Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2015.5.25.52 - Nicolas Coolman (25/05/2015)
~ Lancé par djfab (27/05/2015 23:39:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
Norton Internet Security v16.0.0.125
Ad-Aware v8.0.0
Spybot - Search & Destroy v1.6.2
---\\ Logiciels d'optimisation du système
Uniblue RegistryBooster 2010 =>PUP.UniblueSystem
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 15
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3001.0 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (3%) free of 285 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-DJFAB
~ User Name: djfab
~ All Users Names: Mcx2, Mcx1, djfab, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\djfab\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\djfab\AppData\Roaming\
~ %Desktop% : C:\Users\djfab\Desktop\
~ %Favorites% : C:\Users\djfab\Favorites\
~ %LocalAppData% : C:\Users\djfab\AppData\Local\
~ %StartMenu% : C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 285 Go)
D: Hard drive, Flash drive, Thumb drive (Free 150 Go of 298 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.E38E89A0939A42F5EE4292DFC48772DF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/04/2015 - 16:20:33.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 7:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 7:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 7:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 5:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 5:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 5:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.3/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 9:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 5:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 5:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/334
~ Mes musiques (My Musics) : 2/66
~ Mes Videos (My Videos) : 2/505
~ Mes Favoris (My Favorites) : 2/40
~ Mes Documents (My Documents) : 10/5628
~ Mon Bureau (My Desktop) : 3/7174
~ Menu demarrer (Programs) : 2/193
~ Hidden Files: Scanned in 00mn 20s
---\\ Processus lancés
[MD5.225AE3D9743FEC8D3EF5FF4BA8E438A5] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [250624] [PID.2724]
[MD5.06602AAC468BFACD8E5344DB0AE3DDD3] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [230912] [PID.3004]
[MD5.D394ADF0EEE713FAFD13A8442BA6643B] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe [862728] [PID.4160]
[MD5.1ABF80D4F4941ECEE600AEC768173523] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824] [PID.4312]
[MD5.B895C862BC32F6D65892D7C7FF5B3F78] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [528832] [PID.4332]
[MD5.C6D66F41719F960AF023DDC6529C5FE6] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576] [PID.4404]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4712]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [728312] [PID.4720]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.4788]
[MD5.D609E6A55C2D2637CE8FD168E861963D] - (.Pas de propriétaire - BlueSoleil Bttray.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [315478] [PID.4848]
[MD5.2C1B1E9174D94E9F6EE3CF373ABAB7DD] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [137752] [PID.4896]
[MD5.87D78CF6365BDDACBE9D34B60FE0E23B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.4924]
[MD5.89D3DE5E2C77DCD99C56F0E46310AEA0] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172568] [PID.4948]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.4984]
[MD5.71A842E0118389F0F7F37E686FA7BFEF] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [179224] [PID.4996]
[MD5.51E2B4E4A054F89EDCB7B821ADFA8FE5] - (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe [2859077] [PID.5036]
[MD5.C84933011F01A3C9F8133B1EC157376D] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1103768] [PID.5068]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.5112]
[MD5.5E350C463EE596321C79CF23ADA56E7A] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [267800] [PID.5192]
[MD5.254AC97C9AF4DDF3F5F57855198527B7] - (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\system32\wermgr.exe [56320] [PID.3144]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1092]
[MD5.A097F470DB5D1B09CAD8C177C72FB267] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [130048] [PID.3100]
[MD5.F92871A389230747AC6348C64D41AD57] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4484]
[MD5.F6B0935B23E3C5B54DF33D3C180CA063] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8211968] [PID.6148]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1336]
[MD5.193146149076B331C008C1C0AF6FA5B9] - (.Lavasoft - Ad-Aware Service Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1036104] [PID.1732]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424] [PID.1860]
[MD5.E8FE4FCE23D2809BD88BCC1D0F8408CE] - (...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832] [PID.372]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.528]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424] [PID.564]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.588]
[MD5.9958F306483FF46AB93FE1904C12F060] - (.Pas de propriétaire - BlueSoleilCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [840192] [PID.1076]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1524]
[MD5.881C86C4B8F2359318E0E6D7EC844D13] - (.Pas de propriétaire - BsMobileCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467] [PID.1644]
[MD5.FE7FCACE3678200AE202EB29C9B6A8E8] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [567848] [PID.1444]
[MD5.93EF4DD10E81915C9D92D0040B78988F] - (.Hercules® - Hercules® Install Service.) -- C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.exe [16896] [PID.2768]
[MD5.E956C0614367D4106A4411F151D494A5] - (.Pas de propriétaire - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [264704] [PID.2900]
[MD5.0AF74CD12F12F3DCAB26C1F5C09AB79A] - (...) -- C:\ProgramData\Mobistar Internet Everywhere\OnlineUpdate\ouc.exe [234496] [PID.3052]
[MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [786256] [PID.3072]
[MD5.EE215321E83BE72AB77B6627FD149EAE] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [117640] [PID.3128]
[MD5.952BF6DFC96E3E94D1D88FD0B78EC443] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [44800] [PID.3364]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] - (...) -- C:\Windows\system32\PnkBstrA.exe [75064] [PID.3440]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.3512]
[MD5.775A7C4B689C0F112A12AD62064E57D1] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5093216] [PID.3652]
[MD5.A33384A5CA1CE308ABF16815AFE1873D] - (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) -- C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [205104] [PID.3960]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.1360]
[MD5.E783984459E2992DCEBD32ADBDE28EE1] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [428336] [PID.2860]
[MD5.0A22897FC9C4FF67E4FE2FE39CF8BFC2] - (.Pas de propriétaire - BsHelpCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [98407] [PID.2368]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] [PID.3256]
[MD5.8715A0D10CFFC8DEE923957F07DAA042] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe [244040] [PID.4800]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553440] [PID.5348]
[MD5.C108DC20ACE05072350DBB6934E277FB] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [772296] [PID.5120]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.0]
~ Processes Running: Scanned in 00mn 05s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 69 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com =>Hijacker.TroviCom
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.softonic.com =>Toolbar.Conduit
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15330)
~ Hosts File: Scanned in 00mn 13s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Interest recogniser for Moovida (powered by Spointer) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} . (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll =>Adware.SPointer
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll =>Toolbar.Conduit
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} . (...) -- mscoree.dll (.not file.)
O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - Internet Explorer Toolbar Engine.) -- C:\Program Files\Freecorder 6\tbcore3.dll
~ BHO: 30 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: Softonic Toolbar - [HKLM]{5018CFD2-804D-4C99-9F81-25EAEA2769DE} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll =>Toolbar.Conduit
O3 - Toolbar: Freecorder 6 - [HKLM]{6B34ACCF-1B63-4E1A-8633-461917C75544} . (.Pas de propriétaire - Internet Explorer Toolbar Engine.) -- C:\Program Files\Freecorder 6\tbcore3.dll
O3 - Toolbar: SafeFinder Smartbar - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>Hijacker.SmartBar
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [djfab]: Search.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://feed.safefinder.com =>Hijacker.SmartBar
O4 - GS\QuickLaunch [djfab]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [djfab]: Chat-Land messenger.lnk . (...) -- C:\Users\djfab\chat-land\Chat-Landmessenger.exe (.not file.) =>Hijacker.ChercheUS
O4 - GS\Program [djfab]: Moovida.lnk . (.Fluendo Embedded - Moovida.) -- C:\Program Files\Fluendo\Moovida\Moovida.exe =>Adware.SPointer
O4 - GS\Program [djfab]: Search.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://feed.safefinder.com =>Hijacker.SmartBar
O4 - GS\Desktop [djfab]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 10 Legitimates Filtered in 00mn 10s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [djfab]: PricePeepUpdater.lnk . (...) -- C:\Program Files\PricePeep\PricePeepUpdater.exe (.not file.) =>Adware.PricePeep
O4 - HKLM\..\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Ad-Watch] . (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Smart File Advisor] . (.Filefacts.net - Smart File Advisor.) -- C:\Program Files\Smart File Advisor\sfa.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (.not file.)
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Video Web Camera\traybar.exe
O4 - HKLM\..\Run: [VideoWebCamera] . (.Suyin - Video Web Camera.) -- C:\Program Files\VideoWebCamera\VideoWebCamera.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Program Files\PLFSetI.exe (.not file.)
O4 - HKLM\..\Run: [BtTray] . (.Pas de propriétaire - BlueSoleil Bttray.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
O4 - HKLM\..\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe wincqh32.rom,SqfWSBS
O4 - HKCU\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKCU\..\Run: [fsm] Clé orpheline
O4 - HKCU\..\Run: [Odimoze] C:\Users\djfab\AppData\Local\KBDAMO.dll (.not file.)
O4 - HKCU\..\Run: [tempHome] C:\Users\djfab\AppData\Local\Temp\racourci.vbe (.not file.)
O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (.not file.)
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [WVXM] rundll32 "C:\Users\djfab\AppData\Roaming\consolep.dll (.not file.)
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] . (...) -- C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] . (...) -- C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [MSSMSGS] rundll32.exe wincqh32.rom,SqfWSBS
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [fsm] Clé orpheline
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Odimoze] C:\Users\djfab\AppData\Local\KBDAMO.dll (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [tempHome] C:\Users\djfab\AppData\Local\Temp\racourci.vbe (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [WVXM] rundll32 "C:\Users\djfab\AppData\Roaming\consolep.dll (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org =>Hijacker.ChercheUS
O15 - Trusted Zone: [HKCU\...\Domains] *.search-web.net
~ IE Zone Confiance: Scanned in 00mn 03s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Mobistar Internet Everywhere. OUC (Mobistar Internet Everywhere. RunOuc) . (...) - C:\Program Files\Mobistar Internet Everywhere\UpdateDog\ouc.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Users\djfab\AppData\Local\Temp\{9166850E-B40E-4709-8364-823374B3053F}\NMSAccessU.exe (.not file.)
~ Services: 26 Legitimates Filtered in 00mn 14s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (lsdelete) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) [512]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\AutoKMS.job [264] =>Hacktool.AutoKMS
O39 - APT: - (..) -- C:\Windows\System32\Tasks\AutoKMS [264] =>Hacktool.AutoKMS
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1054]
O39 - APT: - (..) -- C:\Windows\Tasks\PC Performer_DEFAULT.job [264] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PC Performer_DEFAULT [264] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\Tasks\PC Performer_UPDATES.job [272] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PC Performer_UPDATES [272] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\Tasks\Registry Reviver-djfab-Startup.job [378] =>PUP.RegistryReviver
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup [378] =>PUP.RegistryReviver
O39 - APT: APT: - (..) -- C:\Windows\Tasks\Registry Reviver-djfab-Startup.job [378] - (..) -- C:\Windows\Tasks\Registry Reviver.job [486] =>PUP.RegistryReviver
O39 - APT: APT: - (..) -- C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup [378] - (..) -- C:\Windows\System32\Tasks\Registry Reviver [486] =>PUP.RegistryReviver
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{10744EBC-429E-45B0-B879-2A91C3D24C2B} [432]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (enqtyspe) . (. - .) - C:\Windows\system32\drivers\enqtyspe.sys (.not file.)
O41 - Driver: ({ef8714df-a44b-464c-9034-549a70dc4cd7}Gt) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys =>PUP.LinkiDoo
O41 - Driver: (gasfkybdmleyex) . (. - .) - C:\Windows\system32\drivers\gasfkyfvpciovp.sys (.not file.)
~ Drivers: 134 Legitimates Filtered in 00mn 42s
---\\ Logiciels installés (O42)
O42 - Logiciel: 3GP Video Converter 3 - (.Xilisoft.) [HKLM] -- 3GP Video Converter 3
O42 - Logiciel: AA3Deploy - (.Army Game.) [HKCU] -- 2a4f70b48f669acd
O42 - Logiciel: Aqua Real - (...) [HKLM] -- {1E66C7FF-F827-4AEF-A998-932EA824998B}
O42 - Logiciel: FaceOnBody Pro v 2.4 - (...) [HKLM] -- FaceOnBody Pro v 2.4
O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM] -- Fissa =>PUP.OfferBox
O42 - Logiciel: Freez FLV to AVI/MPEG/WMV Converter - (.www.smallvideosoft.com.) [HKLM] -- Freez FLV to AVI/MPEG/WMV Converter 1.5_is1
O42 - Logiciel: ISSE version 0.2.0 - (.CCRMA, Stanford University.) [HKLM] -- {9330BAEC-6E26-4C5B-93A1-8BDD9ACF231B}_is1
O42 - Logiciel: LPT System Updater Service - (.LPT.) [HKLM] -- {BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} =>Adware.IncrediBar
O42 - Logiciel: PC Satellite TV Pro - (...) [HKLM] -- PC Satellite TV Pro
O42 - Logiciel: SafeFinder Smartbar - (.Linkury Ltd..) [HKLM] -- {877D0E59-6CBD-43C6-966F-1F4BA343AEEC} =>Hijacker.SmartBar
O42 - Logiciel: TicTacPhoto - (...) [HKLM] -- TicTacPhoto
O42 - Logiciel: Transcode 360 for Windows Vista - (.Albert Griscti-Soler.) [HKLM] -- Transcode360
O42 - Logiciel: Typ-Top 3.0 - (.Uitgeverij De Boeck.) [HKLM] -- Typ-Top 3.0_is1
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM] -- {77236F9C-987C-40EC-832B-5BD6181E4846} =>Adware.SocialSkinz
O42 - Logiciel: maucampo - (.maucampo.) [HKLM] -- maucampo =>PUP.Maucampo
~ Logic: 37 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon
[HKCU\Software\8.1]
[HKCU\Software\Cfrliyepp]
[HKCU\Software\Condut]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Karaoke-DX]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\ScriptEd]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Typ-Top]
[HKCU\Software\XML]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\maucampo] =>PUP.Maucampo
[HKLM\Software\5b6dfdbe23fea48] =>PUP.Babylon
[HKLM\Software\Cosmi]
[HKLM\Software\FaceOnBody]
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\Typ-Top]
~ Key Software: 735 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/04/2015 - 12:44:35 - [] ----D C:\Program Files\BeID Minidriver
O43 - CFD: 5/04/2011 - 23:02:22 - [] ----D C:\Program Files\Caricature Studio Green 3.6
O43 - CFD: 3/10/2010 - 11:59:52 - [] ----D C:\Program Files\FaceOnBody Pro
O43 - CFD: 1/12/2010 - 2:27:28 - [] ----D C:\Program Files\Fluendo =>Adware.SPointer
O43 - CFD: 11/12/2012 - 21:26:23 - [] ----D C:\Program Files\Freecorder Toolbar
O43 - CFD: 27/05/2015 - 22:02:10 - [] ----D C:\Program Files\ISSE
O43 - CFD: 7/08/2010 - 21:54:52 - [] ----D C:\Program Files\KaraokeDX
O43 - CFD: 23/08/2009 - 0:40:40 - [] ----D C:\Program Files\Live_TV
O43 - CFD: 12/05/2015 - 0:01:36 - [] ----D C:\Program Files\NJ
O43 - CFD: 21/11/2009 - 12:36:15 - [] ----D C:\Program Files\PC Satellite TV Pro
O43 - CFD: 23/08/2009 - 1:59:43 - [0] ----D C:\Program Files\SATVOD
O43 - CFD: 4/05/2012 - 16:31:18 - [] ----D C:\Program Files\Softonic =>Toolbar.Conduit
O43 - CFD: 9/10/2013 - 16:27:36 - [] ----D C:\Program Files\TicTacPhoto
O43 - CFD: 18/11/2012 - 10:34:44 - [] ----D C:\Program Files\Transcode360
O43 - CFD: 27/09/2010 - 17:46:36 - [] ----D C:\Program Files\Typ-Top 3.0
O43 - CFD: 20/08/2009 - 0:31:57 - [] ----D C:\Program Files\USArmy
O43 - CFD: 25/10/2010 - 23:22:18 - [] ----D C:\ProgramData\AA3DeployClient
O43 - CFD: 7/11/2010 - 13:14:24 - [] ----D C:\ProgramData\FaceOnBody
O43 - CFD: 4/12/2012 - 14:55:43 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 19/05/2011 - 17:19:03 - [] --H-D C:\ProgramData\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
O43 - CFD: 19/05/2011 - 17:39:32 - [] --H-D C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
O43 - CFD: 19/05/2011 - 17:26:10 - [] --H-D C:\ProgramData\{761E38B7-1182-40ED-8916-EAA5F384CFC7}
O43 - CFD: 23/08/2009 - 20:19:25 - [] --H-D C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
O43 - CFD: 19/05/2011 - 17:31:59 - [] --H-D C:\ProgramData\{8429ABAF-B3FC-4320-BD86-2F450040BB88}
O43 - CFD: 19/05/2011 - 17:18:23 - [] --H-D C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
O43 - CFD: 19/05/2011 - 17:30:07 - [] --H-D C:\ProgramData\{A7980E87-CCF8-4A63-95C5-FBF6773430E4}
O43 - CFD: 19/05/2011 - 17:33:42 - [] --H-D C:\ProgramData\{B519F32F-827C-40F0-8D31-289E18AFCBCC}
O43 - CFD: 19/05/2011 - 17:22:00 - [] --H-D C:\ProgramData\{C0C80074-EC49-4159-8610-C3471C7E6846}
O43 - CFD: 19/05/2011 - 17:28:12 - [] --H-D C:\ProgramData\{C563A71C-0CD1-48DB-BF21-E9663D577F6E}
O43 - CFD: 19/05/2011 - 17:24:08 - [] --H-D C:\ProgramData\{F1E1AF14-F91F-4ECF-B2AC-261F02221942}
O43 - CFD: 19/05/2011 - 17:19:29 - [] --H-D C:\ProgramData\{F9958806-3326-4B30-A9A3-D5B43C478842}
O43 - CFD: 25/12/2012 - 18:32:52 - [0] ----D C:\ProgramData\䖰3䉠30
O43 - CFD: 27/12/2012 - 22:27:44 - [0] ----D C:\ProgramData\䘘%䋈%0
O43 - CFD: 7/01/2013 - 14:22:00 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 3/01/2013 - 14:18:14 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 14/01/2013 - 14:47:59 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 9/01/2013 - 19:44:01 - [0] ----D C:\ProgramData\䘘Ð䋈Ð0
O43 - CFD: 7/01/2013 - 20:52:18 - [0] ----D C:\ProgramData\䘘þ䋈þ0
O43 - CFD: 10/01/2013 - 15:57:21 - [0] ----D C:\ProgramData\䘘Ƴ䋈Ƴ0
O43 - CFD: 13/01/2013 - 0:19:42 - [0] ----D C:\ProgramData\䘘ƶ䋈ƶ0
O43 - CFD: 19/01/2013 - 19:45:06 - [0] ----D C:\ProgramData\䘘ƽ䋈ƽ0
O43 - CFD: 2/01/2013 - 18:02:49 - [0] ----D C:\ProgramData\䘘lj䋈lj0
O43 - CFD: 31/12/2012 - 21:07:43 - [0] ----D C:\ProgramData\䘘NJ䋈NJ0
O43 - CFD: 28/12/2012 - 9:04:11 - [0] ----D C:\ProgramData\䘘ǎ䋈ǎ0
O43 - CFD: 29/12/2012 - 21:22:20 - [0] ----D C:\ProgramData\䘘ǔ䋈ǔ0
O43 - CFD: 1/01/2013 - 3:32:45 - [0] ----D C:\ProgramData\䘘ǭ䋈ǭ0
O43 - CFD: 31/12/2012 - 16:48:13 - [0] ----D C:\ProgramData\䘘Ǵ䋈Ǵ0
O43 - CFD: 28/12/2012 - 15:30:21 - [0] ----D C:\ProgramData\䘘Ƕ䋈Ƕ0
O43 - CFD: 26/12/2012 - 14:02:52 - [0] ----D C:\ProgramData\䘘ǽ䋈ǽ0
O43 - CFD: 12/10/2009 - 14:00:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aqua Real
O43 - CFD: 23/04/2015 - 12:45:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
O43 - CFD: 5/04/2011 - 23:02:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caricature Studio Green 3.6
O43 - CFD: 25/04/2010 - 21:29:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceOnBody Pro
O43 - CFD: 27/05/2015 - 22:02:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISSE
O43 - CFD: 24/10/2009 - 23:18:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K!TV
O43 - CFD: 12/10/2009 - 18:21:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Satellite TV Pro
O43 - CFD: 5/02/2011 - 21:43:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise
O43 - CFD: 23/08/2009 - 0:33:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SATVOD
O43 - CFD: 2/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 9/10/2013 - 16:14:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TicTacPhoto
O43 - CFD: 18/11/2012 - 10:34:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcode 360
O43 - CFD: 27/09/2010 - 17:46:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Typ-Top 3.0
O43 - CFD: 10/10/2010 - 2:03:45 - [] ----D C:\Users\djfab\AppData\Roaming\FissaSearch =>PUP.OfferBox
O43 - CFD: 21/08/2010 - 18:33:38 - [] ----D C:\Users\djfab\AppData\Roaming\FUEL Demo
O43 - CFD: 26/05/2015 - 16:05:22 - [] ----D C:\Users\djfab\AppData\Roaming\Juce Audio Plugin Host
O43 - CFD: 13/03/2010 - 0:46:49 - [] -SH-D C:\Users\djfab\AppData\Roaming\lowsec
O43 - CFD: 18/07/2012 - 9:07:44 - [] ----D C:\Users\djfab\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 17/07/2014 - 10:22:23 - [] ----D C:\Users\djfab\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 24/03/2011 - 8:28:53 - [] ----D C:\Users\djfab\AppData\Roaming\PPStream
O43 - CFD: 21/08/2010 - 18:33:31 - [] ----D C:\Users\djfab\AppData\Local\AA3DeployClient
O43 - CFD: 21/08/2010 - 18:43:59 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Army Game
O43 - CFD: 21/08/2010 - 18:43:59 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceOnBody Pro
O43 - CFD: 20/01/2013 - 13:25:29 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV
O43 - CFD: 18/11/2012 - 10:34:44 - [0] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transcode 360
~ 788 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1367 Legitimates Filtered in 00mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D81B0AC3C57D98379B1EFFB5780A8AC4] - 13/05/2015 - 2:01:42 ---A- . (...) -- C:\Windows\msxml4-KB2758694-enu.LOG [266380]
O44 - LFC:[MD5.9386EB52F1019AC3E248F6B786EBDBEC] - 27/05/2015 - 17:49:22 ---A- . (...) -- C:\aaw7boot.log [466682]
O44 - LFC:[MD5.3D22B13BB09CC057F89D7F4A6022FF70] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\LOCALDEVICE.INI [1531]
O44 - LFC:[MD5.DDF3A45B79D5E8AEA6583CDB18301D3D] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\LOCALSERVICE.INI [6510]
O44 - LFC:[MD5.7ED21EA254E683E442B52F2D83CFEBEB] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\bscs.ini [1006]
O44 - LFC:[MD5.93C79D048458C12B1ABAAD1C73D86DCF] - 27/05/2015 - 21:05:27 ---A- . (...) -- C:\Windows\System32\REMOTEDEVICE.INI [100]
~ Files: 55 Legitimates Filtered in 02mn 19s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{217f037c-baaa-11e4-950a-00235ae850c2}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
O51 - MPSK:{445e1c99-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{445e1cab-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{445e1cc0-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{4a3ca88f-c1af-11de-87c2-00235ae84c4d}\AutoRun\command. (...) -- F:\SETUP.exe (.not file.)
O51 - MPSK:{5a359921-15f2-11e1-a3db-0642884801a6}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{7c19e8a5-d261-11e3-820a-00235ae850c2}\AutoRun\command. (...) -- F:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{83693526-4542-11df-8226-00235ae84c4d}\AutoRun\command. (...) -- G:\USBAutoRun.exe (.not file.)
O51 - MPSK:{c6ee2aab-5e92-11e3-850c-00235ae850c2}\AutoRun\command. (...) -- F:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:7/12/2008 - 12:44:54 ---A- . (...) -- C:\Windows\System32\Drivers\btnetBus.sys [30088]
O58 - SDL:21/01/2008 - 3:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:1/09/2011 - 18:05:41 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:10/04/2012 - 9:18:00 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [258384]
O58 - SDL:10/04/2012 - 9:18:00 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [194384]
O58 - SDL:10/04/2012 - 9:17:58 ---A- . (.© Guillemot R&D, 2010. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [35152]
O58 - SDL:10/04/2012 - 9:17:56 ---A- . (.© Guillemot R&D, 2011. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [221520]
O58 - SDL:2/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:2/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:9/10/2008 - 14:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:1/09/2011 - 18:05:41 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:5/06/2010 - 23:46:58 ---A- . (...) -- C:\Windows\System32\Drivers\PnkBstrK.sys [137544]
O58 - SDL:17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:4/06/2013 - 9:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [84248]
O58 - SDL:21/01/2008 - 3:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:2/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:21/01/2008 - 3:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:28/09/2012 - 10:32:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [44544]
O58 - SDL:24/04/2014 - 11:31:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys [55224] =>PUP.LinkiDoo
O58 - SDL:2/11/2006 - 8:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2/11/2006 - 8:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:3/04/1996 - 20:33:26 ---A- . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:2/11/2006 - 8:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2/11/2006 - 8:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2/11/2006 - 8:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2/11/2006 - 8:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2/11/2006 - 8:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2/11/2006 - 8:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2/11/2006 - 8:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2/11/2006 - 8:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2/11/2006 - 8:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2/11/2006 - 8:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2/11/2006 - 8:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:24/09/2006 - 14:28:46 ---A- . (.Windows (R) 2000 DDK provider - SpeedFan Device Driver.) -- C:\Windows\System32\speedfan.sys [5248]
~ Drivers: 130 Legitimates Filtered in 00mn 12s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 17/06/2010 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 26/08/2009 - C:\Windows\system32\Drivers\NIS\1007020.00B\SYMNDISV.sys (SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys ({ef8714df-a44b-464c-9034-549a70dc4cd7}Gt) .(.StdLib - StdLib.) - LEGACY_{EF8714DF-A44B-464C-9034-549A70DC4CD7}GT =>PUP.LinkiDoo
~ Legacy: 102 Legitimates Filtered in 00mn 18s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (SafeFinder Search) - http://feed.safefinder.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {66B8C229-DD6C-4BF0-924E-B83DCD11F1E5} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {AF5022AA-6EFB-45D8-997C-FEC005D661D6} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {b41306c6-96d0-442a-bcc4-b0f621e82ce9} - (Fissa) - http://www.fissa.com =>PUP.OfferBox
O69 - SBI: SearchScopes [HKCU] {BBFC2657-F3E0-4179-AA2F-6A6B0FEFCE77} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>PUP.uTorrentBar
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.DA3FF9AA253B2BE92730D27241045FD5] [SPRF][21/08/2010] (...) -- C:\ProgramData\7E496C5703.sys [168]
[MD5.5424BEF06FEBBE974E36E492C8C404F3] [SPRF][19/08/2014] (...) -- C:\ProgramData\KGyGaAvL.sys [8456]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][2/01/1601] (...) -- C:\ProgramData\roma1.exe [27361403]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][2/01/1601] (...) -- C:\Users\djfab\AppData\Roaming\consolep.dll [120832]
[MD5.069B93A5E079F700BAE7CAC0242BE5F6] [SPRF][20/08/2009] (...) -- C:\Users\djfab\AppData\Roaming\PnkBstrK.sys [139152]
[MD5.B5C0DDEC4BBF3E775D265115542F248F] [SPRF][4/05/2012] (...) -- C:\Users\djfab\AppData\Roaming\wklnhst.dat [366]
[MD5.72CAB2AD4D3E2822E4B3268383D67338] [SPRF][10/03/2007] (...) -- C:\Users\djfab\Desktop\ffmpeg.exe [2640384]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{42053CEF-C972-47AE-9ECB-1D1D7B529510}C:\program files\fluendo\moovida\moovida.exe" | In - Public - P6 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "UDP Query User{BA9E8E81-8CBF-43A4-9FEC-0FBEF656EC90}C:\program files\fluendo\moovida\moovida.exe" | In - Public - P17 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "TCP Query User{5C15630B-D58C-439A-9541-7A58266CBE92}C:\program files\fluendo\moovida\moovida.exe" | In - Private - P6 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "UDP Query User{18884135-6325-421A-9110-4D2CED5FB9C3}C:\program files\fluendo\moovida\moovida.exe" | In - Private - P17 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "{F9513718-DE37-408D-9465-BF5299B1C928}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4A8EF66F-5211-4000-9D48-62C0CE8B2356}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 6 Legitimates Filtered in 00mn 09s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "FCCEBB79DF1B0104D8B4FE9C3ECCEEFC" . (.Driver Whiz.) -- C:\Windows\Installer\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}\ARPPRODUCTICON.exe =>PUP.DriverWhiz
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5b6dfdbe23fea48\2.6.1339.144\upd]:="upd=1" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\2.6.1519.190\upd]:="upd=1" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:version="2.3.762.17" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:dllName="pcpmngr.dll" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:exeName="pcpmngr.exe" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:serviceName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:dllName="pcpmngr.dll" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:exeName="pcpmngr.exe" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:serviceName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:version="2.5.911.18" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:version="2.5.976.107" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:version="2.6.1123.78" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon^
[HKCU\Software\5b6dfdbe23fea48]:version="2.6.1519.190" =>PUP.Babylon
[HKLM\Software\5b6dfdbe23fea48]:version="2.6.1519.190" =>PUP.Babylon
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.8EC00EF00409DEDE288DC979D51FFBD9] [WIS][19/09/2010] (.Secure Digital Services - Moovida, your choice for faster, easier downloading!.) -- C:\Windows\Installer\11a175f.msi [2522624] =>Adware.SPointer
[MD5.1CF681FFA7BB03A7890406A08093CE81] [WIS][16/07/2014] (.Linkury Ltd. - SafeFinder Smartbar.) -- C:\Windows\Installer\207100.msi [2020864] =>Hijacker.SmartBar
[MD5.2C65B633B364E715781C0BF4C4FE224C] [WIS][16/07/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\207106.msi [463872] =>Adware.IncrediBar
[MD5.8D25D1DC6FED82B0DBC1A491E745AC44] [WIS][20/02/2011] (.Driver Whiz - Driver Whiz.) -- C:\Windows\Installer\cbe180.msi [2443264] =>PUP.DriverWhiz
~ WIS: 4 Legitimates Filtered in 00mn 33s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SafeFinder SmartbarEngine) =>Hijacker.SmartBar
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (SafeFinder Smartbar) =>Hijacker.SmartBar
[HKCR\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] (Interest recogniser for Moovida (powered by Spointer)) =>Adware.SPointer
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit
~ BCK: 7611 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 26/05/2015 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Auto 19/05/2015 825856 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
SS - | Auto 19/05/2015 1186040 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 20/03/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 15/07/2014 9216 | (FreemakeVideoCapture) . (.Ellora Assets Corp..) - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
SS - | Demand 20/03/2009 30192 | (GoogleDesktopManager-092308-165331) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 19/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 21/01/2008 21504 | C:\Windows\system32\XAudio32.dll (HsfXAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\svchost.exe
SS - | Demand 24/01/2011 310640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Auto 1/09/2011 234496 | (Mobistar Internet Everywhere. RunOuc) . (...) - C:\Program Files\Mobistar Internet Everywhere\UpdateDog\ouc.exe
SS - | Demand 18/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 9/03/2011 3857408 | (NIHardwareService) . (.Native Instruments GmbH.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
SS - | Auto 22/07/1658 0 | (NMSAccessU) . (...) - C:\Users\djfab\AppData\Local\Temp\{9166850E-B40E-4709-8364-823374B3053F}\NMSAccessU.exe
SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 8/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/05/2015 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 19/05/2015 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 10/04/2015 205104 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 20/04/2009 840192 | (BlueSoleilCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 27/02/2009 98407 | (BsHelpCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
SR - | Auto 27/02/2009 143467 | (BsMobileCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
SR - | Auto 1/03/2009 567848 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/04/2012 16896 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.exe
SR - | Auto 16/11/2010 264704 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 13/06/2011 1036104 | (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SR - | Auto 15/07/2014 786256 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 26/08/2009 117640 | (Norton Internet Security) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
SR - | Auto 10/03/2009 44800 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SR - | Auto 20/08/2009 75064 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 7/02/2014 5093216 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 31s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (25/05/2015)
Clés trouvées (Keys found) : 202
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 18
Fichiers trouvés (Files found) : 32
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2A7BD67-0EAF-497F-B05B-748D7BF3C421}] =>Adware.SPointer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fissa] =>PUP.OfferBox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}] =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{77236F9C-987C-40EC-832B-5BD6181E4846}] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\maucampo] =>PUP.Maucampo^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{58EFBE9C-4621-4d79-90E7-8BEE265CA951}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DB24F50-8C65-4772-9844-47FE8701BE57}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] =>Hijacker.Agent
[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}] =>PUP.OfferBox
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}] =>Adware.ShopperReports
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKLM\Software\Classes\CLSID\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}] =>PUP.OfferBox
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fissa] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep] =>Adware.PricePeep
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\Conduit.Engine] =>PUP.Conduit
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\recherche avec cherche.us] =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec search-web] =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\handle] =>Malware.Trace
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>PUP.Conduit
[HKLM\Software\Softonic] =>PUP.Conduit
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\XML] =>Trojan.FakeAlert
[HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}] =>PUP.Conduit
[HKLM\Software\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>PUP.Conduit
[HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\softonic] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox
[HKLM\Software\Google\Chrome\Extensions\kngejcchcedjdemdaeneneeahmjnpaec] =>Adware.SPointer
[HKCU\Software\Microsoft\Installer\Features\112C48061A10E464790A9077E221B205] =>Adware.SPointer
[HKCU\Software\Microsoft\Installer\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKLM\Software\Classes\CLSID\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}] =>PUP.Babylon
[HKLM\Software\Classes\Moovida.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.Spointer.1] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerWebDisp.1] =>Adware.SPointer
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.TBSB00808] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.TBSB00808.3] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB00808] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB00808.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2612669] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{5018CFD2-804D-4C99-9F81-25EAEA2769DE} =>Toolbar.Conduit^
[HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow]:*.chat-land.org =>Hijacker.ChercheUS
C:\Program Files\Fluendo =>Adware.SPointer^
C:\Program Files\Softonic =>Toolbar.Conduit^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\Users\djfab\AppData\Roaming\FissaSearch =>PUP.OfferBox^
C:\Users\djfab\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\djfab\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV^
C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent
C:\Program Files\SearchProtect =>PUP.Conduit
C:\Program Files\Freecorder 6 =>Toolbar.Freecorder
C:\Users\djfab\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
C:\Users\djfab\AppData\Local\moovida air =>Adware.SPointer
C:\Users\djfab\AppData\Local\SearchProtect =>PUP.Conduit
C:\Users\djfab\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\djfab\AppData\LocalLow\Conduit =>PUP.Conduit
C:\Users\djfab\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\djfab\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\djfab\AppData\LocalLow\Toolbar4 =>PUP.Conduit
C:\Windows\Tasks\PC Performer_DEFAULT.job =>PUP.PCPerformer^
C:\Windows\System32\Tasks\PC Performer_DEFAULT =>PUP.PCPerformer^
C:\Windows\Tasks\PC Performer_UPDATES.job =>PUP.PCPerformer^
C:\Windows\System32\Tasks\PC Performer_UPDATES =>PUP.PCPerformer^
C:\Windows\Tasks\Registry Reviver-djfab-Startup.job =>PUP.RegistryReviver^
C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup =>PUP.RegistryReviver^
C:\Windows\Tasks\Registry Reviver-djfab-Startup.job job [486] =>PUP.RegistryReviver^
C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup Reviver [486] =>PUP.RegistryReviver^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\maucampo] =>PUP.Maucampo^
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp^
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon^
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager" =>PUP.PCPerformer^
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager" =>PUP.PCPerformer^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon^^
C:\Windows\Installer\11a175f.msi =>Adware.SPointer^
C:\Windows\Installer\207100.msi =>Hijacker.SmartBar^
C:\Windows\Installer\207106.msi =>Adware.IncrediBar^
C:\Windows\Installer\cbe180.msi =>PUP.DriverWhiz^
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider^
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SafeFinder SmartbarEngine) =>Hijacker.SmartBar^
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit^
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (SafeFinder Smartbar) =>Hijacker.SmartBar^
[HKCR\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] (Interest recogniser for Moovida (powered by Spointer)) =>Adware.SPointer^
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit^
~ Additionnel Scan: 592332 Items scanned in 02mn 50s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem
http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-spointer =>Adware.SPointer
http://www.nicolascoolman.fr/blog/ =>Hijacker.ChercheUS
http://www.nicolascoolman.fr/blog/ =>Adware.PricePeep
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
http://www.nicolascoolman.fr/blog/ =>PUP.PCPerformer
http://www.nicolascoolman.fr/blog/ =>PUP.RegistryReviver
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/pup-maucampo =>PUP.Maucampo
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-filescout =>PUP.FileScout
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/adware-installbrain =>Adware.InstallBrain
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/hijacker-torntv =>Hijacker.TornTV
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://www.nicolascoolman.fr/blog/ =>PUP.uTorrentBar
http://www.nicolascoolman.fr/blog/ =>PUP.DriverWhiz
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/adware-recordnrip =>Adware.RecordNRip
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/adware-iwinarcade =>Adware.iWinArcade
http://www.nicolascoolman.fr/blog/ =>Adware.ShopperReports
http://www.nicolascoolman.fr/blog/ =>Adware.BHO
http://www.nicolascoolman.fr/blog/ =>Hijacker.Agent
http://www.nicolascoolman.fr/blog/ =>Hijacker.Seeearch
http://nicolascoolman.fr/pup-bearshare =>PUP.BearShare
http://nicolascoolman.fr/adware-bullseyetoolbar =>Adware.BullseyeToolbar
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://www.nicolascoolman.fr/blog/ =>Malware.Trace
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://www.nicolascoolman.fr/blog/ =>Trojan.FakeAlert
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freemake
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freecorder
~ MSI: 45 link(s) detected in 00mn 00s
~ 2467 Legitimates filtered by white list
End of the scan (1096 lines in 09mn 47s)(0.4)
~ Lancé par djfab (27/05/2015 23:39:56)
~ Facebook : https://www.facebook.com/nicolascoolman1
~ Adresse du Forum http://forum.nicolascoolman.fr
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 38.0.1 (Defaut)
---\\ Informations sur les produits Windows
~ Langage: Français
Windows Server License Manager Script : OK
Windows Automatic Updates : OK
Windows Vista (TM) Home Premium, 32-bit Service Pack 2 (Build 6002)
---\\ Logiciels de protection du système
Avira Antivirus v15.0.10.434
Norton Internet Security v16.0.0.125
Ad-Aware v8.0.0
Spybot - Search & Destroy v1.6.2
---\\ Logiciels d'optimisation du système
Uniblue RegistryBooster 2010 =>PUP.UniblueSystem
---\\ Logiciels de partage PeerToPeer
eMule
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 15
---\\ Informations sur le système
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3001.0 MB (54% free)
System Restore: Activé (Enable)
System drive C: has 9 GB (3%) free of 285 GB
---\\ Mode de connexion au système
~ Computer Name: PC-DE-DJFAB
~ User Name: djfab
~ All Users Names: Mcx2, Mcx1, djfab, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\djfab\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\djfab\AppData\Roaming\
~ %Desktop% : C:\Users\djfab\Desktop\
~ %Favorites% : C:\Users\djfab\Favorites\
~ %LocalAppData% : C:\Users\djfab\AppData\Local\
~ %StartMenu% : C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 9 Go of 285 Go)
D: Hard drive, Flash drive, Thumb drive (Free 150 Go of 298 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
~ Security Center: 50 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 7:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 3:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.E38E89A0939A42F5EE4292DFC48772DF] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.10/04/2015 - 16:20:33.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 7:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.F5272A105F59A7B3B345D9D6D87DA7AD] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.30/05/2014 - 7:53:22.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 7:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 3:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 5:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 5:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 3:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 3:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 5:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.3/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.2/11/2006 - 9:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 3:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 3:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 5:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 5:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 02s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/334
~ Mes musiques (My Musics) : 2/66
~ Mes Videos (My Videos) : 2/505
~ Mes Favoris (My Favorites) : 2/40
~ Mes Documents (My Documents) : 10/5628
~ Mon Bureau (My Desktop) : 3/7174
~ Menu demarrer (Programs) : 2/193
~ Hidden Files: Scanned in 00mn 20s
---\\ Processus lancés
[MD5.225AE3D9743FEC8D3EF5FF4BA8E438A5] - (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [250624] [PID.2724]
[MD5.06602AAC468BFACD8E5344DB0AE3DDD3] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) -- C:\ProgramData\DatacardService\DCSHelper.exe [230912] [PID.3004]
[MD5.D394ADF0EEE713FAFD13A8442BA6643B] - (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe [862728] [PID.4160]
[MD5.1ABF80D4F4941ECEE600AEC768173523] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824] [PID.4312]
[MD5.B895C862BC32F6D65892D7C7FF5B3F78] - (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe [528832] [PID.4332]
[MD5.C6D66F41719F960AF023DDC6529C5FE6] - (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576] [PID.4404]
[MD5.048EA4B978851788E9F5E8E4F081DF7A] - (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904] [PID.4712]
[MD5.66177D4C99FD8B578C7C56DE445E4D5D] - (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [728312] [PID.4720]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.4788]
[MD5.D609E6A55C2D2637CE8FD168E861963D] - (.Pas de propriétaire - BlueSoleil Bttray.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe [315478] [PID.4848]
[MD5.2C1B1E9174D94E9F6EE3CF373ABAB7DD] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [137752] [PID.4896]
[MD5.87D78CF6365BDDACBE9D34B60FE0E23B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [171032] [PID.4924]
[MD5.89D3DE5E2C77DCD99C56F0E46310AEA0] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [172568] [PID.4948]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.4984]
[MD5.71A842E0118389F0F7F37E686FA7BFEF] - (.Intel Corporation - igfxext Module.) -- C:\Windows\system32\igfxext.exe [179224] [PID.4996]
[MD5.51E2B4E4A054F89EDCB7B821ADFA8FE5] - (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe [2859077] [PID.5036]
[MD5.C84933011F01A3C9F8133B1EC157376D] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1103768] [PID.5068]
[MD5.4B555106290BD117334E9A08761C035A] - (...) -- ystem32\rundll32.exe [0] [PID.5112]
[MD5.5E350C463EE596321C79CF23ADA56E7A] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe [267800] [PID.5192]
[MD5.254AC97C9AF4DDF3F5F57855198527B7] - (.Microsoft Corporation - Windows Problem Reporting.) -- C:\Windows\system32\wermgr.exe [56320] [PID.3144]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1092]
[MD5.A097F470DB5D1B09CAD8C177C72FB267] - (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe [130048] [PID.3100]
[MD5.F92871A389230747AC6348C64D41AD57] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.4484]
[MD5.F6B0935B23E3C5B54DF33D3C180CA063] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [8211968] [PID.6148]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1336]
[MD5.193146149076B331C008C1C0AF6FA5B9] - (.Lavasoft - Ad-Aware Service Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1036104] [PID.1732]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [434424] [PID.1860]
[MD5.E8FE4FCE23D2809BD88BCC1D0F8408CE] - (...) -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [124832] [PID.372]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.528]
[MD5.EC705D6ED3A7F3D9AE42F6239707D9FE] - (.Avira Operations GmbH & Co. KG - Antivirus Host Framework Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [434424] [PID.564]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.588]
[MD5.9958F306483FF46AB93FE1904C12F060] - (.Pas de propriétaire - BlueSoleilCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [840192] [PID.1076]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1524]
[MD5.881C86C4B8F2359318E0E6D7EC844D13] - (.Pas de propriétaire - BsMobileCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [143467] [PID.1644]
[MD5.FE7FCACE3678200AE202EB29C9B6A8E8] - (.Broadcom Corporation. - Bluetooth Support Server.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [567848] [PID.1444]
[MD5.93EF4DD10E81915C9D92D0040B78988F] - (.Hercules® - Hercules® Install Service.) -- C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.exe [16896] [PID.2768]
[MD5.E956C0614367D4106A4411F151D494A5] - (.Pas de propriétaire - DCSHOST.) -- C:\ProgramData\DatacardService\HWDeviceService.exe [264704] [PID.2900]
[MD5.0AF74CD12F12F3DCAB26C1F5C09AB79A] - (...) -- C:\ProgramData\Mobistar Internet Everywhere\OnlineUpdate\ouc.exe [234496] [PID.3052]
[MD5.988CDC4DAE2186F3A5ED6EE7D3E6B5CA] - (.Nero AG - NeroUpdate.) -- C:\Program Files\Nero\Update\NASvc.exe [786256] [PID.3072]
[MD5.EE215321E83BE72AB77B6627FD149EAE] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe [117640] [PID.3128]
[MD5.952BF6DFC96E3E94D1D88FD0B78EC443] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [44800] [PID.3364]
[MD5.A1DD33D16F277CE34124EE52AB2C0F14] - (...) -- C:\Windows\system32\PnkBstrA.exe [75064] [PID.3440]
[MD5.A6A7AD767BF5141665F5C675F671B3E1] - (.Protexis Inc. - PsiService PsiService.) -- C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.3512]
[MD5.775A7C4B689C0F112A12AD62064E57D1] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe [5093216] [PID.3652]
[MD5.A33384A5CA1CE308ABF16815AFE1873D] - (.Avira Operations GmbH & Co. KG - Avira.OE.ServiceHost.) -- C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe [205104] [PID.3960]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.1360]
[MD5.E783984459E2992DCEBD32ADBDE28EE1] - (.Avira Operations GmbH & Co. KG - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [428336] [PID.2860]
[MD5.0A22897FC9C4FF67E4FE2FE39CF8BFC2] - (.Pas de propriétaire - BsHelpCS Module.) -- C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [98407] [PID.2368]
[MD5.51508F0C2476177E50C31B0BBFBF1BDB] - (.Google Inc. - Programme d'installation de Google.) -- C:\Program Files\Google\Update\GoogleUpdate.exe [107912] [PID.3256]
[MD5.8715A0D10CFFC8DEE923957F07DAA042] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files\Google\Update\1.3.27.5\GoogleCrashHandler.exe [244040] [PID.4800]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553440] [PID.5348]
[MD5.C108DC20ACE05072350DBB6934E277FB] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [772296] [PID.5120]
[MD5.5DAF7081A4BB112FA3F1915819330A3E] - (...) -- C:\Program Files\ZHPDiag\pv.exe [61440] [PID.0]
~ Processes Running: Scanned in 00mn 05s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\browser\searchplugins\ddg.xml
~ Firefox Browser: 69 Legitimates Filtered in 00mn 03s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com =>Hijacker.TroviCom
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.search-web.net
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchUrl,Default = http://feed.safefinder.com =>Hijacker.SmartBar
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = http://search.softonic.com =>Toolbar.Conduit
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\System32\Userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hôte est sain (The hosts file is clean) (15330)
~ Hosts File: Scanned in 00mn 13s
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Interest recogniser for Moovida (powered by Spointer) - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} . (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll =>Adware.SPointer
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.5.21.0\bh\Softonic.dll =>Toolbar.Conduit
O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} . (...) -- mscoree.dll (.not file.)
O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} . (.Pas de propriétaire - Internet Explorer Toolbar Engine.) -- C:\Program Files\Freecorder 6\tbcore3.dll
~ BHO: 30 Legitimates Filtered in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Norton Toolbar - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O3 - Toolbar: Softonic Toolbar - [HKLM]{5018CFD2-804D-4C99-9F81-25EAEA2769DE} . (.Softonic.com - Pas de description.) -- C:\Program Files\Softonic\Softonic\1.5.21.0\SoftonicTlbr.dll =>Toolbar.Conduit
O3 - Toolbar: Freecorder 6 - [HKLM]{6B34ACCF-1B63-4E1A-8633-461917C75544} . (.Pas de propriétaire - Internet Explorer Toolbar Engine.) -- C:\Program Files\Freecorder 6\tbcore3.dll
O3 - Toolbar: SafeFinder Smartbar - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>Hijacker.SmartBar
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [djfab]: Search.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://feed.safefinder.com =>Hijacker.SmartBar
O4 - GS\QuickLaunch [djfab]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - GS\Program [djfab]: Chat-Land messenger.lnk . (...) -- C:\Users\djfab\chat-land\Chat-Landmessenger.exe (.not file.) =>Hijacker.ChercheUS
O4 - GS\Program [djfab]: Moovida.lnk . (.Fluendo Embedded - Moovida.) -- C:\Program Files\Fluendo\Moovida\Moovida.exe =>Adware.SPointer
O4 - GS\Program [djfab]: Search.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe http://feed.safefinder.com =>Hijacker.SmartBar
O4 - GS\Desktop [djfab]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 10 Legitimates Filtered in 00mn 10s
---\\ Applications lancées au démarrage du système (O4)
O4 - GS\Startup [djfab]: PricePeepUpdater.lnk . (...) -- C:\Program Files\PricePeep\PricePeepUpdater.exe (.not file.) =>Adware.PricePeep
O4 - HKLM\..\Run: [BackupManagerTray] . (.NewTech Infosystems, Inc. - Packard Bell MyBackup.) -- C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Ad-Watch] . (.Lavasoft - Ad-Aware Tray Application.) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [Smart File Advisor] . (.Filefacts.net - Smart File Advisor.) -- C:\Program Files\Smart File Advisor\sfa.exe
O4 - HKLM\..\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Run: [Hercules DJ Series] . (.Hercules® - DJ Series Control Panel.) -- C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira system tray application.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (.not file.)
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe =>.Oracle Corporation
O4 - HKLM\..\Run: [Camera Assistant Software] . (.Chicony - traybar.) -- C:\Program Files\Video Web Camera\traybar.exe
O4 - HKLM\..\Run: [VideoWebCamera] . (.Suyin - Video Web Camera.) -- C:\Program Files\VideoWebCamera\VideoWebCamera.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Program Files\PLFSetI.exe (.not file.)
O4 - HKLM\..\Run: [BtTray] . (.Pas de propriétaire - BlueSoleil Bttray.) -- C:\Program Files\IVT Corporation\BlueSoleil\BtTray.exe
O4 - HKLM\..\Run: [Avira Systray] . (.Avira Operations GmbH & Co. KG - Avira.) -- C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSSMSGS] rundll32.exe wincqh32.rom,SqfWSBS
O4 - HKCU\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKCU\..\Run: [fsm] Clé orpheline
O4 - HKCU\..\Run: [Odimoze] C:\Users\djfab\AppData\Local\KBDAMO.dll (.not file.)
O4 - HKCU\..\Run: [tempHome] C:\Users\djfab\AppData\Local\Temp\racourci.vbe (.not file.)
O4 - HKCU\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (.not file.)
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [WVXM] rundll32 "C:\Users\djfab\AppData\Roaming\consolep.dll (.not file.)
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
O4 - HKUS\.DEFAULT\..\RunOnce: [AutoLaunch] . (...) -- C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [AutoLaunch] . (...) -- C:\Program Files\Lavasoft\Ad-Aware\AutoLaunch.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [MSSMSGS] rundll32.exe wincqh32.rom,SqfWSBS
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [fsm] Clé orpheline
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Odimoze] C:\Users\djfab\AppData\Local\KBDAMO.dll (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [tempHome] C:\Users\djfab\AppData\Local\Temp\racourci.vbe (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [beid] C:\Program Files\Belgium Identity Card\beid35gui.exe (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\djfab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [WVXM] rundll32 "C:\Users\djfab\AppData\Roaming\consolep.dll (.not file.)
O4 - HKUS\S-1-5-21-680995046-3818340617-2404836911-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} . (.Microsoft Corporation - Synchronisation des favoris ActiveSync.) -- C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -- Clé orpheline
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org =>Hijacker.ChercheUS
O15 - Trusted Zone: [HKCU\...\Domains] *.search-web.net
~ IE Zone Confiance: Scanned in 00mn 03s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{9A82FBE3-4127-47DF-8B08-872D2A34C6BA}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Mobistar Internet Everywhere. OUC (Mobistar Internet Everywhere. RunOuc) . (...) - C:\Program Files\Mobistar Internet Everywhere\UpdateDog\ouc.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Users\djfab\AppData\Local\Temp\{9166850E-B40E-4709-8364-823374B3053F}\NMSAccessU.exe (.not file.)
~ Services: 26 Legitimates Filtered in 00mn 14s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (lsdelete) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Ad-Aware Update (Weekly) [512]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\Tasks\AutoKMS.job [264] =>Hacktool.AutoKMS
O39 - APT: - (..) -- C:\Windows\System32\Tasks\AutoKMS [264] =>Hacktool.AutoKMS
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1054]
O39 - APT: - (..) -- C:\Windows\Tasks\PC Performer_DEFAULT.job [264] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PC Performer_DEFAULT [264] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\Tasks\PC Performer_UPDATES.job [272] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\System32\Tasks\PC Performer_UPDATES [272] =>PUP.PCPerformer
O39 - APT: - (..) -- C:\Windows\Tasks\Registry Reviver-djfab-Startup.job [378] =>PUP.RegistryReviver
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup [378] =>PUP.RegistryReviver
O39 - APT: APT: - (..) -- C:\Windows\Tasks\Registry Reviver-djfab-Startup.job [378] - (..) -- C:\Windows\Tasks\Registry Reviver.job [486] =>PUP.RegistryReviver
O39 - APT: APT: - (..) -- C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup [378] - (..) -- C:\Windows\System32\Tasks\Registry Reviver [486] =>PUP.RegistryReviver
O39 - APT: - (..) -- C:\Windows\System32\Tasks\User_Feed_Synchronization-{10744EBC-429E-45B0-B879-2A91C3D24C2B} [432]
~ Scheduled Task: 14 Legitimates Filtered in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: (enqtyspe) . (. - .) - C:\Windows\system32\drivers\enqtyspe.sys (.not file.)
O41 - Driver: ({ef8714df-a44b-464c-9034-549a70dc4cd7}Gt) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys =>PUP.LinkiDoo
O41 - Driver: (gasfkybdmleyex) . (. - .) - C:\Windows\system32\drivers\gasfkyfvpciovp.sys (.not file.)
~ Drivers: 134 Legitimates Filtered in 00mn 42s
---\\ Logiciels installés (O42)
O42 - Logiciel: 3GP Video Converter 3 - (.Xilisoft.) [HKLM] -- 3GP Video Converter 3
O42 - Logiciel: AA3Deploy - (.Army Game.) [HKCU] -- 2a4f70b48f669acd
O42 - Logiciel: Aqua Real - (...) [HKLM] -- {1E66C7FF-F827-4AEF-A998-932EA824998B}
O42 - Logiciel: FaceOnBody Pro v 2.4 - (...) [HKLM] -- FaceOnBody Pro v 2.4
O42 - Logiciel: Fissa - (.Secure Digital Services.) [HKLM] -- Fissa =>PUP.OfferBox
O42 - Logiciel: Freez FLV to AVI/MPEG/WMV Converter - (.www.smallvideosoft.com.) [HKLM] -- Freez FLV to AVI/MPEG/WMV Converter 1.5_is1
O42 - Logiciel: ISSE version 0.2.0 - (.CCRMA, Stanford University.) [HKLM] -- {9330BAEC-6E26-4C5B-93A1-8BDD9ACF231B}_is1
O42 - Logiciel: LPT System Updater Service - (.LPT.) [HKLM] -- {BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24} =>Adware.IncrediBar
O42 - Logiciel: PC Satellite TV Pro - (...) [HKLM] -- PC Satellite TV Pro
O42 - Logiciel: SafeFinder Smartbar - (.Linkury Ltd..) [HKLM] -- {877D0E59-6CBD-43C6-966F-1F4BA343AEEC} =>Hijacker.SmartBar
O42 - Logiciel: TicTacPhoto - (...) [HKLM] -- TicTacPhoto
O42 - Logiciel: Transcode 360 for Windows Vista - (.Albert Griscti-Soler.) [HKLM] -- Transcode360
O42 - Logiciel: Typ-Top 3.0 - (.Uitgeverij De Boeck.) [HKLM] -- Typ-Top 3.0_is1
O42 - Logiciel: WebPlayerV2 - (.Kreapixel.) [HKLM] -- {77236F9C-987C-40EC-832B-5BD6181E4846} =>Adware.SocialSkinz
O42 - Logiciel: maucampo - (.maucampo.) [HKLM] -- maucampo =>PUP.Maucampo
~ Logic: 37 Legitimates Filtered in 00mn 02s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon
[HKCU\Software\8.1]
[HKCU\Software\Cfrliyepp]
[HKCU\Software\Condut]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Karaoke-DX]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\ScriptEd]
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Typ-Top]
[HKCU\Software\XML]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\maucampo] =>PUP.Maucampo
[HKLM\Software\5b6dfdbe23fea48] =>PUP.Babylon
[HKLM\Software\Cosmi]
[HKLM\Software\FaceOnBody]
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp
[HKLM\Software\Typ-Top]
~ Key Software: 735 Legitimates Filtered in 00mn 02s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/04/2015 - 12:44:35 - [] ----D C:\Program Files\BeID Minidriver
O43 - CFD: 5/04/2011 - 23:02:22 - [] ----D C:\Program Files\Caricature Studio Green 3.6
O43 - CFD: 3/10/2010 - 11:59:52 - [] ----D C:\Program Files\FaceOnBody Pro
O43 - CFD: 1/12/2010 - 2:27:28 - [] ----D C:\Program Files\Fluendo =>Adware.SPointer
O43 - CFD: 11/12/2012 - 21:26:23 - [] ----D C:\Program Files\Freecorder Toolbar
O43 - CFD: 27/05/2015 - 22:02:10 - [] ----D C:\Program Files\ISSE
O43 - CFD: 7/08/2010 - 21:54:52 - [] ----D C:\Program Files\KaraokeDX
O43 - CFD: 23/08/2009 - 0:40:40 - [] ----D C:\Program Files\Live_TV
O43 - CFD: 12/05/2015 - 0:01:36 - [] ----D C:\Program Files\NJ
O43 - CFD: 21/11/2009 - 12:36:15 - [] ----D C:\Program Files\PC Satellite TV Pro
O43 - CFD: 23/08/2009 - 1:59:43 - [0] ----D C:\Program Files\SATVOD
O43 - CFD: 4/05/2012 - 16:31:18 - [] ----D C:\Program Files\Softonic =>Toolbar.Conduit
O43 - CFD: 9/10/2013 - 16:27:36 - [] ----D C:\Program Files\TicTacPhoto
O43 - CFD: 18/11/2012 - 10:34:44 - [] ----D C:\Program Files\Transcode360
O43 - CFD: 27/09/2010 - 17:46:36 - [] ----D C:\Program Files\Typ-Top 3.0
O43 - CFD: 20/08/2009 - 0:31:57 - [] ----D C:\Program Files\USArmy
O43 - CFD: 25/10/2010 - 23:22:18 - [] ----D C:\ProgramData\AA3DeployClient
O43 - CFD: 7/11/2010 - 13:14:24 - [] ----D C:\ProgramData\FaceOnBody
O43 - CFD: 4/12/2012 - 14:55:43 - [] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 19/05/2011 - 17:19:03 - [] --H-D C:\ProgramData\{2C41B757-F5D0-44F9-A206-EEB9CD973927}
O43 - CFD: 19/05/2011 - 17:39:32 - [] --H-D C:\ProgramData\{4A818508-3355-4FBC-B302-D53B599DD9D5}
O43 - CFD: 19/05/2011 - 17:26:10 - [] --H-D C:\ProgramData\{761E38B7-1182-40ED-8916-EAA5F384CFC7}
O43 - CFD: 23/08/2009 - 20:19:25 - [] --H-D C:\ProgramData\{83C91755-2546-441D-AC40-9A6B4B860800}
O43 - CFD: 19/05/2011 - 17:31:59 - [] --H-D C:\ProgramData\{8429ABAF-B3FC-4320-BD86-2F450040BB88}
O43 - CFD: 19/05/2011 - 17:18:23 - [] --H-D C:\ProgramData\{A6DB2A6F-FF9D-453F-99D6-C1AA54BC0C14}
O43 - CFD: 19/05/2011 - 17:30:07 - [] --H-D C:\ProgramData\{A7980E87-CCF8-4A63-95C5-FBF6773430E4}
O43 - CFD: 19/05/2011 - 17:33:42 - [] --H-D C:\ProgramData\{B519F32F-827C-40F0-8D31-289E18AFCBCC}
O43 - CFD: 19/05/2011 - 17:22:00 - [] --H-D C:\ProgramData\{C0C80074-EC49-4159-8610-C3471C7E6846}
O43 - CFD: 19/05/2011 - 17:28:12 - [] --H-D C:\ProgramData\{C563A71C-0CD1-48DB-BF21-E9663D577F6E}
O43 - CFD: 19/05/2011 - 17:24:08 - [] --H-D C:\ProgramData\{F1E1AF14-F91F-4ECF-B2AC-261F02221942}
O43 - CFD: 19/05/2011 - 17:19:29 - [] --H-D C:\ProgramData\{F9958806-3326-4B30-A9A3-D5B43C478842}
O43 - CFD: 25/12/2012 - 18:32:52 - [0] ----D C:\ProgramData\䖰3䉠30
O43 - CFD: 27/12/2012 - 22:27:44 - [0] ----D C:\ProgramData\䘘%䋈%0
O43 - CFD: 7/01/2013 - 14:22:00 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 3/01/2013 - 14:18:14 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 14/01/2013 - 14:47:59 - [0] ----D C:\ProgramData\䘘䋈0
O43 - CFD: 9/01/2013 - 19:44:01 - [0] ----D C:\ProgramData\䘘Ð䋈Ð0
O43 - CFD: 7/01/2013 - 20:52:18 - [0] ----D C:\ProgramData\䘘þ䋈þ0
O43 - CFD: 10/01/2013 - 15:57:21 - [0] ----D C:\ProgramData\䘘Ƴ䋈Ƴ0
O43 - CFD: 13/01/2013 - 0:19:42 - [0] ----D C:\ProgramData\䘘ƶ䋈ƶ0
O43 - CFD: 19/01/2013 - 19:45:06 - [0] ----D C:\ProgramData\䘘ƽ䋈ƽ0
O43 - CFD: 2/01/2013 - 18:02:49 - [0] ----D C:\ProgramData\䘘lj䋈lj0
O43 - CFD: 31/12/2012 - 21:07:43 - [0] ----D C:\ProgramData\䘘NJ䋈NJ0
O43 - CFD: 28/12/2012 - 9:04:11 - [0] ----D C:\ProgramData\䘘ǎ䋈ǎ0
O43 - CFD: 29/12/2012 - 21:22:20 - [0] ----D C:\ProgramData\䘘ǔ䋈ǔ0
O43 - CFD: 1/01/2013 - 3:32:45 - [0] ----D C:\ProgramData\䘘ǭ䋈ǭ0
O43 - CFD: 31/12/2012 - 16:48:13 - [0] ----D C:\ProgramData\䘘Ǵ䋈Ǵ0
O43 - CFD: 28/12/2012 - 15:30:21 - [0] ----D C:\ProgramData\䘘Ƕ䋈Ƕ0
O43 - CFD: 26/12/2012 - 14:02:52 - [0] ----D C:\ProgramData\䘘ǽ䋈ǽ0
O43 - CFD: 12/10/2009 - 14:00:42 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aqua Real
O43 - CFD: 23/04/2015 - 12:45:38 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID
O43 - CFD: 5/04/2011 - 23:02:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Caricature Studio Green 3.6
O43 - CFD: 25/04/2010 - 21:29:37 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceOnBody Pro
O43 - CFD: 27/05/2015 - 22:02:14 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISSE
O43 - CFD: 24/10/2009 - 23:18:23 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K!TV
O43 - CFD: 12/10/2009 - 18:21:30 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Satellite TV Pro
O43 - CFD: 5/02/2011 - 21:43:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Proxy Finder Enterprise
O43 - CFD: 23/08/2009 - 0:33:29 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SATVOD
O43 - CFD: 2/11/2006 - 14:37:34 - [] R-H-D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 9/10/2013 - 16:14:33 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TicTacPhoto
O43 - CFD: 18/11/2012 - 10:34:45 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transcode 360
O43 - CFD: 27/09/2010 - 17:46:16 - [] ----D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Typ-Top 3.0
O43 - CFD: 10/10/2010 - 2:03:45 - [] ----D C:\Users\djfab\AppData\Roaming\FissaSearch =>PUP.OfferBox
O43 - CFD: 21/08/2010 - 18:33:38 - [] ----D C:\Users\djfab\AppData\Roaming\FUEL Demo
O43 - CFD: 26/05/2015 - 16:05:22 - [] ----D C:\Users\djfab\AppData\Roaming\Juce Audio Plugin Host
O43 - CFD: 13/03/2010 - 0:46:49 - [] -SH-D C:\Users\djfab\AppData\Roaming\lowsec
O43 - CFD: 18/07/2012 - 9:07:44 - [] ----D C:\Users\djfab\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 17/07/2014 - 10:22:23 - [] ----D C:\Users\djfab\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 24/03/2011 - 8:28:53 - [] ----D C:\Users\djfab\AppData\Roaming\PPStream
O43 - CFD: 21/08/2010 - 18:33:31 - [] ----D C:\Users\djfab\AppData\Local\AA3DeployClient
O43 - CFD: 21/08/2010 - 18:43:59 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Army Game
O43 - CFD: 21/08/2010 - 18:43:59 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceOnBody Pro
O43 - CFD: 20/01/2013 - 13:25:29 - [] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV
O43 - CFD: 18/11/2012 - 10:34:44 - [0] ----D C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Transcode 360
~ 788 Dossier CLSID vide (CLSID Empty Folder)
~ Program Folder: 1367 Legitimates Filtered in 00mn 22s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.D81B0AC3C57D98379B1EFFB5780A8AC4] - 13/05/2015 - 2:01:42 ---A- . (...) -- C:\Windows\msxml4-KB2758694-enu.LOG [266380]
O44 - LFC:[MD5.9386EB52F1019AC3E248F6B786EBDBEC] - 27/05/2015 - 17:49:22 ---A- . (...) -- C:\aaw7boot.log [466682]
O44 - LFC:[MD5.3D22B13BB09CC057F89D7F4A6022FF70] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\LOCALDEVICE.INI [1531]
O44 - LFC:[MD5.DDF3A45B79D5E8AEA6583CDB18301D3D] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\LOCALSERVICE.INI [6510]
O44 - LFC:[MD5.7ED21EA254E683E442B52F2D83CFEBEB] - 27/05/2015 - 17:54:54 ---A- . (...) -- C:\Windows\System32\bscs.ini [1006]
O44 - LFC:[MD5.93C79D048458C12B1ABAAD1C73D86DCF] - 27/05/2015 - 21:05:27 ---A- . (...) -- C:\Windows\System32\REMOTEDEVICE.INI [100]
~ Files: 55 Legitimates Filtered in 02mn 19s
---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - EasyBits Security Shield Hook - prevents launching insecure programs by kids - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\system32\EZUPBH~1.DLL
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPSK) (O51)
O51 - MPSK:{217f037c-baaa-11e4-950a-00235ae850c2}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
O51 - MPSK:{445e1c99-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{445e1cab-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{445e1cc0-d4b2-11e0-82de-02c2884801a6}\AutoRun\command. (...) -- I:\AutoRun.exe (.not file.)
O51 - MPSK:{4a3ca88f-c1af-11de-87c2-00235ae84c4d}\AutoRun\command. (...) -- F:\SETUP.exe (.not file.)
O51 - MPSK:{5a359921-15f2-11e1-a3db-0642884801a6}\AutoRun\command. (...) -- H:\AutoRun.exe (.not file.)
O51 - MPSK:{7c19e8a5-d261-11e3-820a-00235ae850c2}\AutoRun\command. (...) -- F:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{83693526-4542-11df-8226-00235ae84c4d}\AutoRun\command. (...) -- G:\USBAutoRun.exe (.not file.)
O51 - MPSK:{c6ee2aab-5e92-11e3-850c-00235ae850c2}\AutoRun\command. (...) -- F:\HTC_Sync_Manager_PC.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 19 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLogoff"=0
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoClose"=0
~ MWPE Keys: 4 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:7/12/2008 - 12:44:54 ---A- . (...) -- C:\Windows\System32\Drivers\btnetBus.sys [30088]
O58 - SDL:21/01/2008 - 3:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [342584]
O58 - SDL:1/09/2011 - 18:05:41 ---A- . (.Huawei Tech. Co., Ltd. - HUAWEI USB Smart Card Driver.) -- C:\Windows\System32\Drivers\ewdcsc.sys [25856]
O58 - SDL:10/04/2012 - 9:18:00 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series ASIO kernel driver.) -- C:\Windows\System32\Drivers\HDJAsioK.sys [258384]
O58 - SDL:10/04/2012 - 9:18:00 ---A- . (.© Guillemot R&D, 2012. All rights reserved. - DJ Series Bulk driver.) -- C:\Windows\System32\Drivers\HDJBulk.sys [194384]
O58 - SDL:10/04/2012 - 9:17:58 ---A- . (.© Guillemot R&D, 2010. All rights reserved. - Hercules DJ Control MP3 Filter Driver.) -- C:\Windows\System32\Drivers\HDJCtrl.sys [35152]
O58 - SDL:10/04/2012 - 9:17:56 ---A- . (.© Guillemot R&D, 2011. All rights reserved. - DJ Series MIDI kernel driver.) -- C:\Windows\System32\Drivers\HDJMidi.sys [221520]
O58 - SDL:2/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\System32\Drivers\iteatapi.sys [35944]
O58 - SDL:2/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\System32\Drivers\iteraid.sys [35944]
O58 - SDL:9/10/2008 - 14:42:42 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [17408]
O58 - SDL:1/09/2011 - 18:05:41 ---A- . (.DiBcom SA - DiBcom AVSTREAM BDA driver.) -- C:\Windows\System32\Drivers\mod7700.sys [861696]
O58 - SDL:5/06/2010 - 23:46:58 ---A- . (...) -- C:\Windows\System32\Drivers\PnkBstrK.sys [137544]
O58 - SDL:17/06/2010 - 14:28:02 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\Drivers\ssmdrv.sys [28520]
O58 - SDL:4/06/2013 - 9:15:02 ---A- . (.DEVGURU Co., LTD.(www.devguru.co.kr) - SAMSUNG USB Composite Device Driver (MSS Ver.3).) -- C:\Windows\System32\Drivers\ssudbus.sys [84248]
O58 - SDL:21/01/2008 - 3:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\System32\Drivers\uliahci.sys [238648]
O58 - SDL:2/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\System32\Drivers\ulsata.sys [98408]
O58 - SDL:21/01/2008 - 3:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\System32\Drivers\ulsata2.sys [115816]
O58 - SDL:28/09/2012 - 10:32:56 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\System32\Drivers\usbaapl.sys [44544]
O58 - SDL:24/04/2014 - 11:31:58 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys [55224] =>PUP.LinkiDoo
O58 - SDL:2/11/2006 - 8:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
O58 - SDL:2/11/2006 - 8:09:45 ---A- . (...) -- C:\Windows\System32\country.sys [27097]
O58 - SDL:3/04/1996 - 20:33:26 ---A- . (...) -- C:\Windows\System32\giveio.sys [5248]
O58 - SDL:2/11/2006 - 8:09:41 ---A- . (...) -- C:\Windows\System32\HIMEM.SYS [4768]
O58 - SDL:2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\System32\KEY01.SYS [42809]
O58 - SDL:2/11/2006 - 8:09:44 ---A- . (...) -- C:\Windows\System32\KEYBOARD.SYS [42537]
O58 - SDL:2/11/2006 - 8:09:29 ---A- . (...) -- C:\Windows\System32\NTDOS.SYS [27866]
O58 - SDL:2/11/2006 - 8:09:35 ---A- . (...) -- C:\Windows\System32\NTDOS404.SYS [29146]
O58 - SDL:2/11/2006 - 8:09:38 ---A- . (...) -- C:\Windows\System32\NTDOS411.SYS [29370]
O58 - SDL:2/11/2006 - 8:09:40 ---A- . (...) -- C:\Windows\System32\NTDOS412.SYS [29274]
O58 - SDL:2/11/2006 - 8:09:31 ---A- . (...) -- C:\Windows\System32\NTDOS804.SYS [29146]
O58 - SDL:2/11/2006 - 8:09:20 ---A- . (...) -- C:\Windows\System32\NTIO.SYS [33952]
O58 - SDL:2/11/2006 - 8:09:23 ---A- . (...) -- C:\Windows\System32\NTIO404.SYS [34672]
O58 - SDL:2/11/2006 - 8:09:24 ---A- . (...) -- C:\Windows\System32\NTIO411.SYS [35776]
O58 - SDL:2/11/2006 - 8:09:26 ---A- . (...) -- C:\Windows\System32\NTIO412.SYS [35536]
O58 - SDL:2/11/2006 - 8:09:22 ---A- . (...) -- C:\Windows\System32\NTIO804.SYS [34672]
O58 - SDL:24/09/2006 - 14:28:46 ---A- . (.Windows (R) 2000 DDK provider - SpeedFan Device Driver.) -- C:\Windows\System32\speedfan.sys [5248]
~ Drivers: 130 Legitimates Filtered in 00mn 12s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2015 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 17/06/2010 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
O64 - Services: CurCS - 26/08/2009 - C:\Windows\system32\Drivers\NIS\1007020.00B\SYMNDISV.sys (SYMNDISV) .(.Symantec Corporation - NDIS Filter Driver.) - LEGACY_SYMNDISV
O64 - Services: CurCS - 24/04/2014 - C:\Windows\System32\drivers\{ef8714df-a44b-464c-9034-549a70dc4cd7}Gt.sys ({ef8714df-a44b-464c-9034-549a70dc4cd7}Gt) .(.StdLib - StdLib.) - LEGACY_{EF8714DF-A44B-464C-9034-549A70DC4CD7}GT =>PUP.LinkiDoo
~ Legacy: 102 Legitimates Filtered in 00mn 18s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} - (SafeFinder Search) - http://feed.safefinder.com =>Hijacker.SmartBar
O69 - SBI: SearchScopes [HKCU] {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} [DefaultScope] - (Trovi search) - http://www.trovi.com =>Hijacker.TroviCom
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {66B8C229-DD6C-4BF0-924E-B83DCD11F1E5} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {AF5022AA-6EFB-45D8-997C-FEC005D661D6} - (Search the web (Softonic)) - http://search.softonic.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {b41306c6-96d0-442a-bcc4-b0f621e82ce9} - (Fissa) - http://www.fissa.com =>PUP.OfferBox
O69 - SBI: SearchScopes [HKCU] {BBFC2657-F3E0-4179-AA2F-6A6B0FEFCE77} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>PUP.uTorrentBar
~ Keys: Scanned in 00mn 00s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.DA3FF9AA253B2BE92730D27241045FD5] [SPRF][21/08/2010] (...) -- C:\ProgramData\7E496C5703.sys [168]
[MD5.5424BEF06FEBBE974E36E492C8C404F3] [SPRF][19/08/2014] (...) -- C:\ProgramData\KGyGaAvL.sys [8456]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][2/01/1601] (...) -- C:\ProgramData\roma1.exe [27361403]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][2/01/1601] (...) -- C:\Users\djfab\AppData\Roaming\consolep.dll [120832]
[MD5.069B93A5E079F700BAE7CAC0242BE5F6] [SPRF][20/08/2009] (...) -- C:\Users\djfab\AppData\Roaming\PnkBstrK.sys [139152]
[MD5.B5C0DDEC4BBF3E775D265115542F248F] [SPRF][4/05/2012] (...) -- C:\Users\djfab\AppData\Roaming\wklnhst.dat [366]
[MD5.72CAB2AD4D3E2822E4B3268383D67338] [SPRF][10/03/2007] (...) -- C:\Users\djfab\Desktop\ffmpeg.exe [2640384]
~ Files: 10 Legitimates Filtered in 00mn 02s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "TCP Query User{42053CEF-C972-47AE-9ECB-1D1D7B529510}C:\program files\fluendo\moovida\moovida.exe" | In - Public - P6 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "UDP Query User{BA9E8E81-8CBF-43A4-9FEC-0FBEF656EC90}C:\program files\fluendo\moovida\moovida.exe" | In - Public - P17 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "TCP Query User{5C15630B-D58C-439A-9541-7A58266CBE92}C:\program files\fluendo\moovida\moovida.exe" | In - Private - P6 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "UDP Query User{18884135-6325-421A-9110-4D2CED5FB9C3}C:\program files\fluendo\moovida\moovida.exe" | In - Private - P17 - TRUE | .(.Fluendo Embedded - Moovida.) -- C:\program files\fluendo\moovida\moovida.exe =>Adware.SPointer
O87 - FAEL: "{F9513718-DE37-408D-9465-BF5299B1C928}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4A8EF66F-5211-4000-9D48-62C0CE8B2356}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\djfab\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 6 Legitimates Filtered in 00mn 09s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "FCCEBB79DF1B0104D8B4FE9C3ECCEEFC" . (.Driver Whiz.) -- C:\Windows\Installer\{97BBECCF-B1FD-4010-8D4B-EFC9E3CCEECF}\ARPPRODUCTICON.exe =>PUP.DriverWhiz
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5b6dfdbe23fea48\2.6.1339.144\upd]:="upd=1" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\2.6.1519.190\upd]:="upd=1" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:version="2.3.762.17" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:dllName="pcpmngr.dll" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:exeName="pcpmngr.exe" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:serviceName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:version="2.3.811.154" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:dllName="pcpmngr.dll" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:exeName="pcpmngr.exe" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:guid="{61d8b74e-8d89-46ff-afa6-33382c54ac73}" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:serviceName="PC Performer Manager" =>PUP.PCPerformer
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:version="2.4.897.175" =>PUP.Babylon
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:version="2.5.911.18" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:version="2.5.976.107" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:version="2.6.1123.78" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:version="2.6.1249.132" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" =>Hijacker.Eazel
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon^
[HKCU\Software\5b6dfdbe23fea48]:version="2.6.1519.190" =>PUP.Babylon
[HKLM\Software\5b6dfdbe23fea48]:version="2.6.1519.190" =>PUP.Babylon
~ Export Key Software: Scanned in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.8EC00EF00409DEDE288DC979D51FFBD9] [WIS][19/09/2010] (.Secure Digital Services - Moovida, your choice for faster, easier downloading!.) -- C:\Windows\Installer\11a175f.msi [2522624] =>Adware.SPointer
[MD5.1CF681FFA7BB03A7890406A08093CE81] [WIS][16/07/2014] (.Linkury Ltd. - SafeFinder Smartbar.) -- C:\Windows\Installer\207100.msi [2020864] =>Hijacker.SmartBar
[MD5.2C65B633B364E715781C0BF4C4FE224C] [WIS][16/07/2014] (.LPT - LPT System Updater Service.) -- C:\Windows\Installer\207106.msi [463872] =>Adware.IncrediBar
[MD5.8D25D1DC6FED82B0DBC1A491E745AC44] [WIS][20/02/2011] (.Driver Whiz - Driver Whiz.) -- C:\Windows\Installer\cbe180.msi [2443264] =>PUP.DriverWhiz
~ WIS: 4 Legitimates Filtered in 00mn 33s
---\\ Recherche de clés de registre CLSID (O101)
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SafeFinder SmartbarEngine) =>Hijacker.SmartBar
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (SafeFinder Smartbar) =>Hijacker.SmartBar
[HKCR\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] (Interest recogniser for Moovida (powered by Spointer)) =>Adware.SPointer
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit
~ BCK: 7611 Legitimates Filtered in 00mn 27s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 26/05/2015 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SS - | Auto 19/05/2015 825856 | (AntiVirMailService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avmailc.exe
SS - | Auto 19/05/2015 1186040 | (AntiVirWebService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.exe
SS - | Demand 20/03/2009 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Auto 15/07/2014 9216 | (FreemakeVideoCapture) . (.Ellora Assets Corp..) - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
SS - | Demand 20/03/2009 30192 | (GoogleDesktopManager-092308-165331) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 19/10/2014 107912 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 19/10/2014 107912 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Auto 21/01/2008 21504 | C:\Windows\system32\XAudio32.dll (HsfXAudioService) . (.Conexant Systems, Inc..) - C:\Windows\System32\svchost.exe
SS - | Demand 24/01/2011 310640 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Auto 1/09/2011 234496 | (Mobistar Internet Everywhere. RunOuc) . (...) - C:\Program Files\Mobistar Internet Everywhere\UpdateDog\ouc.exe
SS - | Demand 18/05/2015 148080 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 9/03/2011 3857408 | (NIHardwareService) . (.Native Instruments GmbH.) - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
SS - | Auto 22/07/1658 0 | (NMSAccessU) . (...) - C:\Users\djfab\AppData\Local\Temp\{9166850E-B40E-4709-8364-823374B3053F}\NMSAccessU.exe
SS - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 11/09/2007 124832 | (AdobeActiveFileMonitor6.0) . (...) - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
SR - | Auto 8/05/2014 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 19/05/2015 434424 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 19/05/2015 434424 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 10/04/2015 205104 | (Avira.OE.ServiceHost) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
SR - | Auto 20/04/2009 840192 | (BlueSoleilCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 27/02/2009 98407 | (BsHelpCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
SR - | Auto 27/02/2009 143467 | (BsMobileCS) . (...) - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
SR - | Auto 1/03/2009 567848 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/04/2012 16896 | (HerculesDJControlMP3) . (.Hercules®.) - C:\Program Files\Hercules\Audio\DJ Console Series\drivers\x86\HerculesDJControlMP3.exe
SR - | Auto 16/11/2010 264704 | (HWDeviceService.exe) . (...) - C:\ProgramData\DatacardService\HWDeviceService.exe
SR - | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 13/06/2011 1036104 | (Lavasoft Ad-Aware Service) . (.Lavasoft.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SR - | Auto 15/07/2014 786256 | (NAUpdate) . (.Nero AG.) - C:\Program Files\Nero\Update\NASvc.exe
SR - | Auto 26/08/2009 117640 | (Norton Internet Security) . (.Symantec Corporation.) - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
SR - | Auto 10/03/2009 44800 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
SR - | Auto 20/08/2009 75064 | (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SR - | Auto 24/07/2007 185632 | (PSI_SVC_2) . (.Protexis Inc..) - C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 7/02/2014 5093216 | (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 31s
---\\ Scan Additionnel (O88)
Database Version : 13008 - (25/05/2015)
Clés trouvées (Keys found) : 202
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 18
Fichiers trouvés (Files found) : 32
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2A7BD67-0EAF-497F-B05B-748D7BF3C421}] =>Adware.SPointer^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] =>Toolbar.Conduit^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Fissa] =>PUP.OfferBox^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}] =>Adware.IncrediBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{877D0E59-6CBD-43C6-966F-1F4BA343AEEC}] =>Hijacker.SmartBar^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{77236F9C-987C-40EC-832B-5BD6181E4846}] =>Adware.SocialSkinz^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\maucampo] =>PUP.Maucampo^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip
[HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip
[HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip
[HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{58EFBE9C-4621-4d79-90E7-8BEE265CA951}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DB24F50-8C65-4772-9844-47FE8701BE57}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6084C211-01A1-464E-97A0-09772E122B50}] =>Adware.SPointer
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}] =>Adware.BHO
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] =>Hijacker.Agent
[HKLM\Software\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}] =>PUP.Babylon
[HKLM\Software\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports
[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{b41306c6-96d0-442a-bcc4-b0f621e82ce9}] =>PUP.OfferBox
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C4A743DE-EAAC-4cd0-9BF6-378E8141868B}] =>Adware.ShopperReports
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}] =>Adware.BHO
[HKLM\Software\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}] =>PUP.BearShare
[HKLM\Software\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}] =>PUP.OfferBox
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKLM\Software\Classes\CLSID\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DCE997C8-5920-4c09-99EE-59F46634FE2C}] =>Adware.ShopperReports
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKLM\Software\Classes\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}] =>PUP.OfferBox
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Prod.cap] =>PUP.ClaroSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Adware.PricePeep
[HKLM\Software\Classes\AppID\NCTAudioCDGrabber2.DLL] =>PUP.BearShare
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Fissa] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox Browser] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PricePeep] =>Adware.PricePeep
[HKLM\Software\Classes\b] =>PUP.Babylon
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\Conduit.Engine] =>PUP.Conduit
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKLM\Software\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\recherche avec cherche.us] =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\Internet Explorer\MenuExt\Recherche avec search-web] =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\handle] =>Malware.Trace
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect] =>PUP.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\Softonic] =>PUP.Conduit
[HKLM\Software\Softonic] =>PUP.Conduit
[HKCU\Software\Spointer] =>Adware.SPointer
[HKCU\Software\XML] =>Trojan.FakeAlert
[HKLM\Software\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}] =>PUP.Conduit
[HKLM\Software\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKLM\Software\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] =>PUP.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}] =>PUP.Conduit
[HKLM\Software\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}] =>PUP.Conduit
[HKLM\Software\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\softonic] =>PUP.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\ForceRenive] =>PUP.OfferBox
[HKLM\Software\Google\Chrome\Extensions\kngejcchcedjdemdaeneneeahmjnpaec] =>Adware.SPointer
[HKCU\Software\Microsoft\Installer\Features\112C48061A10E464790A9077E221B205] =>Adware.SPointer
[HKCU\Software\Microsoft\Installer\Products\112C48061A10E464790A9077E221B205] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKLM\Software\Classes\CLSID\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9E8EB35-FF77-455D-B677-91E5E4FC06C2}] =>Toolbar.Freemake
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKLM\Software\Classes\CLSID\{6B34ACCF-1B63-4E1A-8633-461917C75544}] =>Toolbar.Freecorder
[HKLM\Software\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}] =>PUP.Babylon
[HKLM\Software\Classes\Moovida.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.Spointer.1] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\Moovida.SpointerWebDisp.1] =>Adware.SPointer
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.TBSB00808] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB00808.TBSB00808.3] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB00808] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB00808.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar.CT2612669] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar.CT2851639] =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{5018CFD2-804D-4C99-9F81-25EAEA2769DE} =>Toolbar.Conduit^
[HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow]:*.chat-land.org =>Hijacker.ChercheUS
C:\Program Files\Fluendo =>Adware.SPointer^
C:\Program Files\Softonic =>Toolbar.Conduit^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\Users\djfab\AppData\Roaming\FissaSearch =>PUP.OfferBox^
C:\Users\djfab\AppData\Roaming\OfferBox =>PUP.OfferBox^
C:\Users\djfab\AppData\Roaming\OpenCandy =>Adware.OpenCandy^
C:\Users\djfab\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com =>Hijacker.TornTV^
C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent
C:\Program Files\SearchProtect =>PUP.Conduit
C:\Program Files\Freecorder 6 =>Toolbar.Freecorder
C:\Users\djfab\AppData\Roaming\WebPlayerBdd =>Adware.SocialSkinz
C:\Users\djfab\AppData\Local\moovida air =>Adware.SPointer
C:\Users\djfab\AppData\Local\SearchProtect =>PUP.Conduit
C:\Users\djfab\AppData\LocalLow\BabylonToolbar =>PUP.Babylon
C:\Users\djfab\AppData\LocalLow\Conduit =>PUP.Conduit
C:\Users\djfab\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\djfab\AppData\LocalLow\Smartbar =>Hijacker.SmartBar
C:\Users\djfab\AppData\LocalLow\Toolbar4 =>PUP.Conduit
C:\Windows\Tasks\PC Performer_DEFAULT.job =>PUP.PCPerformer^
C:\Windows\System32\Tasks\PC Performer_DEFAULT =>PUP.PCPerformer^
C:\Windows\Tasks\PC Performer_UPDATES.job =>PUP.PCPerformer^
C:\Windows\System32\Tasks\PC Performer_UPDATES =>PUP.PCPerformer^
C:\Windows\Tasks\Registry Reviver-djfab-Startup.job =>PUP.RegistryReviver^
C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup =>PUP.RegistryReviver^
C:\Windows\Tasks\Registry Reviver-djfab-Startup.job job [486] =>PUP.RegistryReviver^
C:\Windows\System32\Tasks\Registry Reviver-djfab-Startup Reviver [486] =>PUP.RegistryReviver^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKCU\Software\Smartbar] =>Hijacker.SmartBar^
[HKCU\Software\maucampo] =>PUP.Maucampo^
[HKLM\Software\SPPDCOM] =>Rogue.PCSpeedUp^
[HKCU\Software\5b6dfdbe23fea48\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.762.17]:guid="{16cdff19-861d-48e3-a751-d99a27784753}" =>PUP.Babylon^
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.3.811.154]:folderName="PC Performer Manager" =>PUP.PCPerformer^
[HKCU\Software\5b6dfdbe23fea48\history\{61d8b74e-8d89-46ff-afa6-33382c54ac73}2.4.897.175]:folderName="PC Performer Manager" =>PUP.PCPerformer^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.911.18]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.5.976.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1123.78]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1249.132]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" =>Hijacker.Eazel^
[HKCU\Software\5b6dfdbe23fea48] =>PUP.Babylon^^
C:\Windows\Installer\11a175f.msi =>Adware.SPointer^
C:\Windows\Installer\207100.msi =>Hijacker.SmartBar^
C:\Windows\Installer\207106.msi =>Adware.IncrediBar^
C:\Windows\Installer\cbe180.msi =>PUP.DriverWhiz^
[HKCR\CLSID\{206DAA08-0036-11D5-80D8-0050DA5F08E3}] (Groove WebBrowserView2) =>PUP.CrossRider^
[HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] (SafeFinder SmartbarEngine) =>Hijacker.SmartBar^
[HKCR\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}] (Softonic Toolbar) =>Toolbar.Conduit^
[HKCR\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}] (SafeFinder Smartbar) =>Hijacker.SmartBar^
[HKCR\CLSID\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] (Interest recogniser for Moovida (powered by Spointer)) =>Adware.SPointer^
[HKCR\CLSID\{E87806B5-E908-45FD-AF5E-957D83E58E68}] (Softonic Helper Object) =>Toolbar.Conduit^
~ Additionnel Scan: 592332 Items scanned in 02mn 50s
---\\ Informations complémentaires sur les modules
~ http://nicolascoolman.fr/r5-internet-explorer-proxy-management-iepm/ =>.Internet Explorer, Proxy Management (R5)
~ http://nicolascoolman.fr/o2-browser-helper-objects-de-navigateur/ =>.Browser Helper Objects de navigateur (O2)
~ http://nicolascoolman.fr/o3-internet-explorer-toolbars/ =>.Internet Explorer Toolbars (O3)
~ http://nicolascoolman.fr/o4-applications-demarrees-par-le-registre/ =>.Applications lancées au démarrage du système (O4)
~ http://nicolascoolman.fr/o51-mountpoints2-shell-key-mpsk/ =>.Clé de registre Shell MountPoints2 (MPSK) (O51)
~ AMI: 5 Legitimates Filtered in 00mn 00s
---\\ Récapitulatif des détections trouvées sur votre station
http://www.nicolascoolman.fr/blog/ =>PUP.UniblueSystem
http://nicolascoolman.fr/hijacker-trovicom =>Hijacker.TroviCom
http://nicolascoolman.fr/hijacker-smartbar =>Hijacker.SmartBar
http://nicolascoolman.fr/toolbar-conduit =>Toolbar.Conduit
http://nicolascoolman.fr/adware-spointer =>Adware.SPointer
http://www.nicolascoolman.fr/blog/ =>Hijacker.ChercheUS
http://www.nicolascoolman.fr/blog/ =>Adware.PricePeep
http://www.nicolascoolman.fr/blog/ =>Hacktool.AutoKMS
http://www.nicolascoolman.fr/blog/ =>PUP.PCPerformer
http://www.nicolascoolman.fr/blog/ =>PUP.RegistryReviver
http://nicolascoolman.fr/pup-linkidoo =>PUP.LinkiDoo
http://nicolascoolman.fr/pup-offerbox =>PUP.OfferBox
http://nicolascoolman.fr/adware-incredibar =>Adware.IncrediBar
http://nicolascoolman.fr/adware-socialskinz =>Adware.SocialSkinz
http://nicolascoolman.fr/pup-maucampo =>PUP.Maucampo
http://nicolascoolman.fr/pup-babylon =>PUP.Babylon
http://nicolascoolman.fr/pup-filescout =>PUP.FileScout
http://nicolascoolman.fr/rogue-pcspeedup =>Rogue.PCSpeedUp
http://nicolascoolman.fr/adware-installbrain =>Adware.InstallBrain
http://nicolascoolman.fr/adware-opencandy =>Adware.OpenCandy
http://nicolascoolman.fr/hijacker-torntv =>Hijacker.TornTV
http://nicolascoolman.fr/adware-imbooster =>Adware.IMBooster
http://www.nicolascoolman.fr/blog/ =>PUP.uTorrentBar
http://www.nicolascoolman.fr/blog/ =>PUP.DriverWhiz
http://nicolascoolman.fr/hijacker-eazel =>Hijacker.Eazel
http://nicolascoolman.fr/pup-crossrider =>PUP.CrossRider
http://nicolascoolman.fr/pup-funmoods =>PUP.Funmoods
http://nicolascoolman.fr/adware-recordnrip =>Adware.RecordNRip
http://www.nicolascoolman.fr/blog/ =>PUP.Conduit
http://nicolascoolman.fr/toolbar-ask =>Toolbar.Ask
http://www.nicolascoolman.fr/blog/ =>Adware.Agent
http://www.nicolascoolman.fr/blog/ =>Toolbar.Agent
http://nicolascoolman.fr/adware-iwinarcade =>Adware.iWinArcade
http://www.nicolascoolman.fr/blog/ =>Adware.ShopperReports
http://www.nicolascoolman.fr/blog/ =>Adware.BHO
http://www.nicolascoolman.fr/blog/ =>Hijacker.Agent
http://www.nicolascoolman.fr/blog/ =>Hijacker.Seeearch
http://nicolascoolman.fr/pup-bearshare =>PUP.BearShare
http://nicolascoolman.fr/adware-bullseyetoolbar =>Adware.BullseyeToolbar
http://nicolascoolman.fr/pup-clarosearch =>PUP.ClaroSearch
http://www.nicolascoolman.fr/blog/ =>Malware.Trace
http://nicolascoolman.fr/adware-pricegong =>Adware.PriceGong
http://www.nicolascoolman.fr/blog/ =>Trojan.FakeAlert
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freemake
http://www.nicolascoolman.fr/blog/ =>Toolbar.Freecorder
~ MSI: 45 link(s) detected in 00mn 00s
~ 2467 Legitimates filtered by white list
End of the scan (1096 lines in 09mn 47s)(0.4)