Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2013.10.20.55 - Nicolas Coolman (20/10/2013)
~ Lanc� par Meunier (20/10/2013 17:35:30)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
MFIE: Mozilla Firefox 21.0 (Defaut)
GCIE: Google Chrome v22.0.1229.95
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 8 Business Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : JW8XV
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
avast! Free Antivirus v8.0.1497.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8
---\\ Logiciels d'optimisation du syst�me
CCleaner v4.05 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4040 MB (57% free)
System Restore: Activ� (Enable)
System drive C: has 393 GB (85%) free of 458 GB
---\\ Mode de connexion au syst�me
~ Computer Name: BUREAU
~ User Name: Meunier
~ All Users Names: Meunier, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Meunier\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Meunier\AppData\Roaming\
~ %Desktop% : C:\Users\Meunier\Desktop\
~ %Favorites% : C:\Users\Meunier\Favorites\
~ %LocalAppData% : C:\Users\Meunier\AppData\Local\
~ %StartMenu% : C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 393 Go of 458 Go)
D: Hard drive, Flash drive, Thumb drive (Free 332 Go of 458 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/44067
~ Mes musiques (My Musics) : 1/3602
~ Mes Videos (My Videos) : 2/258
~ Mes Favoris (My Favorites) : 1/137
~ Mes Documents (My Documents) : 7/7964
~ Mon Bureau (My Desktop) : 2/79
~ Menu demarrer (Programs) : 1/45
~ Hidden Files: Scanned in 00mn 18s
---\\ Processus lanc�s
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2356]
[MD5.AA8D96427A98CE9FCFFB861F2F77A247] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1239064] [PID.5072]
[MD5.D213F06AE294341F3503FD74E22E7DDA] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136] [PID.4084]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.4256]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5028]
[MD5.C673F14493A88BE8CE3156B53F37887E] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.4144]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3908]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.4940]
[MD5.2EA4B2BC3260CF3D20F6A164B362F6D4] - (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136] [PID.5128]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.5188]
[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.5212]
[MD5.469396CF3A8090C24408DA00744D5F97] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Meunier\AppData\Roaming\Dropbox\bin\Dropbox.exe [28057256] [PID.5224]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.5272]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.5296]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.5356]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.5584]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5688]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.5616]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.4912]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.2364]
[MD5.E4F6125ED5185F8FA37CC4F449B85526] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770608] [PID.6132]
[MD5.BB4F6465EEB9ACAA5C60C36983740219] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [310352] [PID.6192] =>Toolbar.Google
[MD5.DD425C93255671A5FE81A95E686C03D7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8111104] [PID.3980]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Meunier\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 9 Legitimates Filtered in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Meunier\AppData\Roaming\Mozilla\Firefox\Profiles\9o98cdyi.default\prefs.js
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Cave � vins.lnk . (.4D - 4D Volume Desktop.) -- C:\Program Files (x86)\Micro Application\Cave � vins\Cave a Vins.exe
O4 - GS\Desktop [Public]: E.M. PowerPoint Video Converter.lnk . (...) -- C:\Program Files (x86)\E.M. PowerPoint Video Converter\pptvideo.exe
O4 - GS\Desktop [Public]: eMule.lnk . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe
O4 - GS\Desktop [Public]: Etiquettes CD-DVD Edition Classic.lnk . (...) -- C:\Program Files (x86)\Micro Application\Etiquettes CD-DVD Edition Classic\draw7650.exe
O4 - GS\Desktop [Public]: FotoMorph.lnk . (.Digital Photo Software - FotoMorph.) -- C:\Program Files (x86)\Digital Photo Software\FotoMorph\FotoMorph.exe
O4 - GS\Desktop [Public]: G�n�atique 2013.lnk . (.CDIP - Logiciel de g�n�alogie.) -- C:\Program Files (x86)\Geneatique2013\Genea2013.exe
O4 - GS\Desktop [Public]: LEGO Digital Designer.lnk . (.LEGO Company - LEGO Digital Designer.) -- C:\Program Files (x86)\LEGO Company\LEGO Digital Designer\LDD.exe
O4 - GS\Desktop [Public]: MAGIX Photo Manager MX Deluxe.lnk . (.MAGIX - MAGIX Foto Manager MX deluxe.) -- C:\Program Files (x86)\MAGIX\Photo Manager MX Deluxe\FotoManager_dlx.exe
O4 - GS\Desktop [Public]: MAGIX Vid�o deluxe 2013.lnk . (.MAGIX AG - MAGIX Video deluxe 2013.) -- C:\Program Files (x86)\MAGIX\Video deluxe 2013\Videodeluxe.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: ShowBiz DVD 2.lnk . (...) -- C:\Program Files (x86)\ArcSoft\ShowBiz DVD 2\Wizard.exe
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD v 10 Montage.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Desktop [Public]: VDownloader Telecharger youtube.lnk . (.Vitzo - VDownloader.) -- C:\Program Files (x86)\VDownloader\VDownloader.exe
O4 - GS\Desktop [Public]: Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe.lnk . (.Micro Application - Vos Photos � la T�l� sur CD/DVD 2007.) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe
O4 - GS\Desktop [Public]: Votre PC parle.lnk . (...) -- C:\Windows\Installer\{1335A7E0-6055-47B8-92FC-714D65117CAA}\_66A8B8402B2C6EBC3DA8B1.exe
O4 - GS\Desktop [Public]: Webcam Station Evolution.lnk . (.Guillemot Corporation S.A. - Hercules Webcam Station Evolution.) -- C:\Program Files (x86)\Hercules\Webcam Station Evolution\StationEv.exe
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PowerpointImageExtractor V1.2.lnk . (.--- - Pas de description.) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - GS\Program [Public]: TKexe.lnk . (.TKexe - TKexe.) -- C:\Program Files (x86)\TKexe\Kalender.exe
O4 - GS\QuickLaunch [Meunier]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\QuickLaunch [Meunier]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Meunier]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Meunier]: MAGIX Photo Manager MX Deluxe.lnk . (.MAGIX - MAGIX Foto Manager MX deluxe.) -- C:\Program Files (x86)\MAGIX\Photo Manager MX Deluxe\FotoManager_dlx.exe
O4 - GS\QuickLaunch [Meunier]: WinX Free FLV to MP4 Converter.lnk . (.Digiarty Software, Inc. - WinX Free FLV to MP4 Converter.) -- C:\Program Files (x86)\Digiarty\WinX_Free_FLV_to_MP4_Converter\WinX_Free_FLV_to_MP4_Converter.exe
O4 - GS\TaskBar [Meunier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Meunier]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Meunier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Meunier]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Meunier]: 13 CS(S�TE) - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\13 CS(S�TE)
O4 - GS\Desktop [Meunier]: 2 CLAUDE - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\2 CLAUDE
O4 - GS\Desktop [Meunier]: 4 JEANNETT - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\4 JEANNETT
O4 - GS\Desktop [Meunier]: 8 MENAGE - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\8 MENAGE
O4 - GS\Desktop [Meunier]: Aide Memoire Informatique - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\1 INFORMAT G�n�ralit�s\Aide Memoire Informatique.XLS
O4 - GS\Desktop [Meunier]: autostitch - pour panorama.lnk . (.University of British Columbia - AutoStitch.) -- C:\Program Files (x86)\autostitch\autostitch.exe
O4 - GS\Desktop [Meunier]: Captvty - enregistrer.lnk . (...) -- C:\Users\Meunier\Downloads\captvty-1.9.8 (1)\Captvty.exe
O4 - GS\Desktop [Meunier]: CDex.lnk . (.The CDex Project - http://cdexos.sourceforg - CDex - Open Source Digital Audio CD Extract.) -- C:\Program Files (x86)\CDex\CDex.exe
O4 - GS\Desktop [Meunier]: Connexion internet impossible oct 2013 - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\4 INTERNET\Connexion internet impossible oct 2013.docx (.not file.)
O4 - GS\Desktop [Meunier]: CONTACTS.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\5 MESSAGERIE\Gestion des contacts CSV\contacts 26 mars 2013 tri� dans excel enregistr� sous excel pour garder modif.xlsx
O4 - GS\Desktop [Meunier]: Deformation photo.lnk . (...) -- C:\Program Files (x86)\AnmSMP\AnmanieSMP.exe
O4 - GS\Desktop [Meunier]: DVD Flick creation DVD gravure.lnk . (.Dennis "Exl" Meuwissen - DVD Flick.) -- C:\Program Files (x86)\DVD Flick\dvdflick.exe
O4 - GS\Desktop [Meunier]: EnveloppesEditor1.11.lnk . (.J.L.F. - Logiciel pour remplir des enveloppes V1.09.) -- C:\Program Files (x86)\EnveloppesEditor1.11\EnveloppesEditor.exe
O4 - GS\Desktop [Meunier]: Free PDF to Word Doc Converter.lnk . (...) -- C:\Program Files (x86)\Free PDF to Word Doc Converter\pdf2word.exe
O4 - GS\Desktop [Meunier]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\Desktop [Meunier]: Gif R�cup�rateur.lnk . (.Olivier RAVET - Pas de description.) -- C:\Program Files (x86)\GIF Recuperateur\GIF_Recuperateur.exe
O4 - GS\Desktop [Meunier]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP - GNU Image Manipulation Program.) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
O4 - GS\Desktop [Meunier]: Handbrake.lnk . (.HandBrake - HandBrake.) -- C:\Program Files (x86)\Handbrake\Handbrake.exe
O4 - GS\Desktop [Meunier]: IcoSauve - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IcoSauve
O4 - GS\Desktop [Meunier]: IDPhotoStudio - photo identite.lnk . (.KC Softwares - Pas de description.) -- C:\Program Files (x86)\KC Softwares\IDPhotoStudio\IDPhotoStudio.exe
O4 - GS\Desktop [Meunier]: Images - Raccourci.lnk . (...) -- C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [Meunier]: Merge juxtaposition.lnk . (.Venning - merge.exe.) -- C:\Program Files (x86)\Merge2.3\merge.exe
O4 - GS\Desktop [Meunier]: Merge PDF.lnk . (.Logiciels Laetjr.com - utilitaire PDF.) -- C:\Program Files (x86)\laetjr\pdf\mergepdf.exe
O4 - GS\Desktop [Meunier]: Mes num�risations - Raccourci.lnk . (...) -- D:\1Mes documents travail\Mes num�risations
O4 - GS\Desktop [Meunier]: MyHeritage Family Tree Builder.lnk . (.MyHeritage - MyHeritage Family Tree Builder Genealogy So.) -- C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
O4 - GS\Desktop [Meunier]: notice galaxie note 7000 - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\8 MENAGE\TELEPHONE\notice galaxie note 7000.pdf
O4 - GS\Desktop [Meunier]: Orbit.lnk . (...) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (.not file.)
O4 - GS\Desktop [Meunier]: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
O4 - GS\Desktop [Meunier]: Powerpoint Extracteur.lnk . (.--- - Pas de description.) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - GS\Desktop [Meunier]: SmillaEnlarger - Raccourci.lnk . (...) -- C:\Users\Meunier\Downloads\SmillaEnlarger-0.9.0 (2)\SmillaEnlarger-0.9.0\SmillaEnlarger\SmillaEnlarger.exe (.not file.)
O4 - GS\Desktop [Meunier]: TKexe Calendrier.lnk . (.TKexe - TKexe.) -- C:\Program Files (x86)\TKexe\Kalender.exe
O4 - GS\Desktop [Meunier]: Ulead VideoStudio 9.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 9.0\vstudio.exe
O4 - GS\Desktop [Meunier]: Vid�os - Raccourci.lnk . (...) -- C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
O4 - GS\Desktop [Meunier]: WinX Free FLV to MP4 Converter.lnk . (.Digiarty Software, Inc. - WinX Free FLV to MP4 Converter.) -- C:\Program Files (x86)\Digiarty\WinX_Free_FLV_to_MP4_Converter\WinX_Free_FLV_to_MP4_Converter.exe
O4 - GS\Desktop [Meunier]: XnView pour copie ecran.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - GS\Desktop [Meunier]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 160 Legitimates Filtered in 00mn 02s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.exe.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [Meunier]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Meunier\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - GS\Startup [Meunier]: Lanceur.lnk . (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [CamserviceHDExchange] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Hercules HD Exchange\XtrCtrlEx.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A7E31F99DE1AB07DA9783C80B4E432EB] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Snoozer] . (...) -- C:\Users\Meunier\AppData\Roaming\Snz\Snz.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_4\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_2\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Family Tree Builder Update] . (.MyHeritage - MyHeritage Family Tree Builder check for up.) -- C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\qttask.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UVS10 Preload] . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [GoogleChromeAutoLaunch_A7E31F99DE1AB07DA9783C80B4E432EB] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [Snoozer] . (...) -- C:\Users\Meunier\AppData\Roaming\Snz\Snz.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_4\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_2\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C853957-50BD-486F-A4AA-873AFA2A1501}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9133BFA2-BE42-4AE5-BB70-2D5B45EB8530}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C853957-50BD-486F-A4AA-873AFA2A1501}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9133BFA2-BE42-4AE5-BB70-2D5B45EB8530}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{06FF7AAF-D3A2-4AC7-B926-313B2D1FD86B}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{19219DCD-4224-43C4-9C9C-009EE7A84F5F}] (...) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4DB67D40-F0D1-4693-8BB9-D7BCA8AE2397}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C7D01C5-D924-4E84-8FEB-59CC9E17A6FD}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{701CDFF6-B261-4855-A0E0-F7DEC5CE6035}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7146D889-2907-4F5F-9403-79EA03E42F8D}] (...) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{79BACA70-0224-4D79-8D1F-DB88E7934F01}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{90DBDCE1-011E-4308-9F7D-0DB798B6A27E}] (...) -- C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe (.not file.) [0] =>PUP.Tarma
[MD5.00000000000000000000000000000000] [APT] [{A519CD00-BEB2-461A-9B28-B8E36D87F089}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B18C2DC9-6778-4031-A4FA-DE63EFAE027D}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BA3A6EC3-C8D3-431F-A462-5E5E57B659CF}] (...) -- C:\Users\Meunier\AppData\Local\Temp\Temp2_crak vidostudio9.zip\crak vidostudio9\Ulead VideoStudio 9 Trial to Full - Parisa\Ulead VideoStudio 9 Trial to Full - Parisa.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C13CB813-272B-48C2-B1CB-1E277364C2CA}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DBF79E95-8313-43FF-8876-955A96BAAFE5}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E523AD2B-3126-439D-815D-C813115FF16F}] (...) -- C:\Users\Meunier\AppData\Local\ext_piccshare_uninst.exe (.not file.) [0]
~ Scheduled Task: 41 Legitimates Filtered in 00mn 07s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Linkury Smartbar - (.Linkury Inc..) [HKLM][64Bits] -- {F04C4F83-D9C7-408C-9DEB-D5526E72108C} =>Hijacker.SmartBar
O42 - Logiciel: Linkury Smartbar Engine - (.Linkury Inc..) [HKCU][64Bits] -- {75e9a48b-068c-403f-b877-fa5890bde80c} =>Hijacker.SmartBar
O42 - Logiciel: Merge Version 2.3 - (...) [HKLM][64Bits] -- merge_is1
O42 - Logiciel: Notation - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3} =>Hijacker.Proxy
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {0D5BBB2B-F044-46C3-877B-6A6BE1E08D19} =>PUP.SweetIM
O42 - Logiciel: Utilitaire Suivi du visage - (...) [HKLM][64Bits] -- Face Tracking Utility
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
~ Logic: 198 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Snoozer]
[HKCU\Software\Venning Graphicutils]
~ Key Software: 339 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/09/2012 - 21:42:11 - [1,406] ----D C:\Program Files (x86)\autostitch
O43 - CFD: 05/06/2013 - 21:03:21 - [1,341] ----D C:\Program Files (x86)\GIF Recuperateur
O43 - CFD: 01/02/2013 - 17:16:43 - [0] ----D C:\Program Files (x86)\GUM2E11.tmp
O43 - CFD: 17/10/2013 - 22:31:45 - [2,838] ----D C:\Program Files (x86)\GUM52BD.tmp
O43 - CFD: 17/09/2012 - 18:06:19 - [6,064] ----D C:\Program Files (x86)\Merge2.3
O43 - CFD: 30/01/2012 - 20:00:52 - [15,508] ----D C:\Program Files (x86)\USB_video_device
O43 - CFD: 13/10/2013 - 17:33:50 - [1,170] ----D C:\Users\Meunier\AppData\Roaming\Snz
~ Program Folder: 316 Legitimates Filtered in 01mn 00s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.6A4B9FBC1E88C400AD671A50DADFA84D] - 14/10/2013 - 13:47:36 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [386923]
O44 - LFC:[MD5.6A4B9FBC1E88C400AD671A50DADFA84D] - 14/10/2013 - 13:47:36 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386923]
O44 - LFC:[MD5.68AF825E59696608B21A846B83BA9C75] - 20/10/2013 - 16:31:26 ---A- . (...) -- C:\Windows\wininit.ini [3195]
~ Files: 116 Legitimates Filtered in 00mn 09s
---\\ Enum�ration des cl�s de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\WIA6EB~1\Datamngr\DATAMN~1.exe (.not file.) =>PUP.Datamngr
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (...) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Iminent [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.D168AE57558A6174FB35E0F82B32F62B] - 02/02/2013 - 13:02:11 ---A- . (...) -- C:\Windows\System32\Drivers\aswnet.sys.sum [175]
~ Drivers: 17 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][19/10/2013] (...) -- C:\Users\Meunier\AppData\Local\Temp\Quarantine.exe [344355]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{9DA114FC-D877-4203-AFEF-1512766AB287}C:\program files (x86)\orbitdownloader\orbitdm.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitdm.exe (.not file.)
O87 - FAEL: "TCP Query User{05CD5569-8FD0-486A-9C96-139942E39E86}C:\program files (x86)\orbitdownloader\orbitdm.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitdm.exe (.not file.)
O87 - FAEL: "UDP Query User{AAA519D9-E57D-4585-8659-A69CC9019937}C:\program files (x86)\orbitdownloader\orbitnet.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "TCP Query User{4141D672-71DA-4462-9028-57D26E2852B4}C:\program files (x86)\orbitdownloader\orbitnet.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "UDP Query User{77AAB9B3-9AE2-4EE6-8009-5A6DB7EBC9CA}E:\fscommand\updater.exe" |In - Private - P17 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)
O87 - FAEL: "TCP Query User{0F7B9843-4EC2-45CD-8CA1-D7F9E5F6451D}E:\fscommand\updater.exe" |In - Private - P6 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)
~ Firewall: 291 Legitimates Filtered in 00mn 01s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4A71778417DF1E64594EB6B50FF5B3BC" . (.Votre PC parle dans Word.) -- C:\Windows\Installer\{487717A4-FD71-46E1-95E4-6B5BF05F3BCB}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico =>Toolbar.DeltaSearch
O90 - PUC: "97CD5CCB57221714C8AE930FDDA9FD85" . (.USB TV Device Driver.) -- C:\Windows\Installer\{BCC5DC79-2275-4171-8CEA-39F0DD9ADF58}\ARPPRODUCTICON.exe
O90 - PUC: "CA98B4D33B4B4D74C8EE589350803F6D" . (.SHARP GSM GPRS USB Driver Ver2.1.0.) -- C:\Windows\Installer\{3D4B89AC-B4B3-47D4-8CEE-85390508F3D6}\ARPPRODUCTICON.exe
O90 - PUC: "D73F4D92A419E8B4BBEC1C182399952F" . (.eDownloader.) -- C:\Windows\Installer\{29D4F37D-914A-4B8E-BBCE-C181329959F2}\softwareinstaller.exe =>PUP.SoftwareEngine
~ Update Products: 143 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\113344.msi [459264]
[MD5.8A1EAA47F0DDD9BFCA3D70BBB774B4D6] [WIS][08/06/2013] (.Linkury Inc. - Linkury Smartbar (Powered by Linkury Inc.).) -- C:\Windows\Installer\156d223.msi [8888320] =>Hijacker.SmartBar
[MD5.33B7498D562214AF350351413ECFB9F4] [WIS][14/01/2013] (.Advernet - eDownloader.) -- C:\Windows\Installer\170c1.msi [894976] =>PUP.SoftwareEngine
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1a632f1.msi [45056] =>Adware.Boxore
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\1d419.msi [573440] =>Toolbar.DeltaSearch
[MD5.CB08263B7B5C9BB753901E81A5748990] [WIS][05/08/2004] (.SHARP - SHARP GSM GPRS USB Driver Ver2.1.0.) -- C:\Windows\Installer\7957c.msi [5619656]
[MD5.C6AE71164A8A5138045327623BBCF12B] [WIS][03/02/2012] (.Micro Application - LauncherMA.) -- C:\Windows\Installer\901acc.msi [623616]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][08/12/2011] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\c1514.msi [1019392] =>Adware.IMBooster
~ WIS: 153 Legitimates Filtered in 00mn 18s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 13/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 24/05/2011 1840128 | (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
SS - | Demand 26/04/2011 2702848 | (FirebirdServerMAGIXInstance) . (.MAGIX�.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 08/12/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/12/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 05/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/11/2006 774144 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 28/09/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 09/12/2009 76320 | (USBS3S4Detection) . (...) - C:\OEM\USBDECTION\USBS3S4Detection.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 21s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (20/10/2013)
Cl�s trouv�es (Keys found) : 114
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 6
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F04C4F83-D9C7-408C-9DEB-D5526E72108C}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{75e9a48b-068c-403f-b877-fa5890bde80c}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D5BBB2B-F044-46C3-877B-6A6BE1E08D19}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Iminent] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D5BBB2B-F044-46C3-877B-6A6BE1E08D19}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Protector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
C:\Windows\Installer\156d223.msi =>Hijacker.SmartBar^
C:\Windows\Installer\170c1.msi =>PUP.SoftwareEngine^
C:\Windows\Installer\1a632f1.msi =>Adware.Boxore^
C:\Windows\Installer\1d419.msi =>Toolbar.DeltaSearch^
C:\Windows\Installer\c1514.msi =>Adware.IMBooster^
~ Additionnel Scan: 441416 Items scanned in 00mn 19s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29758660-pup-softwareengine =>PUP.SoftwareEngine
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ MSI: 18 link(s) detected in 00mn 19s
~ 1509 Legitimates filtered by white list
End of the scan (698 lines in 02mn 40s)(0)
~ Lanc� par Meunier (20/10/2013 17:35:30)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance � la d�sinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activ�e par le programme
~ El�vation des Privil�ges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16721
MFIE: Mozilla Firefox 21.0 (Defaut)
GCIE: Google Chrome v22.0.1229.95
---\\ Informations sur les produits Windows
~ Langage: Fran�ais
Windows 8 Business Edition, 64-bit (Build 9200)
Windows Server License Manager Script : OK
~ ion : Windows(R) Operating System, RETAIL channel
Windows ID Activation : OK
~ Windows Partial Key : JW8XV
Windows License : OK
~ Windows Remaining Initializations Number : 1000
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du syst�me
avast! Free Antivirus v8.0.1497.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W8
---\\ Logiciels d'optimisation du syst�me
CCleaner v4.05 =>Piriform Ltd
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 21
---\\ Informations sur le syst�me
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4040 MB (57% free)
System Restore: Activ� (Enable)
System drive C: has 393 GB (85%) free of 458 GB
---\\ Mode de connexion au syst�me
~ Computer Name: BUREAU
~ User Name: Meunier
~ All Users Names: Meunier, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Meunier\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Meunier\AppData\Roaming\
~ %Desktop% : C:\Users\Meunier\Desktop\
~ %Favorites% : C:\Users\Meunier\Favorites\
~ %LocalAppData% : C:\Users\Meunier\AppData\Local\
~ %StartMenu% : C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enum�ration des unit�s disques
C: Hard drive, Flash drive, Thumb drive (Free 393 Go of 458 Go)
D: Hard drive, Flash drive, Thumb drive (Free 332 Go of 458 Go)
E: CD-ROM drive (Not Inserted)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Etat du Centre de S�curit� Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.0E8E6463F81C80AFBED533E0F1F8895D] - (.Microsoft Corporation - Explorateur Windows.) (.01/06/2013 - 12:34:21.) -- C:\Windows\Explorer.exe [2391280]
[MD5.FE9AB232B56A12224E8A3F3F9878C9A3] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.26/07/2012 - 04:08:50.) -- C:\Windows\System32\Wininit.exe [132608]
[MD5.D28B35DE88D27EFB27DF4B1E8319E3C0] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/09/2013 - 23:55:10.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.BCF2036A0DD579E47C008C133550283E] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.11/10/2012 - 06:46:58.) -- C:\Windows\System32\Winlogon.exe [517120]
[MD5.9448F5740A037EC0C18F0E9177232DD0] - (.Microsoft Corporation - Biblioth�que de licences.) (.26/07/2012 - 04:07:20.) -- C:\Windows\System32\sppcomapi.dll [273408]
[MD5.36D6A3201721558A8AFBCC09C2DA4C2C] - (.Microsoft Corporation - Pilote de fonction connexe pour WinSock.) (.06/11/2012 - 04:53:44.) -- C:\Windows\system32\Drivers\AFD.sys [560640]
[MD5.A721FF570C2387E383BDDEA9632863C9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.26/07/2012 - 06:00:48.) -- C:\Windows\system32\Drivers\atapi.sys [25840]
[MD5.990B1BABE6E81FB18E65A87EBEFB1772] - (.Microsoft Corporation - CD-ROM File System Driver.) (.26/07/2012 - 03:30:10.) -- C:\Windows\system32\Drivers\Cdfs.sys [108544]
[MD5.339BFF85D788268752DA8C9644B188EE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.26/07/2012 - 03:26:36.) -- C:\Windows\system32\Drivers\Cdrom.sys [174080]
[MD5.09D9EB9E7898F8E6561473A20CC808B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.26/07/2012 - 03:26:53.) -- C:\Windows\system32\Drivers\DfsC.sys [118784]
[MD5.7D87B5B6C7188D553E11B59DC7F0B111] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/09/2012 - 07:08:44.) -- C:\Windows\system32\Drivers\HDAudBus.sys [71168]
[MD5.C9E9CBF73AFFBFE3E801EFB516787BA3] - (.Microsoft Corporation - Pilote de port i8042.) (.26/07/2012 - 03:28:51.) -- C:\Windows\system32\Drivers\i8042prt.sys [112640]
[MD5.3969B9C218DD3FAA9F4ED2FFC3651C02] - (.Microsoft Corporation - IP Network Address Translator.) (.26/07/2012 - 03:23:01.) -- C:\Windows\system32\Drivers\IpNat.sys [145920]
[MD5.93179D48066918323628CB016D8C94DC] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.05/02/2013 - 23:29:09.) -- C:\Windows\system32\Drivers\MRxSmb.sys [370688]
[MD5.7CEC25C682D319D484630B3952C31A11] - (.Microsoft Corporation - MBT Transport driver.) (.26/07/2012 - 03:24:28.) -- C:\Windows\system32\Drivers\netBT.sys [331776]
[MD5.76929F4A69E425911A63B407E26C2589] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/02/2013 - 11:54:54.) -- C:\Windows\system32\Drivers\ntfs.sys [1933544]
[MD5.4563DAF8C6A740AD7F501E219BD10766] - (.Microsoft Corporation - Pilote de port parall�le.) (.26/07/2012 - 03:29:53.) -- C:\Windows\system32\Drivers\Parport.sys [105984]
[MD5.A14D625C5AEE5FFE0F47D1A1D419FAAE] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.26/07/2012 - 03:23:17.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [124928]
[MD5.B2A3AD74FF2E2FFA73AF2567108231B3] - (.Microsoft Corporation - Redirecteur de p�riph�rique de Microsoft RDP.) (.26/07/2012 - 03:25:18.) -- C:\Windows\system32\Drivers\rdpdr.sys [179712]
[MD5.73DC722CE5DF26D7638CE2446F2655C7] - (.Microsoft Corporation - TDI Translation Driver.) (.26/07/2012 - 06:26:47.) -- C:\Windows\system32\Drivers\tdx.sys [117248]
[MD5.78A5BBA3819FFFC62FFEC3E2220D102D] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.01/06/2013 - 12:26:33.) -- C:\Windows\system32\Drivers\volsnap.sys [327936]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/44067
~ Mes musiques (My Musics) : 1/3602
~ Mes Videos (My Videos) : 2/258
~ Mes Favoris (My Favorites) : 1/137
~ Mes Documents (My Documents) : 7/7964
~ Mon Bureau (My Desktop) : 2/79
~ Menu demarrer (Programs) : 1/45
~ Hidden Files: Scanned in 00mn 18s
---\\ Processus lanc�s
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.2356]
[MD5.AA8D96427A98CE9FCFFB861F2F77A247] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1239064] [PID.5072]
[MD5.D213F06AE294341F3503FD74E22E7DDA] - (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257136] [PID.4084]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe [18642024] [PID.4256]
[MD5.B54921381A950C8215FB363B485C432B] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [270336] [PID.5028]
[MD5.C673F14493A88BE8CE3156B53F37887E] - (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [177448] [PID.4144]
[MD5.A7810B302294793DE88542AAE177D1B1] - (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424] [PID.3908]
[MD5.E7EA57B35951D093A9647D8D5CE3340D] - (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920] [PID.4940]
[MD5.2EA4B2BC3260CF3D20F6A164B362F6D4] - (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [620136] [PID.5128]
[MD5.F400694D7D2785F60133C20F7F2F4F7A] - (.ArcSoft Inc. - ArcSoft Connect Notifier.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac [309824] [PID.5188]
[MD5.4A73AB8412D3AA6CFAD24051FF9DBFA7] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.5212]
[MD5.469396CF3A8090C24408DA00744D5F97] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Meunier\AppData\Roaming\Dropbox\bin\Dropbox.exe [28057256] [PID.5224]
[MD5.4AFFDCAADCB1DBBFFAF06C7F82E7F6FC] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.5272]
[MD5.F0EA603E7B91046CA48EA4B3593A007D] - (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.5296]
[MD5.75AD45ED633B866D90AEAA296C21F7E8] - (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340336] [PID.5356]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816] [PID.5584]
[MD5.CBC7D8E5416AD30CF16DC2FD4A6AA399] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4858968] [PID.5688]
[MD5.F16EEA6CCA9D8A7D1193AE80E43FBBC7] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe [168960] [PID.5616]
[MD5.8A9FACCB684500829F7D0BCC67B386CC] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe [559104] [PID.4912]
[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.2364]
[MD5.E4F6125ED5185F8FA37CC4F449B85526] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770608] [PID.6132]
[MD5.BB4F6465EEB9ACAA5C60C36983740219] - (.Google Inc. - Google Toolbar Broker.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe [310352] [PID.6192] =>Toolbar.Google
[MD5.DD425C93255671A5FE81A95E686C03D7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8111104] [PID.3980]
~ Processes Running: Scanned in 00mn 00s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Meunier\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 9 Legitimates Filtered in 00mn 02s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Meunier\AppData\Roaming\Mozilla\Firefox\Profiles\9o98cdyi.default\prefs.js
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 14 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 =>Hijacker.Proxy
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Cl� orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Cave � vins.lnk . (.4D - 4D Volume Desktop.) -- C:\Program Files (x86)\Micro Application\Cave � vins\Cave a Vins.exe
O4 - GS\Desktop [Public]: E.M. PowerPoint Video Converter.lnk . (...) -- C:\Program Files (x86)\E.M. PowerPoint Video Converter\pptvideo.exe
O4 - GS\Desktop [Public]: eMule.lnk . (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe
O4 - GS\Desktop [Public]: Etiquettes CD-DVD Edition Classic.lnk . (...) -- C:\Program Files (x86)\Micro Application\Etiquettes CD-DVD Edition Classic\draw7650.exe
O4 - GS\Desktop [Public]: FotoMorph.lnk . (.Digital Photo Software - FotoMorph.) -- C:\Program Files (x86)\Digital Photo Software\FotoMorph\FotoMorph.exe
O4 - GS\Desktop [Public]: G�n�atique 2013.lnk . (.CDIP - Logiciel de g�n�alogie.) -- C:\Program Files (x86)\Geneatique2013\Genea2013.exe
O4 - GS\Desktop [Public]: LEGO Digital Designer.lnk . (.LEGO Company - LEGO Digital Designer.) -- C:\Program Files (x86)\LEGO Company\LEGO Digital Designer\LDD.exe
O4 - GS\Desktop [Public]: MAGIX Photo Manager MX Deluxe.lnk . (.MAGIX - MAGIX Foto Manager MX deluxe.) -- C:\Program Files (x86)\MAGIX\Photo Manager MX Deluxe\FotoManager_dlx.exe
O4 - GS\Desktop [Public]: MAGIX Vid�o deluxe 2013.lnk . (.MAGIX AG - MAGIX Video deluxe 2013.) -- C:\Program Files (x86)\MAGIX\Video deluxe 2013\Videodeluxe.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: ShowBiz DVD 2.lnk . (...) -- C:\Program Files (x86)\ArcSoft\ShowBiz DVD 2\Wizard.exe
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD v 10 Montage.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Desktop [Public]: Ulead VideoStudio SE DVD.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\vstudio.exe
O4 - GS\Desktop [Public]: VDownloader Telecharger youtube.lnk . (.Vitzo - VDownloader.) -- C:\Program Files (x86)\VDownloader\VDownloader.exe
O4 - GS\Desktop [Public]: Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe.lnk . (.Micro Application - Vos Photos � la T�l� sur CD/DVD 2007.) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe
O4 - GS\Desktop [Public]: Votre PC parle.lnk . (...) -- C:\Windows\Installer\{1335A7E0-6055-47B8-92FC-714D65117CAA}\_66A8B8402B2C6EBC3DA8B1.exe
O4 - GS\Desktop [Public]: Webcam Station Evolution.lnk . (.Guillemot Corporation S.A. - Hercules Webcam Station Evolution.) -- C:\Program Files (x86)\Hercules\Webcam Station Evolution\StationEv.exe
O4 - GS\Program [Public]: Desktop.lnk - Cl� orpheline
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Public]: PowerpointImageExtractor V1.2.lnk . (.--- - Pas de description.) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - GS\Program [Public]: TKexe.lnk . (.TKexe - TKexe.) -- C:\Program Files (x86)\TKexe\Kalender.exe
O4 - GS\QuickLaunch [Meunier]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\QuickLaunch [Meunier]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch [Meunier]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch [Meunier]: MAGIX Photo Manager MX Deluxe.lnk . (.MAGIX - MAGIX Foto Manager MX deluxe.) -- C:\Program Files (x86)\MAGIX\Photo Manager MX Deluxe\FotoManager_dlx.exe
O4 - GS\QuickLaunch [Meunier]: WinX Free FLV to MP4 Converter.lnk . (.Digiarty Software, Inc. - WinX Free FLV to MP4 Converter.) -- C:\Program Files (x86)\Digiarty\WinX_Free_FLV_to_MP4_Converter\WinX_Free_FLV_to_MP4_Converter.exe
O4 - GS\TaskBar [Meunier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [Meunier]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Program [Meunier]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Program [Meunier]: Search.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Desktop [Meunier]: 13 CS(S�TE) - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\13 CS(S�TE)
O4 - GS\Desktop [Meunier]: 2 CLAUDE - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\2 CLAUDE
O4 - GS\Desktop [Meunier]: 4 JEANNETT - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\4 JEANNETT
O4 - GS\Desktop [Meunier]: 8 MENAGE - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\8 MENAGE
O4 - GS\Desktop [Meunier]: Aide Memoire Informatique - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\1 INFORMAT G�n�ralit�s\Aide Memoire Informatique.XLS
O4 - GS\Desktop [Meunier]: autostitch - pour panorama.lnk . (.University of British Columbia - AutoStitch.) -- C:\Program Files (x86)\autostitch\autostitch.exe
O4 - GS\Desktop [Meunier]: Captvty - enregistrer.lnk . (...) -- C:\Users\Meunier\Downloads\captvty-1.9.8 (1)\Captvty.exe
O4 - GS\Desktop [Meunier]: CDex.lnk . (.The CDex Project - http://cdexos.sourceforg - CDex - Open Source Digital Audio CD Extract.) -- C:\Program Files (x86)\CDex\CDex.exe
O4 - GS\Desktop [Meunier]: Connexion internet impossible oct 2013 - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\4 INTERNET\Connexion internet impossible oct 2013.docx (.not file.)
O4 - GS\Desktop [Meunier]: CONTACTS.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\9 INFORMATiQUE\5 MESSAGERIE\Gestion des contacts CSV\contacts 26 mars 2013 tri� dans excel enregistr� sous excel pour garder modif.xlsx
O4 - GS\Desktop [Meunier]: Deformation photo.lnk . (...) -- C:\Program Files (x86)\AnmSMP\AnmanieSMP.exe
O4 - GS\Desktop [Meunier]: DVD Flick creation DVD gravure.lnk . (.Dennis "Exl" Meuwissen - DVD Flick.) -- C:\Program Files (x86)\DVD Flick\dvdflick.exe
O4 - GS\Desktop [Meunier]: EnveloppesEditor1.11.lnk . (.J.L.F. - Logiciel pour remplir des enveloppes V1.09.) -- C:\Program Files (x86)\EnveloppesEditor1.11\EnveloppesEditor.exe
O4 - GS\Desktop [Meunier]: Free PDF to Word Doc Converter.lnk . (...) -- C:\Program Files (x86)\Free PDF to Word Doc Converter\pdf2word.exe
O4 - GS\Desktop [Meunier]: Free Video Converter.lnk . (.Koyote Soft - FreeVideoConverter.) -- C:\Program Files (x86)\Free Video Converter\FreeVideoConverter.exe
O4 - GS\Desktop [Meunier]: Gif R�cup�rateur.lnk . (.Olivier RAVET - Pas de description.) -- C:\Program Files (x86)\GIF Recuperateur\GIF_Recuperateur.exe
O4 - GS\Desktop [Meunier]: GIMP 2.lnk . (.Spencer Kimball, Peter Mattis and the GIMP - GNU Image Manipulation Program.) -- C:\Program Files\GIMP 2\bin\gimp-2.8.exe
O4 - GS\Desktop [Meunier]: Handbrake.lnk . (.HandBrake - HandBrake.) -- C:\Program Files (x86)\Handbrake\Handbrake.exe
O4 - GS\Desktop [Meunier]: IcoSauve - Raccourci.lnk . (...) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IcoSauve
O4 - GS\Desktop [Meunier]: IDPhotoStudio - photo identite.lnk . (.KC Softwares - Pas de description.) -- C:\Program Files (x86)\KC Softwares\IDPhotoStudio\IDPhotoStudio.exe
O4 - GS\Desktop [Meunier]: Images - Raccourci.lnk . (...) -- C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Libraries\Pictures.library-ms
O4 - GS\Desktop [Meunier]: Merge juxtaposition.lnk . (.Venning - merge.exe.) -- C:\Program Files (x86)\Merge2.3\merge.exe
O4 - GS\Desktop [Meunier]: Merge PDF.lnk . (.Logiciels Laetjr.com - utilitaire PDF.) -- C:\Program Files (x86)\laetjr\pdf\mergepdf.exe
O4 - GS\Desktop [Meunier]: Mes num�risations - Raccourci.lnk . (...) -- D:\1Mes documents travail\Mes num�risations
O4 - GS\Desktop [Meunier]: MyHeritage Family Tree Builder.lnk . (.MyHeritage - MyHeritage Family Tree Builder Genealogy So.) -- C:\Program Files (x86)\MyHeritage\Bin\MyHeritage.exe
O4 - GS\Desktop [Meunier]: notice galaxie note 7000 - Raccourci.lnk . (...) -- D:\1Mes documents travail\1 Mes documents travail\8 MENAGE\TELEPHONE\notice galaxie note 7000.pdf
O4 - GS\Desktop [Meunier]: Orbit.lnk . (...) -- C:\Program Files (x86)\Orbitdownloader\orbitdm.exe (.not file.)
O4 - GS\Desktop [Meunier]: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe
O4 - GS\Desktop [Meunier]: Powerpoint Extracteur.lnk . (.--- - Pas de description.) -- C:\Program Files (x86)\PowerpointImageExtractor_V1_2\PowerpointImageExtractor.exe
O4 - GS\Desktop [Meunier]: SmillaEnlarger - Raccourci.lnk . (...) -- C:\Users\Meunier\Downloads\SmillaEnlarger-0.9.0 (2)\SmillaEnlarger-0.9.0\SmillaEnlarger\SmillaEnlarger.exe (.not file.)
O4 - GS\Desktop [Meunier]: TKexe Calendrier.lnk . (.TKexe - TKexe.) -- C:\Program Files (x86)\TKexe\Kalender.exe
O4 - GS\Desktop [Meunier]: Ulead VideoStudio 9.lnk . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio 9.0\vstudio.exe
O4 - GS\Desktop [Meunier]: Vid�os - Raccourci.lnk . (...) -- C:\Users\Meunier\AppData\Roaming\Microsoft\Windows\Libraries\Videos.library-ms
O4 - GS\Desktop [Meunier]: WinX Free FLV to MP4 Converter.lnk . (.Digiarty Software, Inc. - WinX Free FLV to MP4 Converter.) -- C:\Program Files (x86)\Digiarty\WinX_Free_FLV_to_MP4_Converter\WinX_Free_FLV_to_MP4_Converter.exe
O4 - GS\Desktop [Meunier]: XnView pour copie ecran.lnk . (.XnView, http://www.xnview.com - XnView for Windows.) -- C:\Program Files (x86)\XnView\xnview.exe
O4 - GS\Desktop [Meunier]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 160 Legitimates Filtered in 00mn 02s
---\\ Applications lanc�es au d�marrage du syt�me (O4)
O4 - GS\Startup [Public]: Adobe Gamma Loader.exe.lnk . (.Adobe Systems, Inc. - Adobe Gamma Loader.) -- C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [Meunier]: Dropbox.lnk . (.Dropbox, Inc. - Dropbox.) -- C:\Users\Meunier\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - GS\Startup [Meunier]: Lanceur.lnk . (.Micro Application - Pas de description.) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [CamserviceHDExchange] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Hercules HD Exchange\XtrCtrlEx.exe
O4 - HKLM\..\Run: [Windows Mobile Device Center] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_A7E31F99DE1AB07DA9783C80B4E432EB] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Snoozer] . (...) -- C:\Users\Meunier\AppData\Roaming\Snz\Snz.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_4\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_2\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcadeMovieService] . (.CyberLink Corp. - clear.fi Movie Resident Program.) -- C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe
O4 - HKLM\..\Wow6432Node\Run: [ArcSoft Connection Service] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [EgisTecPMMUpdate] . (.Egis Technology Inc. - PMM Update Application.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
O4 - HKLM\..\Wow6432Node\Run: [Family Tree Builder Update] . (.MyHeritage - MyHeritage Family Tree Builder check for up.) -- C:\Program Files (x86)\MyHeritage\Bin\FTBCheckUpdates.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propri�taire - Hotkey Utility.) -- C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\qttask.exe
O4 - HKLM\..\Wow6432Node\Run: [SuiteTray] . (.Egis Technology Inc. - SuiteTray.) -- C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe
O4 - HKLM\..\Wow6432Node\Run: [UVS10 Preload] . (.Ulead Systems, Inc. - Ulead VideoStudio.) -- C:\Program Files (x86)\Ulead Systems\Ulead VideoStudio SE DVD\uvPL.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [GoogleChromeAutoLaunch_A7E31F99DE1AB07DA9783C80B4E432EB] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [SkyDrive] . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe =>.Skype Technologies S.A.
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-b�te.) -- C:\Windows\System32\StikyNot.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\Run: [Snoozer] . (...) -- C:\Users\Meunier\AppData\Roaming\Snz\Snz.exe
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112_4\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-2053191492-3036096354-1831522419-1001\..\RunOnce: [Uninstall C:\Users\Meunier\AppData\Local\Microsoft\SkyDrive\17.0.2006.0314_2\amd64] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\WINDOWS\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7C853957-50BD-486F-A4AA-873AFA2A1501}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{9133BFA2-BE42-4AE5-BB70-2D5B45EB8530}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7C853957-50BD-486F-A4AA-873AFA2A1501}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9133BFA2-BE42-4AE5-BB70-2D5B45EB8530}: DhcpNameServer = 192.168.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.10.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{06FF7AAF-D3A2-4AC7-B926-313B2D1FD86B}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{19219DCD-4224-43C4-9C9C-009EE7A84F5F}] (...) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{4DB67D40-F0D1-4693-8BB9-D7BCA8AE2397}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{5C7D01C5-D924-4E84-8FEB-59CC9E17A6FD}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{701CDFF6-B261-4855-A0E0-F7DEC5CE6035}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7146D889-2907-4F5F-9403-79EA03E42F8D}] (...) -- C:\Program Files (x86)\Micro Application\Vos Photos � la T�l� sur CD-DVD 2007 Edition Deluxe\PhotoTV4.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{79BACA70-0224-4D79-8D1F-DB88E7934F01}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{90DBDCE1-011E-4308-9F7D-0DB798B6A27E}] (...) -- C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe (.not file.) [0] =>PUP.Tarma
[MD5.00000000000000000000000000000000] [APT] [{A519CD00-BEB2-461A-9B28-B8E36D87F089}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B18C2DC9-6778-4031-A4FA-DE63EFAE027D}] (...) -- E:\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{BA3A6EC3-C8D3-431F-A462-5E5E57B659CF}] (...) -- C:\Users\Meunier\AppData\Local\Temp\Temp2_crak vidostudio9.zip\crak vidostudio9\Ulead VideoStudio 9 Trial to Full - Parisa\Ulead VideoStudio 9 Trial to Full - Parisa.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C13CB813-272B-48C2-B1CB-1E277364C2CA}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{DBF79E95-8313-43FF-8876-955A96BAAFE5}] (...) -- E:\INSTALL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E523AD2B-3126-439D-815D-C813115FF16F}] (...) -- C:\Users\Meunier\AppData\Local\ext_piccshare_uninst.exe (.not file.) [0]
~ Scheduled Task: 41 Legitimates Filtered in 00mn 07s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Linkury Smartbar - (.Linkury Inc..) [HKLM][64Bits] -- {F04C4F83-D9C7-408C-9DEB-D5526E72108C} =>Hijacker.SmartBar
O42 - Logiciel: Linkury Smartbar Engine - (.Linkury Inc..) [HKCU][64Bits] -- {75e9a48b-068c-403f-b877-fa5890bde80c} =>Hijacker.SmartBar
O42 - Logiciel: Merge Version 2.3 - (...) [HKLM][64Bits] -- merge_is1
O42 - Logiciel: Notation - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3} =>Hijacker.Proxy
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {0D5BBB2B-F044-46C3-877B-6A6BE1E08D19} =>PUP.SweetIM
O42 - Logiciel: Utilitaire Suivi du visage - (...) [HKLM][64Bits] -- Face Tracking Utility
O42 - Logiciel: Yahoo! Toolbar - (...) [HKLM][64Bits] -- Yahoo! Companion
~ Logic: 198 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKCU\Software\Protector]
[HKCU\Software\Snoozer]
[HKCU\Software\Venning Graphicutils]
~ Key Software: 339 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 15/09/2012 - 21:42:11 - [1,406] ----D C:\Program Files (x86)\autostitch
O43 - CFD: 05/06/2013 - 21:03:21 - [1,341] ----D C:\Program Files (x86)\GIF Recuperateur
O43 - CFD: 01/02/2013 - 17:16:43 - [0] ----D C:\Program Files (x86)\GUM2E11.tmp
O43 - CFD: 17/10/2013 - 22:31:45 - [2,838] ----D C:\Program Files (x86)\GUM52BD.tmp
O43 - CFD: 17/09/2012 - 18:06:19 - [6,064] ----D C:\Program Files (x86)\Merge2.3
O43 - CFD: 30/01/2012 - 20:00:52 - [15,508] ----D C:\Program Files (x86)\USB_video_device
O43 - CFD: 13/10/2013 - 17:33:50 - [1,170] ----D C:\Users\Meunier\AppData\Roaming\Snz
~ Program Folder: 316 Legitimates Filtered in 01mn 00s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.6A4B9FBC1E88C400AD671A50DADFA84D] - 14/10/2013 - 13:47:36 ---A- . (...) -- C:\Windows\SysNative\ApnDatabase.xml [386923]
O44 - LFC:[MD5.6A4B9FBC1E88C400AD671A50DADFA84D] - 14/10/2013 - 13:47:36 ---A- . (...) -- C:\Windows\System32\ApnDatabase.xml [386923]
O44 - LFC:[MD5.68AF825E59696608B21A846B83BA9C75] - 20/10/2013 - 16:31:26 ---A- . (...) -- C:\Windows\wininit.ini [3195]
~ Files: 116 Legitimates Filtered in 00mn 09s
---\\ Enum�ration des cl�s de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\DATAMNGR [Key] . (...) -- C:\Program Files (x86)\WIA6EB~1\Datamngr\DATAMN~1.exe (.not file.) =>PUP.Datamngr
O53 - SMSR:HKLM\...\startupreg\hpqSRMon [Key] . (...) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Iminent [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.exe (.not file.) =>Adware.IMBooster
O53 - SMSR:HKLM\...\startupreg\IminentMessenger [Key] . (...) -- C:\Program Files (x86)\Iminent\Iminent.Messengers.exe (.not file.) =>Adware.IMBooster
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Enum�ration des cl�s de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du syst�me (SDL) (O58)
O58 - SDL:[MD5.D168AE57558A6174FB35E0F82B32F62B] - 02/02/2013 - 13:02:11 ---A- . (...) -- C:\Windows\System32\Drivers\aswnet.sys.sum [175]
~ Drivers: 17 Legitimates Filtered in 00mn 00s
---\\ Liste des outils de d�sinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Menu de d�marrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuli�re � la racine du syst�me (SPRF) (O84)
[MD5.0D3B680986310AE5540578C0E481C6A0] [SPRF][02/03/2010] (...) -- C:\ProgramData\FullRemove.exe [131984]
[MD5.47025DD5CBA8B43E9D26C960FF5B32A7] [SPRF][19/10/2013] (...) -- C:\Users\Meunier\AppData\Local\Temp\Quarantine.exe [344355]
~ Files: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "UDP Query User{9DA114FC-D877-4203-AFEF-1512766AB287}C:\program files (x86)\orbitdownloader\orbitdm.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitdm.exe (.not file.)
O87 - FAEL: "TCP Query User{05CD5569-8FD0-486A-9C96-139942E39E86}C:\program files (x86)\orbitdownloader\orbitdm.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitdm.exe (.not file.)
O87 - FAEL: "UDP Query User{AAA519D9-E57D-4585-8659-A69CC9019937}C:\program files (x86)\orbitdownloader\orbitnet.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "TCP Query User{4141D672-71DA-4462-9028-57D26E2852B4}C:\program files (x86)\orbitdownloader\orbitnet.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\orbitdownloader\orbitnet.exe (.not file.)
O87 - FAEL: "UDP Query User{77AAB9B3-9AE2-4EE6-8009-5A6DB7EBC9CA}E:\fscommand\updater.exe" |In - Private - P17 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)
O87 - FAEL: "TCP Query User{0F7B9843-4EC2-45CD-8CA1-D7F9E5F6451D}E:\fscommand\updater.exe" |In - Private - P6 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)
~ Firewall: 291 Legitimates Filtered in 00mn 01s
---\\ Enum�re les codes produits des logiciels (PUC) (O90)
O90 - PUC: "4A71778417DF1E64594EB6B50FF5B3BC" . (.Votre PC parle dans Word.) -- C:\Windows\Installer\{487717A4-FD71-46E1-95E4-6B5BF05F3BCB}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "7E685771E24E83F4381D1DB5A45F7B41" . (.Delta Chrome Toolbar.) -- C:\Windows\Installer\{177586E7-E42E-4F38-83D1-D15B4AF5B714}\Delta.ico =>Toolbar.DeltaSearch
O90 - PUC: "97CD5CCB57221714C8AE930FDDA9FD85" . (.USB TV Device Driver.) -- C:\Windows\Installer\{BCC5DC79-2275-4171-8CEA-39F0DD9ADF58}\ARPPRODUCTICON.exe
O90 - PUC: "CA98B4D33B4B4D74C8EE589350803F6D" . (.SHARP GSM GPRS USB Driver Ver2.1.0.) -- C:\Windows\Installer\{3D4B89AC-B4B3-47D4-8CEE-85390508F3D6}\ARPPRODUCTICON.exe
O90 - PUC: "D73F4D92A419E8B4BBEC1C182399952F" . (.eDownloader.) -- C:\Windows\Installer\{29D4F37D-914A-4B8E-BBCE-C181329959F2}\softwareinstaller.exe =>PUP.SoftwareEngine
~ Update Products: 143 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\113344.msi [459264]
[MD5.8A1EAA47F0DDD9BFCA3D70BBB774B4D6] [WIS][08/06/2013] (.Linkury Inc. - Linkury Smartbar (Powered by Linkury Inc.).) -- C:\Windows\Installer\156d223.msi [8888320] =>Hijacker.SmartBar
[MD5.33B7498D562214AF350351413ECFB9F4] [WIS][14/01/2013] (.Advernet - eDownloader.) -- C:\Windows\Installer\170c1.msi [894976] =>PUP.SoftwareEngine
[MD5.B67811645C5A3B8E4E4B1A1DB1EE271C] [WIS][19/09/2012] (.Boxore OU. - Software Update Helper.) -- C:\Windows\Installer\1a632f1.msi [45056] =>Adware.Boxore
[MD5.35C918348CBB0877BCD5A3CF24C13761] [WIS][25/11/2012] (.DeltaInstaller - Delta Chrome Toolbar.) -- C:\Windows\Installer\1d419.msi [573440] =>Toolbar.DeltaSearch
[MD5.CB08263B7B5C9BB753901E81A5748990] [WIS][05/08/2004] (.SHARP - SHARP GSM GPRS USB Driver Ver2.1.0.) -- C:\Windows\Installer\7957c.msi [5619656]
[MD5.C6AE71164A8A5138045327623BBCF12B] [WIS][03/02/2012] (.Micro Application - LauncherMA.) -- C:\Windows\Installer\901acc.msi [623616]
[MD5.A672E4C77ED7CCC851575B10B46CC8AD] [WIS][08/12/2011] (.IMinent - IMinent Toolbar.) -- C:\Windows\Installer\c1514.msi [1019392] =>Adware.IMBooster
~ WIS: 153 Legitimates Filtered in 00mn 18s
---\\ Etat g�n�ral des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 13/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/12/2012 277616 | (cphs) . (.Intel Corporation.) - C:\Windows\SysWow64\IntelCpHeciSvc.exe
SS - | Demand 28/09/2010 172912 | (EgisTec Ticket Service) . (.Egis Technology Inc..) - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
SR - | Auto 24/05/2011 1840128 | (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
SS - | Demand 26/04/2011 2702848 | (FirebirdServerMAGIXInstance) . (.MAGIX�.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
SR - | Auto 08/01/2010 23584 | (GREGService) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
SS - | Auto 08/12/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/12/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe
SR - | Auto 05/11/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SS - | Demand 14/11/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
SR - | Demand 09/09/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 31/01/2011 244624 | (Live Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 20/12/2010 325656 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 11/05/2013 117144 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Demand 10/11/2006 774144 | (NBService) . (.Nero AG.) - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 20/09/2012 29696 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 28/09/2006 49152 | (UleadBurningHelper) . (.Ulead Systems, Inc..) - C:\Program Files (x86)\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
SR - | Auto 20/12/2010 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 09/12/2009 76320 | (USBS3S4Detection) . (...) - C:\OEM\USBDECTION\USBS3S4Detection.exe
SR - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Demand 20/09/2012 29696 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 21s
---\\ Scan Additionnel (O88)
Database Version : 12960 - (20/10/2013)
Cl�s trouv�es (Keys found) : 114
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 6
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F04C4F83-D9C7-408C-9DEB-D5526E72108C}] =>Hijacker.SmartBar^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{75e9a48b-068c-403f-b877-fa5890bde80c}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D5BBB2B-F044-46C3-877B-6A6BE1E08D19}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\DATAMNGR] =>PUP.Datamngr^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Iminent] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\IminentMessenger] =>Adware.IMBooster^
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\482AA67AD25E6E74E9F48BD5FBE8533C] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AVGSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24] =>Adware.PredictAd
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF] =>Toolbar.Ask
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E] =>Toolbar.Ask
[HKLM\Software\Classes\Installer\Features\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Features\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Installer\Products\B2BBB5D0440F3C6478B7A6B61E0ED891] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0D5BBB2B-F044-46C3-877B-6A6BE1E08D19}] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\64A6E60055D801F4BB8AC269354B72B8] =>Adware.Boxore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>PUP.Tarma
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Protector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1EAD96AE2CB1DE84BAA9425A8CCA0817] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKCU\Software\OfferMosquito] =>Toolbar.OfferMosquito
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BA71D41F6CC0B6247B05D473850A8AEA] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe =>Toolbar.Google^
C:\Windows\Installer\156d223.msi =>Hijacker.SmartBar^
C:\Windows\Installer\170c1.msi =>PUP.SoftwareEngine^
C:\Windows\Installer\1a632f1.msi =>Adware.Boxore^
C:\Windows\Installer\1d419.msi =>Toolbar.DeltaSearch^
C:\Windows\Installer\c1514.msi =>Adware.IMBooster^
~ Additionnel Scan: 441416 Items scanned in 00mn 19s
---\\ R�capitulatif des d�tections trouv�es sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/32384220-toolbar-google =>Toolbar.Google
~ http://nicolascoolman.webs.com/apps/blog/show/27232411-hijacker-proxy =>Hijacker.Proxy
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/29758660-pup-softwareengine =>PUP.SoftwareEngine
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/30898245-toolbar-skype =>Toolbar.Skype
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/26630283-pup-advancedsystemprotector =>PUP.AdvancedSystemProtector
~ http://nicolascoolman.webs.com/apps/blog/show/27563212-pup-clarosearch =>PUP.ClaroSearch
~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ MSI: 18 link(s) detected in 00mn 19s
~ 1509 Legitimates filtered by white list
End of the scan (698 lines in 02mn 40s)(0)