Demande d'aide Analyse du zhpDiag / PC lent

~ Rapport de ZHPDiag v2013.11.28.59 - Nicolas Coolman (28/11/2013)
~ Lancé par fanch (30/11/2013 08:23:15)
~ Adresse du Site Web https://nicolascoolman.webs.com/
~ Forums gratuits d'Assistance à la désinfection : https://nicolascoolman.webs.com/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Activate by user


---\\ Navigateurs Internet
MSIE: Internet Explorer v10.0.9200.16736
MFIE: Mozilla Firefox 24.0

---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
Software Protection Service (Protection logicielle) : KO
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Logiciels de protection du système
avast! Free Antivirus v8.0.1501.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ Logiciels d'optimisation du système
CCleaner v4.00 =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader X

---\\ Informations sur le système
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)
Total RAM: 2815 MB (63% free)
System Restore: Activé (Enable)
System drive C: has 467 GB (80%) free of 577 GB

---\\ Mode de connexion au système
~ Computer Name: FANCH-PC
~ User Name: fanch
~ All Users Names: UpdatusUser, HomeGroupUser$, fanch, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\fanch\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\fanch\AppData\Roaming\
~ %Desktop% : C:\Users\fanch\Desktop\
~ %Favorites% : C:\Users\fanch\Favorites\
~ %LocalAppData% : C:\Users\fanch\AppData\Local\
~ %StartMenu% : C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 467 Go of 577 Go)
D: CD-ROM drive (Free 0 Go of 0 Go)
F: Floppy drive, Flash card reader, USB Key (Not Inserted)
G: Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 41 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.AC4C51EB24AA95B77F705AB159189E24] - (.Microsoft Corporation - Explorateur Windows.) (.20/11/2010 - 14:24:45.) -- C:\Windows\Explorer.exe [2872320]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.9706C99DAEBE3FEAC811B239617E98C4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.12/10/2013 - 09:45:20.) -- C:\Windows\System32\wininet.dll [2241536]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 03s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/664
~ Mes musiques (My Musics) : 1/5
~ Mes Favoris (My Favorites) : 1/56
~ Mes Documents (My Documents) : 1/5473
~ Mon Bureau (My Desktop) : 2/1756
~ Menu demarrer (Programs) : 1/30
~ Hidden Files: Scanned in 00mn 26s



---\\ Processus lancés
[MD5.636D97B3BAF854511FF3F4093E895FED] - (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe [863184] [PID.2044]
[MD5.DBA0C529D62F6E2F59C6F4367A0A5543] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8256512] [PID.1868]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://www2.delta-search.com =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [dgjkhjdcljddbedokogakmmdjgnbeanf] Speed Analysis 2 v.1.0.0.0 (Désactivé) =>PUP.SpeedAnalysis
G2 - GCE: Preference [User Data\Default] [eooncjejnppfjjklapaamhcdmjbilmde] Delta Toolbar v.1.3 (Désactivé) =>Toolbar.DeltaSearch
G2 - GCE: Preference [User Data\Default] [hgojaaaiddhmiiakpejiklijbalpckih] Smiley Bar for Facebook v.1.0.1.1 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [jcdgjdiieiljkfkdcloehkohchhpekkn] SweetIM for Facebook v.1.1.0.1 (Désactivé) =>PUP.SweetIM
G2 - GCE: Preference [User Data\Default] [jeaihkehdlhkocphopopahkfjcfcphef] Smart Display v.1.1 (Désactivé) =>Spyware.SmartDisplay
G2 - GCE: Preference [User Data\Default] [mocblcnaofikinigmceddfghppkkjbog] Smiley Bar for Facebook v.1.0.0.0 (Désactivé) =>Adware.SmileyBar
G2 - GCE: Preference [User Data\Default] [niapdbllcanepiiimjjndipklodoedlc] Yontoo v.1.0.3 (Désactivé) =>Adware.Yontoo
~ Google Browser: 23 Legitimates Filtered in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\prefs.js
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\user.js
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\babylon.xml =>PUP.Babylon
M3 - MFPP: Plugins - [fanch] -- C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\delta.xml =>Toolbar.DeltaSearch
M3 - MFPP: Plugins - [fanch] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>PUP.Babylon
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\pluswinks@PlusWinks] [] Smiley Bar for Facebook v1.0.0.0 (..) =>Adware.SmileyBar
M2 - MFEP: prefs.js [fanch - 5sxkbck2.default\speedanalysis02@SpeedAnalysis.com] [] Speed Analysis 2 v1.0.0.0 (..) =>PUP.SpeedAnalysis
~ Firefox Browser: 29 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www2.delta-search.com =>Toolbar.DeltaSearch
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com =>PUP.Babylon
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer-group.com/selection.html
~ IE Browser: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: e-Carte Bleue Browser Helper Object [64Bits] - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Windows\SysWow64\BhoECart.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 15 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll =>Toolbar.Google
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: bwin football widget.lnk . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - GS\Desktop [Public]: HTC Sync Manager.lnk . (...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
O4 - GS\Desktop [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [Public]: NAVIGON Fresh.lnk . (.NAVIGON AG - NAVIGON Fresh GUI.) -- C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe
O4 - GS\Program [Public]: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\Desktop [UpdatusUser]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\QuickLaunch [fanch]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Program [fanch]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [fanch]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo [fanch]: AnySend.lnk . (...) -- C:\Program Files (x86)\AnySend\AnySendUI.exe (.not file.)
O4 - GS\SendTo [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: 100media - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC\Gallery\ht23zw112735\dcim\100media
O4 - GS\Desktop [fanch]: belote-en-ligne.fr.lnk . (.Sun Microsystems, Inc. - Java(TM) Web Start Launcher.) -- C:\Windows\SysWOW64\javaws.exe
O4 - GS\Desktop [fanch]: EVEREST Ultimate Edition.lnk . (.Lavalys, Inc. - EVEREST Ultimate Edition.) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe
O4 - GS\Desktop [fanch]: Facebook.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop [fanch]: HTC - Raccourci.lnk . (...) -- C:\Users\fanch\Documents\HTC
O4 - GS\Desktop [fanch]: Super Fast Browser.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
O4 - GS\Desktop [fanch]: Unzip Wizard.lnk . (.Philip Kapusta - Pas de description.) -- C:\Program Files (x86)\Unzip Wizard\Unzipwiz.exe
O4 - GS\Desktop [fanch]: Virtualis.lnk . (.Orbiscom Ltd. All rights reserved. - FTO CMB.) -- C:\Program Files (x86)\Virtualis\CMB.exe
O4 - GS\Desktop [fanch]: YouTube.lnk . (...) -- C:\Users\fanch\AppData\Local\SuperFast\SuperFast.exe
~ Global Startup: 82 Legitimates Filtered in 00mn 02s



---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [Public]: HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe =>.Hewlett-Packard Co
O4 - GS\Startup [fanch]: OpenOffice.org 3.2.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKCU\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
O4 - HKLM\..\Wow6432Node\Run: [Hotkey Utility] . (.Pas de propriétaire - Hotkey Utility.) -- C:\Program Files (x86)\eMachines\Hotkey Utility\HotkeyUtility.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iSaverCtrl] . (.infoMantis GmbH - iSaver - Control Application.) -- C:\Program Files (x86)\iSaver\iSaverCtrl.exe
O4 - HKLM\..\Wow6432Node\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [20131121] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\Alwil Software\Avast5\setup\emupdate\8b53bada-63ad-4f1b-9f28-d2d645f77039.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [NokiaPCInternetAccess] . (.Nokia - Nokia PC Internet Access.) -- C:\Program Files (x86)\Nokia\PC Internet Access\NPCIA.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe =>Toolbar.Google
O4 - HKUS\S-1-5-21-1116952286-1735796663-2315120447-1000\..\Run: [SFTray] . (...) -- C:\Users\fanch\AppData\Local\SuperFast\tray\sftrayicon.exe
~ Application: Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C44CA177-1C33-4474-B238-082BC2201520}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
O23 - Service: Updater Service (Updater Service) . (.Acer Group - Updater Service.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
~ Services: 14 Legitimates Filtered in 00mn 03s



---\\ Logiciels installés (O42)
O42 - Logiciel: The Unzip Wizard - (...) [HKLM][64Bits] -- The Unzip Wizard
O42 - Logiciel: Yontoo 1.10.03 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>Adware.Yontoo
O42 - Logiciel: bwin football widget - (.InfoMantis GmbH.) [HKLM][64Bits] -- {A662D31B-6164-450A-A3C6-F0CCC5B27172}
~ Logic: 22 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\5e28c8ce53de512]
[HKCU\Software\BI]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\Grand Virtual] =>PUP.GrandVirtual
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\ScreeNet]
[HKCU\Software\Super Fast Browser]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\delta LTD]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\5e28c8ce53de512]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\ScreeNet]
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon
~ Key Software: 343 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2013 - 20:10:48 - [0,293] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 07/11/2012 - 07:03:34 - [13,136] ----D C:\Program Files (x86)\iSaver
O43 - CFD: 08/08/2013 - 06:23:49 - [1,921] ----D C:\Program Files (x86)\Unzip Wizard
O43 - CFD: 17/11/2012 - 14:47:19 - [0,319] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 07/04/2012 - 08:28:17 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 13/09/2012 - 19:49:27 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 16/08/2013 - 06:34:54 - [8,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 28/11/2013 - 23:04:17 - [0,005] ----D C:\ProgramData\IBUpdaterService =>Adware.InstallBrain
O43 - CFD: 16/12/2010 - 03:18:27 - [0,001] ----D C:\ProgramData\Partner
O43 - CFD: 17/11/2012 - 14:47:14 - [1,661] ----D C:\ProgramData\Tarma Installer =>PUP.Tarma
O43 - CFD: 28/11/2013 - 21:56:51 - [0] -SH-D C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
O43 - CFD: 13/09/2012 - 19:49:27 - [0,080] ----D C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon
O43 - CFD: 28/11/2013 - 23:04:17 - [0,060] ----D C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout
O43 - CFD: 26/11/2013 - 23:20:41 - [0,008] ----D C:\Users\fanch\AppData\Roaming\ScreeNet iSaver
O43 - CFD: 03/05/2013 - 20:41:06 - [0,079] ----D C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis
O43 - CFD: 16/03/2013 - 06:20:28 - [0] ----D C:\Users\fanch\AppData\Roaming\Web Browser Packages
O43 - CFD: 05/03/2013 - 07:22:38 - [0] ----D C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver
O43 - CFD: 03/03/2013 - 22:38:00 - [83,517] ----D C:\Users\fanch\AppData\Local\Release
O43 - CFD: 07/11/2012 - 07:03:43 - [27,978] ----D C:\Users\fanch\AppData\Local\ScreeNet iSaver
O43 - CFD: 03/03/2013 - 22:38:23 - [88,271] ----D C:\Users\fanch\AppData\Local\SuperFast
O43 - CFD: 08/08/2013 - 06:25:17 - [0,003] ----D C:\Users\fanch\AppData\Local\Unzip Wizard
O43 - CFD: 03/03/2013 - 22:38:24 - [0,001] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Super Fast Browser
O43 - CFD: 08/08/2013 - 06:22:45 - [0] ----D C:\Users\fanch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unzip Wizard
~ 23 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 254 Legitimates Filtered in 00mn 41s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [9920]
O44 - LFC:[MD5.E70849E4CF5908A90160FA6FB123B0B7] - 28/11/2013 - 23:22:26 --HA- . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [9920]
~ Files: 24 Legitimates Filtered in 00mn 02s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - AcroRd32.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - adberdr1011_fr_fr.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - firefox.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - installer.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - isaverctrl.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - npcia.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - quickstart.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sbase.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - scalc.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - sdraw.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - setup.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - simpress.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - smath.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - soffice.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - swriter.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
O50 - IFEO:Image File Execution Options - tomtomhome2winlatest.exe - "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
~ IFEO: Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1958362d-b2ce-11e1-b7ca-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{3ce14433-572e-11e2-b533-00262d353718}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{6499dda5-071e-11e1-980f-00262d353718}\AutoRun\command. (...) -- E:\NokiaPCIA_Autorun.exe (.not file.)
O51 - MPSK:{76df52d8-2325-11e3-bdf4-818009c1200f}\AutoRun\command. (...) -- E:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{9789ee05-8d16-11e2-a14f-00262d353718}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{f0956fab-6fa0-11df-ab6d-806e6f6e6963}\AutoRun\command. (.Hewlett-Packard Co. - SetupLauncher.exe.) -- D:\Setup.exe
~ Keys: Scanned in 00mn 02s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.27BE5089DE6D19AD78894949630488FD] - 31/10/2013 - 07:46:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O58 - SDL:[MD5.18A402335BAA2C6D3334596CA71BB3CF] - 31/10/2013 - 07:46:14 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [189936]
O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:[MD5.B8B1B284362E1D8135112573395D5DA5] - 25/06/2010 - 15:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
~ Drivers: 16 Legitimates Filtered in 00mn 56s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
~ ADS: Scanned in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <Google Chrome.4WI7Z2S5TRE7MHLREXFKH6GBJU> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\fanch\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.crossrider.bic", "141f4a459fbe17035ab831cd4b5c22cf"); =>PUP.CrossRider
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.bbDpng", "26");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.ffxUnstlRst", true);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.hdrMd5", "6190D6B50E937ACE402D857212D3D154");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.id", "54bea19c00000000000000259c7381e4");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlDay", "15836");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.lastVrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.smplGrp", "azb");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsn", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsnTs", "1.8.16.167:30:38");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.delta.vrsni", "1.8.16.16");
O69 - SBI: prefs.js [fanch - 5sxkbck2.default] user_pref("extensions.toolbar.mindspark._49Members_.homepage", "https://hp.mywebsearch.com/mywebsearch/index.html?ptb=ED73D91E-B8E1-4DEA-ABE[...] =>Adware.MyWebSearch
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - https://www.bing.com/?toHttps=1&redig=69DA0EF8272048D9864AF4DB37211DE8
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Delta Search) - http://www2.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {44BA7A4D-EC0A-4A2A-BF05-5127760046E1} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - https://www.google.com/?gws_rd=ssl
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {44725702-7A2E-4216-BCF2-0A71110B3AF0} - (Ask Search) - http://www.search.ask.com/?o=10148&l=dis =>Toolbar.Ask
~ Keys: Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.9F0C1B7F7F2EFF62D65EDF5B67F3FF72] [SPRF][26/11/2013] (...) -- C:\Users\fanch\AppData\Roaming\wklnhst.dat [916]
[MD5.7F7ED3CD7F43486CC126B7DCD0F2D62B] [SPRF][06/07/2013] (...) -- C:\Users\fanch\Desktop\HPPSdr.exe [5115208]
[MD5.BC2F19F59FB1C5858E8C7C48B20DD460] [SPRF][08/08/2013] (...) -- C:\Users\fanch\Desktop\unzip32-312.exe [1233781]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup(1).exe [621328]
[MD5.FDF7601429D86D6BFA223227E93D7122] [SPRF][03/03/2013] (...) -- C:\Users\fanch\Desktop\WebBrowserSetup.exe [621328]
~ Files: 11 Legitimates Filtered in 00mn 15s



---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{20882665-F13C-4268-8647-451C9F582049}" | In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
~ Firewall: 196 Legitimates Filtered in 00mn 01s



---\\ Export de clés de registre aléatoires (O91)
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.2.643.41]:version="2.2.643.41"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.787.43]:version="2.3.787.43"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:guid="{16cdff19-861d-48e3-a751-d99a27784753}"
[HKCU\Software\5e28c8ce53de512\history\{16cdff19-861d-48e3-a751-d99a27784753}2.3.796.11]:version="2.3.796.11"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5e28c8ce53de512\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1184.107]:version="2.6.1184.107"
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512]:version="2.6.1249.132"
[HKLM\Software\Wow6432Node\5e28c8ce53de512]:version="2.6.1249.132"
~ Export Key Software: Scanned in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.9E03912E4519735207BF15BFF478627E] [WIS][07/11/2013] (.HTC - HTC Sync Manager.) -- C:\Windows\Installer\116fd5b4.msi [62752768]
[MD5.7AE5FF598B22E4F65558BAF73107FA7E] [WIS][14/05/2009] (.Builds the Destinations MSI - Builds the Destinations MSI.) -- C:\Windows\Installer\4025ed9f.msi [459264]
~ WIS: 147 Legitimates Filtered in 00mn 42s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Disabled 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 29/10/2013 257416 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Auto 31/10/2013 46808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SS - | Auto 13/06/2004 57344 | (Brother XP spl Service) . (.brother Industries Ltd.) - C:\Windows\SysWOW64\brsvc01a.exe
SS - | Auto 10/08/2009 626208 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
SS - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
SS - | Auto 24/10/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 24/10/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SS - | Auto 02/09/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SS - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Disabled 11/09/2013 118680 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Disabled 15/01/2010 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/08/2009 206880 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
SS - | Auto 31/01/2013 878368 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 19/02/2013 1259296 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SS - | Disabled 02/10/2012 3064000 | (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Disabled 22/03/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Auto 30/10/2013 2099512 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
SS - | Auto 29/01/2010 243232 | (Updater Service) . (.Acer Group.) - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe
SS - | Auto 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Services: Scanned in 00mn 45s



---\\ Scan Additionnel (O88)
Database Version : 13001 - (28/11/2013)
Clés trouvées (Keys found) : 72
Valeurs trouvées (Values found) : 3
Dossiers trouvés (Folders found) : 24
Fichiers trouvés (Files found) : 10

[HKLM\Software\Google\Chrome\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf] =>PUP.SpeedAnalysis^
[HKLM\Software\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde] =>Toolbar.DeltaSearch^
[HKLM\Software\Google\Chrome\Extensions\hgojaaaiddhmiiakpejiklijbalpckih] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn] =>PUP.SweetIM^
[HKLM\Software\Google\Chrome\Extensions\jeaihkehdlhkocphopopahkfjcfcphef] =>Spyware.SmartDisplay^
[HKLM\Software\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar^
[HKLM\Software\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo^
[HKLM\Software\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}] =>PUP.Funmoods
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>PUP.Babylon
[HKLM\Software\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}] =>Adware.Yontoo
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}] =>Adware.Yontoo
[HKLM\Software\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj] =>PUP.SweetIM
[HKCU\Software\1ClickDownload] =>PUP.1ClickDownloader
[HKCU\Software\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BabylonToolbar] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\BrowserMngr] =>PUP.Babylon
[HKLM\Software\Wow6432Node\BrowserMngr] =>PUP.Babylon
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\Grand Virtual] =>Spyware.AgenceExclusive
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{21111111-1111-1111-1111-110211181110}] =>Adware.VidSaver
[HKLM\Software\Classes\Prod.cap] =>PUP.Babylon
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASAPI32] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Microsoft\Tracing\boxore_RASMANCS] =>Adware.Boxore
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok] =>Hijacker.FreehdsportTV
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog] =>Adware.SmileyBar
[HKCU\Software\BI] =>Adware.MegaSearch
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASAPI32] =>Toolbar.Ask
[HKLM\Software\Wow6432Node\Microsoft\Tracing\apnstub_RASMANCS] =>Toolbar.Ask
[HKLM\Software\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Api.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Classes\YontooIEClient.Layers.1] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\AppID\YontooIEClient.DLL] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181110}] =>PUP.CrossRider
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{2318C2B1-4965-11d4-9B18-009027A5CD4F} =>Toolbar.Google^
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:swg =>Toolbar.Google^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.Avira
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde =>Toolbar.DeltaSearch^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgojaaaiddhmiiakpejiklijbalpckih =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn =>PUP.SweetIM^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaihkehdlhkocphopopahkfjcfcphef =>Spyware.SmartDisplay^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog =>Adware.SmileyBar^
C:\Users\fanch\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc =>Adware.Yontoo^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\pluswinks@PlusWinks =>Adware.SmileyBar^
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis^
C:\Program Files (x86)\File Scout =>PUP.FileScout^
C:\Program Files (x86)\Yontoo =>Adware.Yontoo^
C:\ProgramData\Babylon =>PUP.Babylon^
C:\ProgramData\IBUpdaterService =>Adware.InstallBrain^
C:\ProgramData\Tarma Installer =>PUP.Tarma^
C:\Users\fanch\AppData\Roaming\Babylon =>PUP.Babylon^
C:\Users\fanch\AppData\Roaming\File Scout =>PUP.FileScout^
C:\Users\fanch\AppData\Roaming\SpeedAnalysis2 =>PUP.SpeedAnalysis^
C:\Users\fanch\AppData\Local\Giant Savings Extension =>Adware.VidSaver^
C:\Program Files (x86)\Software =>Adware.Boxore
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Partner =>Spyware.Partner
C:\Users\fanch\AppData\Local\Software =>Adware.Boxore
C:\Users\fanch\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\ffxtlbr@delta.com =>PUP.Funmoods
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_extensions.sqlite =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\bprotector_prefs.js =>PUP.BProtector
C:\Users\fanch\AppData\Roaming\Mozilla\Firefox\Profiles\5sxkbck2.default\Extensions\speedanalysis02@SpeedAnalysis.com =>PUP.SpeedAnalysis
[HKCU\Software\BabSolution] =>Hijacker.BabSolution^
[HKCU\Software\Conduit] =>Toolbar.Conduit^
[HKCU\Software\FileScout] =>PUP.FileScout^
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon^
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit^
[HKLM\Software\Wow6432Node\babylontoolbar] =>PUP.Babylon^
[HKCU\Software\5e28c8ce53de512] =>PUP.Babylon^^
~ Additionnel Scan: 293195 Items scanned in 00mn 16s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/27875657-toolbar-deltasearch =>Toolbar.DeltaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28153012-pup-speedanalysis =>PUP.SpeedAnalysis
~ http://nicolascoolman.webs.com/apps/blog/show/27530912-adware-smileybar =>Adware.SmileyBar
~ http://nicolascoolman.webs.com/apps/blog/show/29216159-pup-sweetim =>PUP.SweetIM
~ http://nicolascoolman.webs.com/apps/blog/show/32662245-spyware-smartdisplay =>Spyware.SmartDisplay
~ http://nicolascoolman.webs.com/apps/blog/show/26811836-adware-yontoo =>Adware.Yontoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
~ http://nicolascoolman.webs.com/apps/blog/show/26607014-pup-1clickdownloader =>PUP.1ClickDownloader
~ http://nicolascoolman.webs.com/apps/blog/show/26678994-hijacker-babsolution =>Hijacker.BabSolution
~ http://nicolascoolman.webs.com/apps/blog/show/29507721-toolbar-conduit =>Toolbar.Conduit
~ http://nicolascoolman.webs.com/apps/blog/show/27583992-pup-datamngr =>PUP.Datamngr
~ http://nicolascoolman.webs.com/apps/blog/show/34311830-pup-filescout =>PUP.FileScout
~ http://nicolascoolman.webs.com/apps/blog/show/29790567-adware-installcore =>Adware.InstallCore
~ http://nicolascoolman.webs.com/apps/blog/show/29637859-toolbar-tarma =>PUP.Tarma
~ http://nicolascoolman.webs.com/apps/blog/show/26626977-adware-boxore =>Adware.Boxore
~ http://nicolascoolman.webs.com/apps/blog/show/26684723-adware-imbooster =>Adware.IMBooster
~ http://nicolascoolman.webs.com/apps/blog/show/27583526-pup-crossrider =>PUP.CrossRider
~ http://nicolascoolman.webs.com/apps/blog/show/26907365-adware-installbrain =>Adware.InstallBrain
~ http://nicolascoolman.webs.com/apps/blog/show/27557062-adware-vidsaver =>Adware.VidSaver
~ http://nicolascoolman.webs.com/apps/blog/show/27146838-adware-mywebsearch =>Adware.MyWebSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28927746-toolbar-ask =>Toolbar.Ask
~ http://nicolascoolman.webs.com/apps/blog/show/27630986-pup-funmoods =>PUP.Funmoods
~ http://nicolascoolman.webs.com/apps/blog/show/26611092-adware-bandoo =>Adware.Bandoo
~ http://nicolascoolman.webs.com/apps/blog/show/26627641-spyware-agenceexclusive =>Spyware.AgenceExclusive
~ http://nicolascoolman.webs.com/apps/blog/show/30583270-hijacker-freehdsporttv =>Hijacker.FreeHDSportTV
~ http://nicolascoolman.webs.com/apps/blog/show/26919368-adware-megasearch =>Adware.MegaSearch
~ http://nicolascoolman.webs.com/apps/blog/show/28193283-spyware-partner =>Spyware.Partner
~ http://nicolascoolman.webs.com/apps/blog/show/28133096-pup-bprotector =>PUP.BProtector
~ MSI: 28 link(s) detected in 00mn 16s



~ 1217 Legitimates filtered by white list
End of the scan (705 lines in 03mn 51s)(0)