Il y a actuellement 241 visiteurs
Mardi 05 Novembre 2024
accueilactualitésdossierscomparer les prixtélécharger gratuitement vos logicielsoffres d'emploiforum informatique
Connexion
Créer un compte

[Réglé] aide virus au demarrage

Un ordinateur qui ralentit, des écrans publicitaires qui apparaissent, des applications qui refusent de démarrer ou encore votre navigateur qui s'obstine à ouvrir une page douteuse sont autant d'éléments qui indiquent que l'intégrité de votre ordinateur est menacée par un virus. Vous trouverez dans ce forum quelques conseils et logiciels pour surfer tranquillement.
Règles du forum
Pour afficher un rapport d'analyse ou un rapport d'infection (HijackThis, OTL, AdwCleaner etc...)‎, veuillez utiliser le système de fichiers joints interne au forum. Seuls les formats les .txt et .log de moins de 1Mo sont acceptés. Pour obtenir de l'aide pour insérer vos fichiers joints, veuillez consulter ce tutoriel

[Réglé] aide virus au demarrage

Message le 09 Juil 2013 15:49

Bonjour,

Depuis quelques semaines à chaque fois que je démarre mon Ordinateur Portable il y a mon antivirus (Anvira Antivir) qui se met a sonner comme quoi il a détecter "un cheval de Troie" à chaque fois je choisis l'option de supprimé voir mettre en quarantaine mais à chaque redémarrage il se remet à sonner .

Je suis sous Vista et j'ai fais un rapport avec mon antivirus .

Voici le rapport :
"14 virus ou programme indésirables ont été trouvés"
la mise à jouir échoué à chaque fois je sais pas pourquoi ...sa c'est un autre probleme.

Comment supprimer le virus ?
ps : j'ai fais un nettoyage complet avec CCLEANER !

merci de votre aide par avance.
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 


Re: aide virus au demarrage

Message le 11 Juil 2013 20:03

Bonsoir
Dans un premier temps vide la quarantaine d'Antivir.
ensuite:
Installe Malewarebytes' Antimalware,

http://malwarebytes.org/products/malwarebytes_free

Prends bien la version FREE
*** Met-le à jour puis choisi, Exécuter un examen complet

*** Si une infection est trouvée, coche la case a coté et valides avec l’Onglet Supprimer la sélection

Poste le rapport final.

Puis:

Télécharges << ZHPDiag>> (de Nicolas Coolman)

dezzipes le fichier sur ton bureau...
Fais un clic-droit sur l'icône ZHPDiag .exe et choisis "exécuter en tant qu'administrateur".


L'installation va créer raccourcis (ZHPDiag et ZHPFix et MBRchek) sur ton bureau

Image

***
Si le bouton UAC apparaît dans le panel supérieur cela signifie que votre UAC est activée. L'activation de l'UAC gène l'analyse deZHPDiag sur certains modules (O18,O23,O42,...).
Aussi pour permettre un scan complet de l'outil, vous devez au préalable cliquer sur ce bouton.
Ce qui aura pour conséquence de relancer ZHPDiag avec une désactivation temporaire de l'UAC.
***
A la fin de l'installation ZHPDiag va se lancer....

Cliques sur "Lancer le diagnostic " (image de la loupe) et patiente...

A la fin du scan le rapport est sauvegardé directement sur ton bureau. ZHPDiag.txt

Mets le rapport ici car il prend bien de la place.
http://cjoint.com/
ou.
http://www.1fichier.com/
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 11 Juil 2013 21:02

Salut ,

merci pour ton aide,

alors avant de commencer tu m'as demandé de vider la quarantaine antivir c'est quoi ? et comment je peux faire sa ?

Par ailleurs je trouve ça dommage, d’être oblige de télécharger d'autre logiciel pour pouvoir supprimé ce virus des logiciels que j'ai déjà comme CCLEANER ou Antivir ne peuvent donc pas supprimé les virus ?
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 12 Juil 2013 11:50

Pour vider la quarantaine Avira.
http://www.bibou0007.com/t1284-antivir- ... uarantaine


Par ailleurs je trouve ça dommage, d’être oblige de télécharger d'autre logiciel pour pouvoir supprimé ce virus des logiciels que j'ai déjà comme CCLEANER ou Antivir ne peuvent donc pas supprimé les virus ?

CCLEANER ne peux jamais rien faire contre un intrus il es efficace pour les fichiers temporaires et c'est tout. Bien sur sur il a autre petit module très pratique.
Avira quand à lui comme tout antivirus " payant ou gratuit" ne s'est pas tout faire d'ou ma demande :wink:
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 12 Juil 2013 15:07

Voici le rapports de malwarebytes :


Malwarebytes Anti-Malware

Rapport

J'ai supprimé ce qui à été cocher automatiquement après l'analyse !
Le virus à été supprime ou pas ?
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 12 Juil 2013 16:47

ok passe ZHPDiag en plus pour contrôle s.t.p.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 14 Juil 2013 21:35

j'ai mis le lien de téléchargement : Rapport


Voila j'ai tout fait comment le supprimé maintenant ce virus ?
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 15 Juil 2013 11:44

Désolé le lien de ton rapport n'est pas valide :oops:
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 15 Juil 2013 11:53

Rapport


voici le rapport j’espère que ça sera bon cette fois . :-?
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 15 Juil 2013 18:49

jackbauer69 a écrit:http://cjoint.com/?CGpm0TWE2R8


voici le rapport j’espère que ça sera bon cette fois . :-?

En fait ton rapport est vide :oops:
Regarde la manip s.t.p.
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 15 Juil 2013 21:45

Rapport

cette fois c'est bon ? j'ai copié dans le bloc notes le rapport .
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 16 Juil 2013 11:51

ok ceci.

* Copie tout le texte présent que tu télécharges dans le lien ci dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

Lien édité

Puis Lance ZHPFix depuis le raccourci du bureau.
Image

-> laisse travailler l'outil et ne touche à rien ...

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !


Ensuite:
Télécharge AdwCleaner ( d'Xplode ) sur ton bureau.

Image
http://general-changelog-team.fr/telech ... adwcleaner


Image

- Lances le en mode normal , puis cliques sur [Suppression]
- Lorsque le message indiquant qu'AdwCleaner a détecté une variante spécifique d'adware s'affiche , cliquez sur [OK]

- L'ordinateur va redémarrer tout seul. Redémarre-le en mode normal.
- AdwCleaner s'ouvrira normalement, avec comme seul choix possible [Suppression]

- Cliquez dessus, puis patientes pendant la suppression.
- Une fois la suppression effectuée, AdwCleaner vous invitera à redémarrer l'ordinateur

- Au redémarrage, un rapport s'ouvrira. Postes le sur le forum.

Note : Le rapport est également sauvegardé sous C:\AdwCleaner[S1].txt

Ensuite:
1) Télécharge Junkware Removal Tool sur le bureau: << Junkware Removal Tool Download >>

Sous XP, double-clique sur l'icône et presse une touche lorsque cela sera demandé.

Sous Vista/7/8, clic droit/exécuter en tant qu'administrateur.

Poste le rapport généré à la fin de l'analyse.

NB: Le bureau disparaitra un instant, c'est normal.


Image


Image
Info : << ICI >>
Avatar de l'utilisateur
bernard53
PC-Infopraticien
PC-Infopraticien
 
Messages: 12778
Inscription: 08 Déc 2009 19:51
 

Re: aide virus au demarrage

Message le 22 Juil 2013 09:37

RAPPORT zh fix
Code: Tout sélectionner
[MD5.013A330F16B1CECBDE5CB6F921689523] - (...) -- C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe   [2827728] [PID.2500]  =>Hijacker.Eazel
[MD5.CD0B65BB966D2C7511174CD9B7272D26] - (...) -- C:\Users\JONATHAN\AppData\Local\startertv_fr_3\upstv_fr_3.exe   [2082664] [PID.3508]  =>Adware.StarterTV
[MD5.D9C37A72B871BCB0844AF097070FCF1E] - (.Bandoo Media, inc - Data Manager.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe   [1599888] [PID.2244]  =>PUP.Datamngr
[MD5.15A4D1A8C15CB3C0C13C3F36899475E6] - (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe   [114992] [PID.4156]  =>PUP.SweetIM
[MD5.75F65890FFEBA5EDB7D31130A94EBB6D] - (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe   [4880232] [PID.4284]  =>PUP.OfferBox
[MD5.B940D06E636DC0AA48B797D00B24D684] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe   [1074736] [PID.5844]  =>Adware.IMBooster
[MD5.BED8CB6A24415CF6355FAD07989F0582] - (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe   [884784] [PID.6052]  =>Adware.IMBooster
[MD5.A3C892E28EBDACAEB1CF2339470C14EF] - (...) -- C:\Program Files\tuto4pc_fr_45\tuto4pc_fr_45.exe   [3960304] [PID.1128]  =>PUP.Eorezo
[MD5.49A280FD34054DEAC4957A979C09D9D8] - (.Iminent - Iminent Protection.) -- C:\Program Files\Common Files\Umbrella\umbrella.exe   [2729512] [PID.3252]  =>Adware.IMBooster
M3 - MFPP: Plugins - [JONATHAN] -- C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\searchplugins\babylon.xml  =>Toolbar.Babylon
M3 - MFPP: Plugins - [JONATHAN] -- C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\searchplugins\BrowserDefender.xml  =>Hijacker.Eazel
M2 - MFEP: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029\bbrs_002@blabbers.com] [] Ginyas Browser Companion v1.0.5 (..)  =>PUP.Blabbers
M2 - MFEP: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029\webbooster@iminent.com] [] Iminent Minibar v6.27.3.1 (..)  =>Adware.IMBooster
P2 - FPN:Firefox Plugin Navigator . (.vShare.tv - vShare.tv plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll  =>PUP.VShareRedir
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com  =>PUP.SweetIM
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} . (.Pas de propriétaire - Browser Companion Helper plug-in.) -- C:\Program Files\GinyasBrowserCompanion\jsloader.dll  =>PUP.Blabbers
O2 - BHO: IE5BarLauncherBHO Class - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} . (.VShare Inc. - This is a module that is required for the o.) -- C:\Program Files\vShare.tv plugin\BarLcher.dll  =>PUP.VShareRedir
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} . (.Pas de propriétaire - Browser Companion Helper Verifier.) -- C:\Program Files\GinyasBrowserCompanion\updatebhoWin32.dll  =>PUP.Blabbers
O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll  =>PUP.Datamngr
O2 - BHO: Loader Class - {9D717F81-9148-4f12-8568-69135F087DB0} . (.Bandoo Media, inc - Url Helper.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll  =>PUP.Datamngr
O2 - BHO: IMinent WebBooster - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} . (.Iminent - Iminent BHO.) -- C:\Program Files\Iminent\Iminent.WebBooster.InternetExplorer.dll  =>Adware.IMBooster
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar module for Internet Explore.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.SweetIM
O3 - Toolbar: VShareToolBar - [HKLM]{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} . (.VShare Inc. - This is a module that is required for the o.) -- C:\Program Files\vShare.tv plugin\BarLcher.dll  =>PUP.VShareRedir
O3 - Toolbar: Searchqu Toolbar - [HKLM]{99079a25-328f-4bd4-be04-00955acaa0a7} . (.Pas de propriétaire - dtx Dynamic Link Library.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll  =>PUP.Datamngr
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - [HKLM]{EEE6C35B-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetIM Toolbar module for Internet Explore.) -- C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll  =>PUP.
O4 - HKLM\..\Run: [DATAMNGR] . (.Bandoo Media, inc - Data Manager.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe  =>PUP.Datamngr
O4 - HKLM\..\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files\SweetIM\Messenger\SweetIM.exe  =>PUP.SweetIM
O4 - HKLM\..\Run: [offerbox] . (.Aedge Performance BCN SL - OfferBox.) -- C:\Program Files\OfferBox\OfferBox.exe  =>PUP.OfferBox
O4 - HKLM\..\Run: [Iminent] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe  =>Adware.IMBooster
O4 - HKLM\..\Run: [IminentMessenger] . (.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe  =>Adware.IMBooster
O4 - HKLM\..\Run: [tuto4pc_fr_45] . (...) -- C:\Program Files\tuto4pc_fr_45\tuto4pc_fr_45.exe  =>PUP.Eorezo
O4 - HKLM\..\RunOnce: [upstv_fr_3.exe] . (...) -- C:\Users\JONATHAN\AppData\Local\startertv_fr_3\upstv_fr_3.exe  =>Adware.StarterTV
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\JONATHAN\AppData\Roaming\cacaoweb\cacaoweb.exe  =>PUP.CacaoWeb
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [cacaoweb] . (...) -- C:\Users\JONATHAN\AppData\Roaming\cacaoweb\cacaoweb.exe  =>PUP.CacaoWeb
O4 - GS\Desktop: Search The Web.lnk - Clé orpheline  =>Adware.IMBooster
O20 - AppInit_DLLs: . (...) - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll  =>Hijacker.Eazel
O23 - Service: BrowserDefendert (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe  =>Hijacker.Eazel
O23 - Service: SProtection (SProtection) . (.Iminent - Iminent Protection.) - C:\Program Files\Common Files\Umbrella\umbrella.exe  =>Adware.IMBooster
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job   [1006]  =>PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job   [1006]  =>PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job   [1006]  =>PUP.Blabbers
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job   [938]  =>PUP.Blabbers
[MD5.71D490C463014E4FB88B8CBA700B111E] [APT] [EPUpdater] (...) -- C:\Users\JONATHAN\AppData\Roaming\BabSolution\Shared\BabMaint.exe   [4608]  =>Hijacker.BabSolution
[MD5.3C3623176DB4F1AA9CFEAF746E6B22F9] [APT] [FinishInstall igdhbblpcellaljokkpfhcjlagemhgjl] (.Iminent.) -- C:\Users\JONATHAN\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl\Binaries\ChromeInstaller.exe   [957504]  =>Adware.IMBooster
[MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanion Chrome Watcher] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe   [741888]  =>PUP.Blabbers
[MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanion FireFox Watcher] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe   [741888]  =>PUP.Blabbers
[MD5.193A62BC5A4E580E3547BC7270CA74C9] [APT] [GinyasBrowserCompanion Stats Report] (.Blabbers Communications Ltd.) -- C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe   [741888]  =>PUP.Blabbers
[MD5.75F65890FFEBA5EDB7D31130A94EBB6D] [APT] [OfferBoxUpdateTask] (.Aedge Performance BCN SL.) -- C:\Program Files\OfferBox\OfferBox.exe   [4880232]  =>PUP.OfferBox
O42 - Logiciel: BrowserDefender - (.Bit89 Inc.) [HKLM] -- {15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}  =>Hijacker.Eazel
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- IMBoosterARP  =>Adware.IMBooster
O42 - Logiciel: Iminent - (.Iminent.) [HKLM] -- {5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}  =>Adware.IMBooster
O42 - Logiciel: Startertv - (.StarterTV.) [HKLM] -- Startertv_is1  =>Adware.StarterTV
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM] -- {A81A974F-8A22-43E6-9243-5198FF758DA1}  =>PUP.SweetIM
O42 - Logiciel: tuto4pc_fr_45 - (.TUTO4PC.) [HKLM] -- tuto4pc_fr_45_is1  =>PUP.Eorezo
O42 - Logiciel: vShare.tv plugin 1.3 - (.vShare.tv, Inc..) [HKLM] -- vShare.tv plugin  =>PUP.VShareRedir
[HKCU\Software\AppDataLow\Software\PriceGong]  =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SmartBar]  =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\searchqutoolbar]  =>PUP.Datamngr
[HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}]    => Infection BT (Adware.DoubleD)
[HKCU\Software\BabSolution]  =>Hijacker.BabSolution
[HKCU\Software\DataMngr]  =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar]  =>PUP.Datamngr
[HKCU\Software\Iminent]  =>Adware.IMBooster
[HKCU\Software\OfferBox]  =>PUP.OfferBox
[HKCU\Software\StartSearch]  =>PUP.StartSearch
[HKCU\Software\SweetIM]  =>PUP.SweetIM
[HKCU\Software\TutoTag]  =>Spyware.AgenceExcusive
[HKCU\Software\Tutorials]  =>Spyware.AgenceExcusive
[HKCU\Software\cacaoweb]  =>PUP.CacaoWeb
[HKCU\Software\tuto4pc]  =>PUP.Eorezo
[HKCU\Software\vShare.tv]  =>PUP.VShareRedir
[HKLM\Software\DataMngr]  =>PUP.Datamngr
[HKLM\Software\Iminent]  =>Adware.IMBooster
[HKLM\Software\SearchquMediabarTb]  =>PUP.Datamngr
[HKLM\Software\StarterTV]  =>Adware.StarterTV
[HKLM\Software\SweetIM]  =>PUP.SweetIM
[HKLM\Software\Umbrella]    => Infection PUP (Adware.IMBooster)
O43 - CFD: 12/07/2013 - 09:58:36 - [16,148] ----D C:\Program Files\Iminent  =>Adware.IMBooster
O43 - CFD: 29/03/2012 - 19:58:53 - [5,220] ----D C:\Program Files\OfferBox  =>PUP.OfferBox
O43 - CFD: 12/07/2013 - 16:41:33 - [3,963] ----D C:\Program Files\Startertv  =>Adware.StarterTV
O43 - CFD: 11/03/2012 - 22:48:54 - [8,457] ----D C:\Program Files\SweetIM  =>PUP.SweetIM
O43 - CFD: 12/07/2013 - 10:03:30 - [6,230] ----D C:\Program Files\tuto4pc_fr_45  =>PUP.Eorezo
O43 - CFD: 27/08/2011 - 19:13:44 - [0,566] ----D C:\Program Files\vShare.tv plugin  =>PUP.VShareRedir
O43 - CFD: 12/07/2013 - 09:57:48 - [2,603] ----D C:\Program Files\Common Files\Umbrella    => Infection PUP (Adware.IMBooster)
O43 - CFD: 12/07/2013 - 09:55:28 - [0] ----D C:\ProgramData\Babylon  =>Toolbar.Babylon
O43 - CFD: 12/07/2013 - 09:57:13 - [7,883] ----D C:\ProgramData\BrowserDefender  =>Hijacker.Eazel
O43 - CFD: 12/07/2013 - 09:58:29 - [0,030] ----D C:\ProgramData\Iminent  =>Adware.IMBooster
O43 - CFD: 11/03/2012 - 22:48:33 - [2,726] ----D C:\ProgramData\SweetIM  =>PUP.SweetIM
O43 - CFD: 12/07/2013 - 09:57:01 - [1,918] ----D C:\Users\JONATHAN\AppData\Roaming\BabSolution  =>Hijacker.BabSolution
O43 - CFD: 12/07/2013 - 09:55:28 - [0,010] ----D C:\Users\JONATHAN\AppData\Roaming\Babylon  =>Toolbar.Babylon
O43 - CFD: 21/11/2010 - 23:08:17 - [182,993] ----D C:\Users\JONATHAN\AppData\Roaming\cacaoweb  =>PUP.CacaoWeb
O43 - CFD: 12/07/2013 - 09:58:04 - [2,549] ----D C:\Users\JONATHAN\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl    => Adware.IMBooster
O43 - CFD: 12/07/2013 - 09:58:49 - [0,016] ----D C:\Users\JONATHAN\AppData\Roaming\Iminent  =>Adware.IMBooster
O43 - CFD: 30/03/2012 - 18:37:38 - [0,453] ----D C:\Users\JONATHAN\AppData\Roaming\OfferBox  =>PUP.OfferBox
O43 - CFD: 11/09/2011 - 15:42:27 - [41,941] ----D C:\Users\JONATHAN\AppData\Roaming\OpenCandy  =>Adware.OpenCandy
O43 - CFD: 12/07/2013 - 16:43:41 - [0,000] ----D C:\Users\JONATHAN\AppData\Local\eorezo  =>PUP.Eorezo
O43 - CFD: 11/09/2011 - 18:16:36 - [0] ----D C:\Users\JONATHAN\AppData\Local\OpenCandy  =>Adware.OpenCandy
O43 - CFD: 15/07/2013 - 21:08:58 - [4,703] ----D C:\Users\JONATHAN\AppData\Local\startertv_fr_3  =>Adware.StarterTV
O43 - CFD: 12/07/2013 - 10:03:43 - [3,008] ----D C:\Users\JONATHAN\AppData\Local\tuto4pc_fr_45  =>PUP.Eorezo
O43 - CFD: 12/07/2013 - 09:57:17 - [0,001] ----D C:\Users\JONATHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender  =>Hijacker.Eazel
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} - (Web Search) - http://www.searchqu.com  =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (Web Search) - http://startsear.ch    => Infection BT (Adware.Bandoo)
O69 - SBI: SearchScopes [HKCU] {EEE6C360-6118-11DC-9C72-001320C79847} - (SweetIM Search) - http://search.sweetim.com  =>PUP.SweetIM
O87 - FAEL: "{2BEEE81F-3CAF-47CE-9192-0E2D09706E25}" | In - Private - P6 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe  =>PUP.Datamngr
O87 - FAEL: "{4C5C469A-3BFF-4DA2-A77F-C283540DABDE}" | In - Private - P17 - TRUE | .(.Visicom Media Inc. - DTX broker.) -- C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe  =>PUP.Datamngr
O87 - FAEL: "{27583A99-32E6-450D-85BF-D5A47A859B60}" | In - None - P17 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.exe  =>Adware.IMBooster
O87 - FAEL: "{D02E9E96-7E83-456E-896A-62EBBB456EC9}" | In - None - P17 - TRUE | .(.Iminent - Iminent.) -- C:\Program Files\Iminent\Iminent.Messengers.exe  =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}] =>Adware.IMBooster
[HKLM\Software\Google\Chrome\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj] =>PUP.VShareRedir
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}] =>PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{26C9BBE4-6D45-4AB6-A5B4-E068C9F5EF6D}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}] =>Adware.iWinArcade
[HKLM\Software\Classes\Interface\{3D782BB2-F2A5-11D3-BF4C-000000000000}] =>PUP.VShareRedir
[HKLM\Software\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}] =>PUP.Blabbers
[HKLM\Software\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] =>PUP.VShareRedir
[HKLM\Software\Classes\CLSID\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] =>PUP.VShareRedir
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] =>PUP.VShareRedir
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{78F3A323-798E-4AEA-9A57-88F4B05FD5DD}] =>PUP.VShareRedir
[HKLM\Software\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}] =>PUP.VShareRedir
[HKLM\Software\Classes\CLSID\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}] =>PUP.VShareRedir
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7AC3E13B-3BCA-4158-B330-F66DBB03C1B5}] =>PUP.VShareRedir
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO
[HKLM\Software\Classes\TypeLib\{841D5A49-E48D-413C-9C28-EB3D9081D705}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}] =>Adware.IMBooster
[HKLM\Software\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}] =>PUP.Blabbers
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}] =>PUP.Blabbers
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}] =>PUP.Blabbers
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A81A974F-8A22-43E6-9243-5198FF758DA1}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}] =>Adware.IMBooster
[HKLM\Software\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>PUP.ToparcadeHits
[HKLM\Software\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}] =>Adware.Bandoo
[HKLM\Software\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}] =>Adware.Bandoo
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}] =>Adware.IMBooster
[HKLM\Software\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\BrowserConnection.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\DNSBHO.dll] =>Adware.Bandoo
[HKLM\Software\Classes\AppID\escort.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escortapp.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\escorteng.dll] =>Toolbar.Babylon
[HKLM\Software\Classes\AppID\esrv.EXE] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\sweetim.exe] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\OfferBox] =>PUP.OfferBox
[HKLM\Software\Classes\BrowserConnection.Loader] =>Adware.Bandoo
[HKLM\Software\Classes\BrowserConnection.Loader.1] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO] =>Adware.Bandoo
[HKLM\Software\Classes\DnsBHO.BHO.1] =>Adware.Bandoo
[HKLM\Software\Classes\escort.escortIEPane] =>PUP.Funmoods
[HKLM\Software\Classes\escort.escortIEPane.1] =>PUP.Funmoods
[HKLM\Software\Classes\MyNewsBarLauncher.IE5BarLauncher] =>PUP.VShareRedir
[HKLM\Software\Classes\MyNewsBarLauncher.IE5BarLauncher.1] =>PUP.VShareRedir
[HKLM\Software\Classes\MyNewsBarLauncher.IE5BarLauncherBHO] =>PUP.VShareRedir
[HKLM\Software\Classes\MyNewsBarLauncher.IE5BarLauncherBHO.1] =>PUP.VShareRedir
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard] =>Adware.Bandoo
[HKLM\Software\Classes\SearchQUIEHelper.DNSGuard.1] =>Adware.Bandoo
[HKLM\Software\Classes\updatebho.TimerBHO] =>PUP.Blabbers
[HKLM\Software\Classes\updatebho.TimerBHO.1] =>PUP.Blabbers
[HKLM\Software\Classes\wit4ie.WitBHO] =>PUP.Blabbers
[HKLM\Software\Classes\wit4ie.WitBHO.2] =>PUP.Blabbers
[HKLM\Software\Classes\Installer\Features\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A6A9B7407E12FC548852A060E1FEB932] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\OpenCandy NSIS SDK] =>Adware.OpenCandy
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKLM\Software\SearchquMediabarTb] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\StartSearch] =>Hijacker.Agent
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Tuto4pc] =>PUP.Eorezo
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\vShare.tv] =>PUP.VShareRedir
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{047B9A6A-21E7-45CF-8825-0A061EEF9B23}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\IMBoosterARP] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\OfferBox] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64] =>PUP.Blabbers
[HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\Chrome] =>PUP.Blabbers
[HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\Prox] =>PUP.Blabbers
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings] =>PUP.BProtector
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion] =>PUP.Blabbers
[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils] =>PUP.SweetIM
[HKLM\Software\Classes\MediaPlayer.GraphicsUtils.1] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator] =>PUP.SweetIM
[HKLM\Software\Classes\MgMediaPlayer.GifAnimator.1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}] =>Spyware.Partner
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}] =>PUP.BProtector
[HKLM\Software\Classes\delta.deltaappCore] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltaappCore.1] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd] =>PUP.Funmoods
[HKLM\Software\Classes\delta.deltadskBnd.1] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\ESRV.EXE] =>Adware.Facemoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Startertv_is1] =>Adware.StarterTV
[HKLM\Software\Messenger Plus!\OpenCandy] =>Adware.OpenCandy
[HKLM\Software\Classes\iminent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.DownloadArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.LinkToPromoteArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.RawDataArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.TinyUrlArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Business.Tinyfying.ViralLinkArgs] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ClientCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ContractBase] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GameOverCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetCreditCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.GetVariableResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.InstallationContextResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.LogoutCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.MyAccountCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PlayContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.PostContentCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.SetVariableCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.TestContentCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WarmUpCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.DataContracts.WelcomeCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerCommand] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.Communication.ServerResult] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightContent] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.LightUri] =>Adware.IMBooster
[HKLM\Software\Classes\Iminent.Mediator.MediatorServiceProxy] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ActiveContentHandle.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ActiveContentHandler] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.BrowserHelperObject.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.ScriptExtender.1] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler] =>Adware.IMBooster
[HKLM\Software\Classes\IminentWebBooster.TinyUrlHandler.1] =>Adware.IMBooster
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\escort.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortApp.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escortEng.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\escorTlbr.DLL] =>PUP.Funmoods
[HKLM\Software\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL] =>Adware.IMBooster
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\Searchqu 0 MediaBar] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\vShare.tv plugin] =>PUP.VShareRedir
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 0 MediaBar] =>Adware.Bandoo
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\tuto4pc_fr_45_is1] =>Spyware.AgenceExclusive
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\vShare.tv plugin] =>PUP.VShareRedir
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{99079A25-328F-4BD4-BE04-00955ACAA0A7} =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]:Iminent =>Adware.IMBooster
C:\Program Files\Iminent =>Adware.IMBooster
C:\Program Files\OfferBox =>PUP.OfferBox
C:\Program Files\SweetIM =>PUP.SweetIM
C:\Program Files\win palace euro casino french =>Casino.OnlineGames
C:\Program Files\Windows Searchqu Toolbar =>Adware.Bandoo
C:\Program Files\vShare.tv plugin =>PUP.VShareRedir
C:\Program Files\GinyasBrowserCompanion =>PUP.Blabbers
C:\Program Files\Startertv =>Adware.StarterTV
C:\Program Files\Common Files\Umbrella =>Adware.IMBooster
C:\ProgramData\Babylon =>Toolbar.Babylon
C:\ProgramData\Iminent =>Adware.IMBooster
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\ProgramData\GinyasBrowserCompanion =>PUP.Blabbers
C:\ProgramData\BrowserDefender =>Hijacker.Eazel
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent =>Adware.IMBooster
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tuto4PC =>PUP.Eorezo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startertv =>Adware.StarterTV
C:\Users\JONATHAN\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\JONATHAN\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
C:\Users\JONATHAN\AppData\Roaming\Iminent =>Adware.IMBooster
C:\Users\JONATHAN\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\JONATHAN\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\JONATHAN\AppData\Roaming\BabSolution =>Hijacker.BabSolution
C:\Users\JONATHAN\AppData\Local\EoRezo =>PUP.Eorezo
C:\Users\JONATHAN\AppData\Local\OpenCandy =>Adware.OpenCandy
C:\Users\JONATHAN\AppData\Local\startertv_fr_3 =>Adware.StarterTV
C:\Users\JONATHAN\AppData\LocalLow\bbrs_002.tb =>PUP.Blabbers
C:\Users\JONATHAN\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\JONATHAN\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\JONATHAN\AppData\LocalLow\searchqutoolbar =>Adware.Bandoo
C:\Users\JONATHAN\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\JONATHAN\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\Extensions\webbooster@iminent.com =>Adware.IMBooster
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\Extensions\ffxtlbr@delta.com =>PUP.Funmoods
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\bprotector_prefs.js =>PUP.BProtector
O90 - PUC: "8ea7d6326587da94c901a9df379e892e" . (.Win Palace Euro Casino French.) -- C:\Windows\Installer\{236d7ae8-7856-49ad-9c10-9afd73e998e2}\ARPPRODUCTICON.exe    => Infection BT (Casino.OnlineGames)
O90 - PUC: "A6A9B7407E12FC548852A060E1FEB932" . (.SweetIM Toolbar for Internet Explorer 4.3.) -- C:\Windows\Installer\{047B9A6A-21E7-45CF-8825-0A061EEF9B23}\ARPPRODUCTICON.exe  =>PUP.SweetIM
O90 - PUC: "DCBDCDC5A9111EA4C9558B61BDEB2454" . (.Iminent.) -- C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}\imbooster.ico  =>Adware.IMBooster

SR - | Auto  2827728 |  (BrowserDefendert) . (...) - C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe  =>Hijacker.Eazel
SR - | Auto 02/07/2013 2729512 |  (SProtection) . (.Iminent.) - C:\Program Files\Common Files\Umbrella\umbrella.exe  =>Adware.IMBooste
[MD5.61A9B11B263FA811474E5D8D96ECF96E] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe   [2236080] [PID.5164]  =>Toolbar.AVGSearch
[MD5.254E8F9BA44E9F55416B0E51DBFF3C5F] - (.AVG Secure Search - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe   [1598128] [PID.3324]  =>Toolbar.AVGSearch
[MD5.4AA2CC5979AFF984227364F2C23B04F3] - (.Wajam - Auto-updater.) -- C:\Program Files\Wajam\Updater\WajamUpdater.exe   [109064] [PID.3412]  =>Toolbar.Wajam
[MD5.A11F1A8B98D18A8CFD4F7CB4F3147C99] - (...) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\loggingserver.exe   [152240] [PID.3468]  =>Toolbar.AVGSearch
M3 - MFPP: Plugins - [JONATHAN] -- C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\searchplugins\delta.xml    => Toolbar.DeltaSearch
M3 - MFPP: Plugins - [JONATHAN] -- C:\Program Files\Mozilla FireFox\searchplugins\avg-secure-search.xml    => Toolbar.AVGSearch*
M3 - MFPP: Plugins - [JONATHAN] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml    => Toolbar.Agent
M2 - MFEP: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029\ffxtlbr@delta.com] [] Delta Toolbar v1.5.0 (..)
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.3.0\npsitesafety.dll  =>Toolbar.AVGSearc
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com  =>Toolbar.DeltaSearch
O2 - BHO: Softonic_France Toolbar - {4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Softonic_France\tbSoft.dll  =>Toolbar.Conduit
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll  =>Toolbar.AVGSearch
O2 - BHO: Wajam IE BHO - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} . (.Wajam - Wajam Internet Explorer Add-on.) -- C:\Program Files\Wajam\IE\priam_bho.dll  =>Toolbar.Wajam
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll  =>Toolbar.DeltaSearch
O3 - Toolbar: Softonic_France Toolbar - [HKLM]{4daac69c-cba7-45e2-9bc8-1044483d3352} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files\Softonic_France\tbSoft.dll  =>Toolbar.Conduit
O3 - Toolbar: AVG Security Toolbar - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} . (.AVG Secure Search - toolbar.dll.) -- C:\Program Files\AVG Secure Search\15.3.0.11\AVG Secure Search_toolbar.dll  =>Toolbar.AVGSearch
O3 - Toolbar: Delta Toolbar - [HKLM]{82E1477C-B154-48D3-9891-33D83C26BCD3} . (.Delta-search.com - Pas de description.) -- C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll  =>Toolbar.DeltaSearch
O4 - HKLM\..\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe  =>Toolbar.AVGSearch
O4 - HKLM\..\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe    => Toolbar.Conduit*
O23 - Service:  (vToolbarUpdater15.3.0) . (.AVG Secure Search - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
O23 - Service: WajamUpdater (WajamUpdater) . (.Wajam - Auto-updater.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe  =>Toolbar.Wajam
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job   [350]    => Toolbar.AVGSearch*
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job   [350]    => Toolbar.AVGSearch*
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{24B720F8-002E-4635-851D-3EDB70A45EFD}.exe (.not file.)   [0]    => Toolbar.AVGSearch*
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{9219E6EC-E693-4BEE-8B17-72C233D893F0}.exe (.not file.)   [0]    => Toolbar.AVGSearch*
O42 - Logiciel: Delta toolbar   - (.Delta.) [HKLM] -- delta    => Toolbar.DeltaSearch
O42 - Logiciel: Softonic_France Toolbar - (.Softonic_France.) [HKLM] -- Softonic_France Toolbar  =>Toolbar.Conduit
O42 - Logiciel: Wajam - (.Wajam.) [HKLM] -- Wajam  =>Toolbar.Wajam
[HKCU\Software\AppDataLow\Software\Softonic_France]  =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar]    => Toolbar.Conduit
[HKCU\Software\Softonic]  =>Toolbar.Conduit
[HKCU\Software\Wajam]  =>Toolbar.Wajam
[HKCU\Software\YahooPartnerToolbar]  =>Toolbar.Yahoo
[HKLM\Software\Softonic_France]  =>Toolbar.Conduit
[HKLM\Software\Yahoo]  =>Toolbar.Yahoo
O43 - CFD: 21/05/2012 - 23:48:19 - [2,817] ----D C:\Program Files\Softonic_France  =>Toolbar.Conduit
O43 - CFD: 12/07/2013 - 09:55:52 - [0,549] ----D C:\Program Files\Wajam  =>Toolbar.Wajam
O43 - CFD: 12/07/2013 - 09:55:36 - [0,054] ----D C:\Users\JONATHAN\AppData\Local\Wajam  =>Toolbar.Wajam
O43 - CFD: 12/07/2013 - 09:55:37 - [0,001] ----D C:\Users\JONATHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam  =>Toolbar.Wajam
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.admin", false);    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.aflt", "babsst");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.autoRvrt", "false");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.dfltLng", "fr");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.excTlbr", false);    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.ffxUnstlRst", true);    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.id", "6e182dad0000000000000022439c09b0");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.instlDay", "15898");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.instlRef", "sst");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.newTab", false);    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.prdct", "delta");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.prtnrId", "delta");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.rvrt", "false");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.smplGrp", "none");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.tlbrId", "base");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.tlbrSrchUrl", "");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsn", "1.8.21.5");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsni", "1.8.21.5");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsnTs", "1.8.21.59:56:48");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.babExt", "");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.babTrack", "affID=119556&tsp=4941");    => Toolbar.DeltaSearch)*
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.srcExt", "ss");    => Toolbar.DeltaSearch)*
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www1.delta-search.com  =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://tbsearch.ask.com    => Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {95B7759C-8C7F-4BF1-B163-73684A933233} - (AVG Secure Search) - http://isearch.avg.com  =>Toolbar.AVGSearch
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (Softonic_France Customized Web Search) - http://search.conduit.com  =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}] =>Toolbar.Wajam
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKLM\Software\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4daac69c-cba7-45e2-9bc8-1044483d3352}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}] =>Toolbar.Wajam
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{79D60450-56C5-4A8C-9321-6D5BC2A81E5A}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F97BFF8-488B-4107-BCEE-B161AB4E4183}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{99C22A61-21BA-4F81-85FF-CDC9EB5DB10B}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1B48071-416D-474E-A13B-BE5456E7FC31}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{A1B48071-416D-474E-A13B-BE5456E7FC31}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1B48071-416D-474E-A13B-BE5456E7FC31}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{B4089055-D468-45A4-A6BA-5A138DD715FC}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{BB7256DD-EBA9-480B-8441-A00388C2BEC3}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{D8F01233-2DE6-4EE7-8988-37263F00651B}] =>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\tdataprotocol.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\updatebho.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\wit4ie.DLL] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic_France Toolbar] =>Toolbar.Conduit
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.PugiObj.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\S] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.Agent
[HKLM\Software\Classes\SearchBar.Client] =>Toolbar.Agent
[HKLM\Software\Classes\sim-packages] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.Agent
[HKLM\Software\Google\Chrome\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp] =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam
[HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater] =>Toolbar.Wajam
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Softonic_France] =>Toolbar.Conduit
[HKLM\Software\Softonic_France] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic_France Toolbar] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\priam_bho.DLL] =>Toolbar.Wajam
[HKLM\Software\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}] =>Toolbar.DeltaSearch
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof] =>Toolbar.AVGSearch
[HKLM\Software\Classes\AVG Secure Search.BrowserWndAPI.1] =>Toolbar.AVGSearch
[HKLM\Software\Classes\delta.deltaHlpr] =>toolbar.DeltaSearch
[HKLM\Software\Classes\delta.deltaHlpr.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc] =>toolbar.DeltaSearch
[HKLM\Software\Classes\esrv.deltaESrvc.1] =>toolbar.DeltaSearch
[HKLM\Software\Classes\Toolbar.CT2542115] =>Toolbar.Conduit
[HKLM\Software\Classes\wajam.WajamBHO] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamBHO.1] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader] =>Toolbar.Wajam
[HKLM\Software\Classes\wajam.WajamDownloader.1] =>Toolbar.Wajam
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Wajam] =>Toolbar.Wajam
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.DaemonTools
C:\Program Files\Astroburn Toolbar =>Toolbar.Astroburn
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Conduit =>Toolbar.Conduit
C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent
C:\Program Files\Softonic_France =>Toolbar.Conduit
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\JONATHAN\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\JONATHAN\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\JONATHAN\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\JONATHAN\AppData\LocalLow\Softonic_France =>Toolbar.Conduit
C:\Users\JONATHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch
C:\Users\JONATHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof =>Toolbar.AVGSearch
C:\Users\JONATHAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp =>Toolbar.Wajam
C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml =>Toolbar.Agent
O90 - PUC: "A54E164E84B2AF24091EF6638DD51F10" . (.Bing Bar.) -- C:\Windows\Installer\{E461E45A-2B48-42FA-90E1-6F36D85DF101}\icon_installer_ico


SR - | Auto 27/06/2013 1598128 |  (vToolbarUpdater15.3.0) . (.AVG Secure Search.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.3.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
SR - | Auto 02/05/2013 109064 |  (WajamUpdater) . (.Wajam.) - C:\Program Files\Wajam\Updater\WajamUpdater.exe  =>Toolbar.Wajam


FirewallRaz
EmptyFlash
Emptytemp 
SysRestore


C:\ZHP\ZHPFix[R1].txt - 12/07/2013 12:40:55 [436]
C:\ZHP\ZHPFix[R2].txt - 15/07/2013 22:37:13 [436]
Rapport de ZHPDiag v2013.7.11.22 par Nicolas Coolman, Update du 12/07/2013
Run by JONATHAN at 15/07/2013 22:01:21
WebSite: http://nicolascoolman.webs.com
State : Nouvelle version disponible
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v7.0.6001.18000
MFIE: Mozilla Firefox 22.0 (Defaut)
GCIE: Google Chrome v28.0.1500.72

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Basic Edition, 32-bit Service Pack 1 (Build 6001)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RJC9V
Windows License : OK
Windows Automatic Updates : OK

---\\ System Protection
Avira AntiVir Personal - Free Antivirus
Malwarebytes Anti-Malware version 1.75.0.1300

---\\ System Optimizer
CCleaner  =>Piriform Ltd

---\\ Peer To Peer (P2P)
µTorrent v1.8.5  =>P2P.µTorrent

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.5 - Français
Java 7 Update 17

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3036 MB (44% free)
System Restore: Activé (Enable)
System drive C: has 133 GB (56%) free of 233 GB

---\\ Logged in mode
~ Computer Name: PC-DE-JONATHAN
~ User Name: JONATHAN
~ All Users Names: JONATHAN, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\JONATHAN\AppData\Roaming\
~ %Desktop% : C:\Users\JONATHAN\Desktop\
~ %Favorites% : C:\Users\JONATHAN\Favorites\
~ %LocalAppData% : C:\Users\JONATHAN\AppData\Local\
~ %StartMenu% : C:\Users\JONATHAN\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 133 Go of 233 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 66 Go of 221 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
~ Security Center: 26 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.4F554999D7D5F05DAAEBBA7B5BA1089D] - (.Microsoft Corporation - Explorateur Windows.) (.17/06/2009 - 00:03:38.) -- C:\Windows\Explorer.exe [2927104]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.DA5A72211661C7F162B332FEA4F09A69] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/04/2011 - 16:00:34.) -- C:\Windows\System32\wininet.dll [833024]
[MD5.C2610B6BDBEFC053BBDAB4F1B965CB24] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/01/2008 - 03:34:38.) -- C:\Windows\System32\Winlogon.exe [314880]
[MD5.48EB99503533C27AC6135648E5474457] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:16:42.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:32:21.) -- C:\Windows\system32\Drivers\atapi.sys [21560]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.1EC25CEA0DE6AC4718BF89F9E1778B57] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/01/2008 - 03:32:23.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.A3E9FA213F443AC77C7746119D13FEEC] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:24:14.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.C87B1EE051C0464491C1A7B03FA0BC99] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/01/2008 - 03:32:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [53760]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.5734A0F2BE7E495F7D3ED6EFD4B9F5A1] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 13:49:35.) -- C:\Windows\system32\Drivers\MRxSmb.sys [105984]
[MD5.7C5FEE5B1C5728507CD96FB4A13E7A02] - (.Microsoft Corporation - MBT Transport driver.) (.21/01/2008 - 03:34:49.) -- C:\Windows\system32\Drivers\netBT.sys [184320]
[MD5.B4EFFE29EB4F15538FD8A9681108492D] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\ntfs.sys [1081912]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.031E6BCD53C9B2B9ACE111EAFEC347B6] - (.Microsoft Corporation - SMB Transport driver.) (.21/01/2008 - 03:34:49.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.D09276B1FAB033CE1D40DCBDF303D10F] - (.Microsoft Corporation - TDI Translation Driver.) (.21/01/2008 - 03:34:42.) -- C:\Windows\system32\Drivers\tdx.sys [71680]
[MD5.D8B4A53DD2769F226B3EB374374987C9] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/01/2008 - 03:32:47.) -- C:\Windows\system32\Drivers\volsnap.sys [227896]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 1/11
~ Mes Videos (My Videos) : 1/6
~ Mes Favoris (My Favorites) : 1/24
~ Mes Documents (My Documents) : 1/373
~ Mon Bureau (My Desktop) : 5/1179
~ Menu demarrer (Programs) : 1/54
~ Hidden Files:  Scanned in 00mn 02s



---\\ Processus lancés
[MD5.F4DCD4912B185C3AAEB92A7040832AD1] - (.Pas de propriétaire - ALU.) -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe   [51768] [PID.2172]
[MD5.66295B0D0FB2292C6D62904F5C3DE0B2] - (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe   [561320] [PID.2276]
[MD5.462BFFBF8539CFD1D4DFDE0163406EEE] - (.ASUS - ASPG application.) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe   [154168] [PID.2348]
[MD5.29BDA43618FD5147BEA6FBB3DAB8AEC5] - (.ASUS - SmartLogon Application.) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe   [297528] [PID.2392]
[MD5.AE1999D21E5F3A6439FFB1F873AA017B] - (.ATK - Power4Gear Hybrid.) -- C:\Program files\P4G\BatteryLife.exe   [211512] [PID.2460]
[MD5.50317130D3D10A7145A30EC0ED8D35B5] - (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe   [147864] [PID.2468]

[MD5.31EF90B35A46CF74414D2410E7ABABB5] - (...) -- C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe   [14142360] [PID.2752]
[MD5.F96EBC5A624349D81DCC7600A3C5DC43] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.2764]
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe   [532040] [PID.3128]
[MD5.B9AA850CDA55097EB13E03698C8F5828] - (.Intel Corporation - igfxsrvc Module.) -- C:\Windows\system32\igfxsrvc.exe   [266776] [PID.2284]

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe   [1008184] [PID.388]
[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\ASUSTek\ASUSDVD 8\PDVD8Serv.exe   [91432] [PID.2248]
[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe   [104936] [PID.3292]
[MD5.9D768F7D3EBAC5744695738B823B420C] - (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDECK.exe   [17149952] [PID.3312]
[MD5.09E14929530B6718220AD15DCEB8D61B] - (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe   [237568] [PID.964]
[MD5.5723FD41724D992DBC6AEF0ECD93D322] - (.ASUS - HControlUser.) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe   [98304] [PID.2692]
[MD5.BBBEBA6D33F9CC659E477827EED47DB3] - (.ASUS - ATKOSD2.) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe   [8392704] [PID.3212]
[MD5.13D3936BCCA9BAA8371E28A5589E749D] - (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe   [159744] [PID.2208]
[MD5.8EA12DFE1483241FD299D93DB872CC26] - (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe   [266240] [PID.1212]
[MD5.2B2F678CC761AFC91E4085A519B33D75] - (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe   [3054136] [PID.1604]
[MD5.DF4211EC3FC9B0CCD2872A8429F52083] - (.ELAN Microelectronic Corp. - ETD Ware TSR Enhancements.) -- C:\Program Files\Elantech\ETDCtrl.exe   [424352] [PID.4008]
[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe   [209153] [PID.384]
[MD5.FB0C8699B87F7140BB6201BE7B4B6778] - (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe   [827392] [PID.2028]
[MD5.1029B84ECBE4B95ACB8491A3FE63D70F] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe   [136216] [PID.1268]
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe   [171032] [PID.3868]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe   [170520] [PID.3248]




[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.5520]



[MD5.4A9295C9BE22739D030AB072E9A0B169] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe   [2363392] [PID.4520]
[MD5.B0C9DF6910C1E9281C93BC2347402C6D] - (.SRS Labs, Inc. - SRS Premium Sound Control Panel.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe   [3261688] [PID.4688]
[MD5.31AFABDB5E9560E014B14EA8EC1F3635] - (.BitTorrent, Inc. - µTorrent.) -- C:\Users\JONATHAN\Downloads\utorrent(2).exe   [289584] [PID.4620]  =>P2P.µTorrent
[MD5.1E377D64DACD4E4656C86241CE5A1233] - (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe   [95576] [PID.4876]
[MD5.775DC2AE72F972935703ADA4FFDF3749] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe   [888480] [PID.5604]
[MD5.975BA8331408F9AB25D9EE0712DAF7F0] - (.Spotify Ltd - Spotify.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\spotify.exe   [4640768] [PID.5644]
[MD5.DD9EAE1C80561C509A8B8801E16BAA38] - (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe   [1104384] [PID.5804]
[MD5.056881EC77DE4DDF04F9E54D11225433] - (...) -- C:\Program Files\Canal+\CANAL+ CANALSAT A LA DEMANDE.exe   [142336] [PID.4276]
[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe   [53472] [PID.5428]
[MD5.C8D28F8B498CADBB9445AC4545BD41B7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [920472] [PID.404]
[MD5.CB037F03178E31BA2985ADD15879CA56] - (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe   [846288] [PID.5332]
[MD5.E9349A03FD81B4806714A16796B5E20A] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [17304] [PID.4924]
[MD5.60B241EFB669D286C9BF636A0334B3BA] - (.Adobe Systems, Inc. - Adobe Flash Player 11.7 r700.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe   [1855880] [PID.5340]
[MD5.C0C9E6226F1BB310E74C4CEE37CC3443] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7700480] [PID.4004]
[MD5.2A3BD8FF5430F454E146974D6BE5C784] - (.Microsoft Corporation - Isolation graphique de périphérique audio W.) -- C:\Windows\system32\AUDIODG.exe   [88064] [PID.1236]
[MD5.0BA91E1358AD25236863039BB2609A2E] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [2623488] [PID.1272]
[MD5.C0BF554D2277F7A4C735D475ADE2E3B2] - (.ASUSTek Computer Inc. - ADSMSrv.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe   [225280] [PID.1680]
[MD5.EB1807795CD3EEAA3288B4A30DE254E8] - (.Pas de propriétaire - ASLDR Service.) -- C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe   [100920] [PID.1692]
[MD5.7C157574A181B19B9DCF5F339E25337E] - (.Pas de propriétaire - GFNEXSrv.) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe   [94208] [PID.1716]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilité pour les ser.) -- C:\Windows\system32\WLANExt.exe   [74240] [PID.1724]
[MD5.9015BC03F62940527EC92D45EE89E46F] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe   [108289] [PID.1980]
[MD5.B8720A787C1223492E6F319465E996CE] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe   [185089] [PID.2304]
[MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55184] [PID.2324]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [390504] [PID.2404]
[MD5.831CEDF8E31C0B159F06C80C92221FD7] - (.ASUS - MsgTranAgt.) -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe   [117304] [PID.2420]
[MD5.F85834C5301820C3CA79F5A2B412A874] - (.ASUS - HControl.) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe   [174648] [PID.2428]
[MD5.B4000CCB133C477040962212B14F730A] - (.ATK - ACMON.) -- C:\Program Files\ASUS\Splendid\ACMON.exe   [851968] [PID.2440]
[MD5.8B41BE202D0F87AEDE52F31F0CA2C136] - (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe   [1593344] [PID.2448]
[MD5.A6B41F3044B2C099BBB5531CAA0551D5] - (.Canal+ Active - CanalPlus.VOD.Service.) -- C:\Program Files\Canal+\VOD\CanalPlus.VOD.exe   [188416] [PID.2544]
[MD5.A391896CD406E6377F5CEF31FDC12019] - (.ASUSTeK - ACEngSvr Module.) -- C:\Windows\System32\ACEngSvr.exe   [155648] [PID.2640]
[MD5.96633419F4A1E37ACB89B45EBCCFE001] - (.Teruten - FsUsbDevice.) -- C:\Windows\system32\FsUsbExService.exe   [238952] [PID.2904]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe   [73728] [PID.2988]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe   [418376] [PID.3036]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe   [701512] [PID.3052]
[MD5.313A2CDF7A4B514774272D18D418E174] - (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe   [125952] [PID.3064]
[MD5.8CFCA7E2FD4B57C2BEF929C1C1A4C56E] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files\Cyberlink\Shared files\RichVideo.exe   [271760] [PID.3168]




[MD5.FEC6E5284C2C4A48084BFBD4A1ED1FCD] - (.ASUS - ATKOSD.) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe   [2482176] [PID.832]
[MD5.AA11E1368EEB237DD100BAC6AFFE1C57] - (.ASUS - KBFiltr.) -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe   [113208] [PID.3628]
[MD5.4A7C441D99D86704D194E7678873B95D] - (.ASUS - WDC.) -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe   [174648] [PID.3964]
~ Processes Running:  Scanned in 00mn 03s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\JONATHAN\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: 0 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\prefs.js
C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\user.js


M3 - MFPP: Plugins - [JONATHAN] -- C:\Users\JONATHAN\AppData\Roaming\Mozilla\Firefox\Profiles\7zfxtqi7.default-1350721813029\searchplugins\delta.xml
M3 - MFPP: Plugins - [JONATHAN] -- C:\Program Files\Mozilla FireFox\searchplugins\avg-secure-search.xml
M3 - MFPP: Plugins - [JONATHAN] -- C:\Program Files\Mozilla FireFox\searchplugins\SearchResults.xml



P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\libdivx.dll

P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\ssldivx.dll

~ Firefox Browser: 42 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)


~ IE Browser: 13 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20



---\\ Browser Helper Objects de navigateur (O2)









O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (.Megaupload Limited - Mega Manager IE Click Catcher.) -- C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll


~ BHO: 19 Legitimates Filtered in 00mn 01s



---\\ Internet Explorer Toolbars (O3)





O3 - Toolbar: Bing Bar - [HKLM]{8dcb7100-df86-4384-8842-8fa844297b3f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files\Microsoft\BingBar\7.2.233.0\BingExt.dll
O3 - Toolbar: Barre d'outils Orange - [HKLM]{c9a6357b-25cc-4bcf-96c1-78736985d412} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [DisableS3S4] c:\DisableS3S4.cmd (.not file.)
O4 - HKLM\..\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files\ASUSTek\ASUSDVD 8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files\ASUSTek\ASUSDVD 8\Language\Language.exe
O4 - HKLM\..\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files\Cyberlink\Power2Go\CLMLSvc.exe
O4 - HKLM\..\Run: [P2Go_Menu] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe
O4 - HKLM\..\Run: [HDAudDeck] . (.VIA - VIA HD Audio CPL.) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
O4 - HKLM\..\Run: [AmIcoSinglun] . (.AlcorMicro Co., Ltd. - Single LUN Icon Utility for VID 058F PID 63.) -- C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe
O4 - HKLM\..\Run: [HControlUser] . (.ASUS - HControlUser.) -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] . (.ASUS - ATKOSD2.) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] . (.ASUS - ATK Media.) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [ADSMTray] . (.ASUSTek Computer Inc. - ADSMTray.) -- C:\Program Files\ASUS\ASUS Data Security Manager\ADSMTray.exe
O4 - HKLM\..\Run: [ACMON] . (.ATK - ACMON.) -- C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 3] . (.Pas de propriétaire - Wireless Console 3.) -- C:\Program Files\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] . (.ASUS - AsScrPro.) -- C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] . (...) -- C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [ETDWare] . (.ELAN Microelectronic Corp. - ETD Ware TSR Enhancements.) -- C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [CanonSolutionMenu] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O4 - HKLM\..\Run: [snpstd3] . (.Pas de propriétaire - CameraMonitor Application.) -- C:\Windows\vsnpstd3.exe
O4 - HKLM\..\Run: [NPSStartup] Clé orpheline
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [PlusService] . (.Yuna Software - Messenger Plus! 6.) -- C:\Program Files\Yuna Software\Messenger Plus!\PlusService.exe


O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [MessengerPlusForSkypeService] . (.Yuna Software - Service - Messenger Plus! for Skype.) -- C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Run: [CANAL+ CANALSAT A LA DEMANDE] . (.Canal+ - Lancer CANAL+ CANALSAT A LA DEMANDE.) -- C:\Program Files\Canal+\Launcher.exe




O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKCU\..\Run: [SRS Premium Sound] . (.SRS Labs, Inc. - SRS Premium Sound Control Panel.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Users\JONATHAN\Downloads\utorrent(2).exe  =>P2P.µTorrent

O4 - HKCU\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\JONATHAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\JONATHAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\Spotify.exe
O4 - HKCU\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKCU\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [SRS Premium Sound] . (.SRS Labs, Inc. - SRS Premium Sound Control Panel.) -- C:\Program Files\SRS Labs\SRS Premium Sound\SRSPremiumSoundBig_Small.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [uTorrent] . (.BitTorrent, Inc. - µTorrent.) -- C:\Users\JONATHAN\Downloads\utorrent(2).exe  =>P2P.µTorrent

O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [AutoStartNPSAgent] . (.Samsung Electronics Co., Ltd. - NPSAgent.) -- C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\DTLite.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\JONATHAN\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [orangeinside] . (.Orange - Executable Orange Inside.) -- C:\Users\JONATHAN\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [Spotify] . (.Spotify Ltd - Spotify.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\Spotify.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [Spotify Web Helper] . (.Spotify Ltd - SpotifyWebHelper.) -- C:\Users\JONATHAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
O4 - HKUS\S-1-5-21-1924075801-1478659780-814231520-1000\..\Run: [Orange Installer] . (...) -- C:\Program Files\Orange\Orange Installer\OrangeInstaller.exe
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.)  -- C:\Users\JONATHAN\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: 21 Grand Casino.lnk . (.21 Grand - 21 Grand Casino.)  -- C:\Program Files\GoldRock\GoldRock.exe
O4 - GS\QuickLaunch: Microsoft Excel.lnk . (...)  -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\QuickLaunch: Microsoft Word.lnk . (...)  -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Samsung New PC Studio.lnk . (.Samsung Electronics Co., Ltd. - New PC Studio.)  -- C:\Program Files\Samsung\Samsung New PC Studio\NPSGuide.exe
O4 - GS\QuickLaunch: Supreme Play.lnk . (.Supreme Play - Supreme Play Casino.)  -- C:\Program Files\SupremePlay\SupremePlay.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: µTorrent.lnk . (.BitTorrent, Inc. - µTorrent.)  -- C:\Program Files\uTorrent\uTorrent.exe  =>P2P.µTorrent
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Assistance Livebox.lnk . (...)  -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - GS\Desktop: AtomixMP3 Trial.lnk . (.Atomix Productions - AtomixMP3.)  -- C:\Program Files\AtomixMP3\atomixmp3.exe
O4 - GS\Desktop: Code de la Route.lnk . (.Micro Application - Code de la Route.)  -- C:\Program Files\Micro Application\Code de la Route\CDR.exe
O4 - GS\Desktop: DivX Movies.lnk . (...)  -- C:\Users\JONATHAN\Videos\DivX Movies
O4 - GS\Desktop: Football Manager 2010.lnk . (...)  -- C:\Users\JONATHAN\Documents\Sports Interactive\Football Manager 2010
O4 - Global Startup: C:\Users\JONATHAN\Desktop\Football Manager 2013.url . (...)  -- C:\Users\JONATHAN\Desktop\Football Manager 2013.url
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Desktop: Jonathan.lnk . (...)  -- D:\Jonathan
O4 - GS\Desktop: Kies Air Discovery Service.lnk . (.Oracle Corporation - Java(TM) Web Start Launcher.)  -- C:\Windows\System32\javaws.exe
O4 - GS\Desktop: Microsoft Excel.lnk . (...)  -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\xlicons.exe
O4 - GS\Desktop: Microsoft PowerPoint.lnk . (...)  -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\pptico.exe
O4 - GS\Desktop: Microsoft Word.lnk . (...)  -- C:\Windows\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\wordicon.exe
O4 - GS\Desktop: Naviextras Toolbox.lnk . (...)  -- C:\Program Files\Naviextras\Toolbox\toolbox.exe
O4 - GS\Desktop: Paint.lnk . (.Microsoft Corporation - Paint.)  -- C:\Windows\System32\mspaint.exe

O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.)  -- C:\Users\JONATHAN\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Desktop: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Desktop: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.)  -- C:\Program Files\Movie Maker\MOVIEMK.exe
O4 - GS\Desktop: WinRAR.lnk . (...)  -- C:\Program Files\WinRAR\WinRAR.exe
~ Global Startup:  Scanned in 00mn 01s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {50DC58D0-C870-4BE6-BC41-971ED2D5F022} ((no name)) - http://www.super-messenger.fr/tab/HookWlmEx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} ((no name)) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/fr/uno1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{AC9D07D2-52C9-4172-8411-C9C3821BA9F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{AC9D07D2-52C9-4172-8411-C9C3821BA9F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{AC9D07D2-52C9-4172-8411-C9C3821BA9F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon:  Scanned in 00mn 00s





~ AppInit DLL:  Scanned in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ADSM Service (ADSMService) . (.ASUSTek Computer Inc. - ADSMSrv.) - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) . (.Pas de propriétaire - ASLDR Service.) - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe




~ Services: 21 Legitimates Filtered in 00mn 32s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1024X768.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Program Files\P4G\wallpaper\long_battery_life_wallpaper_1024X768.jpg
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job   [350]
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job   [350]




[MD5.462BFFBF8539CFD1D4DFDE0163406EEE] [APT] [ASPG] (.ASUS.) -- C:\Program Files\ASUS\ASUS CopyProtect\aspg.exe   [154168]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_HP_rmv] (...) -- C:\Windows\TEMP\{24B720F8-002E-4635-851D-3EDB70A45EFD}.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [AVG-Secure-Search-Update_JUNE2013_TB_rmv] (...) -- C:\Windows\TEMP\{9219E6EC-E693-4BEE-8B17-72C233D893F0}.exe (.not file.)   [0]






[MD5.00000000000000000000000000000000] [APT] [{9DF556A3-D21A-4C88-A113-3B4C5E93D681}] (...) -- C:\Users\JONATHAN\Desktop\All_version.exe (.not file.)   [0]
~ Scheduled Task: 39 Legitimates Filtered in 00mn 06s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for RootKit Detection.) - C:\Windows\System32\DRIVERS\avipbb.sys
~ Drivers: 69 Legitimates Filtered in 00mn 01s



---\\ Logiciels installés (O42)
O42 - Logiciel: AtomixMP3 v2.0 Trial - (...) [HKLM] -- AtomixMP3 v2.0 Trial

O42 - Logiciel: Delta toolbar   - (.Delta.) [HKLM] -- delta


O42 - Logiciel: Mona Casino - (.Topgame.) [HKLM] -- Mona






~ Logic: 176 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5d53dfd1b668bd15]




[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow\{5617ECA9-488D-4BA2-8562-9710B9AB78D2}]

[HKCU\Software\Casino Client]


[HKCU\Software\Delta]
[HKCU\Software\IGearSettings]

[HKCU\Software\InnoShock]











[HKLM\Software\5d53dfd1b668bd15]
[HKLM\Software\Casino Client]

[HKLM\Software\Delta]





[HKLM\Software\Umbrella]

[HKLM\Software\atomixmp3]
~ Key Software: 285 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 17/12/2011 - 00:50:59 - [7,417] ----D C:\Program Files\AtomixMP3
O43 - CFD: 12/07/2013 - 09:56:48 - [2,336] ----D C:\Program Files\Delta
O43 - CFD: 08/07/2011 - 21:51:06 - [0,789] ----D C:\Program Files\Free Music Zilla
O43 - CFD: 07/06/2013 - 17:13:23 - [20,088] ----D C:\Program Files\GoldRock

O43 - CFD: 23/04/2013 - 09:40:08 - [3,363] ----D C:\Program Files\Mona



O43 - CFD: 25/04/2013 - 11:45:01 - [18,969] ----D C:\Program Files\SupremePlay


O43 - CFD: 03/11/2012 - 13:05:38 - [22,269] ----D C:\Program Files\VegasDays


O43 - CFD: 12/07/2013 - 09:57:48 - [2,603] ----D C:\Program Files\Common Files\Umbrella

O43 - CFD: 15/09/2011 - 18:32:25 - [0,000] ----D C:\ProgramData\boost_interprocess


O43 - CFD: 23/04/2013 - 09:40:08 - [0,240] ----D C:\ProgramData\Mona




O43 - CFD: 12/07/2013 - 09:56:47 - [0,259] ----D C:\Users\JONATHAN\AppData\Roaming\Delta
O43 - CFD: 12/07/2013 - 09:58:04 - [2,549] ----D C:\Users\JONATHAN\AppData\Roaming\igdhbblpcellaljokkpfhcjlagemhgjl

O43 - CFD: 23/04/2013 - 10:34:00 - [0,287] ----D C:\Users\JONATHAN\AppData\Roaming\Mona







O43 - CFD: 17/12/2011 - 00:50:55 - [0] ----D C:\Users\JONATHAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AtomixMP3


~ 2 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 276 Legitimates Filtered in 00mn 47s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6BCAF46E2B7FA9ACE92B4D39F3037C5C] - 15/07/2013 - 20:04:55 ---A- . (...) -- C:\Windows\System32\acovcnt.exe   [45056]
O44 - LFC:[MD5.4CA0EF0E3C5BABD9670E2CF18B29ADE0] - 12/07/2013 - 08:58:29 ---A- . (...) -- C:\Windows\System32\InstallUtil.InstallLog   [661]
~ Files: 12 Legitimates Filtered in 01mn 20s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Notification Packages . (...) --
~ LSA: 8 Legitimates Filtered in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{a39821dd-fd82-11df-b4ec-002618484e0b}\AutoRun\command. (...) -- F:\autorun.exe (.not file.)




---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Drivers:  Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe




---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.dfltLng", "fr");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.id", "6e182dad0000000000000022439c09b0");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.instlDay", "15898");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsn", "1.8.21.5");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsni", "1.8.21.5");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta.vrsnTs", "1.8.21.59:56:48");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.babExt", "");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.babTrack", "affID=119556&tsp=4941");
O69 - SBI: prefs.js [JONATHAN - 7zfxtqi7.default-1350721813029] user_pref("extensions.delta_i.srcExt", "ss");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://search.live.com

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://tbsearch.ask.com
O69 - SBI: SearchScopes [HKCU] {36143657-F353-42CD-98D3-9ABF3CCCD114} - (DAEMON Search) - http://www.daemon-search.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr


O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} - (Web Search) - http://startsear.ch






---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.C931EBA93FE4CF06BE4A7B33C057832B] [SPRF][30/03/2012] (...) -- C:\Users\JONATHAN\AppData\Local\d3d9caps.dat   [7052]
[MD5.FB84827154CD66759B2A3DC7A932F25F] [SPRF][12/07/2013] (...) -- C:\Users\JONATHAN\AppData\Local\Temp\Notification.exe   [107816]
[MD5.9A91B5D0193F0ED73F3A693A0A3001B3] [SPRF][21/08/2009] (...) -- C:\Users\JONATHAN\Desktop\avira_antivir_personal_free.exe   [30143928]
[MD5.EB46BD1A14BA8C8E9F359EFAD061573A] [SPRF][24/09/2009] (.Piriform Ltd - CCleaner.) -- C:\Users\JONATHAN\Desktop\CCleaner.exe   [1685816]  =>Piriform Ltd
[MD5.16C6B4B8326A63A99F4250C7585BBA7C] [SPRF][21/08/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player Plugin Installer.) -- C:\Users\JONATHAN\Desktop\install_flash_player.exe   [1925024]
[MD5.6009225C0FD3C89B995BC95AEB8224BB] [SPRF][05/04/2010] (...) -- C:\Users\JONATHAN\Desktop\mp210swin101ea24(2).exe   [24974664]
[MD5.B70CEC651F6C86461F5E95E67281A104] [SPRF][12/09/2012] (.Pas de propriétaire - Samsung Quick Root.) -- C:\Users\JONATHAN\Desktop\Samsung Quick Root.exe   [749568]
[MD5.64281AF23447705DAB84E1A198D920C7] [SPRF][31/10/2010] (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\JONATHAN\Desktop\wlsetup-web.exe   [1289576]
[MD5.80F4A456633F78A26A3C6B16E64EFEC5] [SPRF][28/09/2007] (.Microsoft - Uno Messenger.) -- C:\Windows\Downloaded Program Files\GAME_UNO1.dll   [381960]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll   [304544]
~ Files:  Scanned in 00mn 01s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{45D550B2-612A-431C-8419-B1E34F0FB3FB}" |In - None - P6 - TRUE | .(...) -- C:\Program Files\ASUSTek\ASUSDVD 8\PowerDVD8.exe (.not file.)
O87 - FAEL: "TCP Query User{982673F7-6023-4B81-8AB3-7A0FD80CF902}C:\program files\free music zilla\fmzilla.exe" | In - Public - P6 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files\free music zilla\fmzilla.exe
O87 - FAEL: "UDP Query User{BB2F81C0-BC7B-4F94-A0D0-E19B61B1F1B1}C:\program files\free music zilla\fmzilla.exe" | In - Public - P17 - TRUE | .(.Pas de propriétaire - FMZilla Module.) -- C:\program files\free music zilla\fmzilla.exe
O87 - FAEL: "TCP Query User{F8C57782-FD97-4C63-9647-D69CCD791F75}C:\users\jonathan\desktop\tor browser\app\tor.exe" | In - Public - P6 - TRUE | .(...) -- C:\users\jonathan\desktop\tor browser\app\tor.exe
O87 - FAEL: "UDP Query User{09FB7903-1B01-4ED1-BD57-C19FEF90DAD9}C:\users\jonathan\desktop\tor browser\app\tor.exe" | In - Public - P17 - TRUE | .(...) -- C:\users\jonathan\desktop\tor browser\app\tor.exe
O87 - FAEL: "TCP Query User{0C2133AC-7FDF-4419-98AA-FED971CD9717}C:\users\jonathan\desktop\tor browser\app\tor.exe" | In - Private - P6 - TRUE | .(...) -- C:\users\jonathan\desktop\tor browser\app\tor.exe
O87 - FAEL: "UDP Query User{87FDEEA5-9DD8-4F7B-8AC0-5A0DCB8A343B}C:\users\jonathan\desktop\tor browser\app\tor.exe" | In - Private - P17 - TRUE | .(...) -- C:\users\jonathan\desktop\tor browser\app\tor.exe




~ Firewall: 231 Legitimates Filtered in 00mn 03s



---\\ Scan Additionnel (O88)
Database Version : v2.12741 - (12/07/2013)
Clés trouvées (Keys found) : 470
Valeurs trouvées (Values found) : 4
Dossiers trouvés  (Folders found) : 48
Fichiers trouvés  (Files found) : 3


~ Additionnel Scan: 333420 Items scanned in 00mn 58s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "003B19FBCBEE3224693FF0BC7F42B105" . (.AmIcoSingLun.) -- C:\Windows\Installer\{BF91B300-EEBC-4223-96F3-0FCBF7241B50}\ARPPRODUCTICON.exe
O90 - PUC: "8ea7d6326587da94c901a9df379e892e" . (.Win Palace Euro Casino French.) -- C:\Windows\Installer\{236d7ae8-7856-49ad-9c10-9afd73e998e2}\ARPPRODUCTICON.exe
O90 - PUC: "9E9F14AD878BF764597E724E1D495333" . (.Multimedia Card Reader.) -- C:\Windows\Installer\{DA41F9E9-B878-467F-95E7-27E4D1943533}\ARPPRODUCTICON.exe



O90 - PUC: "f168c12bfde934c479d5834b427b1356" . (.Grand Parker Casino Euro French.) -- C:\Windows\Installer\{b21c861f-9edf-4c43-975d-38b424b73165}\ARPPRODUCTICON.exe
~ Update Products: 140 Legitimates Filtered in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5d53dfd1b668bd15]:version="2.6.1339.144"
[HKLM\Software\5d53dfd1b668bd15]:version="2.6.1339.144"
~ Export Key Software:  Scanned in 00mn 00s


























---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/06/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 31/03/2008 225280 |  (ADSMService) . (.ASUSTek Computer Inc..) - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
SR - | Auto 23/08/2009 108289 |  (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 23/08/2009 185089 |  (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 24/05/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto  100920 |  (ASLDRService) . (...) - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
SR - | Auto  94208 |  (ATKGFNEXSrv) . (...) - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
SS - | Auto 02/04/2013 193672 |  (BBSvc) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.2.233.0\BBSvc.exe
SR - | Demand 02/04/2013 240264 |  (BBUpdate) . (.Microsoft Corporation..) - C:\Program Files\Microsoft\BingBar\7.2.233.0\SeaPort.exe
SR - | Auto 30/08/2011 390504 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 06/07/2010 188416 |  (CanalPlus.VOD) . (.Canal+ Active.) - C:\Program Files\Canal+\VOD\CanalPlus.VOD.exe
SR - | Auto 04/07/2010 238952 |  (FsUsbExService) . (.Teruten.) - C:\Windows\system32\FsUsbExService.exe
SS - | Auto 03/09/2009 133104 |  (gupdate1ca2c82b6930c59) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 03/09/2009 133104 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/08/2009 182768 |  (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 07/06/2012 821648 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 09/06/2008 73728 |  (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 03/07/2013 117144 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 27/02/2013 125952 |  (MsgPlusService) . (.Yuna Software.) - C:\Program Files\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe
SS - | Auto 18/09/2012 1082016 |  (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto  271760 |  (RichVideo) . (...) - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
SS - | Demand 11/02/2011 117264 |  (rpcapd) . (.CACE Technologies, Inc..) - C:\Program Files\WinPcap\rpcapd.exe
SS - | Auto 03/06/2013 162408 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 02/07/2013 2729512 |  (SProtection) . (.Iminent.) - C:\Program Files\Common Files\Umbrella\umbrella.exe  =>Adware.IMBooster
SS - | Demand 04/05/2013 543656 |  (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe


SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services:  Scanned in 00mn 01s
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 22 Juil 2013 09:49

ADW cleaner : Lien édité
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Re: aide virus au demarrage

Message le 22 Juil 2013 10:15

JRT : Rapport
jackbauer69
Apprenti(e) Expert(e)
Apprenti(e) Expert(e)
 
Messages: 163
Inscription: 13 Aoû 2009 16:45
 

Suivante


Sujets similaires

Message [Réglé] android auto
Bonjour Je possede un tel. samsung S7 . Je viens d'intaller android auto et chaque fois que je branche mon tel. sur mon vehicule , mon telephone me dit de mettre android à jour. En fouillant un peu sur le net j'ai cru voir que samsung avait arreté les mises à jour sur les S7 . Est ce vrai , sinon co ...
Réponses: 3

Message [Réglé] Mauvaise performance SSD NVME
Bonjour, j'ai un WDC PC SN530 SDBPNPZ-512G, et quand je fais des benchmark où je ne comprends rien, ils m'indiquent dès résultat pas terrible, y a t'il moyen d'arranger ça ?https://www.userbenchmark.com/UserRun/68904129Merci de votre aide.
Réponses: 5

Message [Réglè] HELP
Bonjour a tous,j'ai voulu désinstaller les pilotes AMD high définition audio device dans le gestionnaire croyant que les pilotes realtek prendraient la place j'ai redémarré mon PC et depuis je n'ai plus de son l?icône est affublée d'une belle croix rouge (aucun haut parleur ou casque n'est branché) ...
Réponses: 7

Message Son 5.1 [Réglé]
Bonjour,J'ouvre un autre post concernant mon souci de sortie son qui est désespérément figé sur "Stéréo". Mon PC Assemblé par mes soins possède une Carte Mère Gigabyte B550M DS3H "affublée" d'une carte Graphique AMD RX6600 Pulse. Mon PC est relié de ma carte graphique à mon TV à ...
Réponses: 3

Message [Réglé] Fenêtre intempestive Powershell au démarrage
Bonjour,Je m'ajoute à la longue liste des victimes de la fenêtre pop-up bleue qui s'ouvre et qui se ferme à chaque connexion de session, et quelques fois après.J'ai passé les antimalware et ESET... mais rien à faire.Je possède un Lenovo TrigKey AZW S3 en AMD Ryzen 7 qui tourne sur W11 64bits.je vous ...
Réponses: 11

Message [Réglé] Suite de mon sujet Démarrage PC parfois difficile
Bonjour,j'avais ouvert un sujet suite au démarrage très lent de mon PC. Votre aide m'a permis d'améliorer la situation mais ce n'est pas parfait (plus de 2 minutes avant la fenêtre de saisie du code d'accès Windows).On m'a conseillé de demander une désinfection. J'ai suivi la procédure et je joins l ...
Réponses: 12

Message [Réglé] Démarrage PC parfois difficile
Bonjour à tous,Actuellement mon PC bloque parfois au démarrage sur l'écran où on peut choisir les options de boot. C'est un écran noir avec le logo Asrock et en bas à droite les possibilités offertes. Dans ce cas il ne se passe rien et je dois relancer le démarrage, parfois à plusieurs reprises.Ça n ...
Réponses: 14


Qui est en ligne

Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 18 invités


.: Nous contacter :: Flux RSS :: Données personnelles :.