Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.23.139 par Nicolas Coolman, Update du 23/04/2013
Run by dominique farault at 24/04/2013 17:35:53
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 20.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.2678
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v3.17
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (69% free)
System Restore: Activ� (Enable)
System drive C: has 68 GB (73%) free of 93 GB
---\\ Logged in mode
~ Computer Name: NOM-Q9SW1VE5MNK
~ User Name: dominique farault
~ All Users Names: SUPPORT_388945a0, HelpAssistant, dominique farault, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\dominique farault\Application Data\
~ %Desktop% : C:\Documents and Settings\dominique farault\Bureau\
~ %Favorites% : C:\Documents and Settings\dominique farault\Favoris\
~ %LocalAppData% : C:\Documents and Settings\dominique farault\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\dominique farault\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 93 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 97 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Hard drive, Flash drive, Thumb drive (Free 394 Go of 466 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/69
~ Mes musiques (My Musics) : 21/280
~ Mes Favoris (My Favorites) : 1/49
~ Mes Documents (My Documents) : 1/439
~ Mon Bureau (My Desktop) : 0/550
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752] [PID.1544]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1940]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1952]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1976]
[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - (...) -- C:\WINDOWS\system32\dmwu.exe [1013552] [PID.156]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.444]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.472]
[MD5.ED78DFAD8EFCDFBC89500492C4D14645] - (...) -- C:\WINDOWS\System32\PAStiSvc.exe [53248] [PID.1168]
[MD5.6B3DD4B1D5D4C239AD84A460E676C6D7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [79584] [PID.616]
[MD5.D6E33DEEF1E72BAB3AD28EC3EC6D1252] - (...) -- C:\WINDOWS\system32\jmdp\stij.exe [20784] [PID.2404]
[MD5.03D6F0F9FEBFD63F62E6B266D1B64E31] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872] [PID.2684]
[MD5.BEC5E990E477DDF60AADD8F180EE9F4C] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88363] [PID.2696]
[MD5.145F404A5D56447157196CB30585708E] - (.Sony Corporation - Do VAIO ???? ???????.) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe [184320] [PID.2724]
[MD5.AF7E1118132DAD8105D5EB3A9CD8A1B0] - (.Utimaco Safeware AG - PrivateDisk Service.) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe [40960] [PID.2784]
[MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.2864]
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152544] [PID.3000]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.3024]
[MD5.2C3239B5355BABF5E575DDC1B3F573F7] - (.Smartbar - Smartbar.) -- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar\Application\QuickShare.exe [20248] [PID.3232] =>Hijacker.SmartBar
[MD5.CC03863D9E05090F9B9C960CB82B13DD] - (.Sony Corporation - VAIO Entertainment Remote Service.) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [118784] [PID.3240]
[MD5.61C615EE47CE5C6F7BB3257B1734EF55] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217195] [PID.3292]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553440] [PID.3352]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.2836]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.3688]
[MD5.AAE42F24B1510ADF8E7DE92085B8E67F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6971904] [PID.3524]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2252]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\prefs.js
M2 - MFEP: prefs.js [dominique farault - z4pvtopg.default-1366392980468\{83c4e335-2aca-472d-b6e0-6521bc89de2b}] [] QuickShare Widget v (..) =>PUP.QuickShare
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} . (...) -- C:\Program Files\PricePeep\pricepeep.dll (.not file.) =>Toolbar.PricePeep
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google IE Client Toolbar.) -- c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [VZRemoteCommander] . (.Sony Corporation - Do VAIO ???? ???????.) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] . (.Utimaco Safeware AG - PrivateDisk Service.) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [awfr7zip19662] Cl� orpheline
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-963998012-1072807515-93717607-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Acrobat Elements 6.0.lnk . (.Adobe Systems Inc. - Adobe Acrobat Elements.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\Acrobat Elements.exe
O4 - GS\Programs: Adobe Photoshop Album 2.0 Edition D�couverte.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Album 2.0 Starter Edition.) -- C:\Program Files\Adobe\Photoshop Album Edition D�couverte\2.0\Apps\PhotoshopAlbum.exe
O4 - GS\Programs: Adobe Photoshop Elements 2.0.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop Elements.) -- C:\Program Files\Adobe\Photoshop Elements 2\PhotoshopElements.exe
O4 - GS\Programs: Adobe Premiere Standard.lnk . (.Adobe Systems Inc. - Adobe Premiere Standard.) -- C:\Program Files\Adobe\Premiere Standard\Adobe Premiere Standard.exe
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Installation de Adobe Acrobat Professionnnel.lnk . (...) -- C:\Program Files\Adobe\Adobe Acrobat Professional Installer\AcrobatProfessional.exe
O4 - GS\Programs: Installation de Norton Password Manager.lnk . (...) -- C:\Program Files\Sony\NPM\Norton Password.exe
O4 - GS\Programs: Lanceur de t�ches Microsoft Works.lnk . (.Microsoft� Corporation - Lanceur de t�ches Microsoft Works.) -- C:\Program Files\Microsoft Works\msworks.exe
O4 - GS\Programs: Mon Centre d'Information.lnk . (.Sony Corporation - My Info Centre.) -- C:\Program Files\Sony\MyInfoCentre\MyInfoCentre.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - GS\Programs: VAIO Update.lnk . (.Sony Corporation - VAIOUpdt.) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
O4 - GS\Programs: Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Yahoo! Messenger.lnk . (...) -- C:\Program Files\Yahoo! Messenger Installer\YahooMessenger.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.sony-europe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sonystyle-europe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.vaio-link.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1360518556468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360523328406
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: STI Simulator (STI Simulator) . (...) - C:\WINDOWS\System32\PAStiSvc.exe
~ Services: 10 Legitimates Filtered in 00mn 03s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [296]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsPal Update.job [406]
~ Scheduled Task: 5 Legitimates Filtered in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (PrivateDisk) . (.Utimaco Safeware AG - SafeGuard� PrivateDisk Driver.) - C:\WINDOWS\system32\Drivers\PrivateDiskM.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Acrobat Elements 6.0 - Fran�ais - (.Adobe Systems.) [HKLM] -- {E5E6E687-1036-BA7E-6000-000000000001}
O42 - Logiciel: Click to DVD 2.1.10 - (...) [HKLM] -- {7C2F71B2-6C73-11D6-B659-00C04F790F76}
O42 - Logiciel: DVgate Plus - (...) [HKLM] -- {685BCC47-B8EC-45EC-BBCE-77DF2451502C}
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta
O42 - Logiciel: Donn�es de menu Click to DVD 2.0.01 - (...) [HKLM] -- {98A3A654-3AEF-42D9-BA91-DE5815EA5897}
O42 - Logiciel: My Info Centre - (.Nom de votre soci�t�.) [HKLM] -- InstallShield_{62B715BC-01F5-4CC9-9811-D24ED44C16D4}
O42 - Logiciel: PC Camer@ - (.Nom de votre soci�t�.) [HKLM] -- InstallShield_{C36C3F84-E04B-44E3-9D7B-ABBCC6BE94F5}
O42 - Logiciel: PictureGear Studio 2.0 - (...) [HKLM] -- {88DA0A52-3372-4803-971A-ADFB961707E8}
O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM] -- PricePeep =>Toolbar.PricePeep
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM] -- {A35C3D8E-5E46-442E-A7DA-A2D7487D40BC} =>PUP.QuickShare
O42 - Logiciel: SafeGuard� PrivateDisk 1.00.6 - Try and Buy Version - (.Utimaco Safeware AG.) [HKLM] -- {48E9DE14-39D1-4974-91A6-D4E1836F648D}
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.13.0.0 - (...) [HKLM] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Updater - (...) [HKLM] -- WNLT =>PUP.SweetIM
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {451FCEA0-DF9C-47E0-9CFB-AABA092CEF5C}
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {9137a76a-8037-44fd-8921-31787ba6a337}
~ Logic: 155 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\IncrediMail]
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\WNLT]
[HKCU\Software\delta LTD]
[HKCU\Software\eMule]
[HKLM\Software\5328dd8b735e849]
[HKLM\Software\CSI2]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\Utimaco]
~ Key Software: 186 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2013 - 16:51:16 - [0,066] ----D C:\Program Files\PC Camer@
O43 - CFD: 24/04/2013 - 17:32:05 - [0,358] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 10/02/2013 - 19:10:47 - [1,891] ----D C:\Program Files\TVTV EPG Installer
O43 - CFD: 10/02/2013 - 19:10:47 - [0,097] ----D C:\Program Files\TvTvHTML
O43 - CFD: 10/02/2013 - 19:11:29 - [4,651] ----D C:\Program Files\Utimaco
O43 - CFD: 18/04/2013 - 17:25:49 - [0,079] ----D C:\Documents and Settings\dominique farault\Application Data\SpeedAnalysis2
O43 - CFD: 23/02/2013 - 20:44:50 - [11,308] ----D C:\Documents and Settings\dominique farault\Local Settings\Application Data\IM
O43 - CFD: 24/04/2013 - 17:32:03 - [3,624] ----D C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar
~ Program Folder: 133 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.DC7F0622A144B200137CC3756F3F4C9D] - 24/04/2013 - 15:36:40 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.C7DB860823CCB8A847B2722C72E3A5F1] - 24/04/2013 - 15:36:39 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 24/04/2013 - 14:52:50 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 24/04/2013 - 14:52:49 ---A- . (...) -- C:\WINDOWS\system32\ImHttpComm.dll [28160]
O44 - LFC:[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - 24/04/2013 - 14:52:49 ---A- . (...) -- C:\WINDOWS\system32\dmwu.exe [1013552]
O44 - LFC:[MD5.C7837DC101787E3B30A496F0A9277B25] - 19/04/2013 - 20:00:51 ---A- . (...) -- C:\WINDOWS\popcinfo.dat [10]
O44 - LFC:[MD5.9021940D0876E10AAE8D8234391467BE] - 18/04/2013 - 19:57:59 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3974]
O44 - LFC:[MD5.F51E3629C83AB51F59E02AF2B07B6676] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp07575.FOT [1409]
O44 - LFC:[MD5.BEB43AA5A3B5DEDCB38EFF0C798F92D8] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp39775.FOT [1409]
O44 - LFC:[MD5.FABBFDF07D8A0505B32A14CF2C07C8BC] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp8B675.FOT [1409]
O44 - LFC:[MD5.C92310BB0F57E2CD0590F72828D02453] - 11/04/2013 - 12:59:13 ---A- . (...) -- C:\WINDOWS\system32\tmp80475.FOT [1409]
O44 - LFC:[MD5.EC2C7FA322FC70E64439312BF4475E2C] - 11/04/2013 - 12:59:13 ---A- . (...) -- C:\WINDOWS\system32\tmpC6375.FOT [1409]
O44 - LFC:[MD5.21BB081DAEC11EADAACC2B11294F554A] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1008117]
O44 - LFC:[MD5.535F4087DA931FF6BF7E96BC61B20011] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\comsetup.log [363931]
O44 - LFC:[MD5.F04B1A94B673DB0F0EA886C3A06F5A22] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\iis6.log [158177]
O44 - LFC:[MD5.4A49FFAFE9C950D2934374210E527CC3] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.CC8CC89D7A92B259CAA7D6594B52614E] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\msgsocm.log [51137]
O44 - LFC:[MD5.96A9852B773AA2A09829718860E1EA1B] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [218433]
O44 - LFC:[MD5.63E56724AD122281D63F3801E8DB3831] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ocgen.log [508530]
O44 - LFC:[MD5.8CEBA9A60B30ACA81D1D6C97D7DE2835] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ocmsn.log [56529]
O44 - LFC:[MD5.231F716E319EC3A7588D18AF7707B361] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\tsoc.log [398094]
O44 - LFC:[MD5.8020B37E739953494CF5C74130CF510D] - 11/04/2013 - 05:05:00 ---A- . (...) -- C:\WINDOWS\updspapi.log [93935]
O44 - LFC:[MD5.96C07938639E622A425007E64442CB40] - 11/04/2013 - 05:04:38 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.4CC7F5C5CFAE2CF3A9B6757C2083EFFA] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\MSINET.oca [29184]
O44 - LFC:[MD5.70236CD4EC0616CC768309C13D84ACDC] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\comdlg32.oca [35840]
O44 - LFC:[MD5.7B5C062F2A488B5B7A95D4EABCE0A42A] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\xmlparse.dll [36864]
O44 - LFC:[MD5.7C66397352506C58F70B6D1D710EEA42] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\xmltok.dll [69632]
O44 - LFC:[MD5.183E7505B097D6D65C20E6E0491809D5] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\Joueur1.SCB5 [4]
O44 - LFC:[MD5.BF7F07166E505D6C8B84675CB81E5EA0] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\NAME.SCB5 [100]
O44 - LFC:[MD5.E46EECD3AFDAE6FF9EE473D47C7728F2] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\SCORES.CB5 [336]
~ Files: 66 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.CDE8B18E353C512116B50C207E0EFF91] - 24/04/2013 - 14:08:15 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(3).EXE-0F1CE2D9.pf
O45 - LFCP:[MD5.0E51395CEA292DFB02750332E16C083D] - 24/04/2013 - 14:22:16 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(4).EXE-03340523.pf
O45 - LFCP:[MD5.808CD8AF900827A449657A58D36AF62E] - 24/04/2013 - 14:31:49 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(5).EXE-1A49B077.pf
O45 - LFCP:[MD5.01504619073F4A1ADF6E979417A551EA] - 24/04/2013 - 14:34:32 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(6).EXE-26328E2D.pf
O45 - LFCP:[MD5.24C32F9A5F960C03F43F888027C2F317] - 24/04/2013 - 14:51:04 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(7).EXE-097F5E24.pf
O45 - LFCP:[MD5.D3E23FDDC3ACEB456B4D86AE8A4AA45D] - 24/04/2013 - 14:52:49 ---A- - C:\WINDOWS\Prefetch\THCH.EXE-2DD84F78.pf
O45 - LFCP:[MD5.E2A736FAB1CB53D72EB49A6AF4279535] - 24/04/2013 - 14:52:51 ---A- - C:\WINDOWS\Prefetch\SETXPDRIVERSIGNINGPOLICY.EXE-0DEEA790.pf
O45 - LFCP:[MD5.C870C41ABADC9BBB7EA5374CE5A729D3] - 24/04/2013 - 14:53:01 ---A- - C:\WINDOWS\Prefetch\DMWU.EXE-2605F690.pf
O45 - LFCP:[MD5.1BAF81BB65CB327786D37D1FB868EBFD] - 24/04/2013 - 14:53:17 ---A- - C:\WINDOWS\Prefetch\LYRICSPAL.EXE-1902E109.pf
O45 - LFCP:[MD5.31F38C48FCF1A1F0B46B5A5337C999A4] - 24/04/2013 - 14:53:18 ---A- - C:\WINDOWS\Prefetch\PRICEPEEP_90001_0101.EXE-2BEDCE4C.pf =>Toolbar.PricePeep
O45 - LFCP:[MD5.5AF90F55FF694A7973C4F735EF3AA0B1] - 24/04/2013 - 14:53:22 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.TMP-2B07755B.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.376A4E8CA8BDD6D13570D241D580F8E9] - 24/04/2013 - 14:53:23 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-1C100625.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.62A099F87D45675FAEF9311CAE30B785] - 24/04/2013 - 14:53:23 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-3799E37F.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.B0D4F26994EF7C89F439ADA3EA6418D6] - 24/04/2013 - 14:53:24 ---A- - C:\WINDOWS\Prefetch\OPTPROSTART.EXE-31DD3B68.pf
O45 - LFCP:[MD5.815A5AE84732C797FD46CA97FFD323D4] - 24/04/2013 - 14:53:25 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-1F07964B.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.AE4251A1E356B2525EC3A8AD23E40F36] - 24/04/2013 - 14:57:08 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-09B36247.pf
O45 - LFCP:[MD5.93DD8C5256AF1A51C7DE2C304342F469] - 24/04/2013 - 15:01:30 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(8).EXE-39314A75.pf
O45 - LFCP:[MD5.E432AD37319A423C911BEC9DD73AD4D9] - 24/04/2013 - 15:02:36 ---A- - C:\WINDOWS\Prefetch\QUICKSHARE1.EXE-2FC19FDF.pf =>PUP.QuickShare
O45 - LFCP:[MD5.632793430C8C205DB69D466377BFDFF5] - 24/04/2013 - 15:02:37 ---A- - C:\WINDOWS\Prefetch\SMARTBAREXEINSTALLER.EXE-256B8197.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.D9EB271AEC34A75F626998AAD35AD5C6] - 24/04/2013 - 15:02:43 ---A- - C:\WINDOWS\Prefetch\TSKILL.EXE-2F6AAB7F.pf
O45 - LFCP:[MD5.D4ED0E81C383BB791CB7CEBE9139EA8C] - 24/04/2013 - 15:03:37 ---A- - C:\WINDOWS\Prefetch\DELTATB.EXE-07FA4B63.pf
O45 - LFCP:[MD5.4C0E66357C5ECC53A4B852D980686CAC] - 24/04/2013 - 15:03:47 ---A- - C:\WINDOWS\Prefetch\DELTASRV.EXE-1E1EDF45.pf
O45 - LFCP:[MD5.1DB4BC32045715CEF28F97B81EB108AB] - 24/04/2013 - 15:03:48 ---A- - C:\WINDOWS\Prefetch\DELTA4FFX.EXE-37C72A88.pf
O45 - LFCP:[MD5.9C64177B0540F661A79A8EC810F8BBE7] - 24/04/2013 - 15:03:48 ---A- - C:\WINDOWS\Prefetch\DELTA4IE.EXE-386EF42A.pf
O45 - LFCP:[MD5.CD9D3B2044B2AA395C5BFBFE36F0BED5] - 24/04/2013 - 15:03:57 ---A- - C:\WINDOWS\Prefetch\BPROTECT.EXE-0962795B.pf
O45 - LFCP:[MD5.3A709AFB8080F8FFC6766844EBCCDBB2] - 24/04/2013 - 15:04:09 ---A- - C:\WINDOWS\Prefetch\BROWSERPROTECT.EXE-01A4E0C5.pf =>Toolbar.Babylon
O45 - LFCP:[MD5.CB83343FD9032C44FCDBE80E7ED930F1] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-0A47CFD1.pf
O45 - LFCP:[MD5.FD8A4E45E2D25E977932E1F282F25BB6] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ATIPRBXX.EXE-28AA41C0.pf
O45 - LFCP:[MD5.454B4BD27BBC0069BCE5FFC27503458A] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ATIPTAXX.EXE-18FE8D8B.pf
O45 - LFCP:[MD5.8FE3873C81910547AE04AD2060EC3195] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\AVRMTCTR.EXE-2C0531E1.pf
O45 - LFCP:[MD5.10D197F3153A57C8F92BA994956CF9D3] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\QUICKSHARE.EXE-178709A9.pf =>PUP.QuickShare
O45 - LFCP:[MD5.999DD6A11DF363AE4B7E3F988731101B] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf =>PUP.SweetIM
O45 - LFCP:[MD5.B8A1C6325F4307464190A0D1BB696A5A] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\VZRS.EXE-2E420D95.pf
O45 - LFCP:[MD5.C868FB885298416406C8FABB4D3361ED] - 24/04/2013 - 16:17:27 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(1).EXE-14AC2BC2.pf
O45 - LFCP:[MD5.0457BE8B9A11B4ABB751B34232E906FB] - 24/04/2013 - 16:17:34 ---A- - C:\WINDOWS\Prefetch\7Z920.EXE-04D5EAB1.pf
~ Prefetcher: 129 Legitimates Filtered in 00mn 00s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\ImApp.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\IncMail.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImpCnt.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe (.not file.)
O47 - AAKE:Key Export SP - "K:\uTorrent.exe" [Disabled] .(...) -- K:\uTorrent.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitMania\BitMania.exe" [Disabled] .(...) -- C:\Program Files\BitMania\BitMania.exe (.not file.)
O47 - AAKE:Key Export SP - "K:\Divers\eMule\emule.exe" [Disabled] .(...) -- K:\Divers\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\dmwu.exe
~ Keys Export: 20 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.11C04B17ED2ABBB4833694BCD644AC90] - 01/04/2002 - 15:15:00 ---A- . (.Andrea Electronics Corporation - Andrea Audio Stub Driver.) -- C:\WINDOWS\system32\Drivers\aeaudio.sys [4816]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 21/04/2013 - 08:19:24 ---A- C:\Documents and Settings\dominique farault\Recent\fidji.lnk [599]
O61 - LFC: 21/04/2013 - 08:19:38 ---A- C:\Documents and Settings\dominique farault\Recent\floyd.lnk [599]
O61 - LFC: 21/04/2013 - 08:19:57 ---A- C:\Documents and Settings\dominique farault\Recent\378743_4724049861500_1203563230_n.lnk [767]
O61 - LFC: 21/04/2013 - 09:26:15 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-21.json [25475]
O61 - LFC: 21/04/2013 - 17:50:53 ---A- C:\Documents and Settings\dominique farault\Recent\Les.Experts.-.Saison.1.-.Episode.1.-.Equipe.de.nuit-.lnk [437]
O61 - LFC: 21/04/2013 - 18:35:50 ---A- C:\Documents and Settings\dominique farault\Recent\Lecteur CD.lnk [195]
O61 - LFC: 21/04/2013 - 18:35:50 ---A- C:\Documents and Settings\dominique farault\Recent\Les.Experts.-.Saison.1.-.Episode.2.-.Un.millionnaire-.lnk [440]
O61 - LFC: 21/04/2013 - 18:36:47 ---A- C:\Documents and Settings\dominique farault\Application Data\vlc\ml.xspf [304]
O61 - LFC: 21/04/2013 - 18:36:47 ---A- C:\Documents and Settings\dominique farault\Application Data\vlc\vlcrc [80069]
O61 - LFC: 22/04/2013 - 09:11:24 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-22.json [25475]
O61 - LFC: 23/04/2013 - 10:34:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-23.json [25846]
O61 - LFC: 23/04/2013 - 19:27:16 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\jre-7u21-windows-i586-iftw(1).exe [904104]
O61 - LFC: 23/04/2013 - 19:35:52 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\mbam-setup-1.75.0.1300(1).exe [10285040]
O61 - LFC: 23/04/2013 - 20:55:44 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215542.reg [14634]
O61 - LFC: 23/04/2013 - 20:55:57 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215555.reg [288]
O61 - LFC: 23/04/2013 - 20:56:10 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215608.reg [180]
O61 - LFC: 24/04/2013 - 09:28:11 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-24.json [27309]
O61 - LFC: 24/04/2013 - 09:28:26 ---A- C:\Documents and Settings\dominique farault\UserData\index.dat [32768]
O61 - LFC: 24/04/2013 - 09:29:54 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130424_102951.reg [456]
O61 - LFC: 24/04/2013 - 11:20:47 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\addons.sqlite [524288]
O61 - LFC: 24/04/2013 - 11:22:48 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\blocklist.xml [62534]
O61 - LFC: 24/04/2013 - 11:56:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp [810054]
O61 - LFC: 24/04/2013 - 11:56:01 -SHA- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Internet Explorer\Desktop.htt [2724]
O61 - LFC: 24/04/2013 - 11:56:05 ---A- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Windows\Themes\Custom.theme [7888]
O61 - LFC: 24/04/2013 - 13:42:52 ---A- C:\Documents and Settings\dominique farault\Recent\553014_120220148173933_918884789_n.lnk [888]
O61 - LFC: 24/04/2013 - 13:44:00 ---A- C:\Documents and Settings\dominique farault\Recent\Mes images.lnk [505]
O61 - LFC: 24/04/2013 - 13:44:00 ---A- C:\Documents and Settings\dominique farault\Recent\Staff Femelle.lnk [783]
O61 - LFC: 24/04/2013 - 13:45:18 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\adwcleaner.exe [619461]
O61 - LFC: 24/04/2013 - 13:52:06 -SHA- C:\Documents and Settings\dominique farault\IECompatCache\index.dat [65536]
O61 - LFC: 24/04/2013 - 13:52:06 -SHA- C:\Documents and Settings\dominique farault\PrivacIE\index.dat [786432]
O61 - LFC: 24/04/2013 - 13:53:50 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7136]
O61 - LFC: 24/04/2013 - 13:55:35 -SHA- C:\Documents and Settings\dominique farault\IETldCache\index.dat [262144]
O61 - LFC: 24/04/2013 - 13:57:07 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\pluginreg.dat [7223]
O61 - LFC: 24/04/2013 - 13:59:48 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\adwcleaner(1).exe [619461]
O61 - LFC: 24/04/2013 - 14:48:30 ---A- C:\Documents and Settings\dominique farault\Bureau\ZHPFixReport.txt [699]
O61 - LFC: 24/04/2013 - 14:53:16 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webapps\webapps-1.json [2]
O61 - LFC: 24/04/2013 - 14:55:28 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\classifier.hashkey [4]
O61 - LFC: 24/04/2013 - 15:03:00 R--A- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Installer\{A35C3D8E-5E46-442E-A7DA-A2D7487D40BC}\icon.ico [32038]
O61 - LFC: 24/04/2013 - 15:03:10 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions\{83c4e335-2aca-472d-b6e0-6521bc89de2b}\install.rdf [1052]
O61 - LFC: 24/04/2013 - 15:55:56 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\permissions.sqlite [65536]
O61 - LFC: 24/04/2013 - 15:58:09 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\93d25920ad1aa409f72cbcea55979cad.png [29621]
O61 - LFC: 24/04/2013 - 15:58:09 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bd63d24497fb826695c18acd769d711a.png [29621]
O61 - LFC: 24/04/2013 - 15:59:15 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1174189d2e3138f122b628b11dc6114e.png [33644]
O61 - LFC: 24/04/2013 - 16:01:14 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\20d5a4de614c2d0d28a5b69fc3f6a448.png [24935]
O61 - LFC: 24/04/2013 - 16:01:58 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPFix[R2].lnk [495]
O61 - LFC: 24/04/2013 - 16:04:25 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\77764270eb8cf0d72ebc7bf2f6321175.png [28275]
O61 - LFC: 24/04/2013 - 16:04:25 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\cbf82ba820d96ca4e1984a5f91d1fe89.png [28275]
O61 - LFC: 24/04/2013 - 16:05:14 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\2dcaf8f80b7d43563f440b8e90188326.png [19940]
O61 - LFC: 24/04/2013 - 16:05:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1f3a7c4ba51d6b88771f00da70929e57.png [22782]
O61 - LFC: 24/04/2013 - 16:05:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\d145a1b425e7e9750e8aa5810a5fe06e.png [22782]
O61 - LFC: 24/04/2013 - 16:05:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\3e8992e4479612dc36e9f421de6761e3.png [18939]
O61 - LFC: 24/04/2013 - 16:05:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\843edf1c0f880e1396ba3da727151e6b.png [18939]
O61 - LFC: 24/04/2013 - 16:06:19 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\content-prefs.sqlite [229376]
O61 - LFC: 24/04/2013 - 16:06:30 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\b9369da8e9c702aa2d49d290d7b0409f.png [7700]
O61 - LFC: 24/04/2013 - 16:06:49 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\47ea408275e6e8c34b55b0e8a7423c49.png [45101]
O61 - LFC: 24/04/2013 - 16:08:26 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPADSReport.lnk [505]
O61 - LFC: 24/04/2013 - 16:08:35 ---A- C:\Documents and Settings\dominique farault\Recent\Log.lnk [454]
O61 - LFC: 24/04/2013 - 16:08:35 ---A- C:\Documents and Settings\dominique farault\Recent\ZHP.lnk [356]
O61 - LFC: 24/04/2013 - 16:09:04 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPDiag.lnk [511]
O61 - LFC: 24/04/2013 - 16:09:19 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[S1].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:23 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R3].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:27 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R2].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:32 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R1].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:32 ---A- C:\Documents and Settings\dominique farault\Recent\VAIO (C).lnk [297]
O61 - LFC: 24/04/2013 - 16:10:00 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPFixReport.lnk [538]
O61 - LFC: 24/04/2013 - 16:10:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\545304cdcca900f0af87cf207a493747.png [16951]
O61 - LFC: 24/04/2013 - 16:10:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\7e94957d00c2c87a4d9c20b106db07a4.png [16951]
O61 - LFC: 24/04/2013 - 16:12:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\23c94d92927d56a6a9c85f4e63f69d8e.png [19858]
O61 - LFC: 24/04/2013 - 16:12:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\90b0846ccec3b11c09dcec44492fddc6.png [21225]
O61 - LFC: 24/04/2013 - 16:12:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bb6de0fce4080612ab9f18fb98932688.png [21225]
O61 - LFC: 24/04/2013 - 16:12:50 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\2a2200234087a165f031d4d0b96c96ec.png [20720]
O61 - LFC: 24/04/2013 - 16:12:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\077f3e1899f7ad87a9a97599fcce4a83.png [21923]
O61 - LFC: 24/04/2013 - 16:12:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\81b8b219e8571bc6fd085bf6edb3c0ad.png [21923]
O61 - LFC: 24/04/2013 - 16:14:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\a8875ca720a6a1e2369a9c6767c5edbc.png [19858]
O61 - LFC: 24/04/2013 - 16:14:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\9fff35a118f645d48af657e576b16884.png [21225]
O61 - LFC: 24/04/2013 - 16:14:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\c624f33dce7b3adbd4a4f01b537a8e30.png [21225]
O61 - LFC: 24/04/2013 - 16:15:02 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\56cdec5a40e22acd7048a38140dea4f8.png [19858]
O61 - LFC: 24/04/2013 - 16:15:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\8d2b609cad7e86090e500a236d1df727.png [30240]
O61 - LFC: 24/04/2013 - 16:15:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\974e0bdb7ed4a6c1b77f35d9272a3cdf.png [30240]
O61 - LFC: 24/04/2013 - 16:18:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\ab9e3dc4e10e5726a37d0de82985b926.png [11235]
O61 - LFC: 24/04/2013 - 16:18:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\ff90821feeb2b02a33a6f9fc8e5f3fcd.png [11235]
O61 - LFC: 24/04/2013 - 16:19:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\formhistory.sqlite [196608]
O61 - LFC: 24/04/2013 - 16:19:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bbc2ba057fd15e0e37d6c6c39f256dfd.png [39250]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.cache [12]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.pset [605334]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.sbstore [530069]
O61 - LFC: 24/04/2013 - 16:23:42 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\0a066d458fe9dbf310c87ea0124fd7de.png [42367]
O61 - LFC: 24/04/2013 - 16:24:53 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bd5eff1cd12670b1164a51f362d13911.png [42431]
O61 - LFC: 24/04/2013 - 16:25:21 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\de0c516829e04d0bc20b4decb3ba0aaf.png [41574]
O61 - LFC: 24/04/2013 - 16:26:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\c3a58bceb2df34c20b4c890bb70d7af7.png [35123]
O61 - LFC: 24/04/2013 - 16:27:43 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\08a18951263448bee6dd81d978a5e2f3.png [19654]
O61 - LFC: 24/04/2013 - 16:27:43 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1a5635e615e7ad29794034371c3068b1.png [19654]
O61 - LFC: 24/04/2013 - 16:28:03 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\VuuPC_setup.exe [1174112]
O61 - LFC: 24/04/2013 - 16:28:19 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1368614c740bbc515d4ad8592c238fe2.png [27749]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.cache [140]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.pset [832720]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.sbstore [1659254]
O61 - LFC: 24/04/2013 - 16:30:22 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\07a03dc6bb99c94efcde6fd0f0cbe780.png [24918]
O61 - LFC: 24/04/2013 - 16:30:22 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\691c8166471c4e30fd7c6512ae818f8a.png [24918]
O61 - LFC: 24/04/2013 - 16:30:42 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\store-pp.db [327680]
O61 - LFC: 24/04/2013 - 16:30:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\46b5b7a454eceb0aeaff80c841eacd3e.png [21544]
O61 - LFC: 24/04/2013 - 16:30:50 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\JRT.exe [535764]
O61 - LFC: 24/04/2013 - 16:31:06 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\778b31e509f5f4a794c8d8f76cad5381.png [40860]
O61 - LFC: 24/04/2013 - 16:31:22 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\downloads.sqlite [98304]
O61 - LFC: 24/04/2013 - 16:31:22 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\sessionstore.bak [118619]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cert8.db [131072]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\key3.db [16384]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\localstore.rdf [5678]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite [262144]
O61 - LFC: 24/04/2013 - 16:34:59 ---A- C:\Documents and Settings\dominique farault\Bureau\JRT.txt [10934]
O61 - LFC: 24/04/2013 - 16:35:05 ---A- C:\Documents and Settings\dominique farault\Recent\JRT.lnk [487]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions.sqlite [458752]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions.sqlite-journal [229944]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\mimeTypes.rdf [3772]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:13 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\search.json [10826]
O61 - LFC: 24/04/2013 - 16:35:13 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webapps\webapps.json [2]
O61 - LFC: 24/04/2013 - 16:35:14 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:15 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.cache [44]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.pset [16]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.sbstore [232]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.cache [44]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.pset [16]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.sbstore [232]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite-wal [590288]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\urlclassifierkey3.txt [154]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\138a11824677e2ea962c9a9b077f6340.png [56890]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\ac59bde315df33b0fc6d1bdbf782f9f0.png [56890]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite [10485760]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite-wal [655872]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite-wal [196784]
O61 - LFC: 24/04/2013 - 16:35:30 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite [524288]
O61 - LFC: 24/04/2013 - 16:35:32 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\sessionstore.js [120943]
O61 - LFC: 24/04/2013 - 16:35:32 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\bd5eff1cd12670b1164a51f362d13911.png [41495]
O61 - LFC: 24/04/2013 - 16:35:34 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\_CACHE_CLEAN_ [1]
O61 - LFC: 24/04/2013 - 16:35:44 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\prefs.js [4048]
~ 69 Fichiers temporaires (Temporary files)
~ 16 Fichiers cookies (Cookies files)
~ Files: 457 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 27/02/2013 - Pas de propri�taire (IBUpdaterService) .(...) - LEGACY_IBUPDATERSERVICE =>Adware.InstallBrain
O64 - Services: CurCS - 06/07/2004 - C:\WINDOWS\system32\Drivers\PrivateDiskM.sys (PrivateDisk) .(.Utimaco Safeware AG - SafeGuard� PrivateDisk Driver.) - LEGACY_PRIVATEDISK
O64 - Services: CurCS - 08/07/2004 - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (VAIO Entertainment Aggregation and Control Service) .(.Sony Corporation - VAIO Entertainment Remote Service.) - LEGACY_VAIO_ENTERTAINMENT_AGGREGATION_AND_CONTROL_SERVICE
~ Legacy: 134 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\MSN6.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.Country", "France");
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.DockingPositionDown", false);
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.SmartbarDisabled", false); =>Hijacker.SmartBar
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.SmartbarStateMinimaized", false); =>Hijacker.SmartBar
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.UserID", "83c4e335-2aca-472d-b6e0-6521bc89de2b");
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.Visibility", false);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11668 - (23/04/2013)
Cl�s trouv�es (Keys found) : 104
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 4
Fichiers trouv�s (Files found) : 2
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Toolbar.PricePeep
[HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Toolbar.PricePeep
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.IncrediBar
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker] =>Adware.Agent
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKLM\Software\Classes\CLSID\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Program Files\SweetIM =>PUP.SweetIM
C:\Program Files\XingHaoLyrics =>Adware.ShopperReports
C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar
C:\Documents and Settings\dominique farault\Local Settings\Application Data\Bundled software uninstaller =>Adware.MegaSearch
C:\WINDOWS\Tasks\EPUpdater.job =>Hijacker.BabSolution
C:\WINDOWS\Tasks\LyricsPal Update.job =>Adware.ShopperReports
~ Additionnel Scan: 201840 Items scanned in 00mn 17s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "48F3C63CB40E3E44D9B7BACB6CEB495F" . (.PC Camer@.) -- C:\WINDOWS\Installer\{C36C3F84-E04B-44E3-9D7B-ABBCC6BE94F5}\ARPPRODUCTICON.exe
O90 - PUC: "6DB1B8663954959479E042A9FF6E3FC5" . (.VOR.) -- C:\WINDOWS\Installer\{668B1BD6-4593-4959-970E-249AFFE6F35C}\ARPPRODUCTICON.exe
O90 - PUC: "786E6E5E6301E7AB0600000000000010" . (.Acrobat Elements 6.0 - Fran�ais.) -- C:\WINDOWS\Installer\{E5E6E687-1036-BA7E-6000-000000000001}\ARPPRODUCTICON.exe
O90 - PUC: "CB517B265F109CC489112DE44DC4614D" . (.My Info Centre.) -- C:\WINDOWS\Installer\{62B715BC-01F5-4CC9-9811-D24ED44C16D4}\ARPPRODUCTICON.exe
~ Update Products: 46 Legitimates Filtered in 00mn 00s
---\\ Random Export Key (O91)
[HKLM\Software\5328dd8b735e849] => Cl� orpheline
~ Export Key Software: Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 27/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 1013552 | (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
SR - | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/04/2013 181664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 53248 | (STI Simulator) . (...) - C:\WINDOWS\System32\PAStiSvc.exe
SR - | Demand 08/07/2004 118784 | (VAIO Entertainment Aggregation and Control Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
SS - | Demand 08/07/2004 118877 | (VAIO Entertainment File Import Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
SS - | Demand 28/07/2004 401408 | (VAIO Entertainment Task Scheduler) . (.Sony Corporation.) - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
SS - | Demand 08/07/2004 69632 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
SS - | Demand 08/07/2004 278528 | (VAIO Entertainment UPnP Client Adapter) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
SS - | Demand 09/07/2004 1826816 | (VAIOMediaPlatform-IntegratedServer-AppServer) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
SS - | Demand 16/06/2004 57344 | (VAIOMediaPlatform-IntegratedServer-HTTP) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
SS - | Demand 22/06/2004 733184 | (VAIOMediaPlatform-IntegratedServer-UPnP) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
SS - | Demand 16/06/2004 188416 | (VAIOMediaPlatform-Mobile-Gateway) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
SS - | Demand 26/10/2012 957056 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\VUAgent.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by dominique farault at 24/04/2013 17:37:10
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E13B9] >> \Device\Harddisk0\DR0[0x89B7EAB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by dominique farault at 24/04/2013 17:37:12
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1453 Legitimates filtered by white list
End of the scan (866 lines in 01mn 19s)(0)
Run by dominique farault at 24/04/2013 17:35:53
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 20.0.1 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Home Edition Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Protection
Avira Free Antivirus v13.0.0.2678
Malwarebytes Anti-Malware version 1.75.0.1300
---\\ System Optimizer
CCleaner v3.17
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21
---\\ System Information
~ Processor: x86 Family 15 Model 3 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2047 MB (69% free)
System Restore: Activ� (Enable)
System drive C: has 68 GB (73%) free of 93 GB
---\\ Logged in mode
~ Computer Name: NOM-Q9SW1VE5MNK
~ User Name: dominique farault
~ All Users Names: SUPPORT_388945a0, HelpAssistant, dominique farault, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\dominique farault\Application Data\
~ %Desktop% : C:\Documents and Settings\dominique farault\Bureau\
~ %Favorites% : C:\Documents and Settings\dominique farault\Favoris\
~ %LocalAppData% : C:\Documents and Settings\dominique farault\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\dominique farault\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 68 Go of 93 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 97 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Hard drive, Flash drive, Thumb drive (Free 394 Go of 466 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.48309E1F5ED8E72783EEFBA04898BDA1] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/03/2013 - 02:55:11.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 18:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/69
~ Mes musiques (My Musics) : 21/280
~ Mes Favoris (My Favorites) : 1/49
~ Mes Documents (My Documents) : 1/439
~ Mon Bureau (My Desktop) : 0/550
~ Menu demarrer (Programs) : 1/26
~ Hidden Files: Scanned in 00mn 00s
---\\ Processus lanc�s
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [86752] [PID.1544]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1940]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1952]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.1976]
[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - (...) -- C:\WINDOWS\system32\dmwu.exe [1013552] [PID.156]
[MD5.5739F2821D49975CEDE6BF0153D0CF01] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe [181664] [PID.444]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.472]
[MD5.ED78DFAD8EFCDFBC89500492C4D14645] - (...) -- C:\WINDOWS\System32\PAStiSvc.exe [53248] [PID.1168]
[MD5.6B3DD4B1D5D4C239AD84A460E676C6D7] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [79584] [PID.616]
[MD5.D6E33DEEF1E72BAB3AD28EC3EC6D1252] - (...) -- C:\WINDOWS\system32\jmdp\stij.exe [20784] [PID.2404]
[MD5.03D6F0F9FEBFD63F62E6B266D1B64E31] - (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [335872] [PID.2684]
[MD5.BEC5E990E477DDF60AADD8F180EE9F4C] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88363] [PID.2696]
[MD5.145F404A5D56447157196CB30585708E] - (.Sony Corporation - Do VAIO ???? ???????.) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe [184320] [PID.2724]
[MD5.AF7E1118132DAD8105D5EB3A9CD8A1B0] - (.Utimaco Safeware AG - PrivateDisk Service.) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe [40960] [PID.2784]
[MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.2864]
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [152544] [PID.3000]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [253816] [PID.3024]
[MD5.2C3239B5355BABF5E575DDC1B3F573F7] - (.Smartbar - Smartbar.) -- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar\Application\QuickShare.exe [20248] [PID.3232] =>Hijacker.SmartBar
[MD5.CC03863D9E05090F9B9C960CB82B13DD] - (.Sony Corporation - VAIO Entertainment Remote Service.) -- C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe [118784] [PID.3240]
[MD5.61C615EE47CE5C6F7BB3257B1734EF55] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217195] [PID.3292]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553440] [PID.3352]
[MD5.6F5386A655598F71BAAB2D6B63A69D6A] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [920472] [PID.2836]
[MD5.F834B06933E51E2266DC4858A0E9DD98] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.3688]
[MD5.AAE42F24B1510ADF8E7DE92085B8E67F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6971904] [PID.3524]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.2252]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\prefs.js
M2 - MFEP: prefs.js [dominique farault - z4pvtopg.default-1366392980468\{83c4e335-2aca-472d-b6e0-6521bc89de2b}] [] QuickShare Widget v (..) =>PUP.QuickShare
~ Firefox Browser: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: LyricsPal - {A3DAEB01-4C15-4AC6-A689-6406FD954EE0} . (.XingHao Software - LyricsPal.) -- C:\Program Files\XingHaoLyrics\lrcspal.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} . (...) -- C:\Program Files\PricePeep\pricepeep.dll (.not file.) =>Toolbar.PricePeep
~ BHO: 10 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: &Google - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google IE Client Toolbar.) -- c:\program files\google\googletoolbar1.dll
O3 - Toolbar: EPSON Web-To-Page - [HKLM]{EE5D279F-081B-4404-994D-C6B60AAEBA6D} . (.SEIKO EPSON CORPORATION - EPSON Web-To-Page.) -- C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [ATIPTA] . (.ATI Technologies, Inc. - ATI Desktop Control Panel.) -- C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe
O4 - HKLM\..\Run: [VZRemoteCommander] . (.Sony Corporation - Do VAIO ???? ???????.) -- C:\Program Files\Sony\VAIO Zone Remote Commander\AvRmtCtr.exe
O4 - HKLM\..\Run: [PDService.exe] . (.Utimaco Safeware AG - PrivateDisk Service.) -- C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
O4 - HKLM\..\RunOnce: [awfr7zip19662] Cl� orpheline
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\System32\CTFMON.exe
O4 - HKUS\S-1-5-21-963998012-1072807515-93717607-1006\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Acrobat Elements 6.0.lnk . (.Adobe Systems Inc. - Adobe Acrobat Elements.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat Elements\Acrobat Elements.exe
O4 - GS\Programs: Adobe Photoshop Album 2.0 Edition D�couverte.lnk . (.Adobe Systems Incorporated - Adobe Photoshop Album 2.0 Starter Edition.) -- C:\Program Files\Adobe\Photoshop Album Edition D�couverte\2.0\Apps\PhotoshopAlbum.exe
O4 - GS\Programs: Adobe Photoshop Elements 2.0.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop Elements.) -- C:\Program Files\Adobe\Photoshop Elements 2\PhotoshopElements.exe
O4 - GS\Programs: Adobe Premiere Standard.lnk . (.Adobe Systems Inc. - Adobe Premiere Standard.) -- C:\Program Files\Adobe\Premiere Standard\Adobe Premiere Standard.exe
O4 - GS\Programs: Adobe Reader XI.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Programs: Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Installation de Adobe Acrobat Professionnnel.lnk . (...) -- C:\Program Files\Adobe\Adobe Acrobat Professional Installer\AcrobatProfessional.exe
O4 - GS\Programs: Installation de Norton Password Manager.lnk . (...) -- C:\Program Files\Sony\NPM\Norton Password.exe
O4 - GS\Programs: Lanceur de t�ches Microsoft Works.lnk . (.Microsoft� Corporation - Lanceur de t�ches Microsoft Works.) -- C:\Program Files\Microsoft Works\msworks.exe
O4 - GS\Programs: Mon Centre d'Information.lnk . (.Sony Corporation - My Info Centre.) -- C:\Program Files\Sony\MyInfoCentre\MyInfoCentre.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: MSN Explorer.lnk . (.Microsoft Corporation - msn.) -- C:\Program Files\MSN\MSNCoreFiles\msn6.exe
O4 - GS\Programs: VAIO Update.lnk . (.Sony Corporation - VAIOUpdt.) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
O4 - GS\Programs: Visionneuse Microsoft Office PowerPoint 2007.lnk . (...) -- C:\WINDOWS\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe
O4 - GS\Programs: Windows Messenger.lnk . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
O4 - GS\Programs: Windows Movie Maker.lnk . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Yahoo! Messenger.lnk . (...) -- C:\Program Files\Yahoo! Messenger Installer\YahooMessenger.exe
O4 - GS\Programs: Assistance � distance.lnk . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -- Cl� orpheline
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.sony-europe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sonystyle-europe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.vaio-link.com
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1360518556468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1360523328406
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS1\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CS2\Services\Tcpip\..\{B3A481A3-5F86-4648-A6BA-BEBA93ABBB7F}: DhcpNameServer = 212.27.40.240 212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.240 212.27.40.241
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: STI Simulator (STI Simulator) . (...) - C:\WINDOWS\System32\PAStiSvc.exe
~ Services: 10 Legitimates Filtered in 00mn 03s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\EPUpdater.job [296]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\LyricsPal Update.job [406]
~ Scheduled Task: 5 Legitimates Filtered in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (PrivateDisk) . (.Utimaco Safeware AG - SafeGuard� PrivateDisk Driver.) - C:\WINDOWS\system32\Drivers\PrivateDiskM.sys
~ Drivers: 75 Legitimates Filtered in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Acrobat Elements 6.0 - Fran�ais - (.Adobe Systems.) [HKLM] -- {E5E6E687-1036-BA7E-6000-000000000001}
O42 - Logiciel: Click to DVD 2.1.10 - (...) [HKLM] -- {7C2F71B2-6C73-11D6-B659-00C04F790F76}
O42 - Logiciel: DVgate Plus - (...) [HKLM] -- {685BCC47-B8EC-45EC-BBCE-77DF2451502C}
O42 - Logiciel: Delta toolbar - (.Delta.) [HKLM] -- delta
O42 - Logiciel: Donn�es de menu Click to DVD 2.0.01 - (...) [HKLM] -- {98A3A654-3AEF-42D9-BA91-DE5815EA5897}
O42 - Logiciel: My Info Centre - (.Nom de votre soci�t�.) [HKLM] -- InstallShield_{62B715BC-01F5-4CC9-9811-D24ED44C16D4}
O42 - Logiciel: PC Camer@ - (.Nom de votre soci�t�.) [HKLM] -- InstallShield_{C36C3F84-E04B-44E3-9D7B-ABBCC6BE94F5}
O42 - Logiciel: PictureGear Studio 2.0 - (...) [HKLM] -- {88DA0A52-3372-4803-971A-ADFB961707E8}
O42 - Logiciel: PricePeep - (.betwikx LLC.) [HKLM] -- PricePeep =>Toolbar.PricePeep
O42 - Logiciel: QuickShare - (.Linkury Inc..) [HKLM] -- {A35C3D8E-5E46-442E-A7DA-A2D7487D40BC} =>PUP.QuickShare
O42 - Logiciel: SafeGuard� PrivateDisk 1.00.6 - Try and Buy Version - (.Utimaco Safeware AG.) [HKLM] -- {48E9DE14-39D1-4974-91A6-D4E1836F648D}
O42 - Logiciel: SweetIM Bundle by SweetPacks - (.SweetPacks LTD.) [HKLM] -- SweetIM Bundle by SweetPacks =>PUP.SweetIM
O42 - Logiciel: SweetIM for Messenger 3.7 - (.SweetIM Technologies Ltd..) [HKLM] -- {A0C9DF2B-89B5-4483-8983-18A68200F1B4} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Toolbar For Firefox 1.13.0.0 - (...) [HKLM] -- {EEE6C374-6118-11DC-9C72-001320C79847} =>PUP.SweetIM
O42 - Logiciel: SweetPacks Updater - (...) [HKLM] -- WNLT =>PUP.SweetIM
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {451FCEA0-DF9C-47E0-9CFB-AABA092CEF5C}
O42 - Logiciel: WebAdSystem - (.KalityWeb.) [HKLM] -- {9137a76a-8037-44fd-8921-31787ba6a337}
~ Logic: 155 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BI]
[HKCU\Software\DataMngr] =>PUP.Datamngr
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\Delta]
[HKCU\Software\IncrediMail]
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\WNLT]
[HKCU\Software\delta LTD]
[HKCU\Software\eMule]
[HKLM\Software\5328dd8b735e849]
[HKLM\Software\CSI2]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Delta]
[HKLM\Software\Utimaco]
~ Key Software: 186 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/03/2013 - 16:51:16 - [0,066] ----D C:\Program Files\PC Camer@
O43 - CFD: 24/04/2013 - 17:32:05 - [0,358] ----D C:\Program Files\SweetIM =>PUP.SweetIM
O43 - CFD: 10/02/2013 - 19:10:47 - [1,891] ----D C:\Program Files\TVTV EPG Installer
O43 - CFD: 10/02/2013 - 19:10:47 - [0,097] ----D C:\Program Files\TvTvHTML
O43 - CFD: 10/02/2013 - 19:11:29 - [4,651] ----D C:\Program Files\Utimaco
O43 - CFD: 18/04/2013 - 17:25:49 - [0,079] ----D C:\Documents and Settings\dominique farault\Application Data\SpeedAnalysis2
O43 - CFD: 23/02/2013 - 20:44:50 - [11,308] ----D C:\Documents and Settings\dominique farault\Local Settings\Application Data\IM
O43 - CFD: 24/04/2013 - 17:32:03 - [3,624] ----D C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar
~ Program Folder: 133 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.DC7F0622A144B200137CC3756F3F4C9D] - 24/04/2013 - 15:36:40 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]
O44 - LFC:[MD5.C7DB860823CCB8A847B2722C72E3A5F1] - 24/04/2013 - 15:36:39 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.188E68005ED62F32248032C65CB4DE96] - 24/04/2013 - 14:52:50 ---A- . (...) -- C:\WINDOWS\system32\Microsoft.VC80.CRT.manifest [1870]
O44 - LFC:[MD5.351677F04B3DC84937FBFA20CD6E958D] - 24/04/2013 - 14:52:49 ---A- . (...) -- C:\WINDOWS\system32\ImHttpComm.dll [28160]
O44 - LFC:[MD5.BE4D946B5D8745DD7CD4CA9CA04F4989] - 24/04/2013 - 14:52:49 ---A- . (...) -- C:\WINDOWS\system32\dmwu.exe [1013552]
O44 - LFC:[MD5.C7837DC101787E3B30A496F0A9277B25] - 19/04/2013 - 20:00:51 ---A- . (...) -- C:\WINDOWS\popcinfo.dat [10]
O44 - LFC:[MD5.9021940D0876E10AAE8D8234391467BE] - 18/04/2013 - 19:57:59 ---A- . (...) -- C:\WINDOWS\system32\jupdate-1.7.0_21-b11.log [3974]
O44 - LFC:[MD5.F51E3629C83AB51F59E02AF2B07B6676] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp07575.FOT [1409]
O44 - LFC:[MD5.BEB43AA5A3B5DEDCB38EFF0C798F92D8] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp39775.FOT [1409]
O44 - LFC:[MD5.FABBFDF07D8A0505B32A14CF2C07C8BC] - 11/04/2013 - 12:59:14 ---A- . (...) -- C:\WINDOWS\system32\tmp8B675.FOT [1409]
O44 - LFC:[MD5.C92310BB0F57E2CD0590F72828D02453] - 11/04/2013 - 12:59:13 ---A- . (...) -- C:\WINDOWS\system32\tmp80475.FOT [1409]
O44 - LFC:[MD5.EC2C7FA322FC70E64439312BF4475E2C] - 11/04/2013 - 12:59:13 ---A- . (...) -- C:\WINDOWS\system32\tmpC6375.FOT [1409]
O44 - LFC:[MD5.21BB081DAEC11EADAACC2B11294F554A] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1008117]
O44 - LFC:[MD5.535F4087DA931FF6BF7E96BC61B20011] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\comsetup.log [363931]
O44 - LFC:[MD5.F04B1A94B673DB0F0EA886C3A06F5A22] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\iis6.log [158177]
O44 - LFC:[MD5.4A49FFAFE9C950D2934374210E527CC3] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.CC8CC89D7A92B259CAA7D6594B52614E] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\msgsocm.log [51137]
O44 - LFC:[MD5.96A9852B773AA2A09829718860E1EA1B] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [218433]
O44 - LFC:[MD5.63E56724AD122281D63F3801E8DB3831] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ocgen.log [508530]
O44 - LFC:[MD5.8CEBA9A60B30ACA81D1D6C97D7DE2835] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\ocmsn.log [56529]
O44 - LFC:[MD5.231F716E319EC3A7588D18AF7707B361] - 11/04/2013 - 05:05:16 ---A- . (...) -- C:\WINDOWS\tsoc.log [398094]
O44 - LFC:[MD5.8020B37E739953494CF5C74130CF510D] - 11/04/2013 - 05:05:00 ---A- . (...) -- C:\WINDOWS\updspapi.log [93935]
O44 - LFC:[MD5.96C07938639E622A425007E64442CB40] - 11/04/2013 - 05:04:38 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.4CC7F5C5CFAE2CF3A9B6757C2083EFFA] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\MSINET.oca [29184]
O44 - LFC:[MD5.70236CD4EC0616CC768309C13D84ACDC] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\comdlg32.oca [35840]
O44 - LFC:[MD5.7B5C062F2A488B5B7A95D4EABCE0A42A] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\xmlparse.dll [36864]
O44 - LFC:[MD5.7C66397352506C58F70B6D1D710EEA42] - 10/04/2013 - 15:12:40 ---A- . (...) -- C:\WINDOWS\system32\xmltok.dll [69632]
O44 - LFC:[MD5.183E7505B097D6D65C20E6E0491809D5] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\Joueur1.SCB5 [4]
O44 - LFC:[MD5.BF7F07166E505D6C8B84675CB81E5EA0] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\NAME.SCB5 [100]
O44 - LFC:[MD5.E46EECD3AFDAE6FF9EE473D47C7728F2] - 10/04/2013 - 13:05:16 ---A- . (...) -- C:\WINDOWS\SCORES.CB5 [336]
~ Files: 66 Legitimates Filtered in 00mn 00s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.CDE8B18E353C512116B50C207E0EFF91] - 24/04/2013 - 14:08:15 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(3).EXE-0F1CE2D9.pf
O45 - LFCP:[MD5.0E51395CEA292DFB02750332E16C083D] - 24/04/2013 - 14:22:16 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(4).EXE-03340523.pf
O45 - LFCP:[MD5.808CD8AF900827A449657A58D36AF62E] - 24/04/2013 - 14:31:49 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(5).EXE-1A49B077.pf
O45 - LFCP:[MD5.01504619073F4A1ADF6E979417A551EA] - 24/04/2013 - 14:34:32 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(6).EXE-26328E2D.pf
O45 - LFCP:[MD5.24C32F9A5F960C03F43F888027C2F317] - 24/04/2013 - 14:51:04 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(7).EXE-097F5E24.pf
O45 - LFCP:[MD5.D3E23FDDC3ACEB456B4D86AE8A4AA45D] - 24/04/2013 - 14:52:49 ---A- - C:\WINDOWS\Prefetch\THCH.EXE-2DD84F78.pf
O45 - LFCP:[MD5.E2A736FAB1CB53D72EB49A6AF4279535] - 24/04/2013 - 14:52:51 ---A- - C:\WINDOWS\Prefetch\SETXPDRIVERSIGNINGPOLICY.EXE-0DEEA790.pf
O45 - LFCP:[MD5.C870C41ABADC9BBB7EA5374CE5A729D3] - 24/04/2013 - 14:53:01 ---A- - C:\WINDOWS\Prefetch\DMWU.EXE-2605F690.pf
O45 - LFCP:[MD5.1BAF81BB65CB327786D37D1FB868EBFD] - 24/04/2013 - 14:53:17 ---A- - C:\WINDOWS\Prefetch\LYRICSPAL.EXE-1902E109.pf
O45 - LFCP:[MD5.31F38C48FCF1A1F0B46B5A5337C999A4] - 24/04/2013 - 14:53:18 ---A- - C:\WINDOWS\Prefetch\PRICEPEEP_90001_0101.EXE-2BEDCE4C.pf =>Toolbar.PricePeep
O45 - LFCP:[MD5.5AF90F55FF694A7973C4F735EF3AA0B1] - 24/04/2013 - 14:53:22 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.TMP-2B07755B.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.376A4E8CA8BDD6D13570D241D580F8E9] - 24/04/2013 - 14:53:23 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-1C100625.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.62A099F87D45675FAEF9311CAE30B785] - 24/04/2013 - 14:53:23 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-3799E37F.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.B0D4F26994EF7C89F439ADA3EA6418D6] - 24/04/2013 - 14:53:24 ---A- - C:\WINDOWS\Prefetch\OPTPROSTART.EXE-31DD3B68.pf
O45 - LFCP:[MD5.815A5AE84732C797FD46CA97FFD323D4] - 24/04/2013 - 14:53:25 ---A- - C:\WINDOWS\Prefetch\OPTIMIZERPRO.EXE-1F07964B.pf =>PUP.OptimizerPro
O45 - LFCP:[MD5.AE4251A1E356B2525EC3A8AD23E40F36] - 24/04/2013 - 14:57:08 ---A- - C:\WINDOWS\Prefetch\_IU14D2N.TMP-09B36247.pf
O45 - LFCP:[MD5.93DD8C5256AF1A51C7DE2C304342F469] - 24/04/2013 - 15:01:30 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(8).EXE-39314A75.pf
O45 - LFCP:[MD5.E432AD37319A423C911BEC9DD73AD4D9] - 24/04/2013 - 15:02:36 ---A- - C:\WINDOWS\Prefetch\QUICKSHARE1.EXE-2FC19FDF.pf =>PUP.QuickShare
O45 - LFCP:[MD5.632793430C8C205DB69D466377BFDFF5] - 24/04/2013 - 15:02:37 ---A- - C:\WINDOWS\Prefetch\SMARTBAREXEINSTALLER.EXE-256B8197.pf =>Hijacker.SmartBar
O45 - LFCP:[MD5.D9EB271AEC34A75F626998AAD35AD5C6] - 24/04/2013 - 15:02:43 ---A- - C:\WINDOWS\Prefetch\TSKILL.EXE-2F6AAB7F.pf
O45 - LFCP:[MD5.D4ED0E81C383BB791CB7CEBE9139EA8C] - 24/04/2013 - 15:03:37 ---A- - C:\WINDOWS\Prefetch\DELTATB.EXE-07FA4B63.pf
O45 - LFCP:[MD5.4C0E66357C5ECC53A4B852D980686CAC] - 24/04/2013 - 15:03:47 ---A- - C:\WINDOWS\Prefetch\DELTASRV.EXE-1E1EDF45.pf
O45 - LFCP:[MD5.1DB4BC32045715CEF28F97B81EB108AB] - 24/04/2013 - 15:03:48 ---A- - C:\WINDOWS\Prefetch\DELTA4FFX.EXE-37C72A88.pf
O45 - LFCP:[MD5.9C64177B0540F661A79A8EC810F8BBE7] - 24/04/2013 - 15:03:48 ---A- - C:\WINDOWS\Prefetch\DELTA4IE.EXE-386EF42A.pf
O45 - LFCP:[MD5.CD9D3B2044B2AA395C5BFBFE36F0BED5] - 24/04/2013 - 15:03:57 ---A- - C:\WINDOWS\Prefetch\BPROTECT.EXE-0962795B.pf
O45 - LFCP:[MD5.3A709AFB8080F8FFC6766844EBCCDBB2] - 24/04/2013 - 15:04:09 ---A- - C:\WINDOWS\Prefetch\BROWSERPROTECT.EXE-01A4E0C5.pf =>Toolbar.Babylon
O45 - LFCP:[MD5.CB83343FD9032C44FCDBE80E7ED930F1] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ADOBE GAMMA LOADER.EXE-0A47CFD1.pf
O45 - LFCP:[MD5.FD8A4E45E2D25E977932E1F282F25BB6] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ATIPRBXX.EXE-28AA41C0.pf
O45 - LFCP:[MD5.454B4BD27BBC0069BCE5FFC27503458A] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\ATIPTAXX.EXE-18FE8D8B.pf
O45 - LFCP:[MD5.8FE3873C81910547AE04AD2060EC3195] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\AVRMTCTR.EXE-2C0531E1.pf
O45 - LFCP:[MD5.10D197F3153A57C8F92BA994956CF9D3] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\QUICKSHARE.EXE-178709A9.pf =>PUP.QuickShare
O45 - LFCP:[MD5.999DD6A11DF363AE4B7E3F988731101B] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\SWEETIM.EXE-114201E6.pf =>PUP.SweetIM
O45 - LFCP:[MD5.B8A1C6325F4307464190A0D1BB696A5A] - 24/04/2013 - 15:37:57 ---A- - C:\WINDOWS\Prefetch\VZRS.EXE-2E420D95.pf
O45 - LFCP:[MD5.C868FB885298416406C8FABB4D3361ED] - 24/04/2013 - 16:17:27 ---A- - C:\WINDOWS\Prefetch\7ZIPSETUP(1).EXE-14AC2BC2.pf
O45 - LFCP:[MD5.0457BE8B9A11B4ABB751B34232E906FB] - 24/04/2013 - 16:17:34 ---A- - C:\WINDOWS\Prefetch\7Z920.EXE-04D5EAB1.pf
~ Prefetcher: 129 Legitimates Filtered in 00mn 00s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImApp.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\ImApp.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\IncMail.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\IncMail.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\IncrediMail\bin\ImpCnt.exe" [Enabled] .(...) -- C:\Program Files\IncrediMail\bin\ImpCnt.exe (.not file.)
O47 - AAKE:Key Export SP - "K:\uTorrent.exe" [Disabled] .(...) -- K:\uTorrent.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\BitMania\BitMania.exe" [Disabled] .(...) -- C:\Program Files\BitMania\BitMania.exe (.not file.)
O47 - AAKE:Key Export SP - "K:\Divers\eMule\emule.exe" [Disabled] .(...) -- K:\Divers\eMule\emule.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\dmwu.exe
~ Keys Export: 20 Legitimates Filtered in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.11C04B17ED2ABBB4833694BCD644AC90] - 01/04/2002 - 15:15:00 ---A- . (.Andrea Electronics Corporation - Andrea Audio Stub Driver.) -- C:\WINDOWS\system32\Drivers\aeaudio.sys [4816]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 21/04/2013 - 08:19:24 ---A- C:\Documents and Settings\dominique farault\Recent\fidji.lnk [599]
O61 - LFC: 21/04/2013 - 08:19:38 ---A- C:\Documents and Settings\dominique farault\Recent\floyd.lnk [599]
O61 - LFC: 21/04/2013 - 08:19:57 ---A- C:\Documents and Settings\dominique farault\Recent\378743_4724049861500_1203563230_n.lnk [767]
O61 - LFC: 21/04/2013 - 09:26:15 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-21.json [25475]
O61 - LFC: 21/04/2013 - 17:50:53 ---A- C:\Documents and Settings\dominique farault\Recent\Les.Experts.-.Saison.1.-.Episode.1.-.Equipe.de.nuit-.lnk [437]
O61 - LFC: 21/04/2013 - 18:35:50 ---A- C:\Documents and Settings\dominique farault\Recent\Lecteur CD.lnk [195]
O61 - LFC: 21/04/2013 - 18:35:50 ---A- C:\Documents and Settings\dominique farault\Recent\Les.Experts.-.Saison.1.-.Episode.2.-.Un.millionnaire-.lnk [440]
O61 - LFC: 21/04/2013 - 18:36:47 ---A- C:\Documents and Settings\dominique farault\Application Data\vlc\ml.xspf [304]
O61 - LFC: 21/04/2013 - 18:36:47 ---A- C:\Documents and Settings\dominique farault\Application Data\vlc\vlcrc [80069]
O61 - LFC: 22/04/2013 - 09:11:24 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-22.json [25475]
O61 - LFC: 23/04/2013 - 10:34:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-23.json [25846]
O61 - LFC: 23/04/2013 - 19:27:16 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\jre-7u21-windows-i586-iftw(1).exe [904104]
O61 - LFC: 23/04/2013 - 19:35:52 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\mbam-setup-1.75.0.1300(1).exe [10285040]
O61 - LFC: 23/04/2013 - 20:55:44 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215542.reg [14634]
O61 - LFC: 23/04/2013 - 20:55:57 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215555.reg [288]
O61 - LFC: 23/04/2013 - 20:56:10 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130423_215608.reg [180]
O61 - LFC: 24/04/2013 - 09:28:11 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\bookmarkbackups\bookmarks-2013-04-24.json [27309]
O61 - LFC: 24/04/2013 - 09:28:26 ---A- C:\Documents and Settings\dominique farault\UserData\index.dat [32768]
O61 - LFC: 24/04/2013 - 09:29:54 ---A- C:\Documents and Settings\dominique farault\Mes documents\Rapport ccleaner\cc_20130424_102951.reg [456]
O61 - LFC: 24/04/2013 - 11:20:47 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\addons.sqlite [524288]
O61 - LFC: 24/04/2013 - 11:22:48 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\blocklist.xml [62534]
O61 - LFC: 24/04/2013 - 11:56:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Wallpaper1.bmp [810054]
O61 - LFC: 24/04/2013 - 11:56:01 -SHA- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Internet Explorer\Desktop.htt [2724]
O61 - LFC: 24/04/2013 - 11:56:05 ---A- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Windows\Themes\Custom.theme [7888]
O61 - LFC: 24/04/2013 - 13:42:52 ---A- C:\Documents and Settings\dominique farault\Recent\553014_120220148173933_918884789_n.lnk [888]
O61 - LFC: 24/04/2013 - 13:44:00 ---A- C:\Documents and Settings\dominique farault\Recent\Mes images.lnk [505]
O61 - LFC: 24/04/2013 - 13:44:00 ---A- C:\Documents and Settings\dominique farault\Recent\Staff Femelle.lnk [783]
O61 - LFC: 24/04/2013 - 13:45:18 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\adwcleaner.exe [619461]
O61 - LFC: 24/04/2013 - 13:52:06 -SHA- C:\Documents and Settings\dominique farault\IECompatCache\index.dat [65536]
O61 - LFC: 24/04/2013 - 13:52:06 -SHA- C:\Documents and Settings\dominique farault\PrivacIE\index.dat [786432]
O61 - LFC: 24/04/2013 - 13:53:50 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Microsoft\Internet Explorer\frameiconcache.dat [7136]
O61 - LFC: 24/04/2013 - 13:55:35 -SHA- C:\Documents and Settings\dominique farault\IETldCache\index.dat [262144]
O61 - LFC: 24/04/2013 - 13:57:07 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\pluginreg.dat [7223]
O61 - LFC: 24/04/2013 - 13:59:48 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\adwcleaner(1).exe [619461]
O61 - LFC: 24/04/2013 - 14:48:30 ---A- C:\Documents and Settings\dominique farault\Bureau\ZHPFixReport.txt [699]
O61 - LFC: 24/04/2013 - 14:53:16 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webapps\webapps-1.json [2]
O61 - LFC: 24/04/2013 - 14:55:28 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\classifier.hashkey [4]
O61 - LFC: 24/04/2013 - 15:03:00 R--A- C:\Documents and Settings\dominique farault\Application Data\Microsoft\Installer\{A35C3D8E-5E46-442E-A7DA-A2D7487D40BC}\icon.ico [32038]
O61 - LFC: 24/04/2013 - 15:03:10 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions\{83c4e335-2aca-472d-b6e0-6521bc89de2b}\install.rdf [1052]
O61 - LFC: 24/04/2013 - 15:55:56 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\permissions.sqlite [65536]
O61 - LFC: 24/04/2013 - 15:58:09 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\93d25920ad1aa409f72cbcea55979cad.png [29621]
O61 - LFC: 24/04/2013 - 15:58:09 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bd63d24497fb826695c18acd769d711a.png [29621]
O61 - LFC: 24/04/2013 - 15:59:15 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1174189d2e3138f122b628b11dc6114e.png [33644]
O61 - LFC: 24/04/2013 - 16:01:14 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\20d5a4de614c2d0d28a5b69fc3f6a448.png [24935]
O61 - LFC: 24/04/2013 - 16:01:58 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPFix[R2].lnk [495]
O61 - LFC: 24/04/2013 - 16:04:25 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\77764270eb8cf0d72ebc7bf2f6321175.png [28275]
O61 - LFC: 24/04/2013 - 16:04:25 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\cbf82ba820d96ca4e1984a5f91d1fe89.png [28275]
O61 - LFC: 24/04/2013 - 16:05:14 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\2dcaf8f80b7d43563f440b8e90188326.png [19940]
O61 - LFC: 24/04/2013 - 16:05:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1f3a7c4ba51d6b88771f00da70929e57.png [22782]
O61 - LFC: 24/04/2013 - 16:05:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\d145a1b425e7e9750e8aa5810a5fe06e.png [22782]
O61 - LFC: 24/04/2013 - 16:05:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\3e8992e4479612dc36e9f421de6761e3.png [18939]
O61 - LFC: 24/04/2013 - 16:05:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\843edf1c0f880e1396ba3da727151e6b.png [18939]
O61 - LFC: 24/04/2013 - 16:06:19 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\content-prefs.sqlite [229376]
O61 - LFC: 24/04/2013 - 16:06:30 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\b9369da8e9c702aa2d49d290d7b0409f.png [7700]
O61 - LFC: 24/04/2013 - 16:06:49 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\47ea408275e6e8c34b55b0e8a7423c49.png [45101]
O61 - LFC: 24/04/2013 - 16:08:26 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPADSReport.lnk [505]
O61 - LFC: 24/04/2013 - 16:08:35 ---A- C:\Documents and Settings\dominique farault\Recent\Log.lnk [454]
O61 - LFC: 24/04/2013 - 16:08:35 ---A- C:\Documents and Settings\dominique farault\Recent\ZHP.lnk [356]
O61 - LFC: 24/04/2013 - 16:09:04 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPDiag.lnk [511]
O61 - LFC: 24/04/2013 - 16:09:19 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[S1].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:23 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R3].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:27 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R2].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:32 ---A- C:\Documents and Settings\dominique farault\Recent\AdwCleaner[R1].lnk [449]
O61 - LFC: 24/04/2013 - 16:09:32 ---A- C:\Documents and Settings\dominique farault\Recent\VAIO (C).lnk [297]
O61 - LFC: 24/04/2013 - 16:10:00 ---A- C:\Documents and Settings\dominique farault\Recent\ZHPFixReport.lnk [538]
O61 - LFC: 24/04/2013 - 16:10:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\545304cdcca900f0af87cf207a493747.png [16951]
O61 - LFC: 24/04/2013 - 16:10:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\7e94957d00c2c87a4d9c20b106db07a4.png [16951]
O61 - LFC: 24/04/2013 - 16:12:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\23c94d92927d56a6a9c85f4e63f69d8e.png [19858]
O61 - LFC: 24/04/2013 - 16:12:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\90b0846ccec3b11c09dcec44492fddc6.png [21225]
O61 - LFC: 24/04/2013 - 16:12:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bb6de0fce4080612ab9f18fb98932688.png [21225]
O61 - LFC: 24/04/2013 - 16:12:50 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\2a2200234087a165f031d4d0b96c96ec.png [20720]
O61 - LFC: 24/04/2013 - 16:12:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\077f3e1899f7ad87a9a97599fcce4a83.png [21923]
O61 - LFC: 24/04/2013 - 16:12:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\81b8b219e8571bc6fd085bf6edb3c0ad.png [21923]
O61 - LFC: 24/04/2013 - 16:14:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\a8875ca720a6a1e2369a9c6767c5edbc.png [19858]
O61 - LFC: 24/04/2013 - 16:14:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\9fff35a118f645d48af657e576b16884.png [21225]
O61 - LFC: 24/04/2013 - 16:14:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\c624f33dce7b3adbd4a4f01b537a8e30.png [21225]
O61 - LFC: 24/04/2013 - 16:15:02 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\56cdec5a40e22acd7048a38140dea4f8.png [19858]
O61 - LFC: 24/04/2013 - 16:15:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\8d2b609cad7e86090e500a236d1df727.png [30240]
O61 - LFC: 24/04/2013 - 16:15:29 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\974e0bdb7ed4a6c1b77f35d9272a3cdf.png [30240]
O61 - LFC: 24/04/2013 - 16:18:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\ab9e3dc4e10e5726a37d0de82985b926.png [11235]
O61 - LFC: 24/04/2013 - 16:18:52 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\ff90821feeb2b02a33a6f9fc8e5f3fcd.png [11235]
O61 - LFC: 24/04/2013 - 16:19:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\formhistory.sqlite [196608]
O61 - LFC: 24/04/2013 - 16:19:24 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bbc2ba057fd15e0e37d6c6c39f256dfd.png [39250]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.cache [12]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.pset [605334]
O61 - LFC: 24/04/2013 - 16:23:01 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-phish-shavar.sbstore [530069]
O61 - LFC: 24/04/2013 - 16:23:42 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\0a066d458fe9dbf310c87ea0124fd7de.png [42367]
O61 - LFC: 24/04/2013 - 16:24:53 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\bd5eff1cd12670b1164a51f362d13911.png [42431]
O61 - LFC: 24/04/2013 - 16:25:21 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\de0c516829e04d0bc20b4decb3ba0aaf.png [41574]
O61 - LFC: 24/04/2013 - 16:26:18 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\c3a58bceb2df34c20b4c890bb70d7af7.png [35123]
O61 - LFC: 24/04/2013 - 16:27:43 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\08a18951263448bee6dd81d978a5e2f3.png [19654]
O61 - LFC: 24/04/2013 - 16:27:43 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1a5635e615e7ad29794034371c3068b1.png [19654]
O61 - LFC: 24/04/2013 - 16:28:03 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\VuuPC_setup.exe [1174112]
O61 - LFC: 24/04/2013 - 16:28:19 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\1368614c740bbc515d4ad8592c238fe2.png [27749]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.cache [140]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.pset [832720]
O61 - LFC: 24/04/2013 - 16:29:00 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\goog-malware-shavar.sbstore [1659254]
O61 - LFC: 24/04/2013 - 16:30:22 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\07a03dc6bb99c94efcde6fd0f0cbe780.png [24918]
O61 - LFC: 24/04/2013 - 16:30:22 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\691c8166471c4e30fd7c6512ae818f8a.png [24918]
O61 - LFC: 24/04/2013 - 16:30:42 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\store-pp.db [327680]
O61 - LFC: 24/04/2013 - 16:30:47 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\46b5b7a454eceb0aeaff80c841eacd3e.png [21544]
O61 - LFC: 24/04/2013 - 16:30:50 ---A- C:\Documents and Settings\dominique farault\Mes documents\T�l�chargements\JRT.exe [535764]
O61 - LFC: 24/04/2013 - 16:31:06 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails-old\778b31e509f5f4a794c8d8f76cad5381.png [40860]
O61 - LFC: 24/04/2013 - 16:31:22 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\downloads.sqlite [98304]
O61 - LFC: 24/04/2013 - 16:31:22 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\sessionstore.bak [118619]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cert8.db [131072]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\key3.db [16384]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\localstore.rdf [5678]
O61 - LFC: 24/04/2013 - 16:31:23 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite [262144]
O61 - LFC: 24/04/2013 - 16:34:59 ---A- C:\Documents and Settings\dominique farault\Bureau\JRT.txt [10934]
O61 - LFC: 24/04/2013 - 16:35:05 ---A- C:\Documents and Settings\dominique farault\Recent\JRT.lnk [487]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions.sqlite [458752]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\extensions.sqlite-journal [229944]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\mimeTypes.rdf [3772]
O61 - LFC: 24/04/2013 - 16:35:12 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:13 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\search.json [10826]
O61 - LFC: 24/04/2013 - 16:35:13 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webapps\webapps.json [2]
O61 - LFC: 24/04/2013 - 16:35:14 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:15 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite-shm [32768]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.cache [44]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.pset [16]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-malware-simple.sbstore [232]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.cache [44]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.pset [16]
O61 - LFC: 24/04/2013 - 16:35:16 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\safebrowsing\test-phish-simple.sbstore [232]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite-wal [590288]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\urlclassifierkey3.txt [154]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\138a11824677e2ea962c9a9b077f6340.png [56890]
O61 - LFC: 24/04/2013 - 16:35:17 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\ac59bde315df33b0fc6d1bdbf782f9f0.png [56890]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite [10485760]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\places.sqlite-wal [655872]
O61 - LFC: 24/04/2013 - 16:35:26 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\webappsstore.sqlite-wal [196784]
O61 - LFC: 24/04/2013 - 16:35:30 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\cookies.sqlite [524288]
O61 - LFC: 24/04/2013 - 16:35:32 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\sessionstore.js [120943]
O61 - LFC: 24/04/2013 - 16:35:32 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\thumbnails\bd5eff1cd12670b1164a51f362d13911.png [41495]
O61 - LFC: 24/04/2013 - 16:35:34 ---A- C:\Documents and Settings\dominique farault\Local Settings\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\_CACHE_CLEAN_ [1]
O61 - LFC: 24/04/2013 - 16:35:44 ---A- C:\Documents and Settings\dominique farault\Application Data\Mozilla\Firefox\Profiles\z4pvtopg.default-1366392980468\prefs.js [4048]
~ 69 Fichiers temporaires (Temporary files)
~ 16 Fichiers cookies (Cookies files)
~ Files: 457 Legitimates Filtered in 00mn 02s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 30/08/2011 - C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) .(.Apple Inc. - Bonjour Service.) - LEGACY_BONJOUR_SERVICE
O64 - Services: CurCS - 27/02/2013 - Pas de propri�taire (IBUpdaterService) .(...) - LEGACY_IBUPDATERSERVICE =>Adware.InstallBrain
O64 - Services: CurCS - 06/07/2004 - C:\WINDOWS\system32\Drivers\PrivateDiskM.sys (PrivateDisk) .(.Utimaco Safeware AG - SafeGuard� PrivateDisk Driver.) - LEGACY_PRIVATEDISK
O64 - Services: CurCS - 08/07/2004 - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe (VAIO Entertainment Aggregation and Control Service) .(.Sony Corporation - VAIO Entertainment Remote Service.) - LEGACY_VAIO_ENTERTAINMENT_AGGREGATION_AND_CONTROL_SERVICE
~ Legacy: 134 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.Country", "France");
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.DockingPositionDown", false);
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.SmartbarDisabled", false); =>Hijacker.SmartBar
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.SmartbarStateMinimaized", false); =>Hijacker.SmartBar
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.UserID", "83c4e335-2aca-472d-b6e0-6521bc89de2b");
O69 - SBI: prefs.js [dominique farault - z4pvtopg.default-1366392980468] user_pref("extensions.helperbar.Visibility", false);
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - () - http://search.live.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [172032]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11668 - (23/04/2013)
Cl�s trouv�es (Keys found) : 104
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 4
Fichiers trouv�s (Files found) : 2
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Toolbar.Babylon
[HKCU\Software\delta LTD] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}] =>Toolbar.PricePeep
[HKLM\Software\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}] =>Toolbar.PricePeep
[HKLM\Software\Classes\TypeLib\{4d3b167e-5fd8-4276-8fd7-9df19c1e4d19}] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}] =>Hijacker.SmartBar
[HKLM\Software\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}] =>Hijacker.SmartBar
[HKLM\Software\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{82ac53b4-164c-4b07-a016-437a8388b81a}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113}] =>Adware.Agent
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}] =>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}] =>Hijacker.SmartBar
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}] =>Toolbar.PricePeep
[HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService] =>Adware.IncrediBar
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\FilesFrog Update Checker] =>Adware.Agent
[HKCU\Software\SmartbarLog] =>Hijacker.SmartBar
[HKCU\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\WNLT] =>Adware.IncrediBar
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep] =>Toolbar.PricePeep
[HKLM\Software\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNLT] =>Adware.IncrediBar
[HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B] =>PUP.SweetIM
[HKLM\Software\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}] =>PUP.Funmoods
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM
[HKLM\Software\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}] =>Toolbar.DeltaSearch
[HKLM\Software\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}] =>Toolbar.DeltaSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E5C8B5FB7CB5DD447A0BAAAF637FBD77] =>PUP.ClaroSearch
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF96568971BEAC14B8815883832BD484] =>PUP.ClaroSearch
[HKLM\Software\Classes\CLSID\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3DAEB01-4C15-4AC6-A689-6406FD954EE0}] =>Adware.ShopperReports
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetIM Bundle by SweetPacks] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA0054A5AB3EFFE4CB5660E44A1E7DCC] =>Adware.Boxore^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
C:\Program Files\SweetIM =>PUP.SweetIM
C:\Program Files\XingHaoLyrics =>Adware.ShopperReports
C:\Documents and Settings\dominique farault\Local Settings\Application Data\Smartbar =>Hijacker.SmartBar
C:\Documents and Settings\dominique farault\Local Settings\Application Data\Bundled software uninstaller =>Adware.MegaSearch
C:\WINDOWS\Tasks\EPUpdater.job =>Hijacker.BabSolution
C:\WINDOWS\Tasks\LyricsPal Update.job =>Adware.ShopperReports
~ Additionnel Scan: 201840 Items scanned in 00mn 17s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "48F3C63CB40E3E44D9B7BACB6CEB495F" . (.PC Camer@.) -- C:\WINDOWS\Installer\{C36C3F84-E04B-44E3-9D7B-ABBCC6BE94F5}\ARPPRODUCTICON.exe
O90 - PUC: "6DB1B8663954959479E042A9FF6E3FC5" . (.VOR.) -- C:\WINDOWS\Installer\{668B1BD6-4593-4959-970E-249AFFE6F35C}\ARPPRODUCTICON.exe
O90 - PUC: "786E6E5E6301E7AB0600000000000010" . (.Acrobat Elements 6.0 - Fran�ais.) -- C:\WINDOWS\Installer\{E5E6E687-1036-BA7E-6000-000000000001}\ARPPRODUCTICON.exe
O90 - PUC: "CB517B265F109CC489112DE44DC4614D" . (.My Info Centre.) -- C:\WINDOWS\Installer\{62B715BC-01F5-4CC9-9811-D24ED44C16D4}\ARPPRODUCTICON.exe
~ Update Products: 46 Legitimates Filtered in 00mn 00s
---\\ Random Export Key (O91)
[HKLM\Software\5328dd8b735e849] => Cl� orpheline
~ Export Key Software: Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 27/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 27/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 1013552 | (IBUpdaterService) . (...) - C:\WINDOWS\system32\dmwu.exe =>Adware.InstallBrain
SR - | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/04/2013 181664 | (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 12/04/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 07/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 53248 | (STI Simulator) . (...) - C:\WINDOWS\System32\PAStiSvc.exe
SR - | Demand 08/07/2004 118784 | (VAIO Entertainment Aggregation and Control Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzRs\VzRs.exe
SS - | Demand 08/07/2004 118877 | (VAIO Entertainment File Import Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCdb\VzFw.exe
SS - | Demand 28/07/2004 401408 | (VAIO Entertainment Task Scheduler) . (.Sony Corporation.) - C:\Program Files\Sony\vaio entertainment\VzTaskScheduler.exe
SS - | Demand 08/07/2004 69632 | (VAIO Entertainment TV Device Arbitration Service) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe
SS - | Demand 08/07/2004 278528 | (VAIO Entertainment UPnP Client Adapter) . (.Sony Corporation.) - C:\Program Files\Fichiers communs\Sony Shared\VAIO Entertainment\VCSW\VCSW.exe
SS - | Demand 09/07/2004 1826816 | (VAIOMediaPlatform-IntegratedServer-AppServer) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe
SS - | Demand 16/06/2004 57344 | (VAIOMediaPlatform-IntegratedServer-HTTP) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe
SS - | Demand 22/06/2004 733184 | (VAIOMediaPlatform-IntegratedServer-UPnP) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe
SS - | Demand 16/06/2004 188416 | (VAIOMediaPlatform-Mobile-Gateway) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe
SS - | Demand 26/10/2012 957056 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\VUAgent.exe
~ Services: Scanned in 00mn 00s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by dominique farault at 24/04/2013 17:37:10
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
1 nt!IofCallDriver[0x804E13B9] >> \Device\Harddisk0\DR0[0x89B7EAB8]
kernel: MBR read successfully
user & kernel MBR OK
~ MBR: 13 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by dominique farault at 24/04/2013 17:37:12
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1453 Legitimates filtered by white list
End of the scan (866 lines in 01mn 19s)(0)