cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.11.63 par Nicolas Coolman, Update du 11/04/2013
Run by Juliane at 12/04/2013 09:40:13
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0.1 v20.0.1 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : RMV82
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
Windows Defender W7

---\\ Software Update
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings
HP Deskjet 3050 J610 series - Enqu�te sur l'am�lioration du produit v22.50.231.0
Adobe Color NA Extra Settings

---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3956 MB (47% free)
System Restore: Activ� (Enable)
System drive C: has 122 GB (27%) free of 451 GB

---\\ Logged in mode
~ Computer Name: JULIANE-PC
~ User Name: Juliane
~ All Users Names: Juliane, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Juliane\AppData\Roaming\
~ %Desktop% : C:\Users\Juliane\Desktop\
~ %Favorites% : C:\Users\Juliane\Favorites\
~ %LocalAppData% : C:\Users\Juliane\AppData\Local\
~ %StartMenu% : C:\Users\Juliane\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 122 Go of 451 Go)
D:\ CD-ROM drive (Free 0 Go of 2 Go)
Q:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 07:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B8965FB53551B5455630A4B804D0791F] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.02/03/2013 - 07:04:53.) -- C:\Windows\system32\Drivers\ntfs.sys [1655656]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/26697
~ Mes musiques (My Musics) : 3/1471
~ Mes Videos (My Videos) : 1/1404
~ Mes Favoris (My Favorites) : 1/28
~ Mes Documents (My Documents) : 4/3805
~ Mon Bureau (My Desktop) : 1/13
~ Menu demarrer (Programs) : 1/24
~ Hidden Files: Scanned in 00mn 19s



---\\ Processus lanc�s
[MD5.EBDD3032297EF6832A1D6D3AA6DC3537] - (.SoftThinks - Dell - Dell DataSafe Local Backup.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.exe [4259648] [PID.3140]
[MD5.09890A2F032B138A74B5DF2C1233FB1D] - (.SoftThinks - Dell - DataSafe Update Launcher.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe [460096] [PID.3456]
[MD5.CD4F7B90CB09831BCDEDE0A206CCDB35] - (.Pas de propri�taire - ST Service Scheduling.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.exe [2751808] [PID.3560]
[MD5.62481AEC780B08A891A7158997887E84] - (.Pas de propri�taire - FF_Protection MFC Application.) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896] [PID.5092]
[MD5.896A1DB9A972AD2339C2E8569EC926D1] - (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088] [PID.4588]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4800]
[MD5.BD713579A87D698E1F2158CE10E48130] - (.McAfee, Inc. - McAfee Security Scanner Scheduler.) -- C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe [272248] [PID.3604]
[MD5.637E9EEA864CE9C5778E3C4358B1E0D1] - (.Pas de propri�taire - DataSafeOnline.) -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1807680] [PID.2700]
[MD5.80B62FF105908EC9E4B072AFB1CFC824] - (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [409744] [PID.4852]
[MD5.0647EF247A5D0402E74FE89F5F6A8A11] - (.Pas de propri�taire - Roxio Burn Launcher.) -- C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160] [PID.5168]
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5224]
[MD5.BAD0D303EF0A519409C625738F3E10A3] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4282728] [PID.5236]
[MD5.3831356D9F880105C1AD68BADA9B71E3] - (.Pas de propri�taire - Roxio Burn.) -- C:\Program Files (x86)\Roxio\Roxio Burn\Roxio Burn.exe [1169904] [PID.9356]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [920472] [PID.10668]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.6320]
[MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.4444]
[MD5.6A88B2902ADDE04E9A2F8187E74DE50C] - (.TuneUp Software - TuneUp Maintenance en 1 clic.) -- C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [557408] [PID.8860]
[MD5.2DBF770944F9A23BB29651449162151B] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6686720] [PID.6564]
[MD5.0840ABBBDF438691EE65A20040635CBE] - (.Stardock Corporation - Dock Login Service.) -- C:\Program Files\Dell\DellDock\DockLogin.exe [155648] [PID.1320]
[MD5.04AC21E821F259845BD7367CEE057290] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44808] [PID.1464]
[MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376] [PID.1876]
[MD5.7485FBCEF9136F530953575E2977859D] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2000]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.1220]
[MD5.74EC60E20516AAA573BE74F31175270F] - (.SoftThinks SAS - SoftThinks Agent Service.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe [1692480] [PID.2856]
[MD5.C3CDDD18F43D44AB713CF8C4916F7696] - (.Microsoft Corporation - Microsoft Application Virtualization Virtua.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [219496] [PID.2880]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.3984]
[MD5.13693B6354DD6E72DC5131DA7D764B90] - (.Microsoft Corporation - Microsoft Application Virtualization Client.) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [508776] [PID.3320]
[MD5.72794D112CBAFF3BC0C29BF7350D4741] - (.Microsoft Corporation - Microsoft Office Client Virtualization Serv.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.exe [822624] [PID.4108]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.4088]
[MD5.765F2DD351BA064F657751D8D75E58C0] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.6712]
~ Processes Running: Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\prefs.js
C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\user.js
M3 - MFPP: Plugins - [Juliane] -- C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [Juliane] -- C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\searchplugins\BrowserProtect.xml =>Toolbar.Babylon
M3 - MFPP: Plugins - [Juliane] -- C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\searchplugins\delta.xml
M3 - MFPP: Plugins - [Juliane] -- C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\searchplugins\fissa.xml
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\2020Player_IKEA@2020Technologies.com] [] Visualisateur 3D de 20-20 v5.0.94.0 (..)
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\217e8200-a3b3-43df-b951-8ec01d483d7f@b98c6809-1f3f-41a1-bb1c-692cf84781e9.com] [] Services x86 v5.0.94.0 (..)
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\@FissaPlugin] [] Fissa v1.0 (..)
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\crossriderapp4479@crossrider.com] [] Giant Savings v1.0 (..) =>PUP.CrossRider
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}] [] FireFTP v1.0.10 (..)
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (..)
M2 - MFEP: prefs.js [Juliane - apgo73hw.default\{C9B68337-E93A-44EA-94DC-CB300EC06444}] [] IMinent Toolbar v5.30.4 (..) =>Adware.IMBooster
P2 - FPN:Firefox Plugin Navigator . (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll
P2 - FPN: [HKLM] [@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
P2 - FPN: [HKCU] [@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll
~ Firefox Browser: 29 Legitimates Scanned in 00mn 01s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://home.microsoft.com
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar [64Bits] - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,6,0,126) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
R3 - URLSearchHook: Productivity 2.2 Toolbar [64Bits] - {e84cc2c1-b722-48fc-a39c-edb8b525c777} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\Productivity_2.2\prxtbPro0.dll =>Toolbar.Conduit
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 15 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: CrossriderApp0027096 [64Bits] - {11111111-1111-1111-1111-110211701196} . (.Corporate Inc - Services x86 BHO.) -- C:\Program Files (x86)\Services x86\Services x86.dll =>PUP.CrossRider
O2 - BHO: Interest recogniser for Widestream6 (powered by Spointer) [64Bits] - {1a6dc111-b030-4c3e-be65-299284128b91} . (.Widestream6 - Interest Recognizer for Widestream6.) -- C:\Program Files (x86)\Widestream6\spointer\extensions\widestream6_air_ie.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} . (...) -- C:\Program Files\McAfee\MSK\mskapbho.dll
O2 - BHO: (no name) [64Bits] - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Productivity 2.2 [64Bits] - {e84cc2c1-b722-48fc-a39c-edb8b525c777} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Productivity_2.2\prxtbPro0.dll =>Toolbar.Conduit
~ BHO: 14 Legitimates Scanned in 00mn 01s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] . (.Dell Inc. - Dell Wireless WLAN Card Wireless Network Tr.) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
O4 - HKLM\..\Run: [QuickSet] . (.Dell Inc. - QuickSet.) -- C:\Program Files\Dell\QuickSet\QuickSet.exe
O4 - HKLM\..\Run: [FreeFallProtection] . (.Pas de propri�taire - FF_Protection MFC Application.) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
O4 - HKLM\..\Run: [VDownloader] . (.Vitzo - VDownloader.) -- C:\Program Files\VDownloader\VDownloader.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingD5279] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB6423] command.com \c del C:\Program Files (x86)\Wajam\IE\favicon.ico (.not file.) =>Toolbar.Wajam
O4 - HKCU\..\RunOnce: [SpybotDeletingD6726] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell DataSafe Online] . (.Pas de propri�taire - DataSafeOnline.) -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
O4 - HKLM\..\Wow6432Node\Run: [Dell Webcam Central] . (.Creative Technology Ltd - WebcamDell2.exe.) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
O4 - HKLM\..\Wow6432Node\Run: [Desktop Disc Tool] . (.Pas de propri�taire - Roxio Burn Launcher.) -- c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
O4 - HKLM\..\Wow6432Node\Run: [DellSupportCenter] C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe (.not file.)
O4 - HKLM\..\Wow6432Node\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Wow6432Node\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] . (.Dell - Update Client for Dell DataSafe Local Backu.) -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] . (.Microsoft Corporation - SP Reviewer.) -- C:\Windows\System32\SPReview\SPReview.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-1469768936-1825986807-1545758207-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-1469768936-1825986807-1545758207-1001\..\Run: [SpybotSD TeaTimer] . (.Safer Networking Limited - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-21-1469768936-1825986807-1545758207-1001\..\RunOnce: [SpybotDeletingD5279] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\System32\cmd.exe
O4 - HKUS\S-1-5-21-1469768936-1825986807-1545758207-1001\..\RunOnce: [SpybotDeletingB6423] command.com \c del C:\Program Files (x86)\Wajam\IE\favicon.ico (.not file.) =>Toolbar.Wajam
O4 - HKUS\S-1-5-21-1469768936-1825986807-1545758207-1001\..\RunOnce: [SpybotDeletingD6726] . (.Microsoft Corporation - Interpr�teur de commandes Windows.) -- C:\Windows\System32\cmd.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: TuneUp Utilities - Interface de d�marrage.lnk . (.TuneUp Software - TuneUp Utilities - Interface de d�marrage.) -- C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Live Messenger.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Contenta Images To EPS.lnk . (...) -- C:\Program Files (x86)\ContentaImages2EPS\contenta-images2eps.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: Adobe Photoshop CS3.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS3.) -- C:\Program Files (x86)\Adobe\Adobe Photoshop CS3\Photoshop.exe
O4 - GS\Desktop: eSupport UndeletePlus.lnk . (.Copyright � 2008-2011 eSupport.com ? All Ri - Pas de description.) -- C:\Program Files (x86)\eSupport.com\eSupport UndeletePlus\UndeletePlus.exe
O4 - GS\Desktop: HP41B451 (HP Deskjet 3050 J610 series) - Raccourci.lnk - Cl� orpheline
O4 - GS\Desktop: PDF-Viewer.lnk . (...) -- C:\Program Files (x86)\Tracker Software\PDF Viewer\PDFXCview.exe (.not file.)
O4 - GS\Desktop: Sam6_F - Raccourci.lnk . (.MAGIX AG - samplitude.) -- C:\Audio\Magix\Samplitude v6.04\Sam6_F.exe
O4 - GS\Desktop: SpeedItup Free.lnk . (.MicroSmarts LLC. - Speed up your computer..) -- C:\Program Files (x86)\SpeedItUpFree\SpeedItUp.exe
O4 - GS\Desktop: Spybot - Search & Destroy.lnk . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 9 Legitimates Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{56B5817E-22A7-4FBB-87FD-505E40C98DAC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{E70E25CD-A0FA-4128-A485-D026253186B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{56B5817E-22A7-4FBB-87FD-505E40C98DAC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{E70E25CD-A0FA-4128-A485-D026253186B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{56B5817E-22A7-4FBB-87FD-505E40C98DAC}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{E70E25CD-A0FA-4128-A485-D026253186B1}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: FF Install Filter Service (InstallFilterService) . (...) - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: WajamUpdater (WajamUpdater) . (...) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (.not file.) =>Toolbar.Wajam
~ Services: 24 Legitimates Scanned in 00mn 09s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.76BDB923D81DE1119D521C64589BA481] [APT] [PCDEventLauncher] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\sessionchecker.exe [427088]
[MD5.78E8580D5C32E9627D1B69761B76ED72] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [1186376]
[MD5.00000000000000000000000000000000] [APT] [Updater27096.exe] (...) -- C:\Users\Juliane\AppData\Local\Updater27096\Updater27096.exe (.not file.) [0]
~ Scheduled Task: 10 Legitimates Scanned in 00mn 05s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 12 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (mfenlfk) . (.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - C:\Windows\System32\DRIVERS\mfenlfk.sys
~ Drivers: 66 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: Contenta Images To EPS - (.Contenta Software.) [HKLM][64Bits] -- ContentaImages2EPS
O42 - Logiciel: Eden Plugin version 1.3 - (.Fabemi.) [HKLM][64Bits] -- {AE2E94F7-C94D-4F0B-B512-A4BEF510C552}}_is1
O42 - Logiciel: Giant Savings - (.215 Apps.) [HKLM][64Bits] -- Giant Savings =>PUP.SpecialSavings
O42 - Logiciel: McAfee SecurityCenter - (.McAfee, Inc..) [HKLM][64Bits] -- MSC
O42 - Logiciel: Peggle Deluxe 1.021 - (...) [HKLM][64Bits] -- Peggle Deluxe 1.021
O42 - Logiciel: PicturesToExe 6.5 - (.WnSoft.) [HKLM][64Bits] -- {A254D625} PicturesToExe 6.5_is1
O42 - Logiciel: PicturesToExe 7.0 - (.WnSoft.) [HKLM][64Bits] -- {A254D625} PicturesToExe 7.0_is1
O42 - Logiciel: Productivity 2.2 Toolbar - (.Productivity 2.2.) [HKLM][64Bits] -- Productivity_2.2 Toolbar
O42 - Logiciel: Samplitude v6.04 - (...) [HKLM][64Bits] -- Samplitude v6.04
O42 - Logiciel: Services x86 - (.Corporate Inc.) [HKLM][64Bits] -- Services x86
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Widestream6 - (.Secure Digital Services.) [HKLM][64Bits] -- {835525BE-63BD-4EC4-9425-00CEAD4849C2}
O42 - Logiciel: Yontoo 1.10.02 - (.Yontoo LLC.) [HKLM][64Bits] -- {889DF117-14D1-44EE-9F31-C5FB5D47F68B} =>PUP.Yontoo
O42 - Logiciel: eSupport UndeletePlus 3.0.2.830 - (.Copyright � 2011 eSupport.com � All Rights Reserved.) [HKLM][64Bits] -- eSupport UndeletePlus_is1
~ Logic: 135 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\5957d6dce56ab947]
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\Giant Savings] =>Adware.VidSaver
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Productivity_2.2]
[HKCU\Software\AppDataLow\Software\Services x86]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Digital Publishing]
[HKCU\Software\FissaSearch]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\InstalledBrowserExtensions]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\PTE]
[HKCU\Software\Softonic]
[HKCU\Software\WideStream]
[HKCU\Software\WnSoft]
[HKCU\Software\delta LTD]
[HKLM\Software\DomaIQ]
[HKLM\Software\Tarma Installer] =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\5957d6dce56ab947]
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\DataMngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Productivity_2.2]
[HKLM\Software\Wow6432Node\WnSoft]
[HKLM\Software\Wow6432Node\widestream]
~ Key Software: 230 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 20/07/2011 - 12:33:52 - [88,997] ----D C:\Program Files (x86)\ContentaImages2EPS
O43 - CFD: 01/08/2012 - 18:09:49 - [2,358] ----D C:\Program Files (x86)\Eden Plugin
O43 - CFD: 15/09/2012 - 15:53:52 - [2,438] ----D C:\Program Files (x86)\Giant Savings =>Adware.VidSaver
O43 - CFD: 18/03/2011 - 11:58:55 - [0,092] ----D C:\Program Files (x86)\OfferBox =>PUP.OfferBox
O43 - CFD: 25/07/2012 - 22:30:39 - [8,968] ----D C:\Program Files (x86)\Productivity_2.2
O43 - CFD: 10/04/2013 - 00:31:56 - [5,857] ----D C:\Program Files (x86)\Services x86
O43 - CFD: 09/04/2013 - 16:35:54 - [52,797] ----D C:\Program Files (x86)\Spybot - Search & Destroy
O43 - CFD: 09/04/2013 - 21:57:39 - [0] ----D C:\Program Files (x86)\Wajam =>Toolbar.Wajam
O43 - CFD: 26/02/2011 - 09:14:21 - [3,668] ----D C:\Program Files (x86)\Widestream6
O43 - CFD: 03/03/2012 - 10:27:11 - [50,741] ----D C:\Program Files (x86)\WnSoft PicturesToExe
O43 - CFD: 12/02/2012 - 19:20:01 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 02/08/2012 - 10:41:08 - [149,841] ----D C:\ProgramData\EdenVirtuel
O43 - CFD: 28/10/2010 - 11:01:28 - [9,795] ----D C:\ProgramData\PicturesToExe
O43 - CFD: 09/04/2013 - 21:58:19 - [55,946] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 16/08/2012 - 23:20:28 - [1,633] ----D C:\ProgramData\Tarma Installer =>Toolbar.Tarma
O43 - CFD: 28/02/2011 - 09:14:18 - [0,235] ----D C:\Users\Juliane\AppData\Roaming\OfferBox =>PUP.OfferBox
O43 - CFD: 25/07/2012 - 22:30:17 - [26,735] ----D C:\Users\Juliane\AppData\Roaming\OpenCandy =>Adware.OpenCandy
O43 - CFD: 26/02/2011 - 09:14:31 - [0,001] ----D C:\Users\Juliane\AppData\Roaming\widestream
O43 - CFD: 25/07/2012 - 22:26:16 - [0,048] ----D C:\Users\Juliane\AppData\Local\Giant Savings =>Adware.VidSaver
O43 - CFD: 03/03/2012 - 10:27:39 - [0,058] ----D C:\Users\Juliane\AppData\Local\PicturesToExe
O43 - CFD: 27/02/2013 - 22:14:31 - [0,012] ----D C:\Users\Juliane\AppData\Local\Services x86
O43 - CFD: 09/04/2013 - 15:39:09 - [0,537] ----D C:\Users\Juliane\AppData\Local\widestream6 Air
O43 - CFD: 03/03/2012 - 10:29:36 - [0,000] ----D C:\Users\Juliane\AppData\Local\WnSoft
~ 366 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 609 Legitimates Scanned in 00mn 37s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.D9724199EDB4000E252126F140FEE83A] - 09/04/2013 - 20:57:40 ---A- . (...) -- C:\Windows\wininit.ini [365]
O44 - LFC:[MD5.AB187F4E6E1996803DF9C19B7188E222] - 09/04/2013 - 15:31:56 ---A- . (...) -- C:\Windows\Speeditup Free Setup Log.txt [4524]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 08/04/2013 - 21:16:52 ---A- . (...) -- C:\END [0]
~ Files: 100 Legitimates Scanned in 00mn 26s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.548132BDFFDEE1F69A3D26444385D035] - 10/04/2013 - 09:16:51 ---A- - C:\Windows\Prefetch\MCHLP32.EXE-A1BD3ED8.pf
O45 - LFCP:[MD5.ADFC344A130693E7394923332053E6CC] - 10/04/2013 - 16:48:10 ---A- - C:\Windows\Prefetch\PCDRCUI.EXE-D9A6ECD0.pf
O45 - LFCP:[MD5.422716AEAC7577A300922AAF9C3CB538] - 11/04/2013 - 07:29:37 ---A- - C:\Windows\Prefetch\INSTALLFILTERSERVICE.EXE-E42B621B.pf
O45 - LFCP:[MD5.B3DC882D6EA01D524D95C5F9E27446D9] - 11/04/2013 - 07:29:37 ---A- - C:\Windows\Prefetch\MCSVHOST.EXE-DE4FDB91.pf
O45 - LFCP:[MD5.864818DDCDE79402C3895D7181C2361E] - 11/04/2013 - 07:29:37 ---A- - C:\Windows\Prefetch\MFEVTPS.EXE-B6379CFE.pf
O45 - LFCP:[MD5.45B6F48A0D4AC6BE035E54D6AF7DA3C0] - 11/04/2013 - 07:29:39 ---A- - C:\Windows\Prefetch\RPLAUNCH.EXE-E7F444A6.pf
O45 - LFCP:[MD5.06ED2E0DF449AD55AE9469BA851B4B38] - 11/04/2013 - 07:29:40 ---A- - C:\Windows\Prefetch\HSTART.EXE-5DFB4693.pf
O45 - LFCP:[MD5.797A8245D8FB4775124CFE7E71C0E972] - 11/04/2013 - 07:29:47 ---A- - C:\Windows\Prefetch\BCDEDIT.EXE-FE221428.pf
O45 - LFCP:[MD5.82CB6D32E64CE4CAA8D2ABD25D77AEC3] - 11/04/2013 - 07:29:47 ---A- - C:\Windows\Prefetch\SETMUILANGUAGE.EXE-75C1693C.pf
O45 - LFCP:[MD5.530C0A24C9E87D64B9E5E6D225DC9C57] - 11/04/2013 - 07:29:48 ---A- - C:\Windows\Prefetch\TOASTER.EXE-FA37BFBF.pf
O45 - LFCP:[MD5.094BBB8945DC2B419ACFEF4F94EC2F68] - 11/04/2013 - 07:29:49 ---A- - C:\Windows\Prefetch\STSERVICE.EXE-1A38963E.pf
O45 - LFCP:[MD5.8210CD7B82A60B49F2533B0CBEBCB9CD] - 11/04/2013 - 07:29:50 ---A- - C:\Windows\Prefetch\DSUPD.EXE-BADB1CF5.pf
O45 - LFCP:[MD5.8BE97958C415730A0ED0C8F1FC5332D0] - 11/04/2013 - 07:30:04 ---A- - C:\Windows\Prefetch\FF_PROTECTION.EXE-F76EF96F.pf
O45 - LFCP:[MD5.BD155508F0D3F8A9F052860D03DECD9A] - 12/04/2013 - 06:54:54 ---A- - C:\Windows\Prefetch\TEATIMER.EXE-81948FA1.pf
O45 - LFCP:[MD5.7DA2D2F2FB4138D8FA7C5A297A621BF5] - 12/04/2013 - 06:54:55 ---A- - C:\Windows\Prefetch\DATASAFEONLINE.EXE-C37565CF.pf
O45 - LFCP:[MD5.C7EFC8F7BEF228E161872CB62048D47D] - 12/04/2013 - 06:55:38 ---A- - C:\Windows\Prefetch\ROXIO BURN.EXE-0230EABF.pf
O45 - LFCP:[MD5.8D16BB3A373F8A8B64E2179D590F3FFE] - 12/04/2013 - 06:57:05 ---A- - C:\Windows\Prefetch\MCODS.EXE-2005F4F8.pf
O45 - LFCP:[MD5.C89FB787C7441AE3A1F612367CEA2FC4] - 12/04/2013 - 06:59:09 ---A- - C:\Windows\Prefetch\MCHOST.EXE-DF335CC7.pf
O45 - LFCP:[MD5.61EC520CA6C1E09B1B6060C422276BE7] - 12/04/2013 - 07:00:22 ---A- - C:\Windows\Prefetch\MCINSTRU.EXE-2A42CDBC.pf
O45 - LFCP:[MD5.D4614F2E24F726227E90679A96F952B9] - 12/04/2013 - 07:00:25 ---A- - C:\Windows\Prefetch\MCINST.EXE-C5518D5B.pf
O45 - LFCP:[MD5.6FBC1483DC6B7F8786EA82026493005D] - 12/04/2013 - 07:00:25 ---A- - C:\Windows\Prefetch\MCOCROLLBACK.EXE-859500FC.pf
O45 - LFCP:[MD5.FAB8DA381EAF718B736F02E49726FF98] - 12/04/2013 - 07:00:29 ---A- - C:\Windows\Prefetch\MCSMTFWK.EXE-74FB5724.pf
~ Prefetcher: 140 Legitimates Scanned in 00mn 01s



---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 9 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 15 Legitimates Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.C49C56B35BFC6CDA8D1FDCAD2885568F] - 24/07/2009 - 07:13:02 ---A- . (.ST Microelectronics - Accelerometer Port I/O.) -- C:\Windows\System32\Drivers\Acceler.sys [23912]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 09/04/2013 - 12:09:16 ---A- C:\Users\Juliane\Downloads\Speedup-PC-4-Free.exe [1609064]
O61 - LFC: 09/04/2013 - 14:36:31 ---A- C:\Users\Juliane\AppData\Local\widestream6 Air\update.sxe [1225]
O61 - LFC: 09/04/2013 - 14:36:31 ---A- C:\Users\Juliane\AppData\Local\widestream6 Air\update.xml [425]
O61 - LFC: 09/04/2013 - 14:36:32 ---A- C:\Users\Juliane\AppData\Local\widestream6 Air\cid.txt [16]
O61 - LFC: 09/04/2013 - 14:39:09 ---A- C:\Users\Juliane\AppData\Local\widestream6 Air\history.db [74752]
O61 - LFC: 09/04/2013 - 15:32:52 ---A- C:\Users\Juliane\Downloads\spybotsd162.exe [16409960]
O61 - LFC: 10/04/2013 - 09:07:10 ---A- C:\Users\Juliane\Videos\dessin animee\Mike_le_Chevalier_et_les_casseroles_disparues_-_Vid_o_replay.mp4 [64855180]
O61 - LFC: 12/04/2013 - 07:02:02 ---A- C:\Users\Juliane\Downloads\HijackThis.exe [388608]
~ 26 Fichiers temporaires (Temporary files)
~ 1 Fichiers cookies (Cookies files)
~ Files: 60 Legitimates Scanned in 12mn 56s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 15/10/2011 - C:\Windows\System32\DRIVERS\mfenlfk.sys (mfenlfk) .(.McAfee, Inc. - McAfee NDIS Light Filter Driver.) - LEGACY_MFENLFK
~ Legacy: 94 Legitimates Scanned in 00mn 03s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\searchplugins\askcom.xml
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("avg.install.userHPSettings", "");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("avg.install.userSPSettings", "");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.admin", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.aflt", "babsst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.babExt", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.babTrack", "affID=113480&tt=3012_1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.babext", "babExt"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.bbdpng", 28); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.dfltLng", "en"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.dfltsrch", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.envrmnt", "production"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.excTlbr", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.firstrun", false); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.hdrMd5", "9E764640F9C5B76BCE728FAACFFBF7DF"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.hmpg", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.hrdid", "2a85afe60000000000005cac4c959648"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.id", "2a85afe60000000000005cac4c959648"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.instlDay", "15546"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.instlRef", "sst"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.isdcmntcmplt", "false"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.keywordurl", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.29.122:26:28"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.lastdp", 28); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.0"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.newTab", true); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.newtaburl", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.sg", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.smplGrp", "azb"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.srcExt", "ss"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.srch", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.srchprvdr", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.tlbrId", "tb9"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://www.google.com/search?babsrc=TB_ggl&q="); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.29.122:26:28"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar_i.babExt", ""); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar_i.babTrack", "affID=113480&tt=3012_1"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.122:26:28"); =>Toolbar.Babylon
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.Fissa.lastRunTime", "Mon, 28 Feb 2011 20:53:52 GMT");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.crossrider.bic", "13d1d4d25ea83308fadcb830fbca373f"); =>PUP.CrossRider
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.admin", false);
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.aflt", "babsst");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.autoRvrt", "false");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.babTrack", "affID=113480&tt=3012_1");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.bbDpng", "9");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.cntry", "FR");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.dfltLng", "en");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.excTlbr", false);
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.hdrMd5", "99503A61554B4906245EA1216BA5ED15");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.hmpg", false);
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.id", "2a85afe60000000000005cac4c959648");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.instlDay", "15797");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.instlRef", "sst");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.lastVrsnTs", "");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.newTab", false);
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.prdct", "delta");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.prtnrId", "delta");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.rvrt", "false");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.sg", "azb");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.smplGrp", "none");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.tlbrId", "base");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.tlbrSrchUrl", "");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.vrsn", "1.8.10.0");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.vrsnTs", "1.8.10.022:03:07");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("extensions.delta.vrsni", "1.8.10.0");
O69 - SBI: prefs.js [Juliane - apgo73hw.default] user_pref("keyword.URL", "http://search.babylon.com/?babsrc=SP_ss&mntrId=2a85afe60000000000005cac4c959648&tlver=1.5.29.1&instlRef=[...] =>Toolbar.Babylon
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Delta Search) - http://www.delta-search.com =>Toolbar.DeltaSearch
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {379A3594-A0FD-481C-A243-A22784DA9607} - (Recherche s�curis�e) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {58B70C00-E7FA-4AB5-86EE-31ED1F00E694} - (Secure Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {833688E0-66EC-41F0-8B24-9B0363D1274A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - (Productivity 2.2 Customized Web Search) - http://search.conduit.com
~ Keys: Scanned in 00mn 01s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 01s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.E92604E043F51C604B6D1AC3BCD3A202] [SPRF][21/12/2011] (.Igor Pavlov - 7-Zip Standalone Console.) -- C:\Users\Juliane\AppData\Local\Temp\7za.exe [536064]
[MD5.DA1F52F275BB5881FBBF7792DB713A34] [SPRF][10/11/2011] (.Ask.com - AskStub Application.) -- C:\Users\Juliane\AppData\Local\Temp\ApnStub.exe [357032]
[MD5.B9918718C6AF9F92F9E49A01AF35DEB7] [SPRF][09/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Juliane\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.A94085863F6939C6E302EE49089A6A0F] [SPRF][18/10/2012] (.McAfee, Inc. - McAfee Scanner Content Installer.) -- C:\Users\Juliane\AppData\Local\Temp\contentDATs.exe [987080]
[MD5.75F8BC409A632D86022BC3EE172CF76D] [SPRF][14/04/2012] (...) -- C:\Users\Juliane\AppData\Local\Temp\defaultCache.reg [1469404]
[MD5.EC133E6855E312C4BC851FA8E57D19A4] [SPRF][16/08/2012] (.Alactro LLC - Installer.) -- C:\Users\Juliane\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe [1342040]
[MD5.8B976012E9C43343DC790631231A1849] [SPRF][03/01/2011] (...) -- C:\Users\Juliane\AppData\Local\Temp\GLFB429.tmp.ConduitEngineSetup.exe [158048]
[MD5.39D998E29DC9277C8762070901E69A32] [SPRF][24/06/2011] (.Google Inc. - Google Toolbar Installer.) -- C:\Users\Juliane\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe [235184]
[MD5.676A86173A1FE2698C6F049D74DC6EB2] [SPRF][16/09/2010] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Juliane\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe [875296]
[MD5.56F031368A9389F1E3B7267B5A9172BB] [SPRF][21/07/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Juliane\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe [910624]
[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [SPRF][14/11/2011] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\Juliane\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe [909088]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][30/08/2012] (...) -- C:\Users\Juliane\AppData\Local\Temp\ktwd4m2v.dll [0]
[MD5.81EBC5DB32DA754CAE9E200B70F06DE2] [SPRF][01/11/2010] (.Microsoft Corporation - Barre d'outils Bing.) -- C:\Users\Juliane\AppData\Local\Temp\MSN2BCE.exe [469256]
[MD5.632142A6B33FAF2DBC541C5899BA98E8] [SPRF][21/06/2011] (.Ask.com - Setup Launcher.) -- C:\Users\Juliane\AppData\Local\Temp\NEW8155.tmp.exe [3119832]
[MD5.C174C001850965D769108441A55F2F29] [SPRF][26/02/2012] (.Ask.com - Setup Launcher.) -- C:\Users\Juliane\AppData\Local\Temp\NEWB48B.tmp.exe [3505392]
[MD5.D766248A38909B0A45DA66AE4B8C5955] [SPRF][16/05/2012] (...) -- C:\Users\Juliane\AppData\Local\Temp\OptChrome.exe [134144]
[MD5.A843F4EF48B6CFA50F6EC7EED3D9DC56] [SPRF][27/06/2011] (...) -- C:\Users\Juliane\AppData\Local\Temp\priln0de.dll [28672]
[MD5.3A5627E0AB06F3CA7FB238CE5EE8CDF9] [SPRF][03/01/2011] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\Juliane\AppData\Local\Temp\prxGLFB429.tmp.tbProd.dll [175400] =>Toolbar.Conduit
[MD5.08F0A96A9E4C5218E384F51BBB698DF4] [SPRF][14/02/2013] (.McAfee, Inc. - McAfee Security Scan Plus Installer.) -- C:\Users\Juliane\AppData\Local\Temp\SecurityScan_Release.exe [3793216]
[MD5.9738475FF9A6A9ADDC1BE56FB55CD3B4] [SPRF][14/02/2013] (.Ask - Wrapper Application.) -- C:\Users\Juliane\AppData\Local\Temp\setup.exe [4163720]
[MD5.8D03B10F0DCED524A88A3FF4B370F50D] [SPRF][18/01/2012] (...) -- C:\Users\Juliane\AppData\Local\Temp\sqlite3.exe [465408]
[MD5.36179B382A989075FF5FA282434F6892] [SPRF][21/03/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Juliane\AppData\Local\Temp\uninst1.exe [394736] =>Toolbar.Babylon
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][30/08/2012] (...) -- C:\Users\Juliane\AppData\Local\Temp\viurnq-t.dll [0]
[MD5.4BF437CDDF8C692738CFA413231C9B3C] [SPRF][16/05/2012] (.Yontoo LLC - Yontoo Runtime.) -- C:\Users\Juliane\AppData\Local\Temp\YontooIEClient.dll [194928] =>PUP.Yontoo
[MD5.E8F0C3AF81A302E9E1580F851AD84C5F] [SPRF][05/06/2012] (.Yontoo LLC - Installer.) -- C:\Users\Juliane\AppData\Local\Temp\YontooSetup-S.exe [1051840] =>PUP.Yontoo
[MD5.2A665235EE16982136845E78789E69DC] [SPRF][16/08/2012] (.Iminent - Iminent Setup.) -- C:\Users\Juliane\Desktop\20120702IminentSetup.exe [825976] =>Adware.IMBooster
[MD5.8F4A7D7CC1CCFA5A22D5601F585B8402] [SPRF][16/08/2012] (.Copyright � 2011 eSupport.com � All Rights - eSupport UndeletePlus Setup.) -- C:\Users\Juliane\Desktop\undeleteplus_setup_ask.exe [3871536]
[MD5.DAEE914ABCF0081AAF23689E4A8C27DD] [SPRF][14/09/2010] (.Adobe Systems, Inc. - Adobe� Flash� Player Installer/Uninstaller 10.1 r85.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2826192]
[MD5.7FAF5222EEB546E1DC0F348DCB314B0B] [SPRF][29/08/2006] (.Zylom Games - Zylom Games Player.) -- C:\Windows\Downloaded Program Files\zylomgamesplayer.dll [161976]
~ Files: Scanned in 00mn 02s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{64F5CD93-DA02-4862-898B-E206CDFBD49E}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Opera\opera.exe (.not file.)
O87 - FAEL: "{6088CC72-A984-4177-B130-56FC59089054}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Opera\opera.exe (.not file.)
~ Firewall: 204 Legitimates Scanned in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : v2.11512 - (11/04/2013)
Cl�s trouv�es (Keys found) : 211
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 23
Fichiers trouv�s (Files found) : 17

[HKLM\Software\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}] =>Adware.IMBooster
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F6E720A-1A6B-40E1-A294-1D4D19F156C8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}] =>PUP.RewardsArcade
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKLM\Software\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a6dc111-b030-4c3e-be65-299284128b91}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1a6dc111-b030-4c3e-be65-299284128b91}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1a6dc111-b030-4c3e-be65-299284128b91}] =>Adware.SPointer
[HKLM\Software\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}] =>PUP.RewardsArcade
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}] =>Adware.Yontoo
[HKLM\Software\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Services x86] =>PUP.CrossRider
[HKLM\Software\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}] =>PUP.RewardsArcade
[HKLM\Software\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}] =>PUP.RewardsArcade
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}] =>Adware.Yontoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{df780f87-ff2b-4df8-92d0-73db16a1543a}] =>Adware.PopCap
[HKLM\Software\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster
[HKLM\Software\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}] =>PUP.RewardsArcade
[HKLM\Software\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASMANCS] =>Toolbar.Bing
[HKLM\Software\Classes\Conduit.Engine] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\Software\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C] =>Adware.SPointer
[HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdater] =>Toolbar.Wajam
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\DataMngr] =>Adware.Bandoo
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\Productivity_2.2] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Productivity_2.2] =>Toolbar.Conduit
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Tarma Installer] =>Toolbar.Agent
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\WideStream] =>Adware.SPointer
[HKLM\Software\Wow6432Node\WideStream] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Iminent_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{835525BE-63BD-4EC4-9425-00CEAD4849C2}] =>Adware.SPointer
[HKCU\Software\AppDataLow\Software\Services x86] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Giant Savings] =>Adware.VidSaver
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP] =>Adware.IMBooster
[HKCU\Software\InstalledBrowserExtensions\215 Apps] =>PUP.SpecialSavings
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1A6DC111-B030-4C3E-BE65-299284128B91}] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1A6DC111-B030-4C3E-BE65-299284128B91}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1A6DC111-B030-4C3E-BE65-299284128B91}] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A61376FF-292A-4591-A6B5-D90771424583}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{25B7FAD8-85B3-40A4-BBB8-22DBB95831E1}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4FD0EE11-D5B1-41B1-A3BD-F537539804EE}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{5D82D8DD-B839-47C1-B8E0-AD754F949BB6}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{AC146D1D-7588-4F3F-8F1E-9500F90618A8}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{606D89E9-C72A-4E4D-8D3A-142B2A74FF1B}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9B218861-1CAD-41E9-8105-1291A91CA488}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9B218861-1CAD-41E9-8105-1291A91CA488}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{0B25FF79-796A-4C2E-B09B-7921065D8EF8}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{1EB45B75-E889-42BE-B0C9-C8E0EE687052}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{F44202AE-BE61-41C8-AFEA-5E494EC7595B}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{F42A2432-287D-4161-8C94-99C06BEE7A81}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{B690A281-F7D4-4E0F-BA02-A12ADD86277B}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{54ADB4A4-6C88-4710-A227-820961B9981E}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\Interface\{2735FAF8-D5DC-41F6-8BDA-B3F4A828C3DF}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Classes\CrossriderApp0004479.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.BHO] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.BHO.1] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox] =>PUP.CrossRider
[HKLM\Software\Classes\CrossriderApp0027096.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Classes\Widestream6.Spointer] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.Spointer.4] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerAdProvider] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerAdProvider.4] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerBanner] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerBanner.4] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Classes\Toolbar.CT2903601] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0004479.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0027096.BHO] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0027096.BHO.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0027096.Sandbox] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\CrossriderApp0027096.Sandbox.1] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\Classes\Widestream6.Spointer] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.Spointer.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerAdProvider] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerAdProvider.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerBanner] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerBanner.4] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerCtrl] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Widestream6.SpointerWebDisp] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2903601] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\Giant Savings =>Adware.VidSaver
C:\Program Files (x86)\OfferBox =>PUP.OfferBox
C:\Program Files (x86)\Software =>Adware.Boxore
C:\Program Files (x86)\Widestream6 =>Adware.SPointer
C:\Program Files (x86)\Services x86 =>PUP.CrossRider
C:\ProgramData\Software =>Adware.Boxore
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Widestream6 =>Adware.SPointer
C:\Users\Juliane\AppData\Roaming\OfferBox =>PUP.OfferBox
C:\Users\Juliane\AppData\Roaming\OpenCandy =>Adware.OpenCandy
C:\Users\Juliane\AppData\Roaming\Widestream =>Adware.SPointer
C:\Users\Juliane\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Juliane\AppData\Local\Giant Savings =>Adware.VidSaver
C:\Users\Juliane\AppData\Local\Software =>Adware.Boxore
C:\Users\Juliane\AppData\Local\widestream6 Air =>Adware.SPointer
C:\Users\Juliane\AppData\Local\Services x86 =>PUP.CrossRider
C:\Users\Juliane\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\Juliane\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Juliane\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Juliane\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Users\Juliane\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis
C:\Users\Juliane\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\extensions\@FissaPlugin =>PUP.OfferBox
C:\Users\Juliane\AppData\Roaming\Mozilla\Firefox\Profiles\apgo73hw.default\SearchPlugins\fissa.xml =>PUP.OfferBox
C:\Users\Juliane\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
C:\Users\Juliane\AppData\Local\Temp\YontooFFClient.xpi =>Adware.Yontoo
C:\Users\Juliane\AppData\Local\Temp\YontooIEClient.dll =>Adware.Yontoo
C:\Users\Juliane\AppData\Local\Temp\YontooLayers.crx =>Adware.Yontoo
C:\Users\Juliane\AppData\Local\Temp\YontooLayers.pem =>Adware.Yontoo
C:\Users\Juliane\AppData\Local\Temp\YontooSetup-S.exe =>Adware.Yontoo
C:\Users\Juliane\Desktop\20120702IminentSetup.exe =>Adware.IMBooster
C:\Users\Juliane\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\Juliane\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
C:\Users\Juliane\AppData\Local\Temp\GoogleToolbarInstaller_stub_signed.exe =>Toolbar.Babylon
C:\Users\Juliane\AppData\Local\Temp\prxGLFB429.tmp.tbProd.dll =>Toolbar.Conduit
~ Additionnel: Scanned in 00mn 48s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "A7FF4F04412B35449B3780B090EC0D91" . (.LoJack Factory Installer.) -- C:\Windows\Installer\{40F4FF7A-B214-4453-B973-080B09CED019}\_6FEFF9B68218417F98F549.exe
O90 - PUC: "EB525538DB364CE4495200ECDA84942C" . (.Widestream6.) -- C:\Windows\Installer\{835525BE-63BD-4EC4-9425-00CEAD4849C2}\ARPPRODUCTICON.exe
~ Update Products: 132 Legitimates Scanned in 00mn 00s



---\\ Random Export Key (O91)
[HKCU\Software\5957d6dce56ab947\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5957d6dce56ab947\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1095.52]:version="2.6.1095.52"
[HKCU\Software\5957d6dce56ab947\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:guid="{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}"
[HKCU\Software\5957d6dce56ab947\history\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}2.6.1125.80]:version="2.6.1125.80"
[HKCU\Software\5957d6dce56ab947] =>Toolbar.Babylon^
[HKLM\Software\Wow6432Node\5957d6dce56ab947] => Cl� orpheline
~ Export Key Software: Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/03/2009 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
SR - | Auto 18/11/2009 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 21/08/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
SR - | Auto 09/06/2009 155648 | (DockLoginService) . (.Stardock Corporation.) - C:\Program Files\Dell\DellDock\DockLogin.exe
SS - | Demand 28/10/2010 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 60928 | (InstallFilterService) . (...) - C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
SR - | Auto 30/09/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 27/01/2011 249936 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 05/02/2013 235216 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe
SR - | Auto 27/01/2011 249936 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 27/01/2011 249936 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 27/01/2011 249936 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 27/01/2011 249936 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 23/06/2011 501768 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe
SR - | Auto 27/01/2011 249936 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SR - | Auto 18/10/2011 199272 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
SR - | Auto 18/10/2011 208536 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
SR - | Auto 18/10/2011 161168 | (mfevtp) . (.McAfee, Inc..) - C:\Windows\system32\mfevtps.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 27/01/2011 249936 | (MSK80Service) . (.McAfee, Inc..) - C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
SS - | Demand 04/09/2012 25584 | (PCDSRVC{1E208CE0-FB7451FF-06020200}_0) . (.PC-Doctor, Inc..) - c:\program files\dell support center\pcdsrvc_x64.pkms
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
SR - | Auto 18/08/2011 1692480 | (SftService) . (.SoftThinks SAS.) - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.exe
SS - | Auto 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto 20/01/2010 244736 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
SR - | Auto 29/05/2012 2143072 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
SS - | Demand 02/11/2009 126352 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SR - | Auto 30/09/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 0 | (WajamUpdater) . (...) - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe =>Toolbar.Wajam
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SS - | Disabled 33280 | (wltrysvc) . (...) - C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 04s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Juliane at 12/04/2013 09:58:39

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 1840 Legitimates filtered by white list
End of the scan (1085 lines in 18mn 25s)(0)

Publicité


Signaler le contenu de ce document

Publicité