Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.21.127 par Nicolas Coolman, Update du 21/04/2013
Run by st�phanie at 22/04/2013 23:30:00
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 9XP6F
Windows License : OK
Windows Automatic Updates : OK
---\\ System Protection
Avira AntiVir Personal - Free Antivirus v10.2.0.167
Malwarebytes Anti-Malware version 1.75.0.1300
SUPERAntiSpyware Free Edition v4.30.0.1004
---\\ System Optimizer
CCleaner v3.17
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 17
---\\ System Information
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (50% free)
System Restore: Activ� (Enable)
System drive C: has 20 GB (17%) free of 113 GB
---\\ Logged in mode
~ Computer Name: PC-DE-ST�PHANIE
~ User Name: st�phanie
~ All Users Names: st�phanie, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\st�phanie\AppData\Roaming\
~ %Desktop% : C:\Users\st�phanie\Desktop\
~ %Favorites% : C:\Users\st�phanie\Favorites\
~ %LocalAppData% : C:\Users\st�phanie\AppData\Local\
~ %StartMenu% : C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 20 Go of 113 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 113 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ CD-ROM drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parall�le.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/199
~ Mes musiques (My Musics) : 63/87
~ Mes Videos (My Videos) : 1/46
~ Mes Favoris (My Favorites) : 3/305
~ Mes Documents (My Documents) : 3/2281
~ Mon Bureau (My Desktop) : 1/17
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lanc�s
[MD5.90D909E329CDDF97BFCCD6E7E1731F20] - (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe [148864] [PID.676]
[MD5.8D3AEF4278F58810A43D5685CEEEE524] - (...) -- C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe [14081408] [PID.2176]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3932]
[MD5.AD8D5EB999C397245CCBE78BCAFF1656] - (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [453120] [PID.3944]
[MD5.C60BF727B3C6A3F4B0F8E0F99AFF4AA7] - (.BIGDOG - BIGDOG.) -- C:\Windows\VM_STI.exe [40960] [PID.3960]
[MD5.201F07F6E5E08B41B5BCC2AB3D339ECC] - (...) -- C:\Windows\System32\SysMonitor.exe [319488] [PID.3968]
[MD5.A503A47A5E7EA8024379A8CC6059B74A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [3784704] [PID.3976]
[MD5.FEE45AD0B1EBF2C2D295B59BA593F6CD] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521464] [PID.4012]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.4036]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.4044]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.4080]
[MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.3512]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2788]
[MD5.2B6E0D6C6DA433E54B706B41A936A01F] - (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.exe [393216] [PID.792]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4288]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe [1312720] [PID.4880]
[MD5.2D9A1A43307EC9BB267BE9F90B4AF0D5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6936576] [PID.5044]
[MD5.8C260202F8124EA7AA5C4D75B691351A] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [729088] [PID.1132]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1360]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1916]
[MD5.5255B055EDE6285BF34F2F9B60C5B7D8] - (.Pas de propri�taire - MemCheck.Service.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [24576] [PID.2256]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.2296]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.2324]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2356]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.2372]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2388]
[MD5.1778EBA872274C1226D869CD9486847E] - (.InterVideo Inc. - Capture Device Service.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168] [PID.2412]
[MD5.565619F1B6DA86E3C7BA75A1E60ECFCD] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768] [PID.2444]
[MD5.6E5DAC168D1FF9843E84A59D51D31107] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.2636]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2680]
[MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propri�taire - nTitles PSIService.) -- C:\Windows\system32\PSIService.exe [174656] [PID.2752]
[MD5.A76CDDB6D1F25797843E2557A2118E2E] - (.Pas de propri�taire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360] [PID.2780]
[MD5.A2C02B15ABED937B0570DE3A5A4C405B] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [49152] [PID.3012]
[MD5.E46B17060D3962A384AE484094614788] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3864]
[MD5.DCF3E3EDF5109EE8BC02FE6E1F045795] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504] [PID.4324]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\st�phanie\AppData\Roaming\Mozilla\Firefox\Profiles\k0u2daf0.default\prefs.js
M3 - MFPP: Plugins - [st�phanie] -- C:\Users\st�phanie\AppData\Roaming\Mozilla\Firefox\Profiles\k0u2daf0.default\searchplugins\YouGoo.xml
M3 - MFPP: Plugins - [st�phanie] -- C:\Program Files\Mozilla FireFox\searchplugins\Web Search.xml
P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\libdivx.dll
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll
P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\ssldivx.dll
P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent�.) -- C:\Program Files\DNA\plugins\npbtdna.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
~ Firefox Browser: 59 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 13 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - [HKLM]{7C523BE6-3EB3-4FD5-87D1-FC95E65AA763} . (...) -- (.not file.)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [BigDogPath] . (.BIGDOG - BIGDOG.) -- C:\Windows\VM_STI.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] . (...) -- C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX410 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\st�phanie\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Win Startup Manager] . (.Microsoft Corporation - Microsoft� Resource File To COFF Object Con.) -- C:\Users\st�phanie\AppData\Roaming\Windows NT\recovery.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\st�phanie\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [EPSON SX410 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\st�phanie\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Win Startup Manager] . (.Microsoft Corporation - Microsoft� Resource File To COFF Object Con.) -- C:\Users\st�phanie\AppData\Roaming\Windows NT\recovery.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\st�phanie\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\st�phanie\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Programs: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Users\st�phanie\temp\TeamViewer\Version7\TeamViewer.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Advanced WindowsCare V2 Personal.lnk . (.IObit - Advanced WindowsCare V2 Personal.) -- C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: BitTorrent.lnk . (.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Horaires de Trains.lnk - Cl� orpheline
O4 - GS\QuickLaunch: InfraRecorder.lnk . (.Christian Kindahl - InfraRecorder.) -- C:\Program Files\InfraRecorder\infrarecorder.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - GS\QuickLaunch: MP3 Rocket 6.3.2.lnk . (...) -- C:\Program Files\MP3 Rocket\MP3Rocket.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - GS\QuickLaunch: Vos D�marches Administratives.lnk - Cl� orpheline
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
O4 - GS\Desktop: Assistance Livebox.lnk . (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - Global Startup: C:\Users\st�phanie\Desktop\Contr�le parental.url . (...) -- C:\Users\st�phanie\Desktop\Contr�le parental.url
O4 - GS\Desktop: EasyCleaner.lnk . (.ToniArts - EasyCleaner executable.) -- C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\st�phanie\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Desktop: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Users\st�phanie\temp\TeamViewer\Version7\TeamViewer.exe
O4 - GS\Desktop: TreeSize Free.lnk . (.JAM Software - TreeSize Free hard disk space manager.) -- C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.exe
O4 - GS\Desktop: Video Downloader.lnk . (...) -- C:\Program Files\vGrabber-software\VideoDownloader.exe
O4 - GS\Desktop: WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe
O4 - GS\Desktop: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
O4 - GS\Desktop: Wondershare Streaming Audio Recorder.lnk . (...) -- C:\Program Files\Wondershare\Streaming Audio Recorder\StreamingAudioRecorder.exe
O4 - GS\Desktop: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} -- Cl� orpheline
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Messenger.) -- C:\Program Files\Messenger\MSMSGS.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Capture Device Service (Capture Device Service) . (.InterVideo Inc. - Capture Device Service.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propri�taire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
~ Services: 16 Legitimates Filtered in 00mn 06s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCConfidential.job [416]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job [272]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job [280]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\rpc.job [386]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter-st�phanie-Startup.job [364]
[MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [PCConfidential] (...) -- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (.not file.) [0]
[MD5.601442F23D35D79F3BD4C52D17737894] [APT] [RegClean Pro_DEFAULT] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [8953728]
[MD5.601442F23D35D79F3BD4C52D17737894] [APT] [RegClean Pro_UPDATES] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [8953728]
[MD5.00000000000000000000000000000000] [APT] [rpc] (...) -- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SLOW-PCfighter-st�phanie-Startup] (...) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YourFile DownloaderUpdate] (...) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0943A997-D279-4F2C-942E-FF5055822608}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\Magentic\MAGENT~1\bin\mgsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{12E05834-6AD7-46A8-B212-410F89EC9588}] (...) -- C:\Users\st�phanie\Desktop\dotnetfx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{189C0291-680F-475D-B665-66829BBB7961}] (...) -- C:\Users\st�phanie\Desktop\EnjoySetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{22F9178B-C74D-4646-96C0-176792CC1E1E}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\installation.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2673FC68-2077-42BF-B8B6-1298EF124C29}] (...) -- C:\Users\st�phanie\Desktop\LimeWireWin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C64398E-F006-4DFD-96FD-60C92E6DC714}] (...) -- C:\Users\st�phanie\Searches\Downloads\EClea2_0\EasyClea.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EED7C93-577F-4AD8-B059-1379E46823CF}] (...) -- C:\Users\st�phanie\Desktop\mcoinstall\mcoinstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EF67F26-0AC5-4244-9DE2-184D4C38244A}] (...) -- C:\Users\st�phanie\Desktop\SecureInstall_LOFS020701Inst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3E5CAA94-8638-43F8-8C95-F7EE25CE4B67}] (...) -- C:\Users\st�phanie\Searches\Downloads\coolbooster(2).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{41C3F873-44AD-4F8B-A37F-3C42948FF267}] (...) -- C:\Users\st�phanie\Desktop\Pack617Winks\mcoinstall-setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{55326481-605E-4B82-89FA-917F1243205A}] (...) -- C:\Users\st�phanie\Searches\Downloads\UnFREEzfr\UnFREEzfr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{567A5937-220C-4850-97CA-CF58E4B3C282}] (...) -- C:\Users\st�phanie\Desktop\flash-player_flash_player_8_mozilla_firefox_opera_francais_15285.exe (.not file.) [0]
[MD5.1E61921755C9BE43544AC7B0994C7D1C] [APT] [{62BD8ACE-95F6-4933-BA94-9CD74977D27E}] (.Aapie.Net.) -- C:\Windows\system32\mcoinstall.exe [28672]
[MD5.00000000000000000000000000000000] [APT] [{7989E790-803D-4E14-9E21-139BA642148F}] (...) -- C:\Users\st�phanie\Documents\My Pando Packages\Adobe� Photoshop CS3 v10.0 Full\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{88272E19-4D74-4C11-8CF2-9155015E1891}] (...) -- C:\Users\st�phanie\Searches\Downloads\rose_tribal(MsnTrucAstuce.free.fr).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8D8C19A3-D435-4EEB-977A-93662FC3164C}] (...) -- C:\Users\st�phanie\Shared\super point de croix naked\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B42DDAEC-A11E-4F3B-8AE8-A64243D670A9}] (...) -- C:\Program Files\My.Freeze.com Toolbar\settings_uninstall_app.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C0C0D0E0-4A97-4A74-B8A3-622C6A9B277E}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\ImInstaller\IncrediMail\IncrediMail_Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C9EFC64F-F787-4E57-8AAD-8E825694B0BD}] (...) -- C:\Program Files\Freeze.com\Lightning Storm\UNINSTAL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E29C2BB1-0B6C-4B22-A4DB-30514CF895EF}] (...) -- C:\Users\st�phanie\Desktop\Point-Croix.exe (.not file.) [0]
~ Scheduled Task: 49 Legitimates Filtered in 00mn 05s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
O42 - Logiciel: Contextual Tool Extrafind - (...) [HKLM] -- 9fc1711b
O42 - Logiciel: Favorit (oxhox) - (...) [HKLM] -- oxhox
O42 - Logiciel: Filters Unlimited 2.0 - (...) [HKLM] -- Filters Unlimited_is1
O42 - Logiciel: Free Stuff version 1.5 - (...) [HKLM] -- {7E1B484F-C15A-48C2-BF42-450310E39165}_is1
O42 - Logiciel: Images&Search Ver.1 - (.Images&Search.) [HKLM] -- {7E6A94FF-8260-4D3D-8D27-BC057BE50399}_is1
O42 - Logiciel: MP3 Rocket - (...) [HKLM] -- MP3 Rocket
O42 - Logiciel: Mirar - (...) [HKLM] -- {7C523BE6-3EB3-4FD5-87D1-FC95E65AA763}
O42 - Logiciel: RegClean Pro - (.Systweak Inc.) [HKLM] -- RegClean Pro_is1
O42 - Logiciel: STK014_V2.01 - (...) [HKLM] -- {E7C401C6-B490-4C92-9E6D-F6A862A27B65}
O42 - Logiciel: Trellian Button Factory - (...) [HKLM] -- Trellian Button Factory
O42 - Logiciel: XML Marker version 1.1 - (.Symbol Click.) [HKLM] -- XML Marker_is1
~ Logic: 151 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Anfy Team]
[HKCU\Software\AppDataLow\IE7Pro]
[HKCU\Software\AppDataLow\IEPro]
[HKCU\Software\AppDataLow\Software\AskSBar]
[HKCU\Software\AppDataLow\Software\Screensavers.com]
[HKCU\Software\BitComet]
[HKCU\Software\Bot Productions]
[HKCU\Software\ContextEnhancer]
[HKCU\Software\DownloadMR]
[HKCU\Software\Fb_hack]
[HKCU\Software\FunkyEmoticons]
[HKCU\Software\GoforFiles]
[HKCU\Software\JetCar]
[HKCU\Software\Kazaa]
[HKCU\Software\LetsTunes]
[HKCU\Software\Live-Player]
[HKCU\Software\MGS]
[HKCU\Software\MicroGaming]
[HKCU\Software\Photocite]
[HKCU\Software\Rentabiliweb]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Symbol Click]
[HKCU\Software\Vista-Buttons]
[HKCU\Software\WebAnim]
[HKCU\Software\ZONEJEUX]
[HKCU\Software\eMule]
[HKCU\Software\iPhotoSoft]
[HKLM\Software\AskSBar]
[HKLM\Software\BSmax ScripT]
[HKLM\Software\Deckard]
[HKLM\Software\FunkyEmoticons]
[HKLM\Software\GoforFiles]
[HKLM\Software\IEPro]
[HKLM\Software\InstallationKit]
[HKLM\Software\LetsTunes]
[HKLM\Software\LimeWire]
[HKLM\Software\Live-Player]
[HKLM\Software\NetDragon]
[HKLM\Software\Photocite]
[HKLM\Software\STK014]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Syntek]
[HKLM\Software\TRELLIAN]
[HKLM\Software\WCM]
[HKLM\Software\WebAnim Gif]
[HKLM\Software\Winferno]
[HKLM\Software\Winsudate]
[HKLM\Software\iPhotoSoft]
~ Key Software: 354 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/12/2008 - 12:32:19 - [0] ----D C:\Program Files\B4Playing
O43 - CFD: 29/07/2007 - 16:22:25 - [0,668] ----D C:\Program Files\BearShare Applications =>PUP.BearShare
O43 - CFD: 09/02/2013 - 15:32:41 - [1,060] ----D C:\Program Files\BitTorrent
O43 - CFD: 09/02/2013 - 15:06:42 - [119,360] ----D C:\Program Files\CityVilleBot
O43 - CFD: 10/01/2009 - 23:45:41 - [0,403] ----D C:\Program Files\DNA
O43 - CFD: 01/04/2012 - 22:27:48 - [0,684] ----D C:\Program Files\Free Stuff
O43 - CFD: 04/01/2008 - 11:58:50 - [0] ----D C:\Program Files\IE7Pro
O43 - CFD: 25/08/2010 - 10:32:34 - [0,679] ----D C:\Program Files\ImagesSearch
O43 - CFD: 15/08/2007 - 15:07:04 - [0,000] ----D C:\Program Files\Impression Grand Format
O43 - CFD: 02/11/2007 - 22:56:49 - [9,816] ----D C:\Program Files\KSS
O43 - CFD: 10/01/2011 - 13:56:05 - [28,034] ----D C:\Program Files\LetsTunes
O43 - CFD: 26/02/2013 - 00:27:35 - [33,772] ----D C:\Program Files\MP3 Rocket
O43 - CFD: 26/02/2013 - 00:26:27 - [0,298] ----D C:\Program Files\MP3 Rocket Downloader
O43 - CFD: 02/10/2008 - 16:38:40 - [0,000] ----D C:\Program Files\Navilog1
O43 - CFD: 17/01/2011 - 10:32:05 - [2,291] ----D C:\Program Files\NetDragon
O43 - CFD: 15/04/2012 - 17:11:35 - [14,723] ----D C:\Program Files\RegClean Pro
O43 - CFD: 08/09/2012 - 23:01:26 - [0,426] ----D C:\Program Files\STK014_V2.01
O43 - CFD: 22/07/2007 - 16:10:26 - [0] ----D C:\Program Files\SunXi
O43 - CFD: 22/07/2007 - 16:08:05 - [6,427] ----D C:\Program Files\TRELLIAN
O43 - CFD: 09/07/2009 - 17:13:22 - [0,048] ----D C:\Program Files\Winletmin
O43 - CFD: 26/01/2011 - 23:20:09 - [1,478] ----D C:\Program Files\XML Marker
O43 - CFD: 17/01/2011 - 10:36:35 - [0,177] ----D C:\Program Files\Common Files\NetDragon
O43 - CFD: 19/07/2010 - 19:35:23 - [7,413] ----D C:\ProgramData\Artweaver
O43 - CFD: 19/07/2010 - 19:35:23 - [0,532] ----D C:\Users\st�phanie\AppData\Roaming\Artweaver
O43 - CFD: 29/07/2007 - 16:22:27 - [11,466] ----D C:\Users\st�phanie\AppData\Roaming\BearShare =>PUP.BearShare
O43 - CFD: 04/04/2013 - 00:28:23 - [1,483] ----D C:\Users\st�phanie\AppData\Roaming\BitTorrent
O43 - CFD: 15/04/2012 - 14:05:57 - [0,007] ----D C:\Users\st�phanie\AppData\Roaming\Charles
O43 - CFD: 04/08/2009 - 14:42:25 - [0] ----D C:\Users\st�phanie\AppData\Roaming\FunkyEmoticons
O43 - CFD: 16/10/2012 - 20:27:12 - [0,004] ----D C:\Users\st�phanie\AppData\Roaming\GoforFiles
O43 - CFD: 10/01/2011 - 13:56:44 - [0,001] ----D C:\Users\st�phanie\AppData\Roaming\letstunes
O43 - CFD: 15/04/2012 - 14:05:59 - [0,027] ----D C:\Users\st�phanie\AppData\Roaming\MiniDm
O43 - CFD: 14/04/2013 - 19:14:36 - [2,393] ----D C:\Users\st�phanie\AppData\Roaming\MP3Rocket
O43 - CFD: 01/07/2007 - 18:46:03 - [0,001] ----D C:\Users\st�phanie\AppData\Roaming\Quiz Press prefs
O43 - CFD: 13/04/2012 - 22:08:44 - [0] ----D C:\Users\st�phanie\AppData\Roaming\system32
O43 - CFD: 09/01/2008 - 22:02:23 - [0] ----D C:\Users\st�phanie\AppData\Local\ColorPlaza
O43 - CFD: 30/05/2007 - 22:24:47 - [0] ----D C:\Users\st�phanie\AppData\Local\Fastlab Print Service
O43 - CFD: 27/05/2007 - 16:23:24 - [1008,776] ----D C:\Users\st�phanie\AppData\Local\IM
O43 - CFD: 17/01/2011 - 10:36:27 - [1,329] ----D C:\Users\st�phanie\AppData\Local\NetDragon
O43 - CFD: 06/03/2009 - 00:25:45 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitComet
O43 - CFD: 09/01/2009 - 11:40:14 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groom Toox
O43 - CFD: 11/05/2008 - 22:39:08 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
~ 1234 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1726 Legitimates Filtered in 00mn 51s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.06B971C1329EB30736D872269BB22C75] - 17/04/2013 - 19:19:44 ---A- . (...) -- C:\Windows\ntbtlog.txt [450662]
~ Files: 42 Legitimates Filtered in 01mn 11s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.05CB24197061A23831C47D5A46EA95EC] - 19/04/2013 - 17:52:18 ---A- - C:\Windows\Prefetch\SPOTIFYSETUP (1).EXE-DA2E7824.pf
O45 - LFCP:[MD5.D9F54C9F1FD10A38525BE1B853536FC2] - 20/04/2013 - 09:32:18 ---A- - C:\Windows\Prefetch\NSF154.TMP-043014B5.pf
O45 - LFCP:[MD5.F5833F4A4FE97367F55A97BD08DF932B] - 20/04/2013 - 09:35:19 ---A- - C:\Windows\Prefetch\EDSLOADER.EXE-365CA171.pf
O45 - LFCP:[MD5.695A8265C63560A52329227BF43FF4CF] - 20/04/2013 - 12:20:26 ---A- - C:\Windows\Prefetch\WARREG_POPUP.EXE-1DD95359.pf
O45 - LFCP:[MD5.EE8DCF7DDA8856E616C84BD019D93BEB] - 20/04/2013 - 16:43:27 ---A- - C:\Windows\Prefetch\SPWEBINST0.EXE-68A2C407.pf
O45 - LFCP:[MD5.10A51BEED4D4D123297601F698CE07F8] - 21/04/2013 - 10:05:59 ---A- - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf
O45 - LFCP:[MD5.441B1B65FA5E6921FFA8A2EBDF619C33] - 21/04/2013 - 13:46:28 ---A- - C:\Windows\Prefetch\SPOTIFY.EXE-C41E70F2.pf
O45 - LFCP:[MD5.C21BC9E90AB852EAB8ED34EC7A9BE4A0] - 21/04/2013 - 13:46:38 ---A- - C:\Windows\Prefetch\SPOTIFY_NEW.EXE-967B0FEF.pf
O45 - LFCP:[MD5.664BDDE7573932C5AAE7640FF75955E9] - 22/04/2013 - 08:53:10 ---A- - C:\Windows\Prefetch\RECOVERY.EXE-CD67BDEA.pf
O45 - LFCP:[MD5.B59281864C1EA920BACD06214626863F] - 22/04/2013 - 21:22:01 ---A- - C:\Windows\Prefetch\WLSETTINGS.EXE-4DBF79AB.pf
O45 - LFCP:[MD5.567262BB348A3C199CD30AD97648BC2D] - 22/04/2013 - 21:54:38 ---A- - C:\Windows\Prefetch\NS1140.TMP-CE53B218.pf
O45 - LFCP:[MD5.652D6FDEBF1070EEE5B143F89975B1FA] - 22/04/2013 - 21:55:04 ---A- - C:\Windows\Prefetch\NSA2B8.TMP-33CFAE8D.pf
~ Prefetcher: 135 Legitimates Filtered in 00mn 00s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" [Enabled] .(.Acer Inc..) -- C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" [Enabled] .(.HiTRUST.) -- C:\Acer\Empowering Technology\eDataSecurity\encryption.exe
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" [Enabled] .(.HiTRUST.) -- C:\Acer\Empowering Technology\eDataSecurity\decryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IEPro\MiniDM.exe" [Enabled] .(...) -- C:\Program Files\IEPro\MiniDM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\BitTorrent\bittorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe" [Enabled] .(...) -- C:\Program Files\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe (.not file.)
~ Keys Export: 6 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{c7ecd60e-c6c1-11e1-8cd2-0019db5de69d}\AutoRun\command. (...) -- F:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\BitTorrent DNA [Key] . (...) -- C:\Users\st�phanie\Program Files\DNA\btdna.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Pokki [Key] . (...) -- C:\Users\st�phanie\AppData\Local\Pokki\v0.260.8.396\pokki.exe (.not file.)
~ SMSR Keys: 9 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideLegacyLogonScripts"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideLogoffScripts"=0
O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "RunStartupScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "HideStartupScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "HideLegacyLogonScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "HideLogoffScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKCU\...\Policies\System] - "RunStartupScriptSync"=1
O55 - MWPS:[HKCU\...\Policies\System] - "HideStartupScripts"=0
~ MWPS: 26 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.D079068B720258EA3D0653ECAC2F9874] - 28/12/2006 - 14:50:26 ---A- . (.Sonix Technology Co., Ltd. - Driver for 9KD ICE Writer.) -- C:\Windows\System32\Drivers\9kdUSBXP.sys [16000]
O58 - SDL:[MD5.D6634E1ACC801363FD0A998FF1B3CADD] - 10/12/2007 - 22:00:02 RSH-- . (...) -- C:\Windows\System32\11F34CC2E2.sys [56]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 19/04/2013 - 22:02:59 ---A- C:\Users\st�phanie\Videos\SAM_2093_Converted.wmv [322558714]
O61 - LFC: 20/04/2013 - 09:53:05 ---A- C:\Users\st�phanie\Documents\1ZHPDiag.Txt [69454]
O61 - LFC: 21/04/2013 - 12:41:20 ---A- C:\Users\st�phanie\Videos\knee deep quend.wmv [660216034]
O61 - LFC: 21/04/2013 - 18:45:35 ---A- C:\Users\st�phanie\Videos\barn burner quend.wmv [276398522]
O61 - LFC: 21/04/2013 - 19:50:06 ---A- C:\Users\st�phanie\Videos\drive quend.wmv [313846672]
O61 - LFC: 21/04/2013 - 20:09:15 ---A- C:\Users\st�phanie\Videos\SAM_2106_Converted.wmv [310742660]
O61 - LFC: 21/04/2013 - 20:09:29 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\Folder_v20_5.db [262144]
O61 - LFC: 21/04/2013 - 22:46:17 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\upload_history.xml [79]
O61 - LFC: 21/04/2013 - 22:46:23 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\File_v20_5.db [13362176]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp [390]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\French_rcp.dat [56644]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp [2448]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp [60]
O61 - LFC: 22/04/2013 - 18:39:38 ---A- C:\Users\st�phanie\Searches\Downloads\adwcleaner (2).exe [615935]
O61 - LFC: 22/04/2013 - 19:19:14 ---A- C:\Users\st�phanie\Searches\Downloads\mbam-setup-1.75.0.1300.exe [10285040]
O61 - LFC: 22/04/2013 - 21:50:43 ---A- C:\Users\st�phanie\Searches\Downloads\mbam-log-2013-04-22 (20-25-20).txt [2590]
O61 - LFC: 22/04/2013 - 22:27:21 ---A- C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268915]
O61 - LFC: 22/04/2013 - 22:32:59 ---A- C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Local State [38074]
~ 27 Fichiers temporaires (Temporary files)
~ 3 Fichiers cookies (Cookies files)
~ Files: 885 Legitimates Filtered in 04mn 11s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: RSIT - (.random/random.)
O63 - Logiciel: Toolbar SD - (.IDN Team.)
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 11/11/2009 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys (SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV
O64 - Services: CurCS - 11/11/2009 - C:\Program Files\SUPERAntiSpyware\SASENUM.sys (SASENUM) .(. SUPERAdBlocker.com and SUPERAntiSpyware.co - SASENUM.SYS.) - LEGACY_SASENUM
~ Legacy: 93 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.exe>[HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [st�phanie - k0u2daf0.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A3B0E929-3E3B-45ED-B677-79ED6AF604B2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} - (Zumie Search) - http://www.zumie.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} - (Zumie Search) - http://www.zumie.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.D70E4E2A6E2997CCB01685733C983512] [SPRF][16/05/2009] (...) -- C:\ProgramData\E2C24CF311.sys [88]
[MD5.6FF297195402145E3B4A140557AF8C00] [SPRF][16/05/2009] (...) -- C:\ProgramData\KGyGaAvL.sys [2516]
[MD5.3F7F7B9F746191312CA51A77F9605B4D] [SPRF][26/09/2008] (...) -- C:\ProgramData\pswi_preloaded.exe [480848]
[MD5.3B8E1A1728D91B8D4EF284608B775E98] [SPRF][15/10/2011] (...) -- C:\Users\st�phanie\AppData\Local\d3d9caps.dat [1356]
[MD5.FC57B304F615B4F20C1F8E5EB68F89FB] [SPRF][07/10/2007] (...) -- C:\Users\st�phanie\AppData\Local\fusioncache.dat [97]
[MD5.C96095256277FA3F9365E72908707146] [SPRF][02/02/2009] (...) -- C:\Users\st�phanie\AppData\Local\jfbetw.bat [93]
[MD5.BE6B613DABC8ACD3DE8CECB7A7CE53B0] [SPRF][05/08/2009] (...) -- C:\Users\st�phanie\AppData\Local\oxhox.bat [92]
[MD5.B3FDF6E7B0AECD48CA7E4921773FB606] [SPRF][09/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\7z920.exe [1110476]
[MD5.817E86B7C18A015223A405E79DB836E9] [SPRF][29/01/2013] (.Ask.com - AskStub Application.) -- C:\Users\st�phanie\AppData\Local\Temp\ApnStub.exe [356520]
[MD5.D2537381019991C0D067EEED86D19171] [SPRF][09/02/2010] (.Ask.com - Ask Install Checker.) -- C:\Users\st�phanie\AppData\Local\Temp\AskInstallChecker.exe [201616]
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][23/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\st�phanie\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.11D751D299B9ABDC77BFF4156C75C4CF] [SPRF][17/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\bitool.dll [38480]
[MD5.3D7CDC3E67A97110321BF7453C649B1F] [SPRF][17/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\DeltaTB.exe [775664]
[MD5.7B96A975DECF746361A39A31E01F4BDF] [SPRF][28/06/2012] (.Ellora Assets Corporation - Freemake Video Converter Setup.) -- C:\Users\st�phanie\AppData\Local\Temp\FreemakeVideoConverter_3.0.2.15.exe [18306784]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][22/03/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\htmlayout.dll [947200]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][17/04/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\jqkidpbo.dll [0]
[MD5.F88C296A9109CF540EEDEF41E8A46E09] [SPRF][12/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe [896424]
[MD5.F655170EB3DC3CBB3F564077C670A7E1] [SPRF][31/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe [897448]
[MD5.5CC163324A11091C975B686EF4C52C73] [SPRF][16/02/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe [897448]
[MD5.A620A735458E04AE0CF471319B6D6E7D] [SPRF][01/03/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe [897448]
[MD5.8EC2A656042BFF1243C09FFD33F25496] [SPRF][29/08/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe [894952]
[MD5.EC3A1A84A0A407FE3985ED6F9A0CC436] [SPRF][27/09/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe [895464]
[MD5.30290976476F285670AE4E83BBCB5903] [SPRF][27/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct2D27.tmp.exe [32581936]
[MD5.BCC6E3E1F8ECC44DE3A461F00A600E36] [SPRF][07/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct3153.tmp.exe [31733016]
[MD5.0AFE24C0DE6E49BB06DB89849FD33D36] [SPRF][16/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct3EEC.tmp.exe [32580480]
[MD5.BCC6E3E1F8ECC44DE3A461F00A600E36] [SPRF][03/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct6FAE.tmp.exe [31733016]
[MD5.463D5EE1F960F309F47D256694CA9BE9] [SPRF][29/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct7972.tmp.exe [32581144]
[MD5.77BE448F28F10B71262FF213F8614A90] [SPRF][23/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct94FF.tmp.exe [32582048]
[MD5.832CBE5428D9B63AE974BEEB188EC3D8] [SPRF][27/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octB377.tmp.exe [32508120]
[MD5.497B16C836A919E0233427A6146FC251] [SPRF][22/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octBC1E.tmp.exe [32581592]
[MD5.4EF414D857F3DB4F363C4A2073BB7F5F] [SPRF][03/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octC8BB.tmp.exe [32517688]
[MD5.4EF414D857F3DB4F363C4A2073BB7F5F] [SPRF][10/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octE273.tmp.exe [32517688]
[MD5.3AC89D931C908F23CF0EA048670DBA8D] [SPRF][02/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octECED.tmp.exe [31732648]
[MD5.573617564F8E39579934924D3BB5E8F8] [SPRF][23/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octF3B0.tmp.exe [32487624]
[MD5.39DB3561990EB852EF19ED1DBDD9EE22] [SPRF][30/08/2012] (.Pokki - Pokki Installer.) -- C:\Users\st�phanie\AppData\Local\Temp\Pokki.exe [1326424]
[MD5.57BC8F4F1201610668773875A4484C1E] [SPRF][31/01/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\st�phanie\AppData\Local\Temp\uninst1.exe [392784] =>Toolbar.Babylon
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][08/12/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13068687.exe [947200]
[MD5.A55B82103A202C20717F45C201EC4553] [SPRF][16/10/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13104785.exe [936960]
[MD5.5C89E24D47562D08D9447F7BAA14338D] [SPRF][16/10/2012] (.http://goforfiles.com/ - GoforFiles Application.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13105097.exe [904848]
[MD5.C9D496AF64C56389C511B4C4E5938037] [SPRF][16/10/2012] (.http://www.goforfiles.com/ - GoforFiles.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13105300.exe [4604560]
[MD5.7810AB1CF04E012469C141ABC693D3A7] [SPRF][09/02/2013] (.Somoto Ltd. - FilesFrog Update Checker.) -- C:\Users\st�phanie\AppData\Local\Temp\UpdateCheckerSetup.exe [295440] =>Adware.MegaSearch
[MD5.BD6AB920E99E8AFC70D6BE086ED40F0C] [SPRF][08/01/2008] (...) -- C:\Users\st�phanie\AppData\Roaming\mdb.bin [8594]
[MD5.6BECCD726B613CC43EF6D36F8FC4D9AF] [SPRF][20/01/2012] (.Microsoft Corporation - Pas de description.) -- C:\Users\st�phanie\Desktop\FileFormatConverters.exe [29017528]
[MD5.CB216BEA0CA6EF97D9EF3C539F5B2F35] [SPRF][03/11/2007] (...) -- C:\Program Files\ffdsasetts.reg [1292]
[MD5.CE598D0052B1EC5A6EC0853D674BC858] [SPRF][03/11/2007] (...) -- C:\Program Files\ffdssetts.reg [1658]
[MD5.D18C5F55DEB684113BD30E55578367FB] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc1.reg [596]
[MD5.B9EB849EC191A7E0AE6B463902B1D9B5] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc2.reg [680]
[MD5.9981D5BBF4430D6C836A0BDC758187FE] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc3.reg [3026]
[MD5.4991FDA023C7D8188DDC882344D9B90E] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc4.reg [348]
[MD5.BC0D2101AF3DD1E7B111A2AF88BDC62C] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc5.reg [16220]
[MD5.F93A83DA2BE77E7637F1FAE3B346D0ED] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc6.reg [18156]
[MD5.E1BF5664C40AFBF6B0EEC20A56D6A7E9] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc7.reg [3476]
[MD5.77D3A60B2E838E1CC6A682BD9761DA63] [SPRF][15/08/2007] (.RealNetworks, Inc. - RngInterstitial.) -- C:\Program Files\RngInterstitial.dll [774144]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.B8F39C9E0F0B71E454DBA431CF3B99C9] [SPRF][11/08/2005] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [417792]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Files: Scanned in 00mn 10s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{801EC1BA-4EA4-4830-8FE6-B53B0271F818}" | In - Public - P17 - TRUE | .(.Pas de propri�taire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe
O87 - FAEL: "{3CF0A38F-BDCA-4850-B9CC-79DA144B0CA6}" | In - Public - P6 - TRUE | .(.Pas de propri�taire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe
O87 - FAEL: "{F1B5D3AE-FBEF-47B7-99BA-34893748B475}" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe
O87 - FAEL: "{43DCEBCC-B32B-404F-A7EC-7CF885BEB043}" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe
O87 - FAEL: "TCP Query User{B588C859-DF6F-4CA9-B6B3-452F267EAA06}C:\program files\bittorrent\bittorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe
O87 - FAEL: "UDP Query User{EF921477-86C6-4542-AD69-E43A0D497241}C:\program files\bittorrent\bittorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe
O87 - FAEL: "TCP Query User{CE8163AF-6D4B-4825-A27B-6F072706842A}C:\program files\cityvillebot\iexplore.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\cityvillebot\iexplore.exe (.not file.)
O87 - FAEL: "UDP Query User{F18AF909-A220-4271-A796-ECBF9B616C32}C:\program files\cityvillebot\iexplore.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\cityvillebot\iexplore.exe (.not file.)
O87 - FAEL: "{42FE29E6-9BA7-4F5F-A5D0-5358603C84FF}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O87 - FAEL: "{3670A3F4-0CE4-4A3F-ABE1-21E949799DED}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O87 - FAEL: "{A4DB7BC7-CFFD-4D59-9C88-1793492AD23F}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
O87 - FAEL: "{D251F077-117D-43FA-B51A-C47F78CEE0CF}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
O87 - FAEL: "{3CE514F0-AA85-4602-9207-13CA07EFC27E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
O87 - FAEL: "{B7ABA13D-4722-4D25-AF8A-62170C57EF0E}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
O87 - FAEL: "{2A9DF138-FAFC-46BB-9232-2652E32DFE04}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.)
O87 - FAEL: "{35C54831-8C7C-4695-8738-D59FD3161F1C}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.)
O87 - FAEL: "{AF2B1BD7-8860-4974-8672-19AED749E79E}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.)
O87 - FAEL: "{C0BD3D7C-6957-4137-8F2F-C512E88EEE67}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.)
O87 - FAEL: "{BCCB1F69-307F-4422-BC58-1E5532AA243F}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O87 - FAEL: "{A987714D-1849-41D6-ACE3-2E1D4A686B7F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
~ Firewall: 271 Legitimates Filtered in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.11631 - (21/04/2013)
Cl�s trouv�es (Keys found) : 23
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 9
Fichiers trouv�s (Files found) : 4
[HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon
[HKCU\{C5C31551-23FC-4895-B1C7-E209163DECA5}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent
[HKCU\Software\funkyemoticons] =>Adware.Navipromo
[HKLM\Software\funkyemoticons] =>Adware.Navipromo
[HKCU\Software\live-player] =>Adware.Navipromo
[HKLM\Software\live-player] =>Adware.Navipromo
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Winsudate] =>Adware.Gibmedia
[HKCU\Software\MicroGaming\Thumper\Casino\prime] =>Adware.Casino
[HKLM\Software\Classes\Interface\{7131C082-F3C6-404D-B8CC-8AF9CFB6209D}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{5C731C2A-6ADF-487E-99A2-7291BF794A14}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\osmax.ocx] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] =>Toolbar.ToolBand
[HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}] =>Toolbar.ToolBand
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKCU\Software\AppDataLow\Software\oovootoolbar] =>Toolbar.ooVoo
[HKLM\Software\Cheat Engine\OpenCandy] =>Adware.OpenCandy
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\TBSB02209.TBSB02209Toolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{4e7bd74f-2b8d-469e-8da9-fd60bb9aae33} =>Adware.BHO
C:\Program Files\BearShare Applications =>PUP.BearShare
C:\Program Files\Winletmin =>Trojan.Agent
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Program Files\vGrabber-software =>Toolbar.vGrabber
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FunkyEmoticons =>Adware.Navipromo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Live-Player =>Adware.Navipromo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Users\st�phanie\AppData\Roaming\FunkyEmoticons =>Adware.Navipromo
C:\Users\st�phanie\AppData\LocalLow\VMNToolbar =>Spyware.VMNToolbar
C:\Users\st�phanie\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
C:\Users\st�phanie\AppData\Local\Temp\UpdateCheckerSetup.exe =>Adware.MegaSearch
~ Additionnel Scan: 388301 Items scanned in 00mn 57s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 24576 | (AcerMemUsageCheckService) . (...) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
SS - | Demand 12/07/2007 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 13/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 31/08/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 14/01/2009 729088 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 06/03/2007 198168 | (Capture Device Service) . (.InterVideo Inc..) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
SR - | Auto 14/12/2006 49152 | (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
SR - | Auto 27/06/2012 96768 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SS - | Demand 18/06/2007 138680 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/02/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 19/10/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 18/09/2012 1082016 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 174656 | (ProtexisLicensing) . (...) - C:\Windows\system32\PSIService.exe
SR - | Auto 143360 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by st�phanie at 22/04/2013 23:40:50
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 3983 Legitimates filtered by white list
End of the scan (848 lines in 10mn 49s)(0)
Run by st�phanie at 22/04/2013 23:30:00
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC :
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 20.0.1
GCIE: Google Chrome v26.0.1410.64 (Defaut)
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 9XP6F
Windows License : OK
Windows Automatic Updates : OK
---\\ System Protection
Avira AntiVir Personal - Free Antivirus v10.2.0.167
Malwarebytes Anti-Malware version 1.75.0.1300
SUPERAntiSpyware Free Edition v4.30.0.1004
---\\ System Optimizer
CCleaner v3.17
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
Java 7 Update 17
---\\ System Information
~ Processor: x86 Family 15 Model 6 Stepping 5, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3069 MB (50% free)
System Restore: Activ� (Enable)
System drive C: has 20 GB (17%) free of 113 GB
---\\ Logged in mode
~ Computer Name: PC-DE-ST�PHANIE
~ User Name: st�phanie
~ All Users Names: st�phanie, ASPNET, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\st�phanie\AppData\Roaming\
~ %Desktop% : C:\Users\st�phanie\Desktop\
~ %Favorites% : C:\Users\st�phanie\Favorites\
~ %LocalAppData% : C:\Users\st�phanie\AppData\Local\
~ %StartMenu% : C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 20 Go of 113 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 3 Go of 113 Go)
E:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ CD-ROM drive (Free 0 Go of 0 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.19/01/2008 - 08:33:37.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.19/01/2008 - 06:28:02.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.19/01/2008 - 06:49:18.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.19/01/2008 - 06:56:28.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.2C1121F2B87E9A6B12485DF53CD848C7] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.03/03/2013 - 20:07:52.) -- C:\Windows\system32\Drivers\ntfs.sys [1082232]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parall�le.) (.19/01/2008 - 06:49:33.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.19/01/2008 - 06:56:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\Windows\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/199
~ Mes musiques (My Musics) : 63/87
~ Mes Videos (My Videos) : 1/46
~ Mes Favoris (My Favorites) : 3/305
~ Mes Documents (My Documents) : 3/2281
~ Mon Bureau (My Desktop) : 1/17
~ Menu demarrer (Programs) : 1/48
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lanc�s
[MD5.90D909E329CDDF97BFCCD6E7E1731F20] - (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe [148864] [PID.676]
[MD5.8D3AEF4278F58810A43D5685CEEEE524] - (...) -- C:\Program Files\Orange\Assistance Livebox\dist\ST2.exe [14081408] [PID.2176]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.3932]
[MD5.AD8D5EB999C397245CCBE78BCAFF1656] - (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [453120] [PID.3944]
[MD5.C60BF727B3C6A3F4B0F8E0F99AFF4AA7] - (.BIGDOG - BIGDOG.) -- C:\Windows\VM_STI.exe [40960] [PID.3960]
[MD5.201F07F6E5E08B41B5BCC2AB3D339ECC] - (...) -- C:\Windows\System32\SysMonitor.exe [319488] [PID.3968]
[MD5.A503A47A5E7EA8024379A8CC6059B74A] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [3784704] [PID.3976]
[MD5.FEE45AD0B1EBF2C2D295B59BA593F6CD] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3521464] [PID.4012]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152392] [PID.4036]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [252848] [PID.4044]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.4080]
[MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.3512]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.2788]
[MD5.2B6E0D6C6DA433E54B706B41A936A01F] - (.Acer Inc. - eRecovery agent.) -- C:\Acer\Empowering Technology\eRecovery\ERAGENT.exe [393216] [PID.792]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4288]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe [1312720] [PID.4880]
[MD5.2D9A1A43307EC9BB267BE9F90B4AF0D5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6936576] [PID.5044]
[MD5.8C260202F8124EA7AA5C4D75B691351A] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [729088] [PID.1132]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1360]
[MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1916]
[MD5.5255B055EDE6285BF34F2F9B60C5B7D8] - (.Pas de propri�taire - MemCheck.Service.) -- C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [24576] [PID.2256]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.2296]
[MD5.3CCE4AFA4AACDB28E01A148394212186] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.2324]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.2356]
[MD5.CDE000884FD7BAF0C1FDFE029B0891DE] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.2372]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2388]
[MD5.1778EBA872274C1226D869CD9486847E] - (.InterVideo Inc. - Capture Device Service.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168] [PID.2412]
[MD5.565619F1B6DA86E3C7BA75A1E60ECFCD] - (.Freemake - FreemakeUtilsService.) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [96768] [PID.2444]
[MD5.6E5DAC168D1FF9843E84A59D51D31107] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [61440] [PID.2636]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2680]
[MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propri�taire - nTitles PSIService.) -- C:\Windows\system32\PSIService.exe [174656] [PID.2752]
[MD5.A76CDDB6D1F25797843E2557A2118E2E] - (.Pas de propri�taire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared Files\RichVideo.exe [143360] [PID.2780]
[MD5.A2C02B15ABED937B0570DE3A5A4C405B] - (.Acer Inc. - eRecoveryService.) -- C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [49152] [PID.3012]
[MD5.E46B17060D3962A384AE484094614788] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553288] [PID.3864]
[MD5.DCF3E3EDF5109EE8BC02FE6E1F045795] - (.Microsoft Corporation - wpffontcache_v0400.exe.) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [753504] [PID.4324]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\st�phanie\AppData\Roaming\Mozilla\Firefox\Profiles\k0u2daf0.default\prefs.js
M3 - MFPP: Plugins - [st�phanie] -- C:\Users\st�phanie\AppData\Roaming\Mozilla\Firefox\Profiles\k0u2daf0.default\searchplugins\YouGoo.xml
M3 - MFPP: Plugins - [st�phanie] -- C:\Program Files\Mozilla FireFox\searchplugins\Web Search.xml
P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\libdivx.dll
P2 - FPN:Firefox Plugin Navigator . (.BitComet - BitCometAgent for Firefox.) -- C:\Program Files\Mozilla Firefox\Plugins\npBitCometAgent.dll
P2 - FPN:Firefox Plugin Navigator . (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\Mozilla Firefox\Plugins\npdivx32.dll
P2 - FPN:Firefox Plugin Navigator . (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\Mozilla Firefox\Plugins\npDivxPlayerPlugin.dll
P2 - FPN:Firefox Plugin Navigator . (.The OpenSSL Project, http://www.openssl.org - OpenSSL Shared Library.) -- C:\Program Files\Mozilla Firefox\Plugins\ssldivx.dll
P2 - FPN: [HKLM] [@bittorrent.com/BitTorrentDNA] - (.BitTorrent, Inc. - Delivery Network Acceleration by BitTorrent�.) -- C:\Program Files\DNA\plugins\npbtdna.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@divx.com/DivX Player Plugin,version=1.0.0] - (.DivX, Inc - npdivxplayerplugin.) -- C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
~ Firefox Browser: 59 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: 13 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Acer eDataSecurity Management - [HKLM]{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - eDStoolbar Module.) -- C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Mirar - [HKLM]{7C523BE6-3EB3-4FD5-87D1-FC95E65AA763} . (...) -- (.not file.)
O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDataSecurity System Loader( Load and prepa.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] . (.Acer Inc. - WR_PopUp.) -- C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [BigDogPath] . (.BIGDOG - BIGDOG.) -- C:\Windows\VM_STI.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] . (...) -- C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON SX410 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\st�phanie\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Win Startup Manager] . (.Microsoft Corporation - Microsoft� Resource File To COFF Object Con.) -- C:\Users\st�phanie\AppData\Roaming\Windows NT\recovery.exe
O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\st�phanie\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKCU\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [EPSON SX410 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFCE.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\st�phanie\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Win Startup Manager] . (.Microsoft Corporation - Microsoft� Resource File To COFF Object Con.) -- C:\Users\st�phanie\AppData\Roaming\Windows NT\recovery.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\st�phanie\AppData\Local\Facebook\Update\FacebookUpdate.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [KiesHelper] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\KiesHelper.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [KiesPDLR] . (.Pas de propri�taire - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-21-2555148778-847838647-376290905-1000\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\st�phanie\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Programs: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Users\st�phanie\temp\TeamViewer\Version7\TeamViewer.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Advanced WindowsCare V2 Personal.lnk . (.IObit - Advanced WindowsCare V2 Personal.) -- C:\Program Files\IObit\Advanced WindowsCare V2\Awcl.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: BitTorrent.lnk . (.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Horaires de Trains.lnk - Cl� orpheline
O4 - GS\QuickLaunch: InfraRecorder.lnk . (.Christian Kindahl - InfraRecorder.) -- C:\Program Files\InfraRecorder\infrarecorder.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - GS\QuickLaunch: MP3 Rocket 6.3.2.lnk . (...) -- C:\Program Files\MP3 Rocket\MP3Rocket.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - GS\QuickLaunch: Vos D�marches Administratives.lnk - Cl� orpheline
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
O4 - GS\Desktop: Assistance Livebox.lnk . (...) -- C:\Program Files\Orange\Assistance Livebox\AssistanceLivebox.exe
O4 - Global Startup: C:\Users\st�phanie\Desktop\Contr�le parental.url . (...) -- C:\Users\st�phanie\Desktop\Contr�le parental.url
O4 - GS\Desktop: EasyCleaner.lnk . (.ToniArts - EasyCleaner executable.) -- C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\st�phanie\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Revo Uninstaller.lnk . (.VS Revo Group - Revo Uninstaller.) -- C:\Program Files\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
O4 - GS\Desktop: Spotify.lnk . (.Spotify Ltd - Spotify.) -- C:\Users\st�phanie\AppData\Roaming\Spotify\spotify.exe
O4 - GS\Desktop: TeamViewer 7.lnk . (.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Users\st�phanie\temp\TeamViewer\Version7\TeamViewer.exe
O4 - GS\Desktop: TreeSize Free.lnk . (.JAM Software - TreeSize Free hard disk space manager.) -- C:\Program Files\JAM Software\TreeSize Free\TreeSizeFree.exe
O4 - GS\Desktop: Video Downloader.lnk . (...) -- C:\Program Files\vGrabber-software\VideoDownloader.exe
O4 - GS\Desktop: WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe
O4 - GS\Desktop: Windows Photo Gallery.lnk . (.Microsoft Corporation - Galerie de photos Windows.) -- C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
O4 - GS\Desktop: Wondershare Streaming Audio Recorder.lnk . (...) -- C:\Program Files\Wondershare\Streaming Audio Recorder\StreamingAudioRecorder.exe
O4 - GS\Desktop: XML Marker.lnk . (...) -- C:\Program Files\XML Marker\xmlmarker.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} -- Cl� orpheline
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Messenger.) -- C:\Program Files\Messenger\MSMSGS.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} ((no name)) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{33417D56-5BD1-4033-BD59-4783FF91B01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: !SASWinLogon . (.SUPERAntiSpyware.com - SUPERAntiSpyware WinLogon Processor.) -- C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Capture Device Service (Capture Device Service) . (.InterVideo Inc. - Capture Device Service.) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: eRecovery Service (eRecoveryService) . (.Acer Inc. - eRecoveryService.) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propri�taire - RichVideo Module.) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
~ Services: 16 Legitimates Filtered in 00mn 06s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCConfidential.job [416]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job [272]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job [280]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\rpc.job [386]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter-st�phanie-Startup.job [364]
[MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [PCConfidential] (...) -- C:\Program Files\Winferno\PC Confidential\PCConfidential.exe (.not file.) [0]
[MD5.601442F23D35D79F3BD4C52D17737894] [APT] [RegClean Pro_DEFAULT] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [8953728]
[MD5.601442F23D35D79F3BD4C52D17737894] [APT] [RegClean Pro_UPDATES] (.Systweak Inc.) -- C:\Program Files\RegClean Pro\RegCleanPro.exe [8953728]
[MD5.00000000000000000000000000000000] [APT] [rpc] (...) -- C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [SLOW-PCfighter-st�phanie-Startup] (...) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [YourFile DownloaderUpdate] (...) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{0943A997-D279-4F2C-942E-FF5055822608}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\Magentic\MAGENT~1\bin\mgsetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{12E05834-6AD7-46A8-B212-410F89EC9588}] (...) -- C:\Users\st�phanie\Desktop\dotnetfx.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{189C0291-680F-475D-B665-66829BBB7961}] (...) -- C:\Users\st�phanie\Desktop\EnjoySetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{22F9178B-C74D-4646-96C0-176792CC1E1E}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\installation.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2673FC68-2077-42BF-B8B6-1298EF124C29}] (...) -- C:\Users\st�phanie\Desktop\LimeWireWin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2C64398E-F006-4DFD-96FD-60C92E6DC714}] (...) -- C:\Users\st�phanie\Searches\Downloads\EClea2_0\EasyClea.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EED7C93-577F-4AD8-B059-1379E46823CF}] (...) -- C:\Users\st�phanie\Desktop\mcoinstall\mcoinstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{2EF67F26-0AC5-4244-9DE2-184D4C38244A}] (...) -- C:\Users\st�phanie\Desktop\SecureInstall_LOFS020701Inst.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3E5CAA94-8638-43F8-8C95-F7EE25CE4B67}] (...) -- C:\Users\st�phanie\Searches\Downloads\coolbooster(2).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{41C3F873-44AD-4F8B-A37F-3C42948FF267}] (...) -- C:\Users\st�phanie\Desktop\Pack617Winks\mcoinstall-setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{55326481-605E-4B82-89FA-917F1243205A}] (...) -- C:\Users\st�phanie\Searches\Downloads\UnFREEzfr\UnFREEzfr.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{567A5937-220C-4850-97CA-CF58E4B3C282}] (...) -- C:\Users\st�phanie\Desktop\flash-player_flash_player_8_mozilla_firefox_opera_francais_15285.exe (.not file.) [0]
[MD5.1E61921755C9BE43544AC7B0994C7D1C] [APT] [{62BD8ACE-95F6-4933-BA94-9CD74977D27E}] (.Aapie.Net.) -- C:\Windows\system32\mcoinstall.exe [28672]
[MD5.00000000000000000000000000000000] [APT] [{7989E790-803D-4E14-9E21-139BA642148F}] (...) -- C:\Users\st�phanie\Documents\My Pando Packages\Adobe� Photoshop CS3 v10.0 Full\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{88272E19-4D74-4C11-8CF2-9155015E1891}] (...) -- C:\Users\st�phanie\Searches\Downloads\rose_tribal(MsnTrucAstuce.free.fr).exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{8D8C19A3-D435-4EEB-977A-93662FC3164C}] (...) -- C:\Users\st�phanie\Shared\super point de croix naked\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B42DDAEC-A11E-4F3B-8AE8-A64243D670A9}] (...) -- C:\Program Files\My.Freeze.com Toolbar\settings_uninstall_app.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C0C0D0E0-4A97-4A74-B8A3-622C6A9B277E}] (...) -- C:\Users\st�phanie\AppData\Local\Temp\ImInstaller\IncrediMail\IncrediMail_Install.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{C9EFC64F-F787-4E57-8AAD-8E825694B0BD}] (...) -- C:\Program Files\Freeze.com\Lightning Storm\UNINSTAL.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{E29C2BB1-0B6C-4B22-A4DB-30514CF895EF}] (...) -- C:\Users\st�phanie\Desktop\Point-Croix.exe (.not file.) [0]
~ Scheduled Task: 49 Legitimates Filtered in 00mn 05s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent
O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKLM] -- BitTorrent
O42 - Logiciel: Contextual Tool Extrafind - (...) [HKLM] -- 9fc1711b
O42 - Logiciel: Favorit (oxhox) - (...) [HKLM] -- oxhox
O42 - Logiciel: Filters Unlimited 2.0 - (...) [HKLM] -- Filters Unlimited_is1
O42 - Logiciel: Free Stuff version 1.5 - (...) [HKLM] -- {7E1B484F-C15A-48C2-BF42-450310E39165}_is1
O42 - Logiciel: Images&Search Ver.1 - (.Images&Search.) [HKLM] -- {7E6A94FF-8260-4D3D-8D27-BC057BE50399}_is1
O42 - Logiciel: MP3 Rocket - (...) [HKLM] -- MP3 Rocket
O42 - Logiciel: Mirar - (...) [HKLM] -- {7C523BE6-3EB3-4FD5-87D1-FC95E65AA763}
O42 - Logiciel: RegClean Pro - (.Systweak Inc.) [HKLM] -- RegClean Pro_is1
O42 - Logiciel: STK014_V2.01 - (...) [HKLM] -- {E7C401C6-B490-4C92-9E6D-F6A862A27B65}
O42 - Logiciel: Trellian Button Factory - (...) [HKLM] -- Trellian Button Factory
O42 - Logiciel: XML Marker version 1.1 - (.Symbol Click.) [HKLM] -- XML Marker_is1
~ Logic: 151 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Anfy Team]
[HKCU\Software\AppDataLow\IE7Pro]
[HKCU\Software\AppDataLow\IEPro]
[HKCU\Software\AppDataLow\Software\AskSBar]
[HKCU\Software\AppDataLow\Software\Screensavers.com]
[HKCU\Software\BitComet]
[HKCU\Software\Bot Productions]
[HKCU\Software\ContextEnhancer]
[HKCU\Software\DownloadMR]
[HKCU\Software\Fb_hack]
[HKCU\Software\FunkyEmoticons]
[HKCU\Software\GoforFiles]
[HKCU\Software\JetCar]
[HKCU\Software\Kazaa]
[HKCU\Software\LetsTunes]
[HKCU\Software\Live-Player]
[HKCU\Software\MGS]
[HKCU\Software\MicroGaming]
[HKCU\Software\Photocite]
[HKCU\Software\Rentabiliweb]
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Symbol Click]
[HKCU\Software\Vista-Buttons]
[HKCU\Software\WebAnim]
[HKCU\Software\ZONEJEUX]
[HKCU\Software\eMule]
[HKCU\Software\iPhotoSoft]
[HKLM\Software\AskSBar]
[HKLM\Software\BSmax ScripT]
[HKLM\Software\Deckard]
[HKLM\Software\FunkyEmoticons]
[HKLM\Software\GoforFiles]
[HKLM\Software\IEPro]
[HKLM\Software\InstallationKit]
[HKLM\Software\LetsTunes]
[HKLM\Software\LimeWire]
[HKLM\Software\Live-Player]
[HKLM\Software\NetDragon]
[HKLM\Software\Photocite]
[HKLM\Software\STK014]
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Syntek]
[HKLM\Software\TRELLIAN]
[HKLM\Software\WCM]
[HKLM\Software\WebAnim Gif]
[HKLM\Software\Winferno]
[HKLM\Software\Winsudate]
[HKLM\Software\iPhotoSoft]
~ Key Software: 354 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/12/2008 - 12:32:19 - [0] ----D C:\Program Files\B4Playing
O43 - CFD: 29/07/2007 - 16:22:25 - [0,668] ----D C:\Program Files\BearShare Applications =>PUP.BearShare
O43 - CFD: 09/02/2013 - 15:32:41 - [1,060] ----D C:\Program Files\BitTorrent
O43 - CFD: 09/02/2013 - 15:06:42 - [119,360] ----D C:\Program Files\CityVilleBot
O43 - CFD: 10/01/2009 - 23:45:41 - [0,403] ----D C:\Program Files\DNA
O43 - CFD: 01/04/2012 - 22:27:48 - [0,684] ----D C:\Program Files\Free Stuff
O43 - CFD: 04/01/2008 - 11:58:50 - [0] ----D C:\Program Files\IE7Pro
O43 - CFD: 25/08/2010 - 10:32:34 - [0,679] ----D C:\Program Files\ImagesSearch
O43 - CFD: 15/08/2007 - 15:07:04 - [0,000] ----D C:\Program Files\Impression Grand Format
O43 - CFD: 02/11/2007 - 22:56:49 - [9,816] ----D C:\Program Files\KSS
O43 - CFD: 10/01/2011 - 13:56:05 - [28,034] ----D C:\Program Files\LetsTunes
O43 - CFD: 26/02/2013 - 00:27:35 - [33,772] ----D C:\Program Files\MP3 Rocket
O43 - CFD: 26/02/2013 - 00:26:27 - [0,298] ----D C:\Program Files\MP3 Rocket Downloader
O43 - CFD: 02/10/2008 - 16:38:40 - [0,000] ----D C:\Program Files\Navilog1
O43 - CFD: 17/01/2011 - 10:32:05 - [2,291] ----D C:\Program Files\NetDragon
O43 - CFD: 15/04/2012 - 17:11:35 - [14,723] ----D C:\Program Files\RegClean Pro
O43 - CFD: 08/09/2012 - 23:01:26 - [0,426] ----D C:\Program Files\STK014_V2.01
O43 - CFD: 22/07/2007 - 16:10:26 - [0] ----D C:\Program Files\SunXi
O43 - CFD: 22/07/2007 - 16:08:05 - [6,427] ----D C:\Program Files\TRELLIAN
O43 - CFD: 09/07/2009 - 17:13:22 - [0,048] ----D C:\Program Files\Winletmin
O43 - CFD: 26/01/2011 - 23:20:09 - [1,478] ----D C:\Program Files\XML Marker
O43 - CFD: 17/01/2011 - 10:36:35 - [0,177] ----D C:\Program Files\Common Files\NetDragon
O43 - CFD: 19/07/2010 - 19:35:23 - [7,413] ----D C:\ProgramData\Artweaver
O43 - CFD: 19/07/2010 - 19:35:23 - [0,532] ----D C:\Users\st�phanie\AppData\Roaming\Artweaver
O43 - CFD: 29/07/2007 - 16:22:27 - [11,466] ----D C:\Users\st�phanie\AppData\Roaming\BearShare =>PUP.BearShare
O43 - CFD: 04/04/2013 - 00:28:23 - [1,483] ----D C:\Users\st�phanie\AppData\Roaming\BitTorrent
O43 - CFD: 15/04/2012 - 14:05:57 - [0,007] ----D C:\Users\st�phanie\AppData\Roaming\Charles
O43 - CFD: 04/08/2009 - 14:42:25 - [0] ----D C:\Users\st�phanie\AppData\Roaming\FunkyEmoticons
O43 - CFD: 16/10/2012 - 20:27:12 - [0,004] ----D C:\Users\st�phanie\AppData\Roaming\GoforFiles
O43 - CFD: 10/01/2011 - 13:56:44 - [0,001] ----D C:\Users\st�phanie\AppData\Roaming\letstunes
O43 - CFD: 15/04/2012 - 14:05:59 - [0,027] ----D C:\Users\st�phanie\AppData\Roaming\MiniDm
O43 - CFD: 14/04/2013 - 19:14:36 - [2,393] ----D C:\Users\st�phanie\AppData\Roaming\MP3Rocket
O43 - CFD: 01/07/2007 - 18:46:03 - [0,001] ----D C:\Users\st�phanie\AppData\Roaming\Quiz Press prefs
O43 - CFD: 13/04/2012 - 22:08:44 - [0] ----D C:\Users\st�phanie\AppData\Roaming\system32
O43 - CFD: 09/01/2008 - 22:02:23 - [0] ----D C:\Users\st�phanie\AppData\Local\ColorPlaza
O43 - CFD: 30/05/2007 - 22:24:47 - [0] ----D C:\Users\st�phanie\AppData\Local\Fastlab Print Service
O43 - CFD: 27/05/2007 - 16:23:24 - [1008,776] ----D C:\Users\st�phanie\AppData\Local\IM
O43 - CFD: 17/01/2011 - 10:36:27 - [1,329] ----D C:\Users\st�phanie\AppData\Local\NetDragon
O43 - CFD: 06/03/2009 - 00:25:45 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitComet
O43 - CFD: 09/01/2009 - 11:40:14 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groom Toox
O43 - CFD: 11/05/2008 - 22:39:08 - [0] ----D C:\Users\st�phanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LimeWire
~ 1234 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1726 Legitimates Filtered in 00mn 51s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.06B971C1329EB30736D872269BB22C75] - 17/04/2013 - 19:19:44 ---A- . (...) -- C:\Windows\ntbtlog.txt [450662]
~ Files: 42 Legitimates Filtered in 01mn 11s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.05CB24197061A23831C47D5A46EA95EC] - 19/04/2013 - 17:52:18 ---A- - C:\Windows\Prefetch\SPOTIFYSETUP (1).EXE-DA2E7824.pf
O45 - LFCP:[MD5.D9F54C9F1FD10A38525BE1B853536FC2] - 20/04/2013 - 09:32:18 ---A- - C:\Windows\Prefetch\NSF154.TMP-043014B5.pf
O45 - LFCP:[MD5.F5833F4A4FE97367F55A97BD08DF932B] - 20/04/2013 - 09:35:19 ---A- - C:\Windows\Prefetch\EDSLOADER.EXE-365CA171.pf
O45 - LFCP:[MD5.695A8265C63560A52329227BF43FF4CF] - 20/04/2013 - 12:20:26 ---A- - C:\Windows\Prefetch\WARREG_POPUP.EXE-1DD95359.pf
O45 - LFCP:[MD5.EE8DCF7DDA8856E616C84BD019D93BEB] - 20/04/2013 - 16:43:27 ---A- - C:\Windows\Prefetch\SPWEBINST0.EXE-68A2C407.pf
O45 - LFCP:[MD5.10A51BEED4D4D123297601F698CE07F8] - 21/04/2013 - 10:05:59 ---A- - C:\Windows\Prefetch\ACER.EMPOWERING.FRAMEWORK.SUP-54963495.pf
O45 - LFCP:[MD5.441B1B65FA5E6921FFA8A2EBDF619C33] - 21/04/2013 - 13:46:28 ---A- - C:\Windows\Prefetch\SPOTIFY.EXE-C41E70F2.pf
O45 - LFCP:[MD5.C21BC9E90AB852EAB8ED34EC7A9BE4A0] - 21/04/2013 - 13:46:38 ---A- - C:\Windows\Prefetch\SPOTIFY_NEW.EXE-967B0FEF.pf
O45 - LFCP:[MD5.664BDDE7573932C5AAE7640FF75955E9] - 22/04/2013 - 08:53:10 ---A- - C:\Windows\Prefetch\RECOVERY.EXE-CD67BDEA.pf
O45 - LFCP:[MD5.B59281864C1EA920BACD06214626863F] - 22/04/2013 - 21:22:01 ---A- - C:\Windows\Prefetch\WLSETTINGS.EXE-4DBF79AB.pf
O45 - LFCP:[MD5.567262BB348A3C199CD30AD97648BC2D] - 22/04/2013 - 21:54:38 ---A- - C:\Windows\Prefetch\NS1140.TMP-CE53B218.pf
O45 - LFCP:[MD5.652D6FDEBF1070EEE5B143F89975B1FA] - 22/04/2013 - 21:55:04 ---A- - C:\Windows\Prefetch\NSA2B8.TMP-33CFAE8D.pf
~ Prefetcher: 135 Legitimates Filtered in 00mn 00s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe" [Enabled] .(.Acer Inc..) -- C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe" [Enabled] .(.HiTRUST.) -- C:\Acer\Empowering Technology\eDataSecurity\encryption.exe
O47 - AAKE:Key Export SP - "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe" [Enabled] .(.HiTRUST.) -- C:\Acer\Empowering Technology\eDataSecurity\decryption.exe
O47 - AAKE:Key Export SP - "C:\Program Files\IEPro\MiniDM.exe" [Enabled] .(...) -- C:\Program Files\IEPro\MiniDM.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\BitTorrent\bittorrent.exe
O47 - AAKE:Key Export SP - "C:\Program Files\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe" [Enabled] .(...) -- C:\Program Files\NetDragon\91 Mobile\iPhone\iPhone PC Suite.exe (.not file.)
~ Keys Export: 6 Legitimates Filtered in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{c7ecd60e-c6c1-11e1-8cd2-0019db5de69d}\AutoRun\command. (...) -- F:\iStudio.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\BitTorrent DNA [Key] . (...) -- C:\Users\st�phanie\Program Files\DNA\btdna.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\Pokki [Key] . (...) -- C:\Users\st�phanie\AppData\Local\Pokki\v0.260.8.396\pokki.exe (.not file.)
~ SMSR Keys: 9 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideLegacyLogonScripts"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideLogoffScripts"=0
O55 - MWPS:[HKLM\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "RunStartupScriptSync"=1
O55 - MWPS:[HKLM\...\Policies\System] - "HideStartupScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "HideLegacyLogonScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "HideLogoffScripts"=0
O55 - MWPS:[HKCU\...\Policies\System] - "RunLogonScriptSync"=1
O55 - MWPS:[HKCU\...\Policies\System] - "RunStartupScriptSync"=1
O55 - MWPS:[HKCU\...\Policies\System] - "HideStartupScripts"=0
~ MWPS: 26 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.D079068B720258EA3D0653ECAC2F9874] - 28/12/2006 - 14:50:26 ---A- . (.Sonix Technology Co., Ltd. - Driver for 9KD ICE Writer.) -- C:\Windows\System32\Drivers\9kdUSBXP.sys [16000]
O58 - SDL:[MD5.D6634E1ACC801363FD0A998FF1B3CADD] - 10/12/2007 - 22:00:02 RSH-- . (...) -- C:\Windows\System32\11F34CC2E2.sys [56]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 19/04/2013 - 22:02:59 ---A- C:\Users\st�phanie\Videos\SAM_2093_Converted.wmv [322558714]
O61 - LFC: 20/04/2013 - 09:53:05 ---A- C:\Users\st�phanie\Documents\1ZHPDiag.Txt [69454]
O61 - LFC: 21/04/2013 - 12:41:20 ---A- C:\Users\st�phanie\Videos\knee deep quend.wmv [660216034]
O61 - LFC: 21/04/2013 - 18:45:35 ---A- C:\Users\st�phanie\Videos\barn burner quend.wmv [276398522]
O61 - LFC: 21/04/2013 - 19:50:06 ---A- C:\Users\st�phanie\Videos\drive quend.wmv [313846672]
O61 - LFC: 21/04/2013 - 20:09:15 ---A- C:\Users\st�phanie\Videos\SAM_2106_Converted.wmv [310742660]
O61 - LFC: 21/04/2013 - 20:09:29 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\Folder_v20_5.db [262144]
O61 - LFC: 21/04/2013 - 22:46:17 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\upload_history.xml [79]
O61 - LFC: 21/04/2013 - 22:46:23 ---A- C:\Users\st�phanie\AppData\Roaming\Intelli-studio\File_v20_5.db [13362176]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp [390]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\French_rcp.dat [56644]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp [2448]
O61 - LFC: 22/04/2013 - 14:01:13 ---A- C:\Users\st�phanie\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp [60]
O61 - LFC: 22/04/2013 - 18:39:38 ---A- C:\Users\st�phanie\Searches\Downloads\adwcleaner (2).exe [615935]
O61 - LFC: 22/04/2013 - 19:19:14 ---A- C:\Users\st�phanie\Searches\Downloads\mbam-setup-1.75.0.1300.exe [10285040]
O61 - LFC: 22/04/2013 - 21:50:43 ---A- C:\Users\st�phanie\Searches\Downloads\mbam-log-2013-04-22 (20-25-20).txt [2590]
O61 - LFC: 22/04/2013 - 22:27:21 ---A- C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268915]
O61 - LFC: 22/04/2013 - 22:32:59 ---A- C:\Users\st�phanie\AppData\Local\Google\Chrome\User Data\Local State [38074]
~ 27 Fichiers temporaires (Temporary files)
~ 3 Fichiers cookies (Cookies files)
~ Files: 885 Legitimates Filtered in 04mn 11s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: RSIT - (.random/random.)
O63 - Logiciel: Toolbar SD - (.IDN Team.)
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 11/11/2009 - C:\Program Files\SUPERAntiSpyware\SASDIFSV.sys (SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV.SYS.) - LEGACY_SASDIFSV
O64 - Services: CurCS - 11/11/2009 - C:\Program Files\SUPERAntiSpyware\SASENUM.sys (SASENUM) .(. SUPERAdBlocker.com and SUPERAntiSpyware.co - SASENUM.SYS.) - LEGACY_SASENUM
~ Legacy: 93 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.exe>
~ FASS Keys: 19 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [st�phanie - k0u2daf0.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {A3B0E929-3E3B-45ED-B677-79ED6AF604B2} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} - (Zumie Search) - http://www.zumie.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {94D57B42-E3BA-4C01-B98A-8CCA2FCBF29E} - (Zumie Search) - http://www.zumie.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.D70E4E2A6E2997CCB01685733C983512] [SPRF][16/05/2009] (...) -- C:\ProgramData\E2C24CF311.sys [88]
[MD5.6FF297195402145E3B4A140557AF8C00] [SPRF][16/05/2009] (...) -- C:\ProgramData\KGyGaAvL.sys [2516]
[MD5.3F7F7B9F746191312CA51A77F9605B4D] [SPRF][26/09/2008] (...) -- C:\ProgramData\pswi_preloaded.exe [480848]
[MD5.3B8E1A1728D91B8D4EF284608B775E98] [SPRF][15/10/2011] (...) -- C:\Users\st�phanie\AppData\Local\d3d9caps.dat [1356]
[MD5.FC57B304F615B4F20C1F8E5EB68F89FB] [SPRF][07/10/2007] (...) -- C:\Users\st�phanie\AppData\Local\fusioncache.dat [97]
[MD5.C96095256277FA3F9365E72908707146] [SPRF][02/02/2009] (...) -- C:\Users\st�phanie\AppData\Local\jfbetw.bat [93]
[MD5.BE6B613DABC8ACD3DE8CECB7A7CE53B0] [SPRF][05/08/2009] (...) -- C:\Users\st�phanie\AppData\Local\oxhox.bat [92]
[MD5.B3FDF6E7B0AECD48CA7E4921773FB606] [SPRF][09/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\7z920.exe [1110476]
[MD5.817E86B7C18A015223A405E79DB836E9] [SPRF][29/01/2013] (.Ask.com - AskStub Application.) -- C:\Users\st�phanie\AppData\Local\Temp\ApnStub.exe [356520]
[MD5.D2537381019991C0D067EEED86D19171] [SPRF][09/02/2010] (.Ask.com - Ask Install Checker.) -- C:\Users\st�phanie\AppData\Local\Temp\AskInstallChecker.exe [201616]
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][23/08/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\st�phanie\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.11D751D299B9ABDC77BFF4156C75C4CF] [SPRF][17/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\bitool.dll [38480]
[MD5.3D7CDC3E67A97110321BF7453C649B1F] [SPRF][17/02/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\DeltaTB.exe [775664]
[MD5.7B96A975DECF746361A39A31E01F4BDF] [SPRF][28/06/2012] (.Ellora Assets Corporation - Freemake Video Converter Setup.) -- C:\Users\st�phanie\AppData\Local\Temp\FreemakeVideoConverter_3.0.2.15.exe [18306784]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][22/03/2013] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\htmlayout.dll [947200]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][17/04/2013] (...) -- C:\Users\st�phanie\AppData\Local\Temp\jqkidpbo.dll [0]
[MD5.F88C296A9109CF540EEDEF41E8A46E09] [SPRF][12/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe [896424]
[MD5.F655170EB3DC3CBB3F564077C670A7E1] [SPRF][31/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe [897448]
[MD5.5CC163324A11091C975B686EF4C52C73] [SPRF][16/02/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe [897448]
[MD5.A620A735458E04AE0CF471319B6D6E7D] [SPRF][01/03/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe [897448]
[MD5.8EC2A656042BFF1243C09FFD33F25496] [SPRF][29/08/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe [894952]
[MD5.EC3A1A84A0A407FE3985ED6F9A0CC436] [SPRF][27/09/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\st�phanie\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe [895464]
[MD5.30290976476F285670AE4E83BBCB5903] [SPRF][27/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct2D27.tmp.exe [32581936]
[MD5.BCC6E3E1F8ECC44DE3A461F00A600E36] [SPRF][07/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct3153.tmp.exe [31733016]
[MD5.0AFE24C0DE6E49BB06DB89849FD33D36] [SPRF][16/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct3EEC.tmp.exe [32580480]
[MD5.BCC6E3E1F8ECC44DE3A461F00A600E36] [SPRF][03/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct6FAE.tmp.exe [31733016]
[MD5.463D5EE1F960F309F47D256694CA9BE9] [SPRF][29/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct7972.tmp.exe [32581144]
[MD5.77BE448F28F10B71262FF213F8614A90] [SPRF][23/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\oct94FF.tmp.exe [32582048]
[MD5.832CBE5428D9B63AE974BEEB188EC3D8] [SPRF][27/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octB377.tmp.exe [32508120]
[MD5.497B16C836A919E0233427A6146FC251] [SPRF][22/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octBC1E.tmp.exe [32581592]
[MD5.4EF414D857F3DB4F363C4A2073BB7F5F] [SPRF][03/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octC8BB.tmp.exe [32517688]
[MD5.4EF414D857F3DB4F363C4A2073BB7F5F] [SPRF][10/11/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octE273.tmp.exe [32517688]
[MD5.3AC89D931C908F23CF0EA048670DBA8D] [SPRF][02/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octECED.tmp.exe [31732648]
[MD5.573617564F8E39579934924D3BB5E8F8] [SPRF][23/10/2012] (.SweetLabs,Inc. - Pokki.) -- C:\Users\st�phanie\AppData\Local\Temp\octF3B0.tmp.exe [32487624]
[MD5.39DB3561990EB852EF19ED1DBDD9EE22] [SPRF][30/08/2012] (.Pokki - Pokki Installer.) -- C:\Users\st�phanie\AppData\Local\Temp\Pokki.exe [1326424]
[MD5.57BC8F4F1201610668773875A4484C1E] [SPRF][31/01/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\st�phanie\AppData\Local\Temp\uninst1.exe [392784] =>Toolbar.Babylon
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][08/12/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13068687.exe [947200]
[MD5.A55B82103A202C20717F45C201EC4553] [SPRF][16/10/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13104785.exe [936960]
[MD5.5C89E24D47562D08D9447F7BAA14338D] [SPRF][16/10/2012] (.http://goforfiles.com/ - GoforFiles Application.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13105097.exe [904848]
[MD5.C9D496AF64C56389C511B4C4E5938037] [SPRF][16/10/2012] (.http://www.goforfiles.com/ - GoforFiles.) -- C:\Users\st�phanie\AppData\Local\Temp\uninstall13105300.exe [4604560]
[MD5.7810AB1CF04E012469C141ABC693D3A7] [SPRF][09/02/2013] (.Somoto Ltd. - FilesFrog Update Checker.) -- C:\Users\st�phanie\AppData\Local\Temp\UpdateCheckerSetup.exe [295440] =>Adware.MegaSearch
[MD5.BD6AB920E99E8AFC70D6BE086ED40F0C] [SPRF][08/01/2008] (...) -- C:\Users\st�phanie\AppData\Roaming\mdb.bin [8594]
[MD5.6BECCD726B613CC43EF6D36F8FC4D9AF] [SPRF][20/01/2012] (.Microsoft Corporation - Pas de description.) -- C:\Users\st�phanie\Desktop\FileFormatConverters.exe [29017528]
[MD5.CB216BEA0CA6EF97D9EF3C539F5B2F35] [SPRF][03/11/2007] (...) -- C:\Program Files\ffdsasetts.reg [1292]
[MD5.CE598D0052B1EC5A6EC0853D674BC858] [SPRF][03/11/2007] (...) -- C:\Program Files\ffdssetts.reg [1658]
[MD5.D18C5F55DEB684113BD30E55578367FB] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc1.reg [596]
[MD5.B9EB849EC191A7E0AE6B463902B1D9B5] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc2.reg [680]
[MD5.9981D5BBF4430D6C836A0BDC758187FE] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc3.reg [3026]
[MD5.4991FDA023C7D8188DDC882344D9B90E] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc4.reg [348]
[MD5.BC0D2101AF3DD1E7B111A2AF88BDC62C] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc5.reg [16220]
[MD5.F93A83DA2BE77E7637F1FAE3B346D0ED] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc6.reg [18156]
[MD5.E1BF5664C40AFBF6B0EEC20A56D6A7E9] [SPRF][03/11/2007] (...) -- C:\Program Files\mpc7.reg [3476]
[MD5.77D3A60B2E838E1CC6A682BD9761DA63] [SPRF][15/08/2007] (.RealNetworks, Inc. - RngInterstitial.) -- C:\Program Files\RngInterstitial.dll [774144]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]
[MD5.B8F39C9E0F0B71E454DBA431CF3B99C9] [SPRF][11/08/2005] (.Macrovision Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [417792]
[MD5.8945CCA5FC4F25168E8B6F401EFAF51F] [SPRF][22/02/2007] (.Microsoft Corporation - Zone.com Stats Client for MSN Messenger.) -- C:\Windows\Downloaded Program Files\MessengerStatsPAClient.dll [304544]
~ Files: Scanned in 00mn 10s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{801EC1BA-4EA4-4830-8FE6-B53B0271F818}" | In - Public - P17 - TRUE | .(.Pas de propri�taire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe
O87 - FAEL: "{3CF0A38F-BDCA-4850-B9CC-79DA144B0CA6}" | In - Public - P6 - TRUE | .(.Pas de propri�taire - DVAX2Process MFC Application.) -- C:\Program Files\Acer Zone\Acer Plug and Record\Component\DVAX2Process.exe
O87 - FAEL: "{F1B5D3AE-FBEF-47B7-99BA-34893748B475}" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe
O87 - FAEL: "{43DCEBCC-B32B-404F-A7EC-7CF885BEB043}" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - DNA.) -- C:\Program Files\DNA\btdna.exe
O87 - FAEL: "TCP Query User{B588C859-DF6F-4CA9-B6B3-452F267EAA06}C:\program files\bittorrent\bittorrent.exe" | In - Public - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe
O87 - FAEL: "UDP Query User{EF921477-86C6-4542-AD69-E43A0D497241}C:\program files\bittorrent\bittorrent.exe" | In - Public - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\program files\bittorrent\bittorrent.exe
O87 - FAEL: "TCP Query User{CE8163AF-6D4B-4825-A27B-6F072706842A}C:\program files\cityvillebot\iexplore.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\cityvillebot\iexplore.exe (.not file.)
O87 - FAEL: "UDP Query User{F18AF909-A220-4271-A796-ECBF9B616C32}C:\program files\cityvillebot\iexplore.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\cityvillebot\iexplore.exe (.not file.)
O87 - FAEL: "{42FE29E6-9BA7-4F5F-A5D0-5358603C84FF}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O87 - FAEL: "{3670A3F4-0CE4-4A3F-ABE1-21E949799DED}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O87 - FAEL: "{A4DB7BC7-CFFD-4D59-9C88-1793492AD23F}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
O87 - FAEL: "{D251F077-117D-43FA-B51A-C47F78CEE0CF}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
O87 - FAEL: "{3CE514F0-AA85-4602-9207-13CA07EFC27E}" |In - None - P17 - TRUE | .(...) -- C:\Program Files\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
O87 - FAEL: "{B7ABA13D-4722-4D25-AF8A-62170C57EF0E}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
O87 - FAEL: "{2A9DF138-FAFC-46BB-9232-2652E32DFE04}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.)
O87 - FAEL: "{35C54831-8C7C-4695-8738-D59FD3161F1C}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\Downloader.exe (.not file.)
O87 - FAEL: "{AF2B1BD7-8860-4974-8672-19AED749E79E}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.)
O87 - FAEL: "{C0BD3D7C-6957-4137-8F2F-C512E88EEE67}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\YourFileDownloader\YourFile.exe (.not file.)
O87 - FAEL: "{BCCB1F69-307F-4422-BC58-1E5532AA243F}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
O87 - FAEL: "{A987714D-1849-41D6-ACE3-2E1D4A686B7F}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\BitTorrent.exe
~ Firewall: 271 Legitimates Filtered in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.11631 - (21/04/2013)
Cl�s trouv�es (Keys found) : 23
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 9
Fichiers trouv�s (Files found) : 4
[HKCU\Software\Microsoft\Office\Word\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Office\PowerPoint\Addins\BabylonOfficeAddin.OfficeAddin] =>Toolbar.Babylon
[HKCU\{C5C31551-23FC-4895-B1C7-E209163DECA5}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent
[HKCU\Software\funkyemoticons] =>Adware.Navipromo
[HKLM\Software\funkyemoticons] =>Adware.Navipromo
[HKCU\Software\live-player] =>Adware.Navipromo
[HKLM\Software\live-player] =>Adware.Navipromo
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\SweetIM] =>PUP.SweetIM
[HKLM\Software\Winsudate] =>Adware.Gibmedia
[HKCU\Software\MicroGaming\Thumper\Casino\prime] =>Adware.Casino
[HKLM\Software\Classes\Interface\{7131C082-F3C6-404D-B8CC-8AF9CFB6209D}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{5C731C2A-6ADF-487E-99A2-7291BF794A14}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\osmax.ocx] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}] =>Toolbar.ToolBand
[HKLM\Software\Classes\Interface\{DB885111-F39F-4D88-9EE5-C88460B6DF7B}] =>Toolbar.ToolBand
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKCU\Software\AppDataLow\Software\oovootoolbar] =>Toolbar.ooVoo
[HKLM\Software\Cheat Engine\OpenCandy] =>Adware.OpenCandy
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\TBSB02209.TBSB02209Toolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}] =>PUP.CrossRider
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{4e7bd74f-2b8d-469e-8da9-fd60bb9aae33} =>Adware.BHO
C:\Program Files\BearShare Applications =>PUP.BearShare
C:\Program Files\Winletmin =>Trojan.Agent
C:\Program Files\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Program Files\vGrabber-software =>Toolbar.vGrabber
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FunkyEmoticons =>Adware.Navipromo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Live-Player =>Adware.Navipromo
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro =>Rogue.RegistryPowerCleaner
C:\Users\st�phanie\AppData\Roaming\FunkyEmoticons =>Adware.Navipromo
C:\Users\st�phanie\AppData\LocalLow\VMNToolbar =>Spyware.VMNToolbar
C:\Users\st�phanie\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
C:\Users\st�phanie\AppData\Local\Temp\UpdateCheckerSetup.exe =>Adware.MegaSearch
~ Additionnel Scan: 388301 Items scanned in 00mn 57s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 24576 | (AcerMemUsageCheckService) . (...) - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
SS - | Demand 12/07/2007 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 13/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 31/08/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 14/01/2009 729088 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\System32\Ati2evxx.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 06/03/2007 198168 | (Capture Device Service) . (.InterVideo Inc..) - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
SR - | Auto 14/12/2006 49152 | (eRecoveryService) . (.Acer Inc..) - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
SR - | Auto 27/06/2012 96768 | (Freemake Improver) . (.Freemake.) - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
SS - | Demand 18/06/2007 138680 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 20/02/2013 553288 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 19/10/2006 61440 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 18/09/2012 1082016 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 174656 | (ProtexisLicensing) . (...) - C:\Windows\system32\PSIService.exe
SR - | Auto 143360 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SR - | Auto 19/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 19/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 03s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by st�phanie at 22/04/2013 23:40:50
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 3983 Legitimates filtered by white list
End of the scan (848 lines in 10mn 49s)(0)