRF][10/06/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\utt6828.tmp.bat [77]
[MD5.0281576EC0CCBFE7D5F29C0088758579] [SPRF][18/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt69BF.tmp.bat [73]
[MD5.2346F496C80EF3413C5DE51E70888BA4] [SPRF][19/09/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7204.tmp.bat [73]
[MD5.2346F496C80EF3413C5DE51E70888BA4] [SPRF][19/09/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7628.tmp.bat [73]
[MD5.9263B3DA7C56FF2623B4DC9EBE9C85CE] [SPRF][16/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7982.tmp.bat [73]
[MD5.9263B3DA7C56FF2623B4DC9EBE9C85CE] [SPRF][16/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7C11.tmp.bat [73]
[MD5.0D66ABBB25EBACFB3F583942E1BE83A0] [SPRF][11/02/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Florian\AppData\Local\Temp\utt9611.tmp.exe [738680] =>P2P.�Torrent
[MD5.2FFF5F86C2914794A819513935F3CF7B] [SPRF][04/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt96F1.tmp.bat [97]
[MD5.2FFF5F86C2914794A819513935F3CF7B] [SPRF][04/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt9D28.tmp.bat [97]
[MD5.F1B379465F1B9327F0F520B1C91C1AC8] [SPRF][11/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttA5BD.tmp.bat [97]
[MD5.F1B379465F1B9327F0F520B1C91C1AC8] [SPRF][11/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttA82D.tmp.bat [97]
[MD5.011319A0A0D69FFC510BCCD39920E6D0] [SPRF][10/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttBBDF.tmp.bat [73]
[MD5.011319A0A0D69FFC510BCCD39920E6D0] [SPRF][10/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttBE5E.tmp.bat [73]
[MD5.9E7C8432E36C5C885277DC51F1C5BB3A] [SPRF][15/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttD1A.tmp.bat [73]
[MD5.945B8A386A26BF882136F9D3B5F43B23] [SPRF][10/06/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttDF6.tmp.exe [8253952]
[MD5.63209BFF9B22F59B6810A736F40C00E3] [SPRF][22/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE3B9.tmp.bat [73]
[MD5.F0C9852AA242918ED3CE55340D77534A] [SPRF][07/05/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE4C4.tmp.bat [97]
[MD5.63209BFF9B22F59B6810A736F40C00E3] [SPRF][22/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE530.tmp.bat [73]
[MD5.F0C9852AA242918ED3CE55340D77534A] [SPRF][07/05/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE6D6.tmp.bat [97]
[MD5.9E7C8432E36C5C885277DC51F1C5BB3A] [SPRF][15/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttF0D.tmp.bat [73]
[MD5.99D7A49436CD667441AF2C1D93C2D6C9] [SPRF][14/02/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Florian\AppData\Local\Temp\uttFFAC.tmp.exe [738680] =>P2P.�Torrent
[MD5.40395C175553CB14D2050888EFCCDF00] [SPRF][13/05/2011] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Florian\AppData\Local\Temp\vcredist_x64.exe [4961800]
[MD5.17474B8044FEC8257531E97954516911] [SPRF][01/08/2011] (.Pas de propri�taire - WinPcap 4.1.2 installer.) -- C:\Users\Florian\AppData\Local\Temp\winpcap-nmap-4.12.exe [428664]
[MD5.075B1751B00AC445FCFD82E6605EF5BB] [SPRF][23/11/2012] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Florian\AppData\Local\Temp\wlsetup.exe [1290088]
[MD5.293F0F4EC79E9E016F8193BA3552A33F] [SPRF][23/11/2012] (.Pas de propri�taire - Windows Live Installer.) -- C:\Users\Florian\AppData\Local\Temp\wlsetupc.exe [699464]
[MD5.E2574C21CD74DB7DCDDC44A5A492D6B3] [SPRF][18/11/2010] (...) -- C:\Users\Florian\AppData\Roaming\wklnhst.dat [1178]
[MD5.8E8CEA4D58BBAA30FDF39EE1936360F2] [SPRF][04/02/2011] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [113888]
[MD5.CBE31015B53BE10F453C7B93A3056CB8] [SPRF][18/02/2011] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [116040]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
~ Files: Scanned in 00mn 07s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{720EF469-3FF8-4AA8-BA41-DD52F2AD1EEB}" | In - Private - P6 - TRUE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{5D432C82-0C75-43FE-A3A7-C22BD3601ACF}" | In - Private - P17 - TRUE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{C874649B-1431-43B5-B46B-8A7953FA2EA2}" | In - Domain - P6 - FALSE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{0F888CFC-36AE-4A09-91A8-38D84938D51B}" | In - Domain - P17 - FALSE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{AFBA5791-086C-43F5-95BB-F9B35062412C}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "{867391BF-AADB-42C7-B12C-01A2669C0BF3}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "TCP Query User{BC4DFBF2-E590-4D03-9ED2-CD16B5DC68CB}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{0AA351D1-2F45-4354-82ED-F0A908A6C1CA}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 272 Legitimates Filtered in 00mn 02s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "18CA50635E55C040BB144070BF766C93" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 64-bit.) -- C:\Windows\Installer\{3605AC81-55E5-040C-BB41-0407FB67C639}\ico_product
O90 - PUC: "26E12492F88F1F546868E8EA7684EA95" . (.Turbo Squid Tentacles 3ds Max 2009 64-bit.) -- C:\Windows\Installer\{29421E62-F88F-45F1-8686-8EAE6748AE59}\ARPPRODUCTICON.exe
O90 - PUC: "C44265B016B7C0407A93E392DD4ECDC3" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit.) -- C:\Windows\Installer\{0B56244C-7B61-040C-A739-3E29DDE4DC3C}\ico_product
O90 - PUC: "F1E640A77BEB8C94382E871E1F6CC506" . (.Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
~ Update Products: 254 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 19/12/2009 814344 | (ABBYY.Licensing.FineReader.Corporate.10.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
SS - | Demand 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
SR - | Auto 30/09/2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
SS - | Demand 10/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
SR - | Auto 01/07/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/07/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Auto 18656 | (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 20/10/2011 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/09/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Demand 05/05/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SS - | Demand 28/10/2011 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 16/06/2012 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 21/10/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/10/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 21/06/2011 85560 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 13/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 116104 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 65536 | (mi-raysat_3dsMax2009_32) . (...) - C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
SR - | Auto 65536 | (mi-raysat_3dsMax2009_64) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
SR - | Auto 86016 | (mi-raysat_3dsmax2012_32) . (...) - C:\Program Files (x86)\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
SS - | Auto 10/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Disabled 20/05/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/02/2010 242560 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 23/03/2010 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
SR - | Auto 08/09/2011 6583160 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
SR - | Auto 08/09/2011 528760 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Run by Florian at 06/08/2013 00:52:16
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Florian at 06/08/2013 00:52:18
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.12839 - (04/08/2013)
Cl�s trouv�es (Keys found) : 148
Valeurs trouv�es (Values found) : 3
Dossiers trouv�s (Folders found) : 24
Fichiers trouv�s (Files found) : 38
[HKLM\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc] =>Adware.Bandoo^
[HKLM\Software\Google\Chrome\Extensions\leahdjjpjmnamomgpojikeapflgbmjab] =>PUP.CacaoWeb^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
[HKCU\Software\default tab] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\default tab] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Softonic] =>Toolbar.Conduit
[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2415}] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>Toolbar.Conduit^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\addon@defaulttab.com =>Adware.Bandoo^
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\Softonic =>Toolbar.Conduit^
C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo^
C:\ProgramData\Yahoo! =>Toolbar.Yahoo^
C:\Users\Florian\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\DefaultTab =>Adware.Bandoo^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\vghd =>Adware.VirtualGirl
C:\Program Files (x86)\Windows Searchqu Toolbar =>Adware.Bandoo
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Florian\AppData\Roaming\eType =>Adware.Zugo
C:\Users\Florian\AppData\Roaming\vghd =>Adware.VirtualGirl
C:\Users\Florian\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Florian\AppData\Local\Software =>Adware.Boxore
C:\Users\Florian\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Florian\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Florian\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\Florian\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\Florian\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchqutoolbar =>Adware.Bandoo
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\SearchPlugins\SearchResults.xml =>Toolbar.Agent
C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc =>Adware.Bandoo^
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\leahdjjpjmnamomgpojikeapflgbmjab =>PUP.CacaoWeb^
C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon^
C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll =>PUP.Datamngr^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll =>Adware.Bandoo^
C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll =>Toolbar.Conduit^
C:\Program Files (x86)\WIA6EB~1\Datamngr\x64\datamngr.dll =>Adware.Bandoo^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\Yahoo] =>Toolbar.Yahoo^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Default Tab] =>Adware.Bandoo^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe =>Adware.Bandoo^
C:\Users\Florian\AppData\Roaming\cacaoweb\replicating30F3C2B699C237F170D6417C0DF12D60.cacao [59647721] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\cacaoweb\npdfile.dat [94] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\cacaoweb\storage.db [2132] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Local\Temp\bubbledock.exe =>Toolbar.BubbleDock^
C:\Users\Florian\AppData\Local\Temp\DefaultTabSetup2.exe =>Adware.Bandoo^
C:\Users\Florian\AppData\Local\Temp\Kreapixel_addonAcPro.exe =>Adware.PredictAd^
C:\Users\Florian\AppData\Local\Temp\kujytuo.exe =>Virus.Kujytuo^
C:\Users\Florian\AppData\Local\Temp\MyBabylonTB.exe =>Toolbar.Babylon^
C:\Users\Florian\AppData\Local\Temp\SetupDataMngr_Searchqu.exe =>PUP.Datamngr^
C:\Users\Florian\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe =>Toolbar.Conduit^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr^
C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Users\Florian\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Users\Florian\AppData\Local\Temp\Searchqu.ini =>Adware.Bandoo
C:\Users\Florian\AppData\Local\Temp\searchqutoolbar-manifest.xml =>Adware.Bandoo
~ Additionnel Scan: 1262770 Items scanned in 03mn 07s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/28085716-pup-startsearch =>PUP.StartSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/28358602-virus-kujytuo =>Virus.Kujytuo
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/28346035-adware-virtualgirl =>Adware.VirtualGirl
~ http://nicolascoolman.webs.com/apps/blog/show/26828293-adware-zugo =>Adware.Zugo
~ MSI: 22 link(s) detected in 03mn 07s
~ 3202 Legitimates filtered by white list
End of the scan (964 lines in 16mn 36s)(8)
Run by Florian at 06/08/2013 00:38:50
WebSite: http://nicolascoolman.webs.com
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16635
MFIE: Mozilla Firefox v3.6.16 (fr)
GCIE: Google Chrome v28.0.1500.95 (Defaut)
OBIE: Wacom WebTabletPlugin for Internet Explorer and Netscape v2.0.0.1
OBIE: Wacom WebTabletPlugin for Netscape v1.1.0.10
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 64-bit (Build 6000)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.3884
---\\ System Optimizer
CCleaner v4.04 =>Piriform Ltd
---\\ Peer To Peer (P2P)
�Torrent v2.2.0 =>P2P.�Torrent
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader 9.4.6 MUI
Java 7 Update 25
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4022 MB (31% free)
System Restore: Activ� (Enable)
System drive C: has 391 GB (67%) free of 579 GB
---\\ Logged in mode
~ Computer Name: FLORIAN-PC
~ User Name: Florian
~ All Users Names: UpdatusUser, HomeGroupUser$, Florian, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Florian\AppData\Roaming\
~ %Desktop% : C:\Users\Florian\Desktop\
~ %Favorites% : C:\Users\Florian\Favorites\
~ %LocalAppData% : C:\Users\Florian\AppData\Local\
~ %StartMenu% : C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 391 Go of 579 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 17 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 32 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FAF6EC2460AD5FBBD38D8E1AE28B0D77] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/06/2013 - 00:26:20.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/3737
~ Mes musiques (My Musics) : 21/446
~ Mes Videos (My Videos) : 1/124
~ Mes Favoris (My Favorites) : 1/38
~ Mes Documents (My Documents) : 3/3228
~ Mon Bureau (My Desktop) : 1/70
~ Menu demarrer (Programs) : 1/118
~ Hidden Files: Scanned in 00mn 04s
---\\ Processus lanc�s
[MD5.7F27323E0BA892B12C52E686E09F39D6] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384] [PID.2684]
[MD5.7894DC17942282D77668AB2C4230A5A9] - (...) -- C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe [452608] [PID.2732] =>PUP.CacaoWeb
[MD5.5DDD3DB40E10C6CC8195D9471CAEB24E] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016] [PID.3000]
[MD5.1CE55AE7E57826457FD56EB3C50E4E54] - (.CyberLink Corp. - HP MediaSmart TV Resident Program.) -- c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe [415016] [PID.1220]
[MD5.C6331D11F80B3AFFD91A9B3858E00F23] - (.CyberLink - CyberLink MediaLibray Service.) -- c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [210216] [PID.1144]
[MD5.103AD27530849E61EB22A0D3E9AF9AA5] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656] [PID.2304]
[MD5.EB46B8E56C1B6C73C4251EED5F0E6DD6] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe [27370808] [PID.2348]
[MD5.4631FF0EE2964CCDC646AF807CB778F5] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345144] [PID.2120]
[MD5.225518F190EDBC37CA32197A3E94B498] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512] [PID.576]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.2972]
[MD5.42592ACDE05D7A071F645889EF3AD9F1] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.2084]
[MD5.ECCA7F72A24C7CF43131946C076689D1] - (.Google Inc. - Google Chrome.) -- C:\Users\Florian\AppData\Local\Google\Chrome\Application\chrome.exe [846288] [PID.708]
[MD5.013CBC83D1C8131EB623567EF4D3FFCC] - (.RealNetworks, Inc. - RealDownloader.) -- C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [233048] [PID.5584]
[MD5.BE8080B4E062966117036CD4B89438DD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7605248] [PID.6812]
[MD5.99387251353598C939592FAF40DF8AA9] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024] [PID.1860]
[MD5.D5934C8B21C2BBBDD259B691DEFE33BA] - (.ABBYY - ABBYY network license server.) -- C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe [814344] [PID.2324]
[MD5.1474F121C3DF1232D3E7239C03691EE6] - (.Adobe Systems Incorporated - Adobe Photoshop Elements 9.0 (component).) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408] [PID.2468]
[MD5.8491FDA93507F2F27FFBA11372764086] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088] [PID.2908]
[MD5.EAD65493EDBA0EBEA2192D46B938298E] - (.Autodesk - System Level Service Utility.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360] [PID.1616]
[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.2088]
[MD5.AD5DF6F4FBBC798636EDC66BFEC7D0DE] - (.Pas de propri�taire - Inkjet Printer/Scanner/Fax Extended Survey.) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe [116104] [PID.2708]
[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.3088]
[MD5.AA0C4A2C33CE075DF2C272D678734991] - (...) -- C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe [65536] [PID.3172]
[MD5.AA0C4A2C33CE075DF2C272D678734991] - (...) -- C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [65536] [PID.3200]
[MD5.0AF89452A8CE3928168F4E5B2208C68B] - (...) -- C:\Program Files (x86)\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe [86016] [PID.3228]
[MD5.B2D01290C0E0465ACA54C2088E947823] - (...) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056] [PID.3364]
[MD5.44407283382D82C64C9195DE686D4205] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1260320] [PID.5332]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.fr
G2 - GCE: Preference [User Data\Default] [aelbknmfcacjffmgnoaaonhgoghlmlkp] HP Product Detection Plugin v.1.0.28.1 (Activ�)
G2 - GCE: Preference [User Data\Default] [icdbhfgaogfjhbhohgbhdfhabffhdehe] AT_JeffKoons v.3 (Activ�)
G2 - GCE: Preference [User Data\Default] [kdidombaedgpfiiedeimiebkmbilgmlc] DefaultTab v.1.1.19, (D�sactiv�) =>Adware.Bandoo
G2 - GCE: Preference [User Data\Default] [leahdjjpjmnamomgpojikeapflgbmjab] cacaoweb v.1.13 (D�sactiv�) =>PUP.CacaoWeb
G2 - GCE: Preference [User Data\Default] [paoponfhfdfnjgddpnpjkambkcgdaaib] uTorrentBar_FR v.10.16.2.9, (D�sactiv�) =>P2P.�Torrent
~ Google Browser: 33 Legitimates Filtered in 00mn 24s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\prefs.js
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\user.js
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\search-here.xml
M3 - MFPP: Plugins - [Florian] -- C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\SearchResults.xml
M3 - MFPP: Plugins - [Florian] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Florian] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\SearchResults.xml
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\addon@defaulttab.com] [] Default Tab v1.4.2 (..) =>Adware.Bandoo
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.30 (..) =>PUP.CacaoWeb
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (..)
M2 - MFEP: prefs.js [Florian - p7c3oxzn.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.16.2.9 (..) =>P2P.�Torrent
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
~ Firefox Browser: 44 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.mysearchresults.com =>Adware.MyWebSearch
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com =>Toolbar.Babylon
R3 - URLSearchHook: uTorrentBar_FR Toolbar [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) (6.13.3.1) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 22
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {02478D38-C3F9-4efb-9B51-7695ECA05670} Cl� orpheline
O2 - BHO: uTorrentBar_FR [64Bits] - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit
O2 - BHO: Searchqu Toolbar [64Bits] - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propri�taire - dtx Dynamic Link Library.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll =>PUP.Datamngr
O2 - BHO: Loader Class [64Bits] - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll =>Adware.Bandoo
O2 - BHO: Softonic Helper Object [64Bits] - {E87806B5-E908-45FD-AF5E-957D83E58E68} . (.Softonic.com - Pas de description.) -- C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll =>Toolbar.Conduit
~ BHO: 38 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{21FA44EF-376D-4D53-9B0F-8A89D3229068} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [IntelliPoint] . (.Microsoft Corporation - IPoint.exe.) -- c:\Program Files\Microsoft IntelliPoint\ipoint.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Pas de propri�taire - SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\Florian\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Florian\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files (x86)\real\realplayer\Update\realsched.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-3548059479-1584774786-2261184982-1003\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3548059479-1584774786-2261184982-1003\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Florian\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\TaskBar: Sticky Notes.lnk . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\system32\StikyNot.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
O4 - GS\QuickLaunch: IZArc.lnk . (...) -- C:\Program Files (x86)\IZArc\IZArc.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: Samsung Story Album Viewer.lnk . (...) -- C:\Program Files (x86)\Samsung\Story Album Viewer\HTML5Viewer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe
O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.) -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe
O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.) -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe
O4 - GS\SendTo: Dropbox.lnk . (...) -- C:\Users\Florian\Dropbox
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Canon Solution Menu EX.lnk . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe
O4 - GS\Desktop: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Florian\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\Florian\AppData\Roaming\Spotify\spotify.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{2C4683F1-7F65-4197-9546-D12529FF56BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B006B9CC-C69E-4498-8FC3-2C566C6FB083}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Bandoo Media, inc - Data Manager.) - C:\Program Files (x86)\WIA6EB~1\Datamngr\x64\datamngr.dll =>Adware.Bandoo
~ AppInit DLL: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.DC9411D2A23F0E5B9395D93D042BCCBF] [APT] [{54040740-CE08-46C9-B2B4-AFC3D8394912}] (...) -- C:\drivers\printer\Z500-Z600\Setup.exe [304048]
[MD5.14BE35EF2A106A55000539D2794DF1A0] [APT] [{56F89125-3A90-433D-94F4-2BCAA44C0FB4}] (.Secure Digital Services.) -- C:\Users\Florian\Downloads\MyPDFConverter-setup.exe [1045848]
[MD5.00000000000000000000000000000000] [APT] [{8275723E-4A87-4353-87B7-5159677A9CFC}] (...) -- C:\Program Files (x86)\Lexmark Z500-Z600 Series\Drivers\COMMON\lexgo.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9ECCB1CE-AA38-438D-82C7-AD8F3ED2DC09}] (...) -- F:\Autorun.exe (.not file.) [0]
[MD5.C5D3C3E65F70C3CF8DB9720C45404819] [APT] [{A488379A-0AE9-4244-96DF-E6EA7AF7D4F1}] (.Corel Corporation.) -- C:\Program Files (x86)\InstallShield Installation Information\{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}\setup.exe [311296]
[MD5.00000000000000000000000000000000] [APT] [{C0FB767A-0286-4E9B-A329-47FA84771348}] (...) -- F:\Setup.exe (.not file.) [0]
[MD5.14291FAA352D1ABE09D4E1DDA05F79AB] [APT] [{C3EC99CF-A934-4104-BA7B-1C48A2F50A6C}] (...) -- C:\Users\Florian\Downloads\wink20\wink20.exe [3363267]
[MD5.00000000000000000000000000000000] [APT] [{C78FE827-099E-478B-B375-58E1BC45779E}] (...) -- F:\.\Autorun.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CFAC9FBB-41B8-4EB9-80C1-DE5660FFC984}] (...) -- G:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E0BD2034-6C2F-4DB3-8F83-126C55C24316}] (...) -- C:\Program Files (x86)\Lexmark Z500-Z600 Series\Drivers\COMMON\lexgo.exe (.not file.) [0]
~ Scheduled Task: 92 Legitimates Filtered in 00mn 08s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Softonic toolbar on IE - (.Softonic.) [HKLM][64Bits] -- Softonic =>Toolbar.Conduit
~ Logic: 299 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Yahoo] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\Cadalog Inc]
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Default Tab] =>Adware.Bandoo
[HKCU\Software\DsAudioDevice_310]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Kerkythea Rendering System]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\StartSearch] =>PUP.StartSearch
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo
[HKCU\Software\Yahoo] =>Toolbar.Yahoo
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\�A�v���P�[�V���� �E�B�U�[�h�Ő������ꂽ���[�J�� �A�v���P�[�V����]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\TsPluginMax]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Daniusoft]
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\TsPluginMax]
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo
~ Key Software: 355 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 10/06/2013 - 19:04:26 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 20/03/2011 - 19:48:32 - [8,336] ----D C:\Program Files (x86)\Kerkythea Rendering System
O43 - CFD: 10/11/2012 - 04:00:11 - [1,959] ----D C:\Program Files (x86)\Softonic =>Toolbar.Conduit
O43 - CFD: 30/01/2011 - 01:57:08 - [3,396] ----D C:\Program Files (x86)\vghd
O43 - CFD: 31/07/2012 - 17:09:12 - [0] ----D C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 16/02/2013 - 14:16:28 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 24/07/2013 - 01:47:15 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 31/07/2012 - 16:58:09 - [0] ----D C:\ProgramData\Yahoo! =>Toolbar.Yahoo
O43 - CFD: 20/12/2010 - 16:50:23 - [33,621] ----D C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 27/09/2011 - 21:02:01 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}
O43 - CFD: 05/08/2013 - 23:16:06 - [1788,997] ----D C:\Users\Florian\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
O43 - CFD: 10/11/2012 - 23:30:16 - [0,411] ----D C:\Users\Florian\AppData\Roaming\DefaultTab =>Adware.Bandoo
O43 - CFD: 27/11/2011 - 18:07:35 - [0] ----D C:\Users\Florian\AppData\Roaming\eType
O43 - CFD: 02/04/2013 - 22:53:16 - [57,268] --H-D C:\Users\Florian\AppData\Roaming\RPPrivate
O43 - CFD: 31/07/2012 - 17:00:42 - [0,000] ----D C:\Users\Florian\AppData\Roaming\vghd
O43 - CFD: 10/06/2013 - 19:04:23 - [0,083] ----D C:\Users\Florian\AppData\Local\Conduit
O43 - CFD: 13/03/2011 - 01:19:18 - [30,447] ----D C:\Users\Florian\AppData\Local\Installer7752
O43 - CFD: 13/03/2011 - 01:13:22 - [33,915] ----D C:\Users\Florian\AppData\Local\Installer8160
O43 - CFD: 30/01/2011 - 02:01:32 - [0,002] ----D C:\Users\Florian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtuaGuy HD
~ 1019 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1435 Legitimates Filtered in 00mn 16s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.1DD045CCAEF393E654F7BA4812EB7F22] - 05/08/2013 - 17:05:03 ---A- - C:\Windows\Prefetch\ADSKSCSRV.EXE-A2ADF1C1.pf
O45 - LFCP:[MD5.48AFC28F179F611E45CD0E7EF90D850E] - 05/08/2013 - 21:15:16 ---A- - C:\Windows\Prefetch\PEN_TOUCHUSER.EXE-9BAF7741.pf
~ Prefetcher: 109 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{b2edb1e5-7c3c-11e2-8224-002713bc908f}\AutoRun\command. (...) -- G:\AutoRun.exe (.not file.)
O51 - MPSK:{c7aabdfe-8bf7-11e1-8aae-002713bc908f}\AutoRun\command. (...) -- H:\Setup.exe (.not file.)
O51 - MPSK:{e14b7d6a-a494-11df-9af0-8ad736253154}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\BambooCore [Key] . (.Pas de propri�taire - BambooDock back-end application.) -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (.Bandoo Media, inc - Data Manager.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe =>Adware.Bandoo
O53 - SMSR:HKLM\...\startupreg\GreedyTorrent [Key] . (...) -- C:\Program Files (x86)\GreedyTorrent\GTor.exe
O53 - SMSR:HKLM\...\startupreg\SanDiskSecureAccess_Manager.exe [Key] . (.Gemalto N.V. - RunSanDiskSecureAccess_Win.) -- C:\Users\Florian\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe =>P2P.�Torrent
~ SMSR Keys: 38 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.5C368F4B04ED2A923E6AFCA2D37BAFF5] - 13/05/2011 - 17:57:58 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43320]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 05/08/2013 - 02:00:15 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\replicating30F3C2B699C237F170D6417C0DF12D60.cacao [59647721] =>PUP.CacaoWeb
O61 - LFC: 05/08/2013 - 17:06:03 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\npdfile.dat [94] =>PUP.CacaoWeb
O61 - LFC: 05/08/2013 - 17:52:25 ---A- C:\Users\Florian\Downloads\ccsetup404.exe [4429440]
O61 - LFC: 05/08/2013 - 23:24:56 ---A- C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [257287]
O61 - LFC: 05/08/2013 - 23:41:28 ---A- C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Local State [48857]
O61 - LFC: 05/08/2013 - 23:42:51 ---A- C:\Users\Florian\AppData\Roaming\cacaoweb\storage.db [2132] =>PUP.CacaoWeb
~ 17 Fichiers temporaires (Temporary files)
~ Files: 158 Legitimates Filtered in 06mn 32s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.js>
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.FF19Solved", "true");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.UserID", "UN58226622926278296");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installDate", "10/6/2013 19:04:32");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installSessionId", "-1");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installSp", "FALSE");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.installerVersion", "1.4.2.3");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.searchRevert", "FALSE");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.searchUserMode", "1");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("CT2851639.versionFromInstaller", "10.16.2.9");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.bbDpng", 1); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.firstRun", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.hdrMd5", "173ED23E0A8C343251F58B7FBC2EDE19"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.lastActv", "1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.BabylonToolbar.lastDP", 1); =>Toolbar.Babylon
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_http", "");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_port", 0);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_referer", 2);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.illimitux_backup_type", 5);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_firsttime_4.0_", false);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_mu_auto", "");
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_auto", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_box", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_captcha", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_divx", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_embed", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_proxy", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_4s", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_captcha", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mp", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mu", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_mv", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_rs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_rs1", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_veoh", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_pt_zs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_referer", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_rs", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_tab", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.ilx_pref_zapmu", true);
O69 - SBI: prefs.js [Florian - p7c3oxzn.default] user_pref("extensions.illimitux.locale", "fr");
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {5BD35195-CF36-45ED-BE3E-794E8689589A} - (Search Here) - http://www.mysearchresults.com =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {6592C4E1-DE96-4D79-BFD4-3B081C6ADDCE} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7FA9C988-09D8-46B6-903E-4B06F640CDA8} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {837225D3-8191-4BAA-8BC5-E212354E74C8} - (Google) - http://www.google.fr
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2415} [DefaultScope] - (Search Results) - http://dts.search-results.com =>PUP.SearchResults
~ Keys: Scanned in 00mn 00s
---\\ Crack & Keygen Files (O82)
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
C:\Users\Florian\Documents\CS3\__CRACK__\Adobe CS3 MASTER - KEYGEN.exe
C:\Users\Florian\Downloads\Autocad 2012 fr 64 bits\KEYGEN\x-force_2012_x64.exe
~ Files: Scanned in 03mn 48s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.D77FD3ED2203562909782A412DF7264C] [SPRF][03/03/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [848]
[MD5.42BADC1D2F03A8B1E4875740D3D49336] [SPRF][29/06/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\Florian\AppData\Local\Temp\7za.exe [587776]
[MD5.60C83EFCB40CDEA9836D02445D02458F] [SPRF][19/01/2011] (.Autodesk, Inc. - Autodesk component.) -- C:\Users\Florian\AppData\Local\Temp\AcDeltree.exe [161704]
[MD5.CE755676AE6D27A1EFEEFB0F3C70A929] [SPRF][20/02/2013] (.Ask.com - AskStub Application.) -- C:\Users\Florian\AppData\Local\Temp\APNStub.exe [358600]
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][22/02/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Florian\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.056ED40CC5DAEC38D2CA9BD213D437DD] [SPRF][03/08/2011] (.Nosibay - Bubble Dock installer.) -- C:\Users\Florian\AppData\Local\Temp\bubbledock.exe [168384] =>Toolbar.BubbleDock
[MD5.F39FD431BE6629896D4FA4B575CAEF2C] [SPRF][10/11/2012] (.Search Results - DefaultTabSetup.exe.) -- C:\Users\Florian\AppData\Local\Temp\DefaultTabSetup2.exe [3182736] =>Adware.Bandoo
[MD5.9495FF73014B8A17BD4798911AD097FA] [SPRF][20/09/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\Extract.bat [87]
[MD5.1B365CA6FBDEA9303D64994AE06684E1] [SPRF][06/06/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\installhelper.dll [1467392]
[MD5.DFB17F7B0B0C4CA99A703DBA71AF396B] [SPRF][05/08/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [910624]
[MD5.0E2281AEC56203CA6A9E1848F7DBDF5A] [SPRF][19/10/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [909088]
[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [SPRF][14/11/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe [909088]
[MD5.EE622B2CD2D3C5CD950D49BD1708A9D4] [SPRF][20/02/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe [909600]
[MD5.9835AF740C54D07808C5BCC0F4493114] [SPRF][13/04/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe [910112]
[MD5.107167F15D30AA71D7CAFC0326AFB315] [SPRF][08/06/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe [909104]
[MD5.58D644315446AE9ECC66D8B0DE7351CA] [SPRF][25/07/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u34-windows-i586-iftw.exe [908272]
[MD5.8E51D3D38A26EEAC819974C9295AF35F] [SPRF][29/08/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe [908272]
[MD5.A85E2E0AF857692F2811073311695A8B] [SPRF][26/10/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe [912368]
[MD5.5CC163324A11091C975B686EF4C52C73] [SPRF][16/02/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe [897448]
[MD5.A620A735458E04AE0CF471319B6D6E7D] [SPRF][01/03/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe [897448]
[MD5.B1957B038895642DF9F662326E7D4DDC] [SPRF][22/06/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Florian\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe [903080]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][29/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.501391773032455428097.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][30/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.503557899772420562695.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][31/07/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.503755323299951635625.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][29/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504232287220550423335.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][24/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504482749726112500851.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][01/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504548509134083319657.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][14/07/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.504690811894970557051.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][30/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.505824622286508777190.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][12/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.50625412574456705042.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][11/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.507202079401980059972.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][24/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.508373271359280775187.dll [266240]
[MD5.3E7A52653DA302A77C08A8F3D4BBDE70] [SPRF][21/04/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\JSaHCMAPI_2.2.508528748043153831885.dll [266240]
[MD5.14013815CDFEF90E541DD662E44FD27B] [SPRF][09/02/2012] (.Complitly - Complitly Setup.) -- C:\Users\Florian\AppData\Local\Temp\Kreapixel_addonAcPro.exe [887696] =>Adware.PredictAd
[MD5.7B7761D6B38CEA5F0C19748AB63B1B39] [SPRF][17/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\kujytuo.exe [391520] =>Virus.Kujytuo
[MD5.8E1BEE68818EC7BCF7BC5140E746BFB6] [SPRF][10/05/2013] (.RealNetworks, Inc. - RealNetworks Installer.) -- C:\Users\Florian\AppData\Local\Temp\lowproc.exe [120400]
[MD5.675CE9743CFACD1A1DA44307035279F2] [SPRF][11/06/2013] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\Florian\AppData\Local\Temp\MouseKeyboardCenterx64_1036.exe [49882832]
[MD5.7C90F77D368CABEA7B726A3758D6D761] [SPRF][08/02/2012] (.Babylon Ltd. - Babylon Client Setup.) -- C:\Users\Florian\AppData\Local\Temp\MyBabylonTB.exe [919664] =>Toolbar.Babylon
[MD5.1FD201DDC84D8F2A0E9340154F5DC0F2] [SPRF][16/12/2011] (.Google Inc. - Picasa.) -- C:\Users\Florian\AppData\Local\Temp\PicasaUpdater_298e.exe [14124536]
[MD5.72CF064E0B2F7EB666FBB25BE2D5DFD6] [SPRF][08/02/2012] (.Macromedia, Inc. - Macromedia Flash Player 8.0 r22.) -- C:\Users\Florian\AppData\Local\Temp\push.exe [2561093]
[MD5.3DE7C6D01B163FBBEDE001C3FEA49787] [SPRF][04/02/2011] (.Hewlett-Packard Company - Resource.) -- C:\Users\Florian\AppData\Local\Temp\Resource.exe [88120]
[MD5.3F174085D55BD3029301EF3CFBA2C11D] [SPRF][17/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\Setup.exe [815768]
[MD5.DEB5B469275C04D2D08608E04C7E9DB3] [SPRF][04/08/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\SetupDataMngr_Searchqu.exe [3793376] =>PUP.Datamngr
[MD5.0D736AAAB3A5ACFD3A4605730A8AA33A] [SPRF][13/07/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Florian\AppData\Local\Temp\SkypeSetup.exe [31945320]
[MD5.1FF434E7658173C709FCCD47DB54E35A] [SPRF][10/11/2012] (.Softonic - Pas de description.) -- C:\Users\Florian\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe [1697768] =>Toolbar.Conduit
[MD5.27BCA7F55743101C6AC7D2C205DFE64E] [SPRF][27/09/2011] (.Hewlett-Packard - Pas de description.) -- C:\Users\Florian\AppData\Local\Temp\sp54373.exe [48461176]
[MD5.5E489DE183B5F1BFEF58693EDA84FED8] [SPRF][11/03/2012] (.Spotify Ltd - Spotify Installer.) -- C:\Users\Florian\AppData\Local\Temp\SpotifyUpgrader.exe [18294824]
[MD5.72412B526BCC716382E62B7939DCFD8F] [SPRF][26/05/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\SRAssetsHelper.dll [1085952]
[MD5.7EC6C8E88BECD3C40AE35AAD1DF6EB0A] [SPRF][10/05/2013] (.RealNetworks, Inc. - RealDownloader Application.) -- C:\Users\Florian\AppData\Local\Temp\stubhelper.dll [90624]
[MD5.D55B57C51097122B44D08DE29D10D3CD] [SPRF][27/09/2011] (...) -- C:\Users\Florian\AppData\Local\Temp\temp.bat [299]
[MD5.0980ED49BA5D6F1D108DDC67C5672689] [SPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Florian\AppData\Local\Temp\UninstallHPSA.exe [449592]
[MD5.0980ED49BA5D6F1D108DDC67C5672689] [SPRF][21/06/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Florian\AppData\Local\Temp\UninstallHPTCA.exe [449592]
[MD5.3533F4EBAF75AC70AACA3DB2FF32EE25] [SPRF][18/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt5012.tmp.bat [73]
[MD5.3533F4EBAF75AC70AACA3DB2FF32EE25] [SPRF][18/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt5272.tmp.bat [73]
[MD5.CBF9C44A4C35599989CA8BDA97DDC586] [SPRF][10/06/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\utt6828.tmp.bat [77]
[MD5.0281576EC0CCBFE7D5F29C0088758579] [SPRF][18/05/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt69BF.tmp.bat [73]
[MD5.2346F496C80EF3413C5DE51E70888BA4] [SPRF][19/09/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7204.tmp.bat [73]
[MD5.2346F496C80EF3413C5DE51E70888BA4] [SPRF][19/09/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7628.tmp.bat [73]
[MD5.9263B3DA7C56FF2623B4DC9EBE9C85CE] [SPRF][16/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7982.tmp.bat [73]
[MD5.9263B3DA7C56FF2623B4DC9EBE9C85CE] [SPRF][16/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt7C11.tmp.bat [73]
[MD5.0D66ABBB25EBACFB3F583942E1BE83A0] [SPRF][11/02/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Florian\AppData\Local\Temp\utt9611.tmp.exe [738680] =>P2P.�Torrent
[MD5.2FFF5F86C2914794A819513935F3CF7B] [SPRF][04/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt96F1.tmp.bat [97]
[MD5.2FFF5F86C2914794A819513935F3CF7B] [SPRF][04/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\utt9D28.tmp.bat [97]
[MD5.F1B379465F1B9327F0F520B1C91C1AC8] [SPRF][11/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttA5BD.tmp.bat [97]
[MD5.F1B379465F1B9327F0F520B1C91C1AC8] [SPRF][11/12/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttA82D.tmp.bat [97]
[MD5.011319A0A0D69FFC510BCCD39920E6D0] [SPRF][10/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttBBDF.tmp.bat [73]
[MD5.011319A0A0D69FFC510BCCD39920E6D0] [SPRF][10/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttBE5E.tmp.bat [73]
[MD5.9E7C8432E36C5C885277DC51F1C5BB3A] [SPRF][15/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttD1A.tmp.bat [73]
[MD5.945B8A386A26BF882136F9D3B5F43B23] [SPRF][10/06/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttDF6.tmp.exe [8253952]
[MD5.63209BFF9B22F59B6810A736F40C00E3] [SPRF][22/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE3B9.tmp.bat [73]
[MD5.F0C9852AA242918ED3CE55340D77534A] [SPRF][07/05/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE4C4.tmp.bat [97]
[MD5.63209BFF9B22F59B6810A736F40C00E3] [SPRF][22/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE530.tmp.bat [73]
[MD5.F0C9852AA242918ED3CE55340D77534A] [SPRF][07/05/2013] (...) -- C:\Users\Florian\AppData\Local\Temp\uttE6D6.tmp.bat [97]
[MD5.9E7C8432E36C5C885277DC51F1C5BB3A] [SPRF][15/02/2012] (...) -- C:\Users\Florian\AppData\Local\Temp\uttF0D.tmp.bat [73]
[MD5.99D7A49436CD667441AF2C1D93C2D6C9] [SPRF][14/02/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Florian\AppData\Local\Temp\uttFFAC.tmp.exe [738680] =>P2P.�Torrent
[MD5.40395C175553CB14D2050888EFCCDF00] [SPRF][13/05/2011] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Florian\AppData\Local\Temp\vcredist_x64.exe [4961800]
[MD5.17474B8044FEC8257531E97954516911] [SPRF][01/08/2011] (.Pas de propri�taire - WinPcap 4.1.2 installer.) -- C:\Users\Florian\AppData\Local\Temp\winpcap-nmap-4.12.exe [428664]
[MD5.075B1751B00AC445FCFD82E6605EF5BB] [SPRF][23/11/2012] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Florian\AppData\Local\Temp\wlsetup.exe [1290088]
[MD5.293F0F4EC79E9E016F8193BA3552A33F] [SPRF][23/11/2012] (.Pas de propri�taire - Windows Live Installer.) -- C:\Users\Florian\AppData\Local\Temp\wlsetupc.exe [699464]
[MD5.E2574C21CD74DB7DCDDC44A5A492D6B3] [SPRF][18/11/2010] (...) -- C:\Users\Florian\AppData\Roaming\wklnhst.dat [1178]
[MD5.8E8CEA4D58BBAA30FDF39EE1936360F2] [SPRF][04/02/2011] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropENU.dll [113888]
[MD5.CBE31015B53BE10F453C7B93A3056CB8] [SPRF][18/02/2011] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\Windows\Downloaded Program Files\IDropFRA.dll [116040]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
[MD5.1E5CFDF9AEBDD84305A4C8154277A269] [SPRF][28/02/2007] (.Microsoft Corporation - Zone.com Checkers for MSN Messenger.) -- C:\Windows\Downloaded Program Files\msgrchkr.dll [131472]
~ Files: Scanned in 00mn 07s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{720EF469-3FF8-4AA8-BA41-DD52F2AD1EEB}" | In - Private - P6 - TRUE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{5D432C82-0C75-43FE-A3A7-C22BD3601ACF}" | In - Private - P17 - TRUE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{C874649B-1431-43B5-B46B-8A7953FA2EA2}" | In - Domain - P6 - FALSE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{0F888CFC-36AE-4A09-91A8-38D84938D51B}" | In - Domain - P17 - FALSE | .(.Totem Entertainment - DesktopVideoPlayer main executable.) -- C:\Program Files (x86)\vghd\vghd.exe
O87 - FAEL: "{AFBA5791-086C-43F5-95BB-F9B35062412C}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "{867391BF-AADB-42C7-B12C-01A2669C0BF3}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr
O87 - FAEL: "TCP Query User{BC4DFBF2-E590-4D03-9ED2-CD16B5DC68CB}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
O87 - FAEL: "UDP Query User{0AA351D1-2F45-4354-82ED-F0A908A6C1CA}C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb
~ Firewall: 272 Legitimates Filtered in 00mn 02s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "18CA50635E55C040BB144070BF766C93" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 64-bit.) -- C:\Windows\Installer\{3605AC81-55E5-040C-BB41-0407FB67C639}\ico_product
O90 - PUC: "26E12492F88F1F546868E8EA7684EA95" . (.Turbo Squid Tentacles 3ds Max 2009 64-bit.) -- C:\Windows\Installer\{29421E62-F88F-45F1-8686-8EAE6748AE59}\ARPPRODUCTICON.exe
O90 - PUC: "C44265B016B7C0407A93E392DD4ECDC3" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit.) -- C:\Windows\Installer\{0B56244C-7B61-040C-A739-3E29DDE4DC3C}\ico_product
O90 - PUC: "F1E640A77BEB8C94382E871E1F6CC506" . (.Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
~ Update Products: 254 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 19/12/2009 814344 | (ABBYY.Licensing.FineReader.Corporate.10.0) . (.ABBYY.) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\CE\NetworkLicenseServer.exe
SS - | Demand 68096 | (Adobe LM Service) . (...) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Demand 20/03/2007 153792 | (Adobe Version Cue CS3) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
SR - | Auto 30/09/2010 169408 | (AdobeActiveFileMonitor9.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
SS - | Demand 10/07/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
SR - | Auto 01/07/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 01/07/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SS - | Auto 18656 | (Autodesk Content Service) . (...) - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
SR - | Auto 20/10/2011 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/09/2009 873248 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Demand 05/05/2009 228408 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SS - | Demand 28/10/2011 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 16/06/2012 1431888 | (FLEXnet Licensing Service 64) . (.Flexera Software, Inc..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
SS - | Auto 21/10/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 21/10/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 21/06/2011 85560 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 13/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 116104 | (IJPLMSVC) . (...) - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.exe
SR - | Auto 20/08/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 65536 | (mi-raysat_3dsMax2009_32) . (...) - C:\Program Files (x86)\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
SR - | Auto 65536 | (mi-raysat_3dsMax2009_64) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
SR - | Auto 86016 | (mi-raysat_3dsmax2012_32) . (...) - C:\Program Files (x86)\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_32server.exe
SS - | Auto 10/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 27/02/2013 1260320 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Disabled 20/05/2011 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 39056 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
SR - | Auto 24/02/2010 242560 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Auto 21/06/2013 162408 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 23/03/2010 247808 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
SR - | Auto 08/09/2011 6583160 | (TabletServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_Tablet.exe
SR - | Auto 08/09/2011 528760 | (TouchServicePen) . (.Wacom Technology, Corp..) - C:\Program Files\Tablet\Pen\Pen_TouchService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Run by Florian at 06/08/2013 00:52:16
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Florian at 06/08/2013 00:52:18
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.12839 - (04/08/2013)
Cl�s trouv�es (Keys found) : 148
Valeurs trouv�es (Values found) : 3
Dossiers trouv�s (Folders found) : 24
Fichiers trouv�s (Files found) : 38
[HKLM\Software\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc] =>Adware.Bandoo^
[HKLM\Software\Google\Chrome\Extensions\leahdjjpjmnamomgpojikeapflgbmjab] =>PUP.CacaoWeb^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\DataMngr_Toolbar] =>Toolbar.Agent
[HKCU\Software\default tab] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\default tab] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Softonic] =>Toolbar.Conduit
[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\uTorrentBar_FR] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2415}] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\Classes\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}] =>Toolbar.Conduit^
[HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks]:{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} =>Toolbar.Conduit^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb^
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\addon@defaulttab.com =>Adware.Bandoo^
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\cacaoweb@cacaoweb.org =>PUP.CacaoWeb^
C:\Program Files (x86)\Softonic =>Toolbar.Conduit^
C:\Program Files (x86)\Yahoo! =>Toolbar.Yahoo^
C:\ProgramData\Yahoo! =>Toolbar.Yahoo^
C:\Users\Florian\AppData\Roaming\cacaoweb =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\DefaultTab =>Adware.Bandoo^
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\uTorrentBar_FR =>Toolbar.Conduit
C:\Program Files (x86)\vghd =>Adware.VirtualGirl
C:\Program Files (x86)\Windows Searchqu Toolbar =>Adware.Bandoo
C:\ProgramData\Software =>Adware.Boxore
C:\Users\Florian\AppData\Roaming\eType =>Adware.Zugo
C:\Users\Florian\AppData\Roaming\vghd =>Adware.VirtualGirl
C:\Users\Florian\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Florian\AppData\Local\Software =>Adware.Boxore
C:\Users\Florian\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Florian\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Florian\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\Florian\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\Florian\AppData\LocalLow\uTorrentBar_FR =>Toolbar.Conduit
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\searchqutoolbar =>Adware.Bandoo
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb
C:\Users\Florian\AppData\Roaming\Mozilla\Firefox\Profiles\p7c3oxzn.default\SearchPlugins\SearchResults.xml =>Toolbar.Agent
C:\Users\Florian\AppData\Roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc =>Adware.Bandoo^
C:\Users\Florian\AppData\Local\Google\Chrome\User Data\Default\Extensions\leahdjjpjmnamomgpojikeapflgbmjab =>PUP.CacaoWeb^
C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon^
C:\Program Files (x86)\uTorrentBar_FR\prxtbuTor.dll =>Toolbar.Conduit^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll =>PUP.Datamngr^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll =>Adware.Bandoo^
C:\Program Files (x86)\Softonic\Softonic\1.6.7.4\bh\Softonic.dll =>Toolbar.Conduit^
C:\Program Files (x86)\WIA6EB~1\Datamngr\x64\datamngr.dll =>Adware.Bandoo^
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\AppDataLow\Software\Yahoo] =>Toolbar.Yahoo^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\Default Tab] =>Adware.Bandoo^
[HKCU\Software\YahooPartnerToolbar] =>Toolbar.Yahoo^
[HKCU\Software\Yahoo] =>Toolbar.Yahoo^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\Default Tab] =>Adware.Bandoo^
[HKLM\Software\Wow6432Node\Yahoo] =>Toolbar.Yahoo^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe =>Adware.Bandoo^
C:\Users\Florian\AppData\Roaming\cacaoweb\replicating30F3C2B699C237F170D6417C0DF12D60.cacao [59647721] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\cacaoweb\npdfile.dat [94] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Roaming\cacaoweb\storage.db [2132] =>PUP.CacaoWeb^
C:\Users\Florian\AppData\Local\Temp\bubbledock.exe =>Toolbar.BubbleDock^
C:\Users\Florian\AppData\Local\Temp\DefaultTabSetup2.exe =>Adware.Bandoo^
C:\Users\Florian\AppData\Local\Temp\Kreapixel_addonAcPro.exe =>Adware.PredictAd^
C:\Users\Florian\AppData\Local\Temp\kujytuo.exe =>Virus.Kujytuo^
C:\Users\Florian\AppData\Local\Temp\MyBabylonTB.exe =>Toolbar.Babylon^
C:\Users\Florian\AppData\Local\Temp\SetupDataMngr_Searchqu.exe =>PUP.Datamngr^
C:\Users\Florian\AppData\Local\Temp\softonic_ggl_1.6.7.4.exe =>Toolbar.Conduit^
C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe =>PUP.Datamngr^
C:\users\florian\appdata\roaming\cacaoweb\cacaoweb.exe =>PUP.CacaoWeb^
C:\Users\Florian\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Users\Florian\AppData\Local\Temp\Searchqu.ini =>Adware.Bandoo
C:\Users\Florian\AppData\Local\Temp\searchqutoolbar-manifest.xml =>Adware.Bandoo
~ Additionnel Scan: 1262770 Items scanned in 03mn 07s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27566847-pup-cacaoweb =>PUP.CacaoWeb
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/28085716-pup-startsearch =>PUP.StartSearch
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults
~ http://nicolascoolman.webs.com/apps/blog/show/31746142-toolbar-bubbledock =>Toolbar.BubbleDock
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/28358602-virus-kujytuo =>Virus.Kujytuo
~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/28346035-adware-virtualgirl =>Adware.VirtualGirl
~ http://nicolascoolman.webs.com/apps/blog/show/26828293-adware-zugo =>Adware.Zugo
~ MSI: 22 link(s) detected in 03mn 07s
~ 3202 Legitimates filtered by white list
End of the scan (964 lines in 16mn 36s)(8)