Aller au contenu

Elbereth

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    9

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par Elbereth

  1. Elbereth
    D'accord c'est normal, repose-toi bien alors ^.^ Et merci encore pour ton aide, à demain L'ordi, pas de changements flagrant pour le moment, mais comme je lui demande pas mal de choses en parallèle, ça vient surement de cela ! ^^ Je lui demande rarement autant de logiciel à faire travailler en même temps ! Je dois par contre désinstaller un programme pour manque de place sur mon Disque Local,( j'ôte un jeu, pas très important en soi ^^ ) je refais donc un ZHPDiag ensuite
  2. Elbereth
    Voici l'analyse de MBAM : Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Version de la base de données: v2013.09.02.08 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16618 Elbereth Mormegil :: WHISES [administrateur] 02/09/2013 21:52:27 mbam-log-2013-09-02 (21-52-27).txt Type d'examen: Examen complet (C:\|D:\|Q:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 535179 Temps écoulé: 1 heure(s), 58 minute(s), 43 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 5 HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> Mis en quarantaine et supprimé avec succès. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> Mis en quarantaine et supprimé avec succès. Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 19 C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\amtlib.dll (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\01net_Hamachi.exe (PUP.Optional.OpenCandy) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\Ballade (1).exe (PUP.Optional.4Squared) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\Ballade.exe (PUP.Optional.4Squared) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\Crack.rar (PUP.RiskwareTool.CK) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\daemon_tools_lite_daemon_tools_lite_4_47_1_fr_10729.exe (PUP.Optional.OpenCandy) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\FlashPlayer_V.128435770c.exe (PUP.FakeFlash.Domaiq) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\FreeMahjongGamesSetup-2GgTUDg.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\install_reader11_fr_mssd_aih.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\mymusictubesetup_CH.exe (PUP.Adware.RelevantKnowledge) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\PDFCreatorSetup-4v5Uefw.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\pfsx-setup-01net-10.7.3.exe (PUP.Optional.InstallCore) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\qp du kit au pays de nounours de kastagnette par mayasa (1).exe (PUP.Optional.4Squared) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\qp du kit au pays de nounours de kastagnette par mayasa (2).exe (PUP.Optional.4Squared) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\qp du kit au pays de nounours de kastagnette par mayasa.exe (PUP.Optional.4Squared) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\rkverify.exe (PUP.Adware.RelevantKnowledge) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\RocketPDFSetup.exe (Adware.InstallBrain) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\SumatraPDFSetup-cELZHy6.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. D:\Downloads\VLCMediaPlayerSetup-3PINp12.exe (PUP.Optional.Somoto) -> Mis en quarantaine et supprimé avec succès. (fin)
  3. Elbereth
    Oui ! ^^ J'ai commencé l'ordi avait 13.8 dispo sur 116 Go , après avoir installer tous tes logiciels, je suis remontée à 12 Go dispo, et là , 13.4 Go de libres ! C'est toujours moins qu'avant, mais ça a dû me supprimer pas mal de mer***
  4. Elbereth
    Et Hop ! Voici le premier rapport , celui de SFTGC : http://cjoint.com/?CIcvRricXWN
  5. Elbereth
    Je me met au boulot sans plus tarder ! Merci pour le guide pas à pas A très vite ^^
  6. Elbereth
    Ah ça oui, pour encaisser, il était bien content ! Enfin bref, voici donc le rapport de AdwCleaner : http://cjoint.com/?CIcvC3vHoM3 Voili Voilou .
  7. Elbereth
    Bonsoir et merci bien ! Voici donc le premier rapport de JRT : http://cjoint.com/?CIctO7bqvOX
  8. Elbereth
    Bonjour à tous ! Voilà, mon PC ( Asus 7, X72J Series / Intel core i3 ) , rame grave depuis quelques temps, et cela est de pire en pire . J'en ai parler a mon informaticien qui ma dit que c'était parce que mon ventilateur était rempli de poussière . Il me la donc décrassé. Seulement voilà, mon pc rame toujours autant, si ce n’est pire ! Et plus les jours passent, plus mon pc LAG ! J'ai fait ce dont j'étais capable a mon faible niveau : * analyse antivirus = négative * Ccleaner et en parcourant divers forum, j'ai vu ZHPDiag. J'ai donc réaliser une analyse de mon ordinateur grâce a cet outil. Sauf que problème, je ne sais pas la déchiffrée ( le début ça va, la suite, ça se complique :s ) ! J'aimerais si possible que vous m'aidiez à analyser le rapport , cela m'aiderait fortement. Alors si vous pouviez me dire s'il y a un souci, je vous en remercie par avance . Voici donc le rapport : ~ Rapport de ZHPDiag v2013.9.1.2 - Nicolas Coolman (01/09/2013) ~ Lancé par Elbereth Mormegil (02/09/2013 17:53:06) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Traduit par Nicolas Coolman ~ Etat de la version : Version à jour. ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Activate by user ---\\ Navigateurs Internet MSIE: Internet Explorer v10.0.9200.16618 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 9YQTR Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v7.0.1474.0 Windows Defender W7 ---\\ Logiciels d'optimisation du système ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin Adobe Reader XI Java 7 Update 17 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3948 MB (53% free) System Restore: Activé (Enable) System drive C: has 14 GB (12%) free of 116 GB ---\\ Mode de connexion au système ~ Computer Name: WHISES ~ User Name: Elbereth Mormegil ~ All Users Names: HomeGroupUser$, Elbereth Mormegil, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppData% : C:\Users\Elbereth Mormegil\AppData\Roaming\ ~ %Desktop% : C:\Users\Elbereth Mormegil\Desktop\ ~ %Favorites% : C:\Users\Elbereth Mormegil\Favorites\ ~ %LocalAppData% : C:\Users\Elbereth Mormegil\AppData\Local\ ~ %StartMenu% : C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C:\ Hard drive, Flash drive, Thumb drive (Free 14 Go of 116 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 247 Go of 328 Go) E:\ CD-ROM drive (Not Inserted) G:\ CD-ROM drive (Not Inserted) H:\ CD-ROM drive (Not Inserted) Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 37 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/8863 ~ Mes musiques (My Musics) : 1/535 ~ Mes Videos (My Videos) : 1/8 ~ Mes Favoris (My Favorites) : 1/20 ~ Mes Documents (My Documents) : 2/4154 ~ Mon Bureau (My Desktop) : 2/46 ~ Menu demarrer (Programs) : 1/48 ~ Hidden Files: Scanned in 00mn 09s ---\\ Processus lancés au démarrage du système [MD5.1971D838A88F58D59543E9B3CDA5FFC4] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [305720] [PID.2312] [MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [51768] [PID.2408] [MD5.BDD790326FABC31FB635130810245062] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [1597440] [PID.2432] [MD5.852EE4F61139A1B3F44EDAA0D5B3FC14] - (...) -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [53888] [PID.2448] [MD5.BD2D29BAF273E029BBAC627AACA37594] - (...) -- C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe [2847696] [PID.1928] =>Hijacker.Eazel [MD5.3ECCDD3FE310DD8F82D085447089ADB0] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe [272952] [PID.3104] [MD5.5C396DDE6AAFFB64ABC0E0FD88F53553] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe [3054136] [PID.3464] [MD5.06785517191817885253B45134704017] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1099608] [PID.3624] [MD5.659474582C6E060DBD8FFFF97DC892C5] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968] [PID.3756] [MD5.57B4D34232852BFE4453BE571DF90D21] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [103720] [PID.3764] [MD5.F4ED77EE7CBD4F92A0DB9CDFF0AB86FA] - (.Samsung - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844144] [PID.4016] [MD5.14B827EFBFA9833C8216080183845124] - (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe [20248] [PID.968] =>PUP.QuickShare [MD5.6529C89512CE4498919BDC512572F82C] - (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [6998656] [PID.4036] [MD5.5666955DC9FD455A003D86A21E0483A9] - (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624] [PID.3080] [MD5.5AEBF6FA9805C9101220AA4FB4FA17E7] - (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016] [PID.3612] [MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4297136] [PID.3456] [MD5.FDB2FB392B20797AF3F4ED9D7699938E] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152] [PID.1116] [MD5.43742FFF5E829BA59FBE7EEF89949E63] - (.Infernum Productions AG - Dragon's Prophet Setup.) -- D:\Downloads\DragonsProphetDownloader.exe [1873863] [PID.4708] [MD5.4C7B2A0F9AAF830B6EA90B58D26FBCB8] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\is-RR4UK.tmp\DragonsProphetDownloader.tmp [1193472] [PID.3500] [MD5.4C7B2A0F9AAF830B6EA90B58D26FBCB8] - (.Pas de propriétaire - Setup/Uninstall.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\is-HSSUV.tmp\DragonsProphetDownloader.tmp [1193472] [PID.3500] [MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.6508] [MD5.8E436BD0D9C2CB57306070DFEA3D4513] - (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe [829392] [PID.3584] [MD5.68825D489DE0DC71FF3A62D6452684BA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7860224] [PID.6124] [MD5.18E5C2F937F9DEB8C282DF66A3761925] - (.ASUS - ASLDR Service.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536] [PID.1412] [MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1572] [MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1868] [MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1896] [MD5.C811032EBB2C2E9FACFC364599E91BE3] - (.ASUS - HControl.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe [174720] [PID.2532] [MD5.1E505D6CF5C55A3C02F225FA359D9EF4] - (.Pas de propriétaire - eMail ID service for automatic updates.) -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe [284512] [PID.964] [MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [262144] [PID.3616] [MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.4540] [MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064] [PID.3296] =>Toolbar.Wajam [MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.5080] [MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.3540] [MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe [225280] [PID.5372] [MD5.739DB668DBD812285ECC553E64A5E212] - (.Pas de propriétaire - spmgr Module.) -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe [125496] [PID.5864] [MD5.149126216A694E6BA84E92ECA77AAE3B] - (.ASUS - ATKOSD.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe [2488888] [PID.4796] [MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe [113208] [PID.5756] [MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe [174648] [PID.248] [MD5.41118D920B2B268C0ADC36421248CDCF] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2314240] [PID.2620] [MD5.D7F82B30ED318E591E27C9C323846DD5] - (.ASUS - SmartLogon Application.) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe [428600] [PID.1188] ~ Processes Running: Scanned in 00mn 04s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Google Browser: 0 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\prefs.js C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\user.js M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\askcom.xml M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\babylon.xml =>Toolbar.Babylon M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\BrowserDefender.xml =>Hijacker.Eazel M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\delta.xml =>Toolbar.DeltaSearch M3 - MFPP: Plugins - [Elbereth Mormegil] -- C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\sweetim.xml =>PUP.SweetIM M0 - MFSP: prefs.js [Elbereth Mormegil - i85xmxp5.default] r_pref("browser.startup.homepage", ); M2 - MFEP: prefs.js [Elbereth Mormegil - i85xmxp5.default\crossriderapp21058@crossrider.com] [] Savings Explorer v (..) =>PUP.CrossRider M2 - MFEP: prefs.js [Elbereth Mormegil - i85xmxp5.default\{05eeb91a-aef7-4f8a-978f-fb83e7b03f8e}] [] uTorrentBar_FR v10.10.27.6 (..) =>P2P.µTorrent ~ Firefox Browser: 12 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://feed.snap.do =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do =>Hijacker.SmartBar R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do =>Hijacker.SmartBar ~ IE Browser: 17 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local> R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Wajam IE BHO [64Bits] - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files (x86)\Wajam\IE\priam_bho.dll =>Toolbar.Wajam ~ BHO: 9 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline O3 - Toolbar: QuickShare Widget [64Bits] - [HKLM]{ae07101b-46d4-4a98-af68-0333ea26e113} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>PUP.QuickShare O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Control Center.) -- C:\Program Files\Elantech\ETDCtrl.exe O4 - HKLM\..\Run: [ASUS WebStorage] . (...) -- C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe O4 - HKLM\..\Run: [sysTrayApp] . (.IDT, Inc. - IDT PC Audio TPE.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [AmIcoSinglun64] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [Logitech Download Assistant] . (.Logitech, Inc. - Logitech Download Assistant.) -- C:\Windows\System32\LogiLDA.dll O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O4 - HKCU\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare O4 - HKLM\..\Wow6432Node\Run: [updateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [updateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Wow6432Node\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Wow6432Node\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe O4 - HKLM\..\Wow6432Node\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O4 - HKLM\..\Wow6432Node\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [RESTART_STICKY_NOTES] . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [DAEMON Tools Lite] . (.Disc Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-1987094096-313741562-2905656634-1000\..\Run: [browser Infrastructure Helper] . (.Smartbar - Smartbar.) -- C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: Bejeweled 3.lnk . (...) -- D:\Programmes\Bejeweled_3\Bejeweled3.exe O4 - GS\TaskBar: CCleaner.lnk . (.Piriform Ltd - CCleaner.) -- D:\Programmes\CCleaner\CCleaner64.exe =>Piriform Ltd O4 - GS\TaskBar: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- D:\Downloads\Client_Demon_Slayer.exe O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: http___frcs.r2games.com_.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Site Officiel de Lunaria - MMORPG 2D Side-Scrolling Gratuit.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe http://frls.r2games.com O4 - GS\TaskBar: Studio-Scrap.lnk . (.CDIP - Logiciel de Scrapbooking.) -- D:\Studio-Scrap 4 (installations)\Studio-Scrap4\StudioScrap.exe O4 - GS\TaskBar: Tencent QQ International.lnk . (.Tencent - QQ International.) -- C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: Samsung Kies (Lite).lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\QuickLaunch: Samsung Kies.lnk . (...) -- C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe O4 - GS\QuickLaunch: Tencent QQ.lnk . (.Tencent - QQ International.) -- C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe O4 - GS\Desktop: Adobe Illustrator CS6 (64 Bit).lnk . (.Adobe Systems Inc. - Adobe Illustrator CS6.) -- C:\Program Files\Adobe\Adobe Illustrator CS6 (64 Bit)\Support Files\Contents\Windows\Illustrator.exe O4 - GS\Desktop: FranceDemon SlayerConnexion rapide au jeu.lnk . (.7Road - ?????.) -- D:\Downloads\Client_Demon_Slayer.exe O4 - GS\Desktop: PhotoFiltre Studio X.lnk . (.PhotoFiltre - PhotoFiltre Studio X.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{6E96A2AD-0E74-4FD0-AE24-81A38838356F}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Titr_HJT34=Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: BrowserDefendert (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel O23 - Service: Iconix Update Service (IconixService) . (.Pas de propriétaire - eMail ID service for automatic updates.) - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam ~ Services: 16 Legitimates Filtered in 00mn 24s ---\\ Tâches planifiées en automatique (O39) [MD5.534C82F1D7246EDF654B5257CA82FE70] [APT] [DealPly] (...) -- C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe [93728] =>PUP.DealPly [MD5.00000000000000000000000000000000] [APT] [{0FE1BF5A-B674-40B4-9FB1-E6AA96519E16}] (...) -- C:\Users\Elbereth Mormegil\Desktop\shaiya_fr_installer_20111201.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{1BEBD37E-83F5-49AD-AAAD-D1409ECDFFC5}] (...) -- C:\Users\Elbereth Mormegil\Downloads\JDFRv125.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{244E141C-6357-4F2B-AC4C-032069696B62}] (...) -- E:\setup.exe (.not file.) [0] ~ Scheduled Task: 30 Legitimates Filtered in 00mn 06s ---\\ Logiciels installés (O42) O42 - Logiciel: BrowserDefender - (...) [HKLM][64Bits] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} =>Hijacker.Eazel O42 - Logiciel: Dragon Nest Europe - (...) [HKLM][64Bits] -- Dragon Nest Europe O42 - Logiciel: Free Mahjong Games - (...) [HKCU][64Bits] -- Free Mahjong Games O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM][64Bits] -- {04DB50FA-EA80-4256-85F9-540C582E280D} =>PUP.QuickShare O42 - Logiciel: Wajam - (.Wajam.) [HKLM][64Bits] -- Wajam =>Toolbar.Wajam ~ Logic: 133 Legitimates Filtered in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKCU\Software\5257d8d8b335ea13] [HKCU\Software\BI] [HKCU\Software\BabSolution] =>Hijacker.BabSolution [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\Datamngr] =>PUP.Datamngr [HKCU\Software\Iconix] [HKCU\Software\Iminent] =>Adware.IMBooster [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\OfferBox] =>PUP.OfferBox [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Smartbar] =>Hijacker.SmartBar [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\SweetIM] =>PUP.SweetIM [HKCU\Software\TENCENT] =>Adware.TencentAddressBar [HKCU\Software\Wajam] =>Toolbar.Wajam [HKCU\Software\WideStream] =>Adware.SPointer [HKCU\Software\co] [HKCU\Software\iMesh] =>PUP.iMesh [HKCU\Software\yahooinstall] =>Toolbar.Yahoo [HKCU\Software\Éñ¹íÊÀ½çÊÖ¶¯°²×°°ü] [HKCU\Software\???????????????] [HKLM\Software\DataMngr] =>PUP.Datamngr [HKLM\Software\Tarma Installer] =>Toolbar.Tarma [HKLM\Software\Wow6432Node\5257d8d8b335ea13] [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr [HKLM\Software\Wow6432Node\Iconix] [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Tencent] =>Adware.TencentAddressBar ~ Key Software: 258 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 10/06/2013 - 13:26:07 - [57,475] ----D C:\Program Files (x86)\Tencent =>Adware.TencentAddressBar O43 - CFD: 16/07/2013 - 16:05:57 - [0,553] ----D C:\Program Files (x86)\Wajam =>Toolbar.Wajam O43 - CFD: 16/09/2012 - 13:21:31 - [3,984] ----D C:\Program Files (x86)\Common Files\Iconix O43 - CFD: 01/07/2013 - 10:37:27 - [5,726] ----D C:\Program Files (x86)\Common Files\Tencent =>Adware.TencentAddressBar O43 - CFD: 21/02/2013 - 12:51:54 - [0] ----D C:\ProgramData\Babylon =>Toolbar.Babylon O43 - CFD: 24/09/2012 - 21:10:52 - [0,000] ----D C:\ProgramData\boost_interprocess O43 - CFD: 16/08/2013 - 18:19:01 - [8,084] ----D C:\ProgramData\BrowserDefender =>Hijacker.Eazel O43 - CFD: 25/10/2012 - 20:32:01 - [0,000] ----D C:\ProgramData\Iconix O43 - CFD: 03/08/2011 - 11:04:08 - [0,001] ----D C:\ProgramData\Partner O43 - CFD: 02/01/2013 - 12:10:41 - [0,281] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma O43 - CFD: 09/11/2012 - 23:46:10 - [0] ----D C:\ProgramData\Trymedia =>Adware.Trymedia O43 - CFD: 31/03/2013 - 13:02:19 - [0] -SH-D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 24/07/2013 - 23:18:42 - [0,457] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org O43 - CFD: 21/02/2013 - 12:51:54 - [0,061] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Babylon =>Toolbar.Babylon O43 - CFD: 01/05/2013 - 02:26:08 - [0,090] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly =>PUP.DealPly O43 - CFD: 16/09/2012 - 13:21:50 - [0,003] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Iconix O43 - CFD: 24/07/2012 - 23:29:09 - [0,171] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\OfferBox =>PUP.OfferBox O43 - CFD: 30/03/2013 - 20:45:28 - [28,495] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\OpenCandy =>Adware.OpenCandy O43 - CFD: 10/06/2013 - 14:04:05 - [43,927] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Tencent =>Adware.TencentAddressBar O43 - CFD: 15/12/2011 - 03:03:23 - [0,001] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\widestream =>Adware.SPointer O43 - CFD: 12/02/2012 - 20:32:37 - [0,312] ----D C:\Users\Elbereth Mormegil\AppData\Local\APN O43 - CFD: 15/10/2012 - 17:50:30 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\Conduit O43 - CFD: 08/04/2013 - 18:41:29 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\Savings Explorer O43 - CFD: 20/06/2013 - 14:02:44 - [20,148] ----D C:\Users\Elbereth Mormegil\AppData\Local\Smartbar =>Hijacker.SmartBar O43 - CFD: 25/10/2012 - 18:56:46 - [0] ----D C:\Users\Elbereth Mormegil\AppData\Local\TempDIR O43 - CFD: 16/07/2013 - 16:05:46 - [0,054] ----D C:\Users\Elbereth Mormegil\AppData\Local\Wajam =>Toolbar.Wajam O43 - CFD: 16/12/2011 - 04:10:40 - [0,200] ----D C:\Users\Elbereth Mormegil\AppData\Local\widestream6 Air =>Adware.SPointer O43 - CFD: 28/03/2013 - 02:11:32 - [0,004] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Mahjong Games O43 - CFD: 08/04/2013 - 18:40:06 - [0,005] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter O43 - CFD: 16/07/2013 - 16:05:47 - [0,001] ----D C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam ~ 84 Dossiers CLSID vides (CLSID Empty Folders) ~ Program Folder: 321 Legitimates Filtered in 00mn 59s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 24/08/2013 - 13:41:50 ---A- . (...) -- C:\end [0] ~ Files: 13 Legitimates Filtered in 00mn 12s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{ac9f38ff-3d43-11e1-890c-f46d04234ca3}\AutoRun\command. (...) -- G:\ICM_Manager.exe (.not file.) ~ Keys: Scanned in 01mn 20s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (...) -- C:\Program Files (x86)\uTorrent\uTorrent.exe (.not file.) =>P2P.µTorrent ~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:[MD5.46571ED73AE84469DCA53081D33CF3C8] - 20/06/2013 - 13:00:53 . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\System32\Drivers\dtsoftbus01.sys [283200] ~ Drivers: 16 Legitimates Filtered in 00mn 01s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - ??\??\???? - Pas de propriétaire (ASUSProcObsrv) .(...) - LEGACY_ASUSPROCOBSRV O64 - Services: CurCS - 02/03/2011 - Pas de propriétaire (esgiguard) .(...) - LEGACY_ESGIGUARD =>Crapware.SpyHunter O64 - Services: CurCS - 03/08/2007 - Pas de propriétaire (ghaio) .(...) - LEGACY_GHAIO ~ Legacy: 87 Legitimates Filtered in 00mn 01s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Elbereth Mormegil\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\askcom.xml O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..clientLogIsEnabled", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.CTID", "CT2851639"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.CurrentServerDate", "12-2-2012"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DSInstall", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DialogsAlignMode", "LTR"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DialogsGetterLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.DownloadReferralCookieData", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.EMailNotifierPollDate", "Thu Nov 24 2011 10:45:39 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedLastCount2548968607390276962", 138); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156812186649977", "Thu Nov 24 2011 10:25:39 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813040823546", "Fri Nov 25 2011 11:25:21 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813130095866", "Fri Nov 25 2011 11:25:21 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813224203613", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813230837251", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813454291735", "Fri Nov 25 2011 11:25:21 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813729834876", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156813860870021", "Thu Nov 24 2011 10:25:39 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156814264681793", "Fri Nov 25 2011 11:25:21 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156814863075366", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedPollDate2429156815257761081", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813040823546", 15); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813130095866", 10); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156813454291735", 5); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FeedTTL2429156814264681793", 5); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstServerDate", "24-11-2011"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstTime", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FirstTimeFF3", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.FixPageNotFoundErrors", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.GroupingServerCheckInterval", 1440); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.GroupingServiceUrl", "http://grouping.services.conduit.com/"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HPInstall", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HasUserGlobalKeys", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HomePageProtectorEnabled", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.HomepageBeforeUnload", "http://www.google.fr/"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.Initialize", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InitializeCommonPrefs", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstallationAndCookieDataSentCount", 3); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstallationType", "UnknownIntegration"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.InstalledDate", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsAlertDBUpdated", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsGrouping", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsInitSetupIni", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsMulticommunity", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsOpenThankYouPage", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.IsOpenUninstallPage", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackReloadIntervalMM", 1440); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LastLogin_3.8.0.8", "Mon Dec 05 2011 16:44:01 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LastLogin_3.8.1.0", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.LatestVersion", "3.9.0.3"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.Locale", "fr"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipHeight", "83"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipShow", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MCDetectTooltipWidth", "295"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.MyStuffEnabledAtInstallation", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.OriginalFirstVersion", "3.8.0.8"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.RadioShrinked", "expanded"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.RadioShrinkedFromSetup", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SHRINK_TOOLBAR", 1); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchBoxWidth", 150); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchCaption", "uTorrentBar_FR Customized Web Search"); =>P2P.µTorrent O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchFromAddressBarIsInit", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2851639&q="); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabEnabled", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabIntervalMM", 1440); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabLastCheckTime", "Thu Mar 08 2012 01:18:18 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchProtectorEnabled", false); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SearchProtectorToolbarDisabled", false); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SendProtectorDataViaLogin", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ServiceMapLastCheckTime", "Thu Mar 08 2012 01:18:39 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SettingsLastCheckTime", "Thu Mar 08 2012 01:18:18 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.SettingsLastUpdate", "1325063002"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2851639&SearchSource=13"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsInterval", 504); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsLastCheck", "Thu Mar 08 2012 01:18:18 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ThirdPartyComponentsLastUpdate", "1255344667"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ToolbarShrinkedFromSetup", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TrusteLinkUrl", "http://trust.conduit.com/CT2851639"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.UserID", "UN52854129704389643"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.ValidationData_Toolbar", 2); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherNetwork", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherPollDate", "Fri Nov 25 2011 11:25:21 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.WeatherUnit", "C"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.alertChannelId", "1243674"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.approveUntrustedApps", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.cbfirsttime", "546875204E6F7620323420323031312031303A32353A343020474D542B30313030"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.pairingkey", "46383346323945313344303635323035444532334330463844394135344543463346333138353238[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.scriptsource", "687474703A2F2F3132372E302E302E313A31303030302F6775692F"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.url_history", "68747470733A2F2F706172746963756C696572732E736F636965746567656E6572616C652E66722[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.url_history_time", "31333232313236383030373737"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.backendstorage.uttorrents", "7B226275696C64223A32363437332C226C6162656C223A5B5D2C22746F7272656E7473223A5B5D2C[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.1000034", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.1000234", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529700900053", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529701212556", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529703087570", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129351529703087571", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129422840102831305", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.129544678881551249", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.components.2548968607390276962", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.globalFirstTimeInfoLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.homepageProtectorEnableByLogin", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.initDone", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.isAppTrackingManagerOn", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.isFirstRadioInstallation", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffEnabled", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffPublihserMinWidth", 400); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffServiceIntervalMM", 1440); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.oldAppsList", "129351529700431300,129351529700743801,1000234,129351529700900053,1000034,129422840102831305,12[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.revertSettingsEnabled", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.searchProtectorDialogDelayInSec", 10); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.searchProtectorEnableByLogin", true); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.testingCtid", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.toolbarAppMetaDataLastCheckTime", "Thu Mar 08 2012 01:18:39 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.toolbarContextMenuLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.usagesFlag", 2); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2851639/CT2851639", "\"e5f449b73c261ef2c855e7b6[...] O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1243674/1239347/FR", "\"0\""); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2851639", "\"1290675760\""); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=fr", "kLE3EoupXhh+3ayzzXG[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=fr", "TA2mKqdBHssHhc1ui1OG[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=fr", "ev2KSD8BFMMs2dxsoAq[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=fr", "hOlcV9OHcX1OR8Faic1Xmg[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"d229fa25f6c9cc1:0\""); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.0.8", "\"6a637346d78ccc1:0\"")[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.1.0", "\"801a319dd78ccc1:0\"")[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2851639", "\"13a760730d9291f1df061003ec[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2851639&octid=CT2851639", "\"1321973062\""); =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=fr", "\"e2c7e748baf39a07110b8576b7a4466c\[...] =>Toolbar.Conduit O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList", "CT2851639"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2851639"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2851639"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Nov 24 2011 10:25:38 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.globalUserId", "34c509e5-003f-406d-84c5-d9caaef1f26d"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Thu Mar 08 2012 01:18:40 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Mar 08 2012 01:18:27 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.locale", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 0); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Mar 08 2012 01:18:19 GMT+0100"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.notifications.userId", "82989ed8-4564-4e40-baea-69ba3fbebaee"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CommunityToolbar.originalHomepage", "http://www.google.fr/"); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("CT2851639.autoDisableScopes", -1); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("extensions.asktb.ff-original-keyword-url", ""); O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://fr.ask.com/?l=dis&o=15768"); =>PUP.SweetIM O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.00000&barid={6BEAFEBC-40AE-11E2-996E-F46D04234C[...] =>PUP.SweetIM O69 - SBI: prefs.js [Elbereth Mormegil - i85xmxp5.default] user_pref("extensions.crossriderapp21058.adsOldValue", 10); =>PUP.CrossRider O69 - SBI: SearchScopes [HKCU] {006ee092-9658-4fd6-bd8e-a21a348e59f5} [DefaultScope] - (Web Search) - http://feed.snap.do =>Hijacker.SmartBar O69 - SBI: SearchScopes [HKCU] {065F8DCC-BA4A-431A-A4FF-8978AEC3B5D0} - (Ask Search) - http://websearch.ask.com =>Toolbar.Ask O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www1.delta-search.com =>Toolbar.DeltaSearch O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Search Results) - http://dts.search-results.com =>PUP.SearchResults O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com =>P2P.µTorrent O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com =>Adware.BasicScan O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - http://www.basicscan.com =>Adware.BasicScan ~ Keys: Scanned in 00mn 00s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.90E1D86D979B92738A47D7072CB22DA8] [sPRF][07/07/2010] (...) -- C:\ProgramData\FullRemove.exe [131472] [MD5.11D751D299B9ABDC77BFF4156C75C4CF] [sPRF][20/06/2013] (...) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\bitool.dll [38480] [MD5.5AA3E89A59E3D556B5F9B6D8D8EE3A82] [sPRF][02/09/2013] (.Somoto Ltd. - Better Installer Cleaner.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\bi_cleaner.exe [42080] =>Adware.MegaSearch [MD5.1BE42EE5E0DFD8B190F889A013CA7D47] [sPRF][20/06/2013] (.DealPly Technologies Ltd. - DealPly.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\dp.exe [846368] =>PUP.DealPly [MD5.EB501CC7E76645141C537C48C109972B] [sPRF][10/06/2013] (.Tencent - QQ????.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\qqsafeud.exe [31096] =>Adware.TencentAddressBar [MD5.4FA8BF7C6CCB8B7C46271820D71EEDF8] [sPRF][20/06/2013] (.QuickShare - QuickShare.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\QuickShare1.exe [8049316] =>PUP.QuickShare [MD5.4EB821E5787C4D18F37220D327288699] [sPRF][02/07/2013] (.Tencent - QQ????????.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\selfupdate.exe [31048] =>Adware.TencentAddressBar [MD5.2B6C5007223ECA47B123CF66C4F2E50C] [sPRF][18/06/2013] (.Pas de propriétaire - Linkury.Installer.MsiWrapper.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\SmartbarExeInstaller.exe [8954136] =>Hijacker.SmartBar [MD5.2FA9B17D3DDAE085B08D4C230199977E] [sPRF][24/08/2013] (.TENCENT - TSSafeEdit.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\tssafeedit.dat [53816] =>Adware.TencentAddressBar [MD5.B0F6507F8666E89DD9F192313D88EB98] [sPRF][16/06/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Elbereth Mormegil\AppData\Local\Temp\uninst1.exe [389632] =>Toolbar.Babylon [MD5.011DB1E20A7B4CDC3C1275899AF3667D] [sPRF][12/02/2013] (...) -- C:\Users\Elbereth Mormegil\Desktop\Miniatures.dat [199620] ~ Files: 13 Legitimates Filtered in 00mn 01s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{183CED50-7498-477B-98E3-BE1B64FBDD21}" | In - Private - P6 - TRUE | .(...) -- D:\Programmes\Dragon Nest Europe\DragonNest.exe O87 - FAEL: "{008387F4-C006-4AE0-BDE4-EE64E6221364}" | In - Private - P17 - TRUE | .(...) -- D:\Programmes\Dragon Nest Europe\DragonNest.exe ~ Firewall: 198 Legitimates Filtered in 00mn 01s ---\\ Export de clés de registre aléatoires (O91) [HKCU\Software\5257d8d8b335ea13\2.6.1519.190\upd]:="upd=1" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:exeName="BrowserDefender.exe" =>Hijacker.Eazel [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:folderName="BrowserDefender" =>Hijacker.Eazel [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}" [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:serviceName="BrowserDefendert" =>Hijacker.Eazel [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:version="2.6.1339.144" [HKCU\Software\5257d8d8b335ea13]:version="2.6.1519.190" [HKLM\Software\Wow6432Node\5257d8d8b335ea13]:version="2.6.1519.190" ~ Export Key Software: Scanned in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.FBB03805D9990652152256BB16DE8856] [WIS][04/05/2009] (.ATI - Branding.) -- C:\Windows\Installer\16427.msi [395264] [MD5.1DA3AFDF337058DFAEE5C372406C0C9D] [WIS][20/06/2013] (.Linkury Inc. - QuickShare Widget.) -- C:\Windows\Installer\264f3e46.msi [8880128] =>PUP.QuickShare [MD5.BE4D0466AC1EFD2DE669A7606D574348] [WIS][01/07/2013] (.Tencent Technology (Shenzhen) Company Limit - Tencent QQ International.) -- C:\Windows\Installer\30a9886d.msi [1506816] =>Adware.TencentAddressBar ~ WIS: 136 Legitimates Filtered in 00mn 20s ---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 05/09/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe SR - | Auto 11/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 20/08/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Demand 31/03/2008 225280 | (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe SR - | Auto 08/12/2009 379520 | (AFBAgent) . (.ASUSTeK Computer Inc..) - C:\Windows\system32\FBAgent.exe SR - | Auto 11/11/2009 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 16/06/2009 84536 | (ASLDRService) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe SS - | Auto 10/11/2009 96896 | (ATKGFNEXSrv) . (.ASUS.) - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 26/07/2013 2847696 | (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel SS - | Auto 11/02/2013 185176 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe SS - | Auto 22/02/2013 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 22/02/2013 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 19/03/2012 284512 | (IconixService) . (...) - C:\Program Files (x86)\Common Files\Iconix\IconixService.exe SS - | Demand 07/06/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SR - | Auto 01/10/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SR - | Demand 03/08/2007 125496 | (spmgr) . (...) - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe SR - | Auto 27/11/2009 243712 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe SR - | Auto 01/10/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SR - | Auto 02/05/2013 109064 | (WajamUpdater) . (.Wajam.) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 00\00\0000 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 24s ---\\ Scan Additionnel (O88) Database Version : v2.12874 - (01/09/2013) Clés trouvées (Keys found) : 228 Valeurs trouvées (Values found) : 4 Dossiers trouvés (Folders found) : 29 Fichiers trouvés (Files found) : 43 [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Wajam^ [HKLM\SYSTEM\CurrentControlSet\Services\BrowserDefendert] =>Hijacker.Eazel^ [HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>Hijacker.Eazel^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{04DB50FA-EA80-4256-85F9-540C582E280D}] =>PUP.QuickShare^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>Toolbar.Wajam^ [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster [HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam [HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade [HKLM\Software\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam [HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam [HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade [HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}] =>PUP.Whitesmoke [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster [HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar [HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper [HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade [HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar [HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo [HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster [HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\Interface\{EFDCAF05-D29C-4D4D-9836-8CDCD606A6B2}] =>Toolbar.Babylon [HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade [HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Toolbar.Ask [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ehdmaehkiiampolokajdcelladmnopgp] =>Toolbar.Agent [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM [HKLM\Software\Wow6432Node\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit [HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam [HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader [HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore [HKCU\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\DataMngr] =>Adware.Bandoo [HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo [HKCU\Software\iMesh] =>PUP.iMesh [HKCU\Software\Iminent] =>Adware.IMBooster [HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster [HKCU\Software\OfferBox] =>PUP.OfferBox [HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox [HKCU\Software\SmartbarBackup] =>Hijacker.SmartBar [HKCU\Software\SmartbarLog] =>Hijacker.SmartBar [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\SweetIM] =>PUP.SweetIM [HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM [HKLM\Software\Tarma Installer] =>Toolbar.Tarma [HKCU\Software\WideStream] =>Adware.SPointer [HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASAPI32] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\Babylon_RASMANCS] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox [HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox [HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam [HKCU\Software\InstallCore] =>Adware.InstallCore [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector [HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Tarma [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Tarma [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods [HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASAPI32] =>PUP.QuickShare [HKLM\Software\Wow6432Node\Microsoft\Tracing\QuickShare_RASMANCS] =>PUP.QuickShare [HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch [HKLM\Software\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}] =>Toolbar.Conduit [HKLM\Software\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}] =>PUP.DealPly [HKLM\Software\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}] =>Toolbar.Babylon [HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore [HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS] =>Toolbar.Conduit [HKLM\Software\Classes\AppID\BabylonHelper.EXE] =>Toolbar.Babylon [HKCU\Software\BI] =>Adware.MegaSearch [HKCU\Software\AppDataLow\Software\XingHaoLyrics] =>Adware.ShopperReports [HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam [HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam [HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam [HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211101158}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211101158}] =>PUP.CrossRider [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211101158}] =>PUP.CrossRider [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}] =>Adware.Bandoo^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^ [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{ae07101b-46d4-4a98-af68-0333ea26e113} =>PUP.QuickShare^ [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Browser Infrastructure Helper =>PUP.QuickShare^ [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\crossriderapp21058@crossrider.com =>PUP.CrossRider^ C:\Program Files (x86)\Tencent =>Adware.TencentAddressBar^ C:\Program Files (x86)\Wajam =>Toolbar.Wajam^ C:\Program Files (x86)\Common Files\Tencent =>Adware.TencentAddressBar^ C:\ProgramData\Babylon =>Toolbar.Babylon^ C:\ProgramData\BrowserDefender =>Hijacker.Eazel^ C:\ProgramData\Tarma Installer =>Toolbar.Tarma^ C:\ProgramData\Trymedia =>Adware.Trymedia^ C:\Users\Elbereth Mormegil\AppData\Roaming\B1Toolbar =>Hijacker.SearchB1org^ C:\Users\Elbereth Mormegil\AppData\Roaming\Babylon =>Toolbar.Babylon^ C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly =>PUP.DealPly^ C:\Users\Elbereth Mormegil\AppData\Roaming\OfferBox =>PUP.OfferBox^ C:\Users\Elbereth Mormegil\AppData\Roaming\OpenCandy =>Adware.OpenCandy^ C:\Users\Elbereth Mormegil\AppData\Roaming\Tencent =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Roaming\widestream =>Adware.SPointer^ C:\Users\Elbereth Mormegil\AppData\Local\Smartbar =>Hijacker.SmartBar^ C:\Users\Elbereth Mormegil\AppData\Local\Wajam =>Toolbar.Wajam^ C:\Users\Elbereth Mormegil\AppData\Local\widestream6 Air =>Adware.SPointer^ C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter =>Crapware.SpyHunter^ C:\Users\Elbereth Mormegil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam =>Toolbar.Wajam^ C:\ProgramData\Software =>Adware.Boxore C:\ProgramData\Partner =>Spyware.Partner C:\Users\Elbereth Mormegil\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\Elbereth Mormegil\AppData\Local\Software =>Adware.Boxore C:\Users\Elbereth Mormegil\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch C:\Users\Elbereth Mormegil\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Elbereth Mormegil\AppData\LocalLow\PriceGong =>Adware.PriceGong C:\Users\Elbereth Mormegil\AppData\LocalLow\Smartbar =>Hijacker.SmartBar C:\Users\Elbereth Mormegil\AppData\Local\Temp\Smartbar =>Hijacker.SmartBar C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\bprotector_extensions.sqlite =>PUP.BProtector C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\bprotector_prefs.js =>PUP.BProtector C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\SearchPlugins\sweetim.xml =>PUP.SweetIM C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe =>Hijacker.Eazel^ C:\Users\Elbereth Mormegil\AppData\Local\Smartbar\Application\QuickShare.exe =>PUP.QuickShare^ C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam^ C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\babylon.xml =>Toolbar.Babylon^ C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\BrowserDefender.xml =>Hijacker.Eazel^ C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\delta.xml =>Toolbar.DeltaSearch^ C:\Users\Elbereth Mormegil\AppData\Roaming\Mozilla\Firefox\Profiles\i85xmxp5.default\searchplugins\sweetim.xml =>PUP.SweetIM^ C:\Program Files (x86)\Wajam\IE\priam_bho.dll =>Toolbar.Wajam^ C:\Windows\System32\mscoree.dll =>PUP.QuickShare^ C:\Program Files (x86)\Tencent\QQIntl\Bin\QQ.exe =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.exe =>PUP.DealPly^ [HKCU\Software\BabSolution] =>Hijacker.BabSolution^ [HKCU\Software\Conduit] =>Toolbar.Conduit^ [HKCU\Software\Datamngr] =>PUP.Datamngr^ [HKCU\Software\Smartbar] =>Hijacker.SmartBar^ [HKCU\Software\TENCENT] =>Adware.TencentAddressBar^ [HKCU\Software\Wajam] =>Toolbar.Wajam^ [HKCU\Software\yahooinstall] =>Toolbar.Yahoo^ [HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon^ [HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^ [HKLM\Software\Wow6432Node\Tencent] =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\bi_cleaner.exe =>Adware.MegaSearch^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\dp.exe =>PUP.DealPly^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\qqsafeud.exe =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\QuickShare1.exe =>PUP.QuickShare^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\selfupdate.exe =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\SmartbarExeInstaller.exe =>Hijacker.SmartBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\tssafeedit.dat =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon^ [HKCU\Software\5257d8d8b335ea13\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1339.144]:dllName="BrowserDefender.dll" =>Hijacker.Eazel^ C:\Windows\Installer\264f3e46.msi =>PUP.QuickShare^ C:\Windows\Installer\30a9886d.msi =>Adware.TencentAddressBar^ C:\Users\Elbereth Mormegil\AppData\Local\Temp\nsf6C39.tmp =>Adware.MegaSearch ~ Additionnel Scan: 290743 Items scanned in 00mn 35s ---\\ Récapitulatif des détections trouvées sur votre station ~ http://nicolascoolman.webs.com/apps/blog/show/27161672-hijacker-eazel =>Hijacker.Eazel ~ http://nicolascoolman.webs.com/apps/blog/show/28577022-pup-quickshare =>PUP.QuickShare ~ http://nicolascoolman.webs.com/apps/blog/show/27379491-toolbar-wajam =>Toolbar.Wajam ~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>Toolbar.Babylon ~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM ~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider ~ http://nicolascoolman.webs.com/apps/blog/show/26990375-hijacker-smartbar =>Hijacker.SmartBar ~ http://nicolascoolman.webs.com/apps/blog/show/27668065-adware-tencentaddressbar =>Adware.TencentAddressBar ~ http://nicolascoolman.webs.com/apps/blog/show/28060597-pup-dealply =>PUP.DealPly ~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader ~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution ~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit ~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr ~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster ~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore ~ http://nicolascoolman.webs.com/apps/blog/show/28606910-pup-offerbox =>PUP.OfferBox ~ http://nicolascoolman.webs.com/apps/blog/show/27556476-adware-spointer =>Adware.SPointer ~ http://nicolascoolman.webs.com/apps/blog/show/28441146-pup-imesh =>PUP.iMesh ~ http://nicolascoolman.webs.com/apps/blog/show/30268689-toolbar-yahoo =>Toolbar.Yahoo ~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>Toolbar.Tarma ~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore ~ http://nicolascoolman.webs.com/apps/blog/show/29710349-adware-trymedia =>Adware.Trymedia ~ http://nicolascoolman.webs.com/apps/blog/show/30703839-hijacker-searchb1org =>Hijacker.SearchB1org ~ http://nicolascoolman.webs.com/apps/blog/show/26770694-adware-opencandy =>Adware.OpenCandy ~ http://nicolascoolman.webs.com/apps/blog/show/26609241-crapware-spyhunter =>Crapware.SpyHunter ~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask ~ http://nicolascoolman.webs.com/apps/blog/show/30319724-pup-searchresults =>PUP.SearchResults ~ http://nicolascoolman.webs.com/apps/blog/show/26712089-adware-basicscan =>Adware.BasicScan ~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch ~ http://nicolascoolman.webs.com/apps/blog/show/28000037-pup-rewardsarcade =>PUP.RewardsArcade ~ http://nicolascoolman.webs.com/apps/blog/show/27636417-pup-whitesmoke =>PUP.WhiteSmoke ~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo ~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo ~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector ~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods ~ http://nicolascoolman.webs.com/apps/blog/show/28419247-toolbar-avira =>Toolbar.Avira ~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner ~ http://nicolascoolman.webs.com/apps/blog/show/26666995-adware-pricegong =>Adware.PriceGong ~ MSI: 39 link(s) detected in 00mn 35s ~ 1327 Legitimates filtered by white list End of the scan (1097 lines in 04mn 47s)(0)
×
×
  • Créer...