Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.10.25.66 - Nicolas Coolman (25/10/2013)
~ Lanc� par user (26/10/2013 12:34:35)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v30.0.1599.101 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : B3YWM
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Avira Free Antivirus v13.0.0.4042
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
�Torrent v3.3.0.29677 =>P2P.�Torrent
---\\ Surveillance de Logiciels
Adobe Flash Player 9 ActiveX
Adobe Reader 9.5.4 - Fran�ais
Java 7 Update 40
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1909 MB (8% free)
System Restore: Activ� (Enable)
System drive C: has 45 GB (25%) free of 176 GB
---\\ Mode de connexion au syst�me
~ Computer Name: USER-PC
~ User Name: user
~ All Users Names: user, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 176 Go)
D: Hard drive, Flash drive, Thumb drive (Free 118 Go of 122 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4FEB264B47360B7296AEA4E052F88D8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:28:06.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 12:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 00:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 13:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 08:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/5251
~ Mes musiques (My Musics) : 1/1327
~ Mes Videos (My Videos) : 1/29
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/13914
~ Mon Bureau (My Desktop) : 4/831
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 01mn 02s
---\\ Processus lanc�s
[MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- c:\program files\avira\antivir desktop\avgnt.exe [347192] [PID.4732]
[MD5.FE98E6FB01FE9A1A7274FD7865B82900] - (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\program files\avira\antivir desktop\avcenter.exe [328760] [PID.3532]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.14432]
[MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe [844752] [PID.1492]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.16564]
[MD5.CC82669653807DFC27DF3B73ECE5EECD] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [8135168] [PID.15340]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [acganlmcjehnfmehkmlimgkaloifodlf] Koji NISHIDA v.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (D�sactiv�) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [jplinpmadfkdgipabgcdchbdikologlh] 1Click Downloader v.1.6 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Security Toolbar v.14.1.0.10 (D�sactiv�)
~ Google Browser: 20 Legitimates Filtered in 04mn 09s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: 01NET.com - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: 01NET.com Toolbar - [HKLM]{8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{8E5025C2-8EA3-430D-80B8-A14151068A6D} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BIMx pour ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\Extensions\BIM Explorer\BIM Explorer.exe
O4 - GS\Desktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) -- C:\Program Files\Speccy\Speccy.exe
O4 - GS\Program [Public]: Turbo Squid Tentacles 32-bit.lnk . (.Turbo Squid - Turbo Squid Tentacles Frontend.) -- C:\Program Files\Turbo Squid Tentacles\TSStore.exe
O4 - GS\QuickLaunch [user]: ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD Starter.exe
O4 - GS\QuickLaunch [user]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [user]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [user]: WinZip.lnk . (...) -- C:\Program Files\WinZip\WINZIP32.exe (.not file.)
~ Global Startup: 57 Legitimates Filtered in 00mn 04s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [autodetect] . (.Pas de propri�taire - AutoDect.) -- C:\Program Files\Internet Haut D�bit Mobile\AutoDect.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1243204835-3674121785-2205346301-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Cl� orpheline
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CS1\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CS2\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe
O23 - Service: (vToolbarUpdater17.0.12) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 17 Legitimates Filtered in 00mn 07s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Norton Security Scan for user] (...) -- C:\Program Files\NORTON~2\Engine\372~1.5\Nss.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1C9E10CE-E145-4233-835C-0A2484E10848}] (...) -- E:\archicad\Crack\Archicad.v11.build.897_Crk.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9EF6F727-5358-4ED0-AB17-E8C49645A2DF}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [0]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 09s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 1ClickDownloader - (.1ClickDownload.) [HKLM] -- 1ClickDownloader =>PUP.1ClickDownloader
O42 - Logiciel: IB Updater Service - (...) [HKLM] -- WNLT =>Adware.InstallBrain
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM] -- {0C43FE6B-E881-4AFC-B384-4AEBC90047E8} =>PUP.SweetIM
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM
~ Logic: 133 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\IGearSettings]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TestSelf]
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\ASGVIS]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\ICL]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\TsPluginMax]
~ Key Software: 171 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/06/2012 - 14:51:21 - [2,481] ----D C:\Program Files\1ClickDownload =>PUP.1ClickDownloader
O43 - CFD: 07/01/2013 - 21:56:19 - [1,492] ----D C:\Program Files\Climate5.3
O43 - CFD: 14/08/2012 - 15:34:45 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 06/06/2013 - 14:14:27 - [11,631] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 18/04/2012 - 22:58:36 - [2,139] ----D C:\ProgramData\ASGVIS
O43 - CFD: 06/06/2013 - 14:14:34 - [0,878] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 18/05/2013 - 18:46:22 - [0,457] ----D C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org
O43 - CFD: 18/05/2013 - 18:53:09 - [0,163] ----D C:\Users\user\AppData\Local\B1E
O43 - CFD: 06/06/2013 - 14:14:36 - [2,533] ----D C:\Users\user\AppData\Local\Conduit
O43 - CFD: 18/01/2012 - 10:32:14 - [0,428] ----D C:\Users\user\AppData\Local\GS-LW-Temp
~ 733 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 949 Legitimates Filtered in 01mn 12s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.4445876A199BF8E9C03864C19C588A9B] - 26/10/2013 - 10:50:31 ----- . (...) -- C:\UsbFix [Scan 1] USER-PC.txt [11225]
O44 - LFC:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 26/10/2013 - 11:04:02 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624]
O44 - LFC:[MD5.60FBD844F21F7C92927D27EA0634998F] - 26/10/2013 - 11:47:17 ----- . (...) -- C:\UsbFix [Scan 3] USER-PC.txt [11571]
O44 - LFC:[MD5.7794A9DBCFEA0D9B9BF18F8DB1C2D196] - 26/10/2013 - 11:52:53 ---A- . (...) -- C:\UsbFix [Clean 3] USER-PC.txt [10932]
O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192]
O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192]
~ Files: 60 Legitimates Filtered in 00mn 09s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{06760e05-74c6-11e1-bed5-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{18b4f22e-34b9-11e3-9ff4-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{7ce58d35-0e76-11e2-8272-74de2b74ff58}\AutoRun\command. (...) -- F:\Syst�me_Windows\Installer.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
~ SMSR Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (01NET.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{2A2965C6-39DD-4A2E-98A0-C728FCA69791}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{82C5B734-E8E9-420A-82B5-4AE4D6E2EA8B}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "{C78F4C19-FFD5-495A-8F58-6B6A14822413}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.)
O87 - FAEL: "{7E83F425-C575-4616-AD30-EF296FD9BD10}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.)
O87 - FAEL: "{85C498F1-3867-4502-B356-8428EA6301EC}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.)
O87 - FAEL: "{3EE08BBD-C24D-4D9B-BC05-34C5C26594F9}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.)
O87 - FAEL: "{E7563B63-BD4B-4383-BE44-CCD873B0BA26}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.)
O87 - FAEL: "{9E27C791-4CA1-4E56-9F68-B17062906757}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.)
O87 - FAEL: "TCP Query User{E39724D7-D2DA-4483-AF2B-B0302DD810B5}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P6 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe
O87 - FAEL: "UDP Query User{8AB8098D-CBF5-4E8B-BF7E-AE9156090A06}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P17 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe
O87 - FAEL: "{4886BC05-70F1-48C9-B263-630B3310C92B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{8E99852D-A71B-46AD-BD39-2A32B1677606}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "TCP Query User{58E2FC74-2204-4134-8355-DD57AF27A240}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{199259E9-417F-4AF4-AFA8-DC0D1F82535B}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "TCP Query User{0D2EEF60-BCAC-4ABD-9E1E-3A07BBE8678E}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.)
O87 - FAEL: "UDP Query User{897E25E8-48E3-4E1A-A25E-03855096D44C}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.)
O87 - FAEL: "TCP Query User{3DF1810E-D3E8-4B67-A863-DA0C5F83BBD4}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.)
O87 - FAEL: "UDP Query User{92C6DADF-B0B3-4E9C-8233-41B6CD31D71B}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.)
O87 - FAEL: "TCP Query User{B1641171-D881-471D-B7FB-031E7611FE4C}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P6 - TRUE | .(.Pas de propri�taire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader
O87 - FAEL: "UDP Query User{F40AF539-49DD-49EB-B8E5-CBFB3BCE54C2}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P17 - TRUE | .(.Pas de propri�taire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader
O87 - FAEL: "{73BC8BE4-4D44-48E6-9A65-934A95640D32}" | In - Public - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{72509DB1-0DE9-40F4-A47D-1C620BBFBAFF}" | In - Public - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D6FE3158-CBD0-4E23-ADC1-192D59A04567}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{8AB5A4C4-A200-497A-9A0A-A37D27FEB827}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "TCP Query User{EFBE3843-8B59-4CD0-A010-2E204118148F}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{E5C5C27B-CA40-4C26-868D-0BFE666CBD2D}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "{BB95B326-7CFC-41F5-B906-574B5C334EBB}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{82A9DFA8-1D94-42A4-9916-A0F1E6A55D58}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{02D0355E-D1E8-4E24-9079-698CC071EAE9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{5363C77C-1C1B-4FBF-8563-F9636AA83B33}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{1F1E154A-CA11-4AEE-A0A7-80F4F09A9D33}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{A81FD846-C81E-41C1-8897-E4D001B10C99}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{531A2609-BE48-4E5C-B2C7-8AF3333B884E}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{ED88F6B7-805F-4E55-BFF9-D25C649ACB70}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 03s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "C44265B016B7C0407A93E392DD4ECDC3" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit.) -- C:\Windows\Installer\{0B56244C-7B61-040C-A739-3E29DDE4DC3C}\ico_product
O90 - PUC: "F1E640A77BEB8C94382E871E1F6CC506" . (.Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
~ Update Products: 146 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39509F7D4B7E345BE537D01B3E1ABEB9] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\309df.msi [3760128] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\30a44.msi [3304960] =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\30a59.msi [2997248] =>PUP.SweetIM
[MD5.BBF4134424D0556F36DC086028750937] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\30a5f.msi [2579456] =>PUP.SweetIM
[MD5.BFB448F9E0DCB89E0574F7087BC1FFF1] [WIS][07/01/2011] (.Google, Inc. - Google SketchUp 8 Installer.) -- C:\Windows\Installer\940f42.msi [57286144]
[MD5.E0257E6D5AC3CC1DFC98A7B62A7B300C] [WIS][10/03/2008] (.Turbo Squid - Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\b96fd.msi [9166848]
~ WIS: 152 Legitimates Filtered in 00mn 49s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 23/10/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 23/10/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SS - | Disabled 23/10/2013 815160 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Auto 09/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
SS - | Auto 09/05/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe
SS - | Auto 14/02/2012 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SS - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 23/12/2011 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 24/06/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/06/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SS - | Auto 20/05/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Auto 16/12/2011 1796200 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 23/07/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Auto 19/03/2008 65536 | (mi-raysat_3dsMax2009_32) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
SS - | Auto 22/10/2013 655712 | (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe
SS - | Auto 29/11/2012 38608 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 23/07/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 03/10/2013 1734680 | (vToolbarUpdater17.0.12) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 54s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (25/10/2013)
Cl�s trouv�es (Keys found) : 183
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 16
Fichiers trouv�s (Files found) : 7
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5025C2-8EA3-430D-80B8-A14151068A6D}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader] =>PUP.1ClickDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.InstallBrain^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Sweetpacks Communicator] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\vProt] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Adware.SimilarSites
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{EEE6C35B-6118-11DC-9C72-001320C79847} =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
C:\Program Files\1ClickDownload =>PUP.1ClickDownloader^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org^
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\user\AppData\Local\B1E =>Toolbar.BrotherSoft
C:\Users\user\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\user\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\user\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\user\AppData\Local\Temp\avg@toolbar =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\309df.msi =>PUP.SweetIM^
C:\Windows\Installer\30a44.msi =>PUP.SweetIM^
C:\Windows\Installer\30a59.msi =>PUP.SweetIM^
C:\Windows\Installer\30a5f.msi =>PUP.SweetIM^
~ Additionnel Scan: 462667 Items scanned in 00mn 53s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/30703839-hijacker-searchb1org =>Hijacker.SearchB1org
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ MSI: 16 link(s) detected in 00mn 53s
~ 1997 Legitimates filtered by white list
End of the scan (725 lines in 09mn 46s)(0)
~ Lanc� par user (26/10/2013 12:34:35)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
GCIE: Google Chrome v30.0.1599.101 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : B3YWM
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
Avira Free Antivirus v13.0.0.4042
Windows Defender W7
---\\ Logiciels d'optimisation du syst�me
---\\ Logiciels de partage PeerToPeer
�Torrent v3.3.0.29677 =>P2P.�Torrent
---\\ Surveillance de Logiciels
Adobe Flash Player 9 ActiveX
Adobe Reader 9.5.4 - Fran�ais
Java 7 Update 40
---\\ Informations sur le syst�me
~ Processor: x86 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1909 MB (8% free)
System Restore: Activ� (Enable)
System drive C: has 45 GB (25%) free of 176 GB
---\\ Mode de connexion au syst�me
~ Computer Name: USER-PC
~ User Name: user
~ All Users Names: user, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\user\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\user\AppData\Roaming\
~ %Desktop% : C:\Users\user\Desktop\
~ %Favorites% : C:\Users\user\Favorites\
~ %LocalAppData% : C:\Users\user\AppData\Local\
~ %StartMenu% : C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 45 Go of 176 Go)
D: Hard drive, Flash drive, Thumb drive (Free 118 Go of 122 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
~ Security Center: 47 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 05:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 01:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.E4FEB264B47360B7296AEA4E052F88D8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:28:06.) -- C:\Windows\System32\wininet.dll [1767936]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 12:17:54.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 12:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.F81BB7E487EDCEAB630A7EE66CF23913] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.14/09/2013 - 00:48:58.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 01:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.13/07/2009 - 23:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 08:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 08:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 09:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.13/07/2009 - 23:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.13/07/2009 - 23:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 02:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 08:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.5E43D2B0EE64123D4880DFA6626DEFDE] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 13:45:29.) -- C:\Windows\system32\Drivers\ntfs.sys [1211752]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parall�le.) (.13/07/2009 - 23:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.13/07/2009 - 23:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 10:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.13/07/2009 - 23:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 08:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 12:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/5251
~ Mes musiques (My Musics) : 1/1327
~ Mes Videos (My Videos) : 1/29
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/13914
~ Mon Bureau (My Desktop) : 4/831
~ Menu demarrer (Programs) : 1/27
~ Hidden Files: Scanned in 01mn 02s
---\\ Processus lanc�s
[MD5.DB3F7F19F942D3CE4E1A0E8D9FF541FB] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- c:\program files\avira\antivir desktop\avgnt.exe [347192] [PID.4732]
[MD5.FE98E6FB01FE9A1A7274FD7865B82900] - (.Avira Operations GmbH & Co. KG - Avira Control Center.) -- C:\program files\avira\antivir desktop\avcenter.exe [328760] [PID.3532]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ystem32\rundll32.exe [0] [PID.14432]
[MD5.3E399A1328181C2A352472369DE2A93A] - (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe [844752] [PID.1492]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\system32\DllHost.exe [7168] [PID.16564]
[MD5.CC82669653807DFC27DF3B73ECE5EECD] - (.Nicolas Coolman - ZHPDiag.) -- D:\Program Files\ZHPDiag\ZHPDiag.exe [8135168] [PID.15340]
~ Processes Running: Scanned in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [acganlmcjehnfmehkmlimgkaloifodlf] Koji NISHIDA v.2 (Activ�)
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.2.0.0 (D�sactiv�) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [jplinpmadfkdgipabgcdchbdikologlh] 1Click Downloader v.1.6 (D�sactiv�)
G2 - GCE: Preference [User Data\Default] [ndibdjnfmopecpmkdieinmbadjfpblof] AVG Security Toolbar v.14.1.0.10 (D�sactiv�)
~ Google Browser: 20 Legitimates Filtered in 04mn 09s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org
~ IE Browser: 11 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: 01NET.com - {8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
~ BHO: 22 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll =>PUP.SweetIM
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\17.0.1.12\AVG Secure Search_toolbar.dll =>Toolbar.AVGSearch
O3 - Toolbar: 01NET.com Toolbar - [HKLM]{8e5025c2-8ea3-430d-80b8-a14151068a6d} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\01NET.com\prxtb01NE.dll =>Toolbar.Conduit
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{8E5025C2-8EA3-430D-80B8-A14151068A6D} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: BIMx pour ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\Extensions\BIM Explorer\BIM Explorer.exe
O4 - GS\Desktop [Public]: Speccy.lnk . (.Piriform Ltd - Speccy.) -- C:\Program Files\Speccy\Speccy.exe
O4 - GS\Program [Public]: Turbo Squid Tentacles 32-bit.lnk . (.Turbo Squid - Turbo Squid Tentacles Frontend.) -- C:\Program Files\Turbo Squid Tentacles\TSStore.exe
O4 - GS\QuickLaunch [user]: ArchiCAD 15.lnk . (.Graphisoft SE - ArchiCAD 15.0.0 Component.) -- C:\Program Files\Graphisoft\ArchiCAD 15\ArchiCAD Starter.exe
O4 - GS\QuickLaunch [user]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [user]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [user]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop [user]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [user]: WinZip.lnk . (...) -- C:\Program Files\WinZip\WINZIP32.exe (.not file.)
~ Global Startup: 57 Legitimates Filtered in 00mn 04s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Suite Common Rescource.) -- C:\Program Files\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [autodetect] . (.Pas de propri�taire - AutoDect.) -- C:\Program Files\Internet Haut D�bit Mobile\AutoDect.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1243204835-3674121785-2205346301-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} -- Cl� orpheline
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico (.not file.)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CCS\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CS1\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{65EFE2BE-395F-4EE9-A226-2B9726DE7CA1}: NameServer = 192.168.50.58 192.168.60.55
O17 - HKLM\System\CS2\Services\Tcpip\..\{DB9E7BEC-CD54-4A78-8FB5-75716EC72340}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Modem HDM EC156. OUC (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe
O23 - Service: (vToolbarUpdater17.0.12) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch
~ Services: 17 Legitimates Filtered in 00mn 07s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [Norton Security Scan for user] (...) -- C:\Program Files\NORTON~2\Engine\372~1.5\Nss.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{1C9E10CE-E145-4233-835C-0A2484E10848}] (...) -- E:\archicad\Crack\Archicad.v11.build.897_Crk.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{9EF6F727-5358-4ED0-AB17-E8C49645A2DF}] (...) -- C:\Program Files\QuickTime\QTSystem\QuickTime.cpl" -c QuickTime (.not file.) [0]
~ Scheduled Task: 23 Legitimates Filtered in 00mn 09s
---\\ Logiciels install�s (O42)
O42 - Logiciel: 1ClickDownloader - (.1ClickDownload.) [HKLM] -- 1ClickDownloader =>PUP.1ClickDownloader
O42 - Logiciel: IB Updater Service - (...) [HKLM] -- WNLT =>Adware.InstallBrain
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks bundle uninstaller - (.SweetIM Technologies Ltd..) [HKLM] -- {0C43FE6B-E881-4AFC-B384-4AEBC90047E8} =>PUP.SweetIM
O42 - Logiciel: Update Manager for SweetPacks 1.1 - (.SweetIM Technologies Ltd..) [HKLM] -- {EA8FA6BE-29BE-4AF2-9352-841F83215EB0} =>PUP.SweetIM
~ Logic: 133 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\IGearSettings]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\TestSelf]
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\ASGVIS]
[HKLM\Software\Conduit] =>Toolbar.Conduit
[HKLM\Software\ICL]
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\TsPluginMax]
~ Key Software: 171 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 12/06/2012 - 14:51:21 - [2,481] ----D C:\Program Files\1ClickDownload =>PUP.1ClickDownloader
O43 - CFD: 07/01/2013 - 21:56:19 - [1,492] ----D C:\Program Files\Climate5.3
O43 - CFD: 14/08/2012 - 15:34:45 - [0,609] ----D C:\Program Files\Conduit
O43 - CFD: 06/06/2013 - 14:14:27 - [11,631] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 18/04/2012 - 22:58:36 - [2,139] ----D C:\ProgramData\ASGVIS
O43 - CFD: 06/06/2013 - 14:14:34 - [0,878] ----D C:\ProgramData\SweetIM =>PUP.SweetIM
O43 - CFD: 18/05/2013 - 18:46:22 - [0,457] ----D C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org
O43 - CFD: 18/05/2013 - 18:53:09 - [0,163] ----D C:\Users\user\AppData\Local\B1E
O43 - CFD: 06/06/2013 - 14:14:36 - [2,533] ----D C:\Users\user\AppData\Local\Conduit
O43 - CFD: 18/01/2012 - 10:32:14 - [0,428] ----D C:\Users\user\AppData\Local\GS-LW-Temp
~ 733 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 949 Legitimates Filtered in 01mn 12s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.4445876A199BF8E9C03864C19C588A9B] - 26/10/2013 - 10:50:31 ----- . (...) -- C:\UsbFix [Scan 1] USER-PC.txt [11225]
O44 - LFC:[MD5.91B6DFBA0FD7D0F4836FB711D1B5D81C] - 26/10/2013 - 11:04:02 ---A- . (...) -- C:\Windows\System32\TrueSight.sys [26624]
O44 - LFC:[MD5.60FBD844F21F7C92927D27EA0634998F] - 26/10/2013 - 11:47:17 ----- . (...) -- C:\UsbFix [Scan 3] USER-PC.txt [11571]
O44 - LFC:[MD5.7794A9DBCFEA0D9B9BF18F8DB1C2D196] - 26/10/2013 - 11:52:53 ---A- . (...) -- C:\UsbFix [Clean 3] USER-PC.txt [10932]
O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [26192]
O44 - LFC:[MD5.D1A0C561F87AE7FEBB66E60D2B32798B] - 26/10/2013 - 12:39:51 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [26192]
~ Files: 60 Legitimates Filtered in 00mn 09s
---\\ Cl� de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{06760e05-74c6-11e1-bed5-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{18b4f22e-34b9-11e3-9ff4-74de2b74ff58}\AutoRun\command. (...) -- F:\AutoRun.exe (.not file.)
O51 - MPSK:{7ce58d35-0e76-11e2-8272-74de2b74ff58}\AutoRun\command. (...) -- F:\Syst�me_Windows\Installer.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enum�ration des cl�s de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\SweetIM [Key] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe =>PUP.SweetIM
O53 - SMSR:HKLM\...\startupreg\Sweetpacks Communicator [Key] . (.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O53 - SMSR:HKLM\...\startupreg\vProt [Key] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
~ SMSR Keys: 11 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 01:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [453712]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 21:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: 16 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido - www.usbfix.net.) [HKLM] -- Usbfix
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} [DefaultScope] - (AVG Secure Search) - http://isearch.avg.com =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (01NET.com Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com =>PUP.SweetIM
~ Keys: Scanned in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{2A2965C6-39DD-4A2E-98A0-C728FCA69791}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{82C5B734-E8E9-420A-82B5-4AE4D6E2EA8B}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "{C78F4C19-FFD5-495A-8F58-6B6A14822413}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.)
O87 - FAEL: "{7E83F425-C575-4616-AD30-EF296FD9BD10}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\monitor.exe (.not file.)
O87 - FAEL: "{85C498F1-3867-4502-B356-8428EA6301EC}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.)
O87 - FAEL: "{3EE08BBD-C24D-4D9B-BC05-34C5C26594F9}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\manager.exe (.not file.)
O87 - FAEL: "{E7563B63-BD4B-4383-BE44-CCD873B0BA26}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.)
O87 - FAEL: "{9E27C791-4CA1-4E56-9F68-B17062906757}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Autodesk\backburner\server.exe (.not file.)
O87 - FAEL: "TCP Query User{E39724D7-D2DA-4483-AF2B-B0302DD810B5}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P6 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe
O87 - FAEL: "UDP Query User{8AB8098D-CBF5-4E8B-BF7E-AE9156090A06}C:\program files\artlantis studio 3\artlantisstudio.exe" | In - Public - P17 - TRUE | .(.Abvent - Artlantis Application.) -- C:\program files\artlantis studio 3\artlantisstudio.exe
O87 - FAEL: "{4886BC05-70F1-48C9-B263-630B3310C92B}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{8E99852D-A71B-46AD-BD39-2A32B1677606}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "TCP Query User{58E2FC74-2204-4134-8355-DD57AF27A240}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{199259E9-417F-4AF4-AFA8-DC0D1F82535B}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "TCP Query User{0D2EEF60-BCAC-4ABD-9E1E-3A07BBE8678E}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.)
O87 - FAEL: "UDP Query User{897E25E8-48E3-4E1A-A25E-03855096D44C}C:\programdata\asgvis\distributed rendering\xmldrspawner.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\distributed rendering\xmldrspawner.exe (.not file.)
O87 - FAEL: "TCP Query User{3DF1810E-D3E8-4B67-A863-DA0C5F83BBD4}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P6 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.)
O87 - FAEL: "UDP Query User{92C6DADF-B0B3-4E9C-8233-41B6CD31D71B}C:\programdata\asgvis\licensing\vrlserver2.exe" |In - Public - P17 - TRUE | .(...) -- C:\programdata\asgvis\licensing\vrlserver2.exe (.not file.)
O87 - FAEL: "TCP Query User{B1641171-D881-471D-B7FB-031E7611FE4C}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P6 - TRUE | .(.Pas de propri�taire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader
O87 - FAEL: "UDP Query User{F40AF539-49DD-49EB-B8E5-CBFB3BCE54C2}C:\program files\1clickdownload\1clickdownloader.exe" | In - Public - P17 - TRUE | .(.Pas de propri�taire - 1ClickDownloader.) -- C:\program files\1clickdownload\1clickdownloader.exe =>PUP.1ClickDownloader
O87 - FAEL: "{73BC8BE4-4D44-48E6-9A65-934A95640D32}" | In - Public - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{72509DB1-0DE9-40F4-A47D-1C620BBFBAFF}" | In - Public - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "TCP Query User{D6FE3158-CBD0-4E23-ADC1-192D59A04567}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{8AB5A4C4-A200-497A-9A0A-A37D27FEB827}C:\program files\graphisoft\archicad 13\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 13\archicad.exe (.not file.)
O87 - FAEL: "TCP Query User{EFBE3843-8B59-4CD0-A010-2E204118148F}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "UDP Query User{E5C5C27B-CA40-4C26-868D-0BFE666CBD2D}C:\program files\graphisoft\archicad 11 rc1\archicad.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files\graphisoft\archicad 11 rc1\archicad.exe (.not file.)
O87 - FAEL: "{BB95B326-7CFC-41F5-B906-574B5C334EBB}" | In - Private - P6 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{82A9DFA8-1D94-42A4-9916-A0F1E6A55D58}" | In - Private - P17 - TRUE | .(.SweetIM Technologies Ltd. - Update Manager for SweetPacks.) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe =>PUP.SweetIM
O87 - FAEL: "{02D0355E-D1E8-4E24-9079-698CC071EAE9}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{5363C77C-1C1B-4FBF-8563-F9636AA83B33}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe (.not file.)
O87 - FAEL: "{1F1E154A-CA11-4AEE-A0A7-80F4F09A9D33}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{A81FD846-C81E-41C1-8897-E4D001B10C99}" |In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{531A2609-BE48-4E5C-B2C7-8AF3333B884E}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
O87 - FAEL: "{ED88F6B7-805F-4E55-BFF9-D25C649ACB70}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe (.not file.)
~ Firewall: 237 Legitimates Filtered in 00mn 03s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "9EE58E3C298524145B73CBBED3CAC4D3" . (.Internet Explorer Toolbar 4.6 by SweetPacks.) -- C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}\ARPPRODUCTICON.exe =>PUP.SweetIM
O90 - PUC: "C44265B016B7C0407A93E392DD4ECDC3" . (.Bluerock Technologies Flight Studio 3ds Max Design 2009 32-bit.) -- C:\Windows\Installer\{0B56244C-7B61-040C-A739-3E29DDE4DC3C}\ico_product
O90 - PUC: "F1E640A77BEB8C94382E871E1F6CC506" . (.Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\{7A046E1F-BEB7-49C8-83E2-78E1F1C65C60}\ARPPRODUCTICON.exe
~ Update Products: 146 Legitimates Filtered in 00mn 03s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.39509F7D4B7E345BE537D01B3E1ABEB9] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetIM for Messenger 3.7.) -- C:\Windows\Installer\309df.msi [3760128] =>PUP.SweetIM
[MD5.EDD21B7C504C7E3F36DE766B31BD3178] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks Toolbar for Internet Explorer 4.0.) -- C:\Windows\Installer\30a44.msi [3304960] =>PUP.SweetIM
[MD5.3CD19859CD377AD00B30E4BEE49D374E] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - Sweetpacks Communicator 1.1.) -- C:\Windows\Installer\30a59.msi [2997248] =>PUP.SweetIM
[MD5.BBF4134424D0556F36DC086028750937] [WIS][22/10/2012] (.SweetIM Technologies Ltd. - SweetPacks bundle uninstaller.) -- C:\Windows\Installer\30a5f.msi [2579456] =>PUP.SweetIM
[MD5.BFB448F9E0DCB89E0574F7087BC1FFF1] [WIS][07/01/2011] (.Google, Inc. - Google SketchUp 8 Installer.) -- C:\Windows\Installer\940f42.msi [57286144]
[MD5.E0257E6D5AC3CC1DFC98A7B62A7B300C] [WIS][10/03/2008] (.Turbo Squid - Turbo Squid Tentacles 3ds Max 2009 32-bit.) -- C:\Windows\Installer\b96fd.msi [9166848]
~ WIS: 152 Legitimates Filtered in 00mn 49s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 23/10/2013 84024 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 23/10/2013 108088 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SS - | Disabled 23/10/2013 815160 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Auto 09/05/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files\Bluetooth Suite\Ath_CoexAgent.exe
SS - | Auto 09/05/2011 76960 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files\Bluetooth Suite\adminservice.exe
SS - | Auto 14/02/2012 79360 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
SS - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 23/12/2011 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 24/06/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 24/06/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 14/03/2011 271712 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SS - | Auto 20/05/2011 13592 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Auto 16/12/2011 1796200 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Auto 23/07/2010 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SS - | Auto 19/03/2008 65536 | (mi-raysat_3dsMax2009_32) . (...) - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
SS - | Auto 22/10/2013 655712 | (Modem HDM EC156. RunOuc) . (...) - D:\Program Files\Nouveau dossier (2)\Modem HDM EC156\UpdateDog\ouc.exe
SS - | Auto 29/11/2012 38608 | (RealNetworks Downloader Resolver Service) . (...) - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SS - | Auto 23/07/2010 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 03/10/2013 1734680 | (vToolbarUpdater17.0.12) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 54s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (25/10/2013)
Cl�s trouv�es (Keys found) : 183
Valeurs trouv�es (Values found) : 4
Dossiers trouv�s (Folders found) : 16
Fichiers trouv�s (Files found) : 7
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5025C2-8EA3-430D-80B8-A14151068A6D}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.0.12] =>Toolbar.AVGSearch^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownloader] =>PUP.1ClickDownloader^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.InstallBrain^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0C43FE6B-E881-4AFC-B384-4AEBC90047E8}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Sweetpacks Communicator] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\vProt] =>Toolbar.AVGSearch^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{151867D5-7359-40AF-8764-66E58D06283C}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.AVGSearch
[HKLM\Software\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B] =>PUP.SweetIM
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\01NET.com Toolbar] =>Adware.SimilarSites
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}] =>Toolbar.AVGSearch
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT3128284] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{EEE6C35B-6118-11DC-9C72-001320C79847} =>PUP.SweetIM^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:vProt =>Toolbar.AVGSearch^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{8E5025C2-8EA3-430D-80B8-A14151068A6D} =>Toolbar.Agent
C:\Program Files\1ClickDownload =>PUP.1ClickDownloader^
C:\Program Files\SweetIM =>PUP.SweetIM^
C:\ProgramData\SweetIM =>PUP.SweetIM^
C:\Users\user\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org^
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\user\AppData\Local\B1E =>Toolbar.BrotherSoft
C:\Users\user\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\user\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\user\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\user\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\user\AppData\Local\Temp\avg@toolbar =>Toolbar.AVGSearch
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Conduit] =>Toolbar.Conduit^
C:\Windows\Installer\309df.msi =>PUP.SweetIM^
C:\Windows\Installer\30a44.msi =>PUP.SweetIM^
C:\Windows\Installer\30a59.msi =>PUP.SweetIM^
C:\Windows\Installer\30a5f.msi =>PUP.SweetIM^
~ Additionnel Scan: 462667 Items scanned in 00mn 53s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/26898222-adware-incredibar =>Adware.Incredibar
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/30703839-hijacker-searchb1org =>Hijacker.SearchB1org
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/28766471-adware-iwinarcade =>Adware.iWinArcade
~ http://nicolascoolman.webs.com/apps/blog/show/27674245-adware-bullseyetoolbar =>Adware.BullseyeToolbar
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/30234464-pup-toparcadehits =>PUP.ToparcadeHits
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/31536787-toolbar-bing =>Toolbar.Bing
~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong
~ http://nicolascoolman.webs.com/apps/blog/show/29344956-adware-similarsites =>Adware.SimilarSites
~ MSI: 16 link(s) detected in 00mn 53s
~ 1997 Legitimates filtered by white list
End of the scan (725 lines in 09mn 46s)(0)