Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.6.10.15 par Nicolas Coolman, Update du 10/06/2013
Run by papy at 13/06/2013 13:03:23
WebSite: http://nicolascoolman.webs.com
State :
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16618
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : G7PPK
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
Panda Cloud Cleaner v1.0.45
Panda Internet Security 2013 v18.01.01
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader X
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (63% free)
System Restore: Activ� (Enable)
System drive C: has 297 GB (63%) free of 466 GB
---\\ Logged in mode
~ Computer Name: W-PAPY
~ User Name: papy
~ All Users Names: UpdatusUser, papy, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\papy\AppData\Roaming\
~ %Desktop% : C:\Users\papy\Desktop\
~ %Favorites% : C:\Users\papy\Favorites\
~ %LocalAppData% : C:\Users\papy\AppData\Local\
~ %StartMenu% : C:\Users\papy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 297 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 30 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/9
~ Mes musiques (My Musics) : 1/277
~ Mes Favoris (My Favorites) : 1/314
~ Mes Documents (My Documents) : 1/8193
~ Mon Bureau (My Desktop) : 1/11429
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 26s
---\\ Processus lanc�s
[MD5.198B8C260AA185881415E2128E262497] - (.Panda Security - Internet resident proxy.) -- C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2013\WebProxy.exe [108032] [PID.3016]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3600]
[MD5.358C81ADA09E0B6906DB82EA75B836D5] - (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.3508]
[MD5.0721CBC2561075ABA9A49FDAE1828664] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248] [PID.4072]
[MD5.08E6495D47C6F1E9E73EA389794C6058] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [943168] [PID.3620]
[MD5.D7936ED15F4AEF0FC33F329D0F21ED46] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [151952] [PID.3628]
[MD5.F9413654DBA2F81CA2FDC827C41BDF6E] - (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\ApVxdWin.exe [1038192] [PID.3496]
[MD5.74D1E004483998E076FBBC0DE9B59763] - (.Panda Security, S.L. - PavBckPT Aplicaci�n.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavBckPT.exe [112128] [PID.2464]
[MD5.E6DFE6F92AFC183ABE8DFB52A7BADF77] - (.Druide informatique inc. - Antidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Antido32.exe [9594424] [PID.4964]
[MD5.07DFD28E57879554D054464EE4A5662D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770648] [PID.4472]
[MD5.3A32FAFEEE290E6E6C058DE59EC4EC88] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7478272] [PID.6724]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.780]
[MD5.341457B79B3FC31A80C346C767045879] - (.Panda Security, S.L. - Anti-malware protection support executable.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PskSvc.exe [28992] [PID.1212]
[MD5.71D19B5D542B6EEA00C99D9984DC901F] - (.Panda Security, S.L. - TPSrv Application.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\TPSrvWow.exe [173344] [PID.1252]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1740]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1792]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.1964]
[MD5.752DC511EA5B107539EE06FA9FF9C138] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.exe [69640] [PID.1044]
[MD5.54F00466439F749EDDF29CBA0BC1A28A] - (.Panda Security, S.L. - Panda Software Controler.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsCtrls.exe [177440] [PID.1544]
[MD5.F458128A5321BB48DF7B3D8E279F6393] - (.Panda Security, S.L. - Panda Function Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavFnSvr.exe [202016] [PID.1508]
[MD5.2AE3F6B23448443BBEF5DE207159213B] - (.Panda Security, S.L. - Panda Process Protection Service.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768] [PID.1128]
[MD5.4D8C2645A12FDDF9CD4A68DDE8496BEF] - (.Panda Security, S.L. - Enhanced On-Access Anti-Malware Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\pavsrvx86.exe [313664] [PID.2060]
[MD5.532053E8E3BB8FA7166AB4E7685FDDCC] - (.Panda Security International - Panda Host Service.) -- c:\program files (x86)\panda security\panda internet security 2013\firewall\PSHOST.exe [226560] [PID.2100]
[MD5.196C450F2779D0B462C444DA4906EA7F] - (.Panda Security S.L. - Panda Interface Manager Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsImSvc.exe [108288] [PID.2120]
[MD5.CC85A36EB009F45A53FF5344CCEFD58E] - (.Panda Security, S.L. - Enhanced On-Access Anti-Malware Protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\AVENGINE.exe [225088] [PID.2160]
[MD5.BDF348850A404F8433E6275B2B98174C] - (.Panda Security - USB Vaccine.) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe [1268808] [PID.3748]
[MD5.D4106AC79DA6DF822AD3BFCD09802F5D] - (.Panda Security, S.L. - Panda AntiSpam Trainer.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\SRVLOAD.exe [91648] [PID.5096]
[MD5.934BB0D23A25C8C136570800A5A149B6] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [687400] [PID.2056]
[MD5.472DC18B6C061CE2E869F77A415DE8DD] - (.Panda Security S.L. - Panda Interface Manager Application [Report.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\psimreal.exe [60672] [PID.2392]
~ Processes Running: Scanned in 00mn 03s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [papy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.a-searchpage.info
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://isearch.glarysoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com =>Toolbar.Babylon
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;;192.168.*.*
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: coontinueetosavei [64Bits] - {07B98736-3411-A5EE-77D7-6B02CF0666A2} . (...) -- C:\ProgramData\coontinueetosavei\5197535cec210.dll =>PUP.OfferWare
O2 - BHO: coontiinueTosoave [64Bits] - {13ACD8D1-B90B-C697-A53A-896E1683B495} . (...) -- C:\ProgramData\coontiinueTosoave\519f9696a43ba.dll =>PUP.OfferWare
O2 - BHO: conteinueatoisaave [64Bits] - {1D38CBD1-9758-873A-F04A-85369A42D04E} . (...) -- C:\ProgramData\conteinueatoisaave\51aba1620b64b.dll =>PUP.OfferWare
O2 - BHO: SearchNewTab [64Bits] - {3EFEBE07-1C78-8C5F-2F2F-CC7A6D397A3C} . (...) -- C:\ProgramData\SearchNewTab\519762860995f.dll =>Adware.FastSaveApp
O2 - BHO: SearchNewTab [64Bits] - {4D5D2CDB-2FCA-DB41-C323-7199FC170EDA} . (...) -- C:\ProgramData\SearchNewTab\519f96bca29a4.dll =>Adware.FastSaveApp
O2 - BHO: SearchNewTab [64Bits] - {50EB618C-99DB-4549-6EB9-39A833C05229} . (...) -- C:\ProgramData\SearchNewTab\519fa136a8383.dll =>Adware.FastSaveApp
O2 - BHO: coontinueetosavei [64Bits] - {7F17AFF5-5B4C-70F5-A071-C92A9EE96B5A} . (...) -- C:\ProgramData\coontinueetosavei\519762508ed4d.dll =>PUP.OfferWare
O2 - BHO: coontinueetosavei [64Bits] - {8E7EA199-EDFD-A163-4D68-F838AF852E31} . (...) -- C:\ProgramData\coontinueetosavei\5197536858c7a.dll =>PUP.OfferWare
O2 - BHO: TBSB05810 [64Bits] - {A7AF277D-1466-4A7B-93AF-B043984A5671} . (.Pas de propri�taire - Internet Explorer Toolbar Engine.) -- C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
O2 - BHO: coontiinueTosoave [64Bits] - {BF48401D-7A7D-1558-54B4-DBA3D27076E9} . (...) -- C:\ProgramData\coontiinueTosoave\519fa12f819d3.dll =>PUP.OfferWare
O2 - BHO: coontiinueTosoave [64Bits] - {C7CDA52A-AAE4-6CDB-955B-A3241095E89F} . (...) -- C:\ProgramData\coontiinueTosoave\519fa33ba3e91.dll =>PUP.OfferWare
O2 - BHO: coNtoinauettoosavE [64Bits] - {FC76120A-441B-73B1-2779-804F615B99CF} . (...) -- C:\ProgramData\coNtoinauettoosavE\51a25dac7fc36.dll =>PUP.OfferWare
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote64.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [APVXDWIN] . (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\APVXDWIN.exe
O4 - HKLM\..\Wow6432Node\Run: [SCANINICIO] . (.Panda Security, S.L. - Inicio Programado.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\Inicio.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch: Panda Internet Security 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\Iface.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
O4 - GS\TaskBar: Nero Burning ROM 10.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe
O4 - GS\TaskBar: Nero StartSmart 10.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
O4 - GS\TaskBar: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PAsCleaner.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: BeAnywhere Drive.lnk . (.MN - BeAnywhere Drive.) -- C:\Users\papy\AppData\Local\BeAnywhere_Drive\BADrive.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop: Billard - Raccourci (2).lnk . (...) -- C:\Billard\Billard.exe
O4 - GS\Desktop: Billard - Raccourci.lnk . (...) -- C:\Users\papy\Documents\Billard
O4 - GS\Desktop: DVDFab 8 Qt.lnk . (.Fengtao Software Inc. - DVDFab is the all-in-one software package f.) -- C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe
O4 - GS\Desktop: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop: Glary Utilities.lnk . (.Glarysoft Ltd - Glary Utilities.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
O4 - GS\Desktop: HP Deskjet F4200 series - Raccourci.lnk - Cl� orpheline
O4 - GS\Desktop: Mes documents - Raccourci.lnk . (...) -- C:\Users\papy\Documents
O4 - GS\Desktop: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: T�l�chargements - Raccourci.lnk . (...) -- C:\Users\papy\Downloads
~ Global Startup: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: avldr . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\System32\avldr64.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\contin~1\sprote~1.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{00C0E222-1A22-4A4A-98D7-5AE8C7A9B242}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{366FE2F3-AF2A-4E5A-993A-A11BA0020F77}] (...) -- C:\Users\papy\Downloads\NVE-3.1.0.7_eng.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{69B8AEB7-D53B-443F-995A-491E24F045BE}] (...) -- E:\Nero-9.4.13.2b_trial.exe (.not file.) [0]
[MD5.6B2165DB53D39F61C836C2D87C72C502] [APT] [{6B900AA7-9EC7-402A-8281-5109E7120267}] (.Motorola.) -- C:\Users\papy\Downloads\MML_Installer-v1.5.4090.2.exe [52329296]
[MD5.00000000000000000000000000000000] [APT] [{97EEA8AF-88EE-44D9-9A7D-1AB8C867B040}] (...) -- D:\WINDOWS\Installe Antidote.exe (.not file.) [0]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 07s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BeAnywhere Drive - (...) [HKCU][64Bits] -- BeAnyWhere Drive
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {E5C8C056-DF29-4121-A3CA-970B3E2BE2A0} =>Adware.Browse2Save
O42 - Logiciel: ContinueToSave - (...) [HKLM][64Bits] -- {09C326D4-8B44-456F-A784-C366D2200422} =>PUP.OfferWare
O42 - Logiciel: MasterCook 5 : LGLC - (...) [HKLM][64Bits] -- MasterCook 5 : LGLC
O42 - Logiciel: Search Assistant WebSearch 1.74 - (...) [HKLM][64Bits] -- SP_4e24eecb
O42 - Logiciel: SearchNewTab - (.SearchNewTab.) [HKLM][64Bits] -- {C670DCAE-E392-AA32-6F42-143C7FC4BDFD} =>Adware.FastSaveApp
O42 - Logiciel: conteinueatoisaave - (.continue to save.) [HKLM][64Bits] -- {C1C6816E-CBB3-A748-85F9-A8B47B68985B} =>PUP.OfferWare
~ Logic: 126 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\SProtector] =>PUP.Mocaflix
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\ChatZum Toolbar]
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Doctor Web]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\Multiplicar Negocios]
[HKCU\Software\Softonic]
[HKCU\Software\WandouLabs]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Doctor Web]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\ChatZum Toolbar]
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
~ Key Software: 183 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/07/2012 - 12:30:52 - [1,262] ----D C:\Program Files (x86)\ChatZum Toolbar
O43 - CFD: 3/06/2013 - 12:27:29 - [1,473] ----D C:\Program Files (x86)\ContinueToSave =>PUP.Offerware
O43 - CFD: 18/05/2012 - 12:55:42 - [1,244] ----D C:\Program Files (x86)\DrWeb
O43 - CFD: 3/06/2013 - 12:27:29 - [1,470] ----D C:\Program Files (x86)\WebSearch
O43 - CFD: 19/05/2011 - 17:02:27 - [0,017] ----D C:\Program Files (x86)\Common Files\Doctor Web
O43 - CFD: 13/08/2011 - 09:14:14 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 10/03/2013 - 23:34:59 - [0,161] ----D C:\ProgramData\Broowise2suavve =>Adware.Browse2Save
O43 - CFD: 13/03/2013 - 15:54:25 - [0,160] ----D C:\ProgramData\BrowoSE2isavve =>Adware.Browse2Save
O43 - CFD: 21/04/2013 - 17:23:28 - [0,095] ----D C:\ProgramData\Broywsee2save =>Adware.Browse2Save
O43 - CFD: 2/06/2013 - 21:16:35 - [0,199] ----D C:\ProgramData\conteinueatoisaave =>PUP.OfferWare
O43 - CFD: 26/05/2013 - 23:02:25 - [0,267] ----D C:\ProgramData\coNtoinauettoosavE =>PUP.OfferWare
O43 - CFD: 24/05/2013 - 18:44:21 - [0,516] ----D C:\ProgramData\coontiinueTosoave =>PUP.OfferWare
O43 - CFD: 18/05/2013 - 12:30:09 - [0,516] ----D C:\ProgramData\coontinueetosavei =>PUP.OfferWare
O43 - CFD: 9/06/2013 - 16:03:59 - [17,072] ----D C:\ProgramData\InstallMate
O43 - CFD: 24/05/2013 - 18:35:36 - [0,440] ----D C:\ProgramData\SearchNewTab =>Adware.FastSaveApp
O43 - CFD: 24/07/2012 - 11:27:25 - [0,007] ----D C:\Users\papy\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/05/2012 - 13:09:41 - [60,165] ----D C:\Users\papy\AppData\Local\BeAnywhere_Drive
O43 - CFD: 18/05/2012 - 13:09:40 - [0,011] ----D C:\Users\papy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeAnywhere Drive
~ Program Folder: 175 Legitimates Filtered in 00mn 38s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.2DACB60CAFEFF233C34497116F1405A9] - 13/06/2013 - 12:05:38 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT [265376]
O44 - LFC:[MD5.2DACB60CAFEFF233C34497116F1405A9] - 13/06/2013 - 12:05:38 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT.bck [265376]
O44 - LFC:[MD5.01DC00EECDA3A336C9C448F7D1CE1DC4] - 13/06/2013 - 11:33:07 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG [1132]
O44 - LFC:[MD5.01DC00EECDA3A336C9C448F7D1CE1DC4] - 13/06/2013 - 11:33:07 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG.bck [1132]
O44 - LFC:[MD5.8A64C45F467FB30C47A30AE2819DDD62] - 10/06/2013 - 18:49:58 RSHAD . (.Pas de propri�taire - COMFiltr.) -- C:\Windows\System32\Drivers\COMFiltr.sys [15928]
O44 - LFC:[MD5.3E08131A46624FBC2F572C4810E41A9F] - 10/06/2013 - 18:49:49 ---A- . (...) -- C:\Windows\SysNative\PavCPL64.dat [274]
O44 - LFC:[MD5.3E08131A46624FBC2F572C4810E41A9F] - 10/06/2013 - 18:49:49 RSHAD . (...) -- C:\Windows\System32\PavCPL64.dat [274]
O44 - LFC:[MD5.631F4DB2FC9043152F2157EE03A22FBD] - 10/06/2013 - 18:48:01 ---A- . (.Panda Software - PavCPL.) -- C:\Windows\SysNative\pavcpl64.cpl [46640]
O44 - LFC:[MD5.631F4DB2FC9043152F2157EE03A22FBD] - 10/06/2013 - 18:48:01 RSHAD . (.Panda Software - PavCPL.) -- C:\Windows\System32\pavcpl64.cpl [46640]
O44 - LFC:[MD5.B4382FC88E2F89B059E021EA89B4E4DF] - 10/06/2013 - 18:47:48 ---A- . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\SysNative\avldr64.dll [64768]
O44 - LFC:[MD5.B4382FC88E2F89B059E021EA89B4E4DF] - 10/06/2013 - 18:47:48 RSHAD . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\System32\avldr64.dll [64768]
O44 - LFC:[MD5.9909F37A0AC6D4C7B0307D9CCCB89A9E] - 31/05/2013 - 21:03:02 ---A- . (...) -- C:\Windows\SysNative\PCloudBroom64.exe [22752]
O44 - LFC:[MD5.9909F37A0AC6D4C7B0307D9CCCB89A9E] - 31/05/2013 - 21:03:02 RSHAD . (...) -- C:\Windows\System32\PCloudBroom64.exe [22752]
~ Files: 100 Legitimates Filtered in 00mn 53s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/09/2009 - C:\Windows\system32\Drivers\DSAFLT64.sys (DSAFLT) .(.Panda Security, S.L. - Pas de description.) - LEGACY_DSAFLT
~ Legacy: 126 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Panda Security, S.L. - Panda Script Blocking.) -- C:\Program Files (x86)\PANDAS~1\PANDAI~1\PavScrip.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Panda Security, S.L. - Panda Script Blocking.) -- C:\Program Files (x86)\PANDAS~1\PANDAI~1\PavScrip.exe
~ FASS Keys: 18 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (ChatZum Search) - http://search.chatzum.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {713DE85E-4C4F-4425-B589-4E8D11C242B4} - (Yahoo! Search) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (ChatZum Search) - http://search.chatzum.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.a-searchpage.info
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
O69 - SBI: SearchScopes [HKCU] {C3B387E5-79E1-4D5E-9E73-FCD13DC21105} [DefaultScope] - (Recherche s�curis�e) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {FE2FCB82-DAAB-4518-8140-8A0A08D91DB2} - (Secure Search) - http://search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.5403DEE05293E6E30174B571F2C35DFB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_0_11366637134e.dat [2835]
[MD5.7AB910D2052C0636693F438103EC5660] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_101358775383r.dat [350468]
[MD5.0182D0BE1A616C8D6BE62A5565CE8E36] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_101371076211f.dat [2088]
[MD5.25A270F1918F991AF2B3D3600AD7085E] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_111371063611r.dat [197508]
[MD5.36F6224751B0343D4245B4DA5FCE2FA5] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_111371066701f.dat [2253]
[MD5.9D4A77AADDE3FC4FC480DAA75403A950] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11370044466r.dat [310532]
[MD5.A0D997D1D7D754CB21FFB02FBA441F85] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11370947585c.dat [1881]
[MD5.E47C86C39C4A562D5F2CE56311640F6D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11371103938f.dat [2110]
[MD5.038DA2A68610C759A09E377C2956E78A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_121370759844r.dat [321276]
[MD5.901CE99D8C0C56C82B39C893B74FD32B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_121371016288f.dat [2512]
[MD5.7F575FFC478F5B5A705FDBA547F9387D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_131368667468r.dat [304416]
[MD5.DD6C03E54A69D3F5146414B0B294D75B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_131371042330f.dat [2286]
[MD5.C6246880AF49D58E0AA2FEEF9690DF41] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_141371023345r.dat [223400]
[MD5.5443B77B21646E564432AD34612B51A4] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_141371118699f.dat [947]
[MD5.1BB22CF109F00907C5A7163C72608233] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_151369215257r.dat [415608]
[MD5.C7AEAA1AA5A79922DB8199FFAC4165D7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_161370052021r.dat [278252]
[MD5.7B2F2690ABD5B9E467BAE5A6043446E8] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_171371013580r.dat [222544]
[MD5.E5C347E0366D9B90FDA63F24FE059CCB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_181371119412r.dat [199664]
[MD5.BD28A49B84ADB54822E10078AAA81592] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_191369921050r.dat [458648]
[MD5.26865EF778A579519C8F72D13A592D77] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_201371118173r.dat [198468]
[MD5.EA222253806E4B28105A2CAE5F8514E5] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_211370866521r.dat [231880]
[MD5.96654D1ACD4EB947E7D50E4CA27B3266] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_21371058689r.dat [357768]
[MD5.CE0C698B39B37AC18C581ECBF17423B3] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_21371103937f.dat [2312]
[MD5.963E01BB61FBDFCE8147C881F8C2EF23] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_221370977287r.dat [365108]
[MD5.8059EE24A380F51D100081EB64E5C4F0] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_231371083772r.dat [288536]
[MD5.2D62869297EAF96FA019DF358D055B5B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_241371048378r.dat [369004]
[MD5.A330A8A3DD01B8F0BD1EDAABF540DA91] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_311370005936r.dat [248512]
[MD5.EE6F1EF63723C31CA531CB6BD9CB892C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_31370671941r.dat [255860]
[MD5.D03F3924BFA4C91AA16B2E7B2DA6B676] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_31371015968f.dat [2197]
[MD5.733B65A0BD856A221B26C0F81392790A] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_41371049503r.dat [226032]
[MD5.482A6C2DC46D84879438B49A804DAB07] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_41371119054f.dat [2010]
[MD5.4DE94C09D1DF67C5AAEE0D426AA00BED] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_441371023816r.dat [213380]
[MD5.97A25A2E8228B530618133D301376255] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_51370972585f.dat [2221]
[MD5.62E894200464E413E39CF060E48E649B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_51370978825r.dat [306196]
[MD5.AF3FCEBF5BBFCD25FA99A62D96B6D98B] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_61370959474r.dat [225152]
[MD5.5E741D1F16DB30F7AD5D3779AB916D3F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_61371119054f.dat [2181]
[MD5.60A46D97CF5BF1E19146476852B5AE3A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_71368011497r.dat [427040]
[MD5.0325560706A95FEC49DD94C3C6DAB369] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_71371119054f.dat [1793]
[MD5.5A3ABBFBC3511A31AC33993501071F6F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_81369995854r.dat [228912]
[MD5.7C968545BB1C86321C464EBB6C6614D1] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_81371119054f.dat [2238]
[MD5.E896CE2F0F2F1818C5FAEFD0D0AADA29] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_91370933067r.dat [431088]
[MD5.45B1D0CBF4FA6BC1C239EC321423D9E0] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_91371103937f.dat [2178]
[MD5.4B6BC06065CF6E0FA3401D30F32CB410] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_101371026924r.dat [36128]
[MD5.C7855D26709A29BADA2E8C5C9A2B1154] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_101371119054f.dat [1103]
[MD5.1B1811A78D9A2148860EB226EF5E9245] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_111370784228f.dat [1185]
[MD5.B6BC174B1E5D857D8ABCA27823864418] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_11370996539r.dat [35136]
[MD5.DE0E43F1E16549DBC83B608746430786] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_11371078728f.dat [1174]
[MD5.C229FB7B42935EDC6B0DF7C8E19F86A3] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_121371026466f.dat [1030]
[MD5.9BECD8008D1D997A984476A2AC594C1D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_131370900780r.dat [47468]
[MD5.6AA34B4584059FD66608C8595091B092] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_131371071175f.dat [1116]
[MD5.A38EC21282E900C23C7377130A1433FE] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_141370762303r.dat [41456]
[MD5.547F90FB124513DA922E92CE114BD568] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_141370985599f.dat [1242]
[MD5.490849DA1906AAFCA7799E1F0DA7AE13] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_151371111390f.dat [851]
[MD5.514B98245FE493F3CBA5E68C8F56D311] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_161371116537f.dat [978]
[MD5.F71B223BA654F6E582A4C43AD215A35C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_171369087933r.dat [53788]
[MD5.510484D4FE25E5EE84B7F2AEE85C600D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_171371078728f.dat [913]
[MD5.C4A289A2F16883B4711283907975BAF2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_181352733026f.dat [1332]
[MD5.E45D421A01F46F25291A98FE18B151BE] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_181371115905r.dat [47392]
[MD5.B96ED48D14DDC560E85DECC40980C25C] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_191371037937r.dat [36472]
[MD5.2B1AE90F0F86ABF1E0C50D58898FDB5A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_191371076210f.dat [1341]
[MD5.6C1390E2F9793FFA90CA6FC2563C3C75] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_201362574845f.dat [1024]
[MD5.31234572ED3BAEBC100D87B3FDA08A8B] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_201371115377r.dat [37516]
[MD5.B917623BEDCF42AED3902E9E7A486362] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_211364983933f.dat [1024]
[MD5.66A054EB7CF38675039A35EB99949DF2] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_211371031093r.dat [42560]
[MD5.13889B773E1E93EE43887783A2400F2A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_21367559863f.dat [2227]
[MD5.6E1AFE41B292836B29DAC01E15CBE223] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_21370877799r.dat [64764]
[MD5.F152085D5FDC55F71FC707FBFA1016AD] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_221368487454r.dat [63728]
[MD5.146B8C2FBA64D49545F382969AEC208D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_241370455052r.dat [51924]
[MD5.A907BB040CB6021B87BB4AF548AEB197] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_281371101411r.dat [39364]
[MD5.83AB688F34FE1973DBF5D934A11F59E2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_311340009659f.dat [2718]
[MD5.48DECEE5D6E601FE797565460F692E51] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_311363094663r.dat [92636]
[MD5.E5DC2350843AFFD1D28CB5CF2912A11F] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_31371029657f.dat [1180]
[MD5.1EDBB231A58B0A246815150846C71974] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_321340009659f.dat [3261]
[MD5.65AA4B52274B761D32B8D36806210668] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_331340009663f.dat [3812]
[MD5.B04E6153C3468E53FEC443D89B3AE3C2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_341340009668f.dat [5785]
[MD5.0C7D50845E3665FEF8C91299AE00C9DC] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_351340009695f.dat [6731]
[MD5.3AAF56FDC597C3CF08E752572BB8704F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_361326924029r.dat [374752]
[MD5.4AA6CA36F610BD1076B24D52E6C741ED] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_361340009707f.dat [3088]
[MD5.FDD0F8CDE3EA56844187783B9095963D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_371340009707f.dat [3553]
[MD5.90AF4048FB332A914563C0DC472D2725] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_381340009707f.dat [3022]
[MD5.2BFA8EDE98FCE92A0021F1636844CA94] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_391340009711f.dat [2711]
[MD5.3204414CD1C89082BA459DFCD8298AEF] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_401340009715f.dat [3155]
[MD5.3F5556E28F16CA8998AC3D48DA6DEC32] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_411340009720f.dat [4004]
[MD5.E3C41044A1DFE08A622F376E1D43D831] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_41339552847r.dat [108788]
[MD5.97A29BF9BDCE248F009BF069FCD20158] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_41371119054f.dat [1112]
[MD5.1D3BE2A58654B416C7D32AEC822DE545] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_421340009725f.dat [4354]
[MD5.B960F72500D807E1236EA9B29C4748AA] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_431340009734f.dat [8264]
[MD5.2DEEC99A5B91A8846BC4B7A6B6BFD77A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_441340009740f.dat [8223]
[MD5.27DEF8038DB654A9E3066FFA5F75D062] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_451340009745f.dat [4534]
[MD5.CE06D0D2F06E697CA1C221254B039222] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_461340009767f.dat [2920]
[MD5.5DD8584F5211690DD8A32853D9EAC76E] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_471340009769f.dat [3082]
[MD5.486297A431E1DFE3EB71EB0135A423E7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_481340009771f.dat [2533]
[MD5.F0D3A29B35D50F1D8BD8E8F7FF009B68] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_51371098894f.dat [1012]
[MD5.29EA726EA678BD757B4B512818948C04] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_581371037178r.dat [39640]
[MD5.F7BA9FFCA660D855B1C89914E00ED4F6] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_61370839695r.dat [42496]
[MD5.5023C9B10F900D975A810DDD3550AC7E] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_61371028080f.dat [1100]
[MD5.A2F7E31B78DEAAE0E262F2F67975C88B] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_631366924360r.dat [78224]
[MD5.1102D1BCD07D6E888DF5F0DF55161FD4] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_651371007580r.dat [35884]
[MD5.55777A54BAA36DBA5034AE2E6FD2AFCD] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_671368333421r.dat [56304]
[MD5.EAA71541A764BF7506876503D14533CF] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_71371106450f.dat [1236]
[MD5.556BA80C08E26B2588646054FD135F22] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_741368511458r.dat [75288]
[MD5.FA31BC194F2BD4DDF3DD27613DF426B4] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_81370965824r.dat [34336]
[MD5.20272ACF992C8F49EAA7CA4844538538] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_81371076210f.dat [1073]
[MD5.32F060D0F420A4CECB0FBA7CEBF3D27A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_91371071174f.dat [1012]
[MD5.084645AF07F2A627379EA97C51904DA7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_921370769680r.dat [49528]
[MD5.B1558682FB473DF406326C5DF57896C6] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_3_11356656766e.dat [164]
[MD5.B8534A2B7B83A830FFAD39DD891C624C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_4_11331077257f.dat [1092]
[MD5.195FC1AF3A4CB7EE51529497B72FD072] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_1_21354624210r.dat [1108]
[MD5.B21915A84FE6EE7B57FC698EB4D64057] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_2_11316951329r.dat [18708]
[MD5.B1CB36B1309F6EF41647AF2D1F39B6FB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_2_21316952017r.dat [19168]
[MD5.62DC3151298E449FCBAEBEF4441A12BD] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_cindex.dat [23]
[MD5.01FA8801E61DE3910556754DCF1F6406] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_eindex.dat [46]
[MD5.27A1C99A88281A9B352ADCEECE568142] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_findex.dat [1277]
[MD5.978439050F9BBBE06A656EBE22AB4E5A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_frmc1.dat [79402]
[MD5.4ADDA123521AB55FC82C95AB98FFCF6D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_index.dat [1149]
[MD5.EAAA2562BB1C15F6941061C62F4DA912] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~glaryutilities-version.dat [514]
[MD5.153793FF8EF7E6EF2479693ADB6B37DA] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~gu-ver.dat [162]
[MD5.60D1869190F08364D55D8442C86A4B32] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~upgrade.dat [936]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][10/04/2012] (...) -- C:\Users\papy\AppData\Roaming\inst.exe [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [SPRF][10/04/2012] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\papy\AppData\Roaming\pcouffin.sys [82816]
[MD5.A07A260EE0A32B0BEC9B2A2BF7263070] [SPRF][11/04/2011] (.Adobe Systems, Inc. - Adobe� Flash� Player Installer/Uninstaller 10.2 r159.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2871968]
[MD5.8C3AB14E42B39C25EAEF1739B1802535] [SPRF][7/12/2010] (.Microsoft Corp - Microsoft Support Diagnostic Tool Control.) -- C:\Windows\Downloaded Program Files\MSDcode.dll [562000]
~ Files: Scanned in 00mn 03s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{33420656-55A4-4EA4-B7D5-226723CCEDB1}" |In - Public - P6 - FALSE | .(...) -- C:\Users\papy\AppData\Local\Temp\incredibar_installer.exe (.not file.) =>Adware.IncrediBar
O87 - FAEL: "{61B64016-4644-43B7-922A-F85D3FACBCA0}" |In - Public - P17 - FALSE | .(...) -- C:\Users\papy\AppData\Local\Temp\incredibar_installer.exe (.not file.) =>Adware.IncrediBar
O87 - FAEL: "{7EB99309-8565-4D58-A7A1-B75864A4793C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\WandouLabs\wandoujia2.exe (.not file.)
O87 - FAEL: "{52F78A55-F825-4764-AF1D-01076A2258A6}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\WandouLabs\wandoujia2.exe (.not file.)
~ Firewall: 208 Legitimates Filtered in 00mn 04s
---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (10/06/2013)
Cl�s trouv�es (Keys found) : 146
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 18
Fichiers trouv�s (Files found) : 1
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook] =>Adware.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\ChatZum Toolbar] =>Toolbar.ChatZum
[HKLM\Software\Wow6432Node\ChatZum Toolbar] =>Toolbar.ChatZum
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASAPI32] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASMANCS] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}] =>Toolbar.Agent
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}] =>Adware.Browse2Save
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}] =>Adware.Browse2Save
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.TBSB05810.3] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB05810.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.TBSB05810.3] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB05810.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{CA3EB689-8F09-4026-AA10-B9534C691CE0} =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\ChatZum Toolbar =>Toolbar.ChatZum
C:\Program Files (x86)\continuetosave =>PUP.Offerware
C:\Program Files (x86)\WebSearch =>Adware.Browse2Save
C:\ProgramData\SearchNewTab =>Adware.FastSaveApp
C:\ProgramData\InstallMate =>Toolbar.Agent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab =>Adware.FastSaveApp
C:\Users\papy\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\papy\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\papy\AppData\LocalLow\SearchNewTab =>Adware.FastSaveApp
C:\Users\papy\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\papy\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\ProgramData\Broowise2suavve =>Adware.Browse2Save
C:\ProgramData\BrowoSE2isavve =>Adware.Browse2Save
C:\ProgramData\Broywsee2save =>Adware.Browse2Save
C:\ProgramData\conteinueatoisaave =>PUP.Offerware^
C:\ProgramData\coNtoinauettoosavE =>PUP.Offerware^
C:\ProgramData\coontiinueTosoave =>PUP.Offerware^
C:\ProgramData\coontinueetosavei =>PUP.Offerware^
C:\Users\papy\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
~ Additionnel Scan: 270711 Items scanned in 00mn 16s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 15/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 29/11/2012 640912 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 4/03/2013 120592 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
SR - | Auto 25/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 24/09/2012 230920 | (NitroDriverReadSpool8) . (.Nitro PDF Software.) - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
SR - | Auto 24/09/2012 69640 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (nosGetPlusHelper) . (.NOS Microsystems Ltd..) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 29/12/2012 1260472 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 19/11/2012 177440 | (Panda Software Controller) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsCtrls.exe
SR - | Auto 21/09/2012 202016 | (PAVFNSVR) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavFnSvr.exe
SR - | Auto 4/02/2008 62768 | (PavPrSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
SR - | Auto 13/04/2011 313664 | (PAVSRV) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\pavsrvx86.exe
SR - | Auto 26/11/2009 226560 | (PSHost) . (.Panda Security International.) - c:\program files (x86)\panda security\panda internet security 2013\firewall\PSHOST.exe
SR - | Auto 19/06/2008 108288 | (PSIMSVC) . (.Panda Security S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsImSvc.exe
SR - | Auto 16/08/2010 28992 | (PskSvcRetail) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PskSvc.exe
SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 16/11/2012 173344 | (TPSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\TPSrvWow.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
~ 1185 Legitimates filtered by white list
End of the scan (801 lines in 03mn 09s)(0)
Run by papy at 13/06/2013 13:03:23
WebSite: http://nicolascoolman.webs.com
State :
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16618
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : G7PPK
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Protection
Malwarebytes Anti-Malware version 1.75.0.1300
Panda Cloud Cleaner v1.0.45
Panda Internet Security 2013 v18.01.01
Windows Defender W7
---\\ System Optimizer
CCleaner v4.01 =>Piriform Ltd
---\\ Peer To Peer (P2P)
---\\ Software Update
Adobe Flash Player 11 ActiveX
Adobe Reader X
---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4087 MB (63% free)
System Restore: Activ� (Enable)
System drive C: has 297 GB (63%) free of 466 GB
---\\ Logged in mode
~ Computer Name: W-PAPY
~ User Name: papy
~ All Users Names: UpdatusUser, papy, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\papy\AppData\Roaming\
~ %Desktop% : C:\Users\papy\Desktop\
~ %Favorites% : C:\Users\papy\Favorites\
~ %LocalAppData% : C:\Users\papy\AppData\Local\
~ %StartMenu% : C:\Users\papy\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 297 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 30 Legitimates Filtered in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.12716D987D475B051F35895659159705] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.17/05/2013 - 01:59:03.) -- C:\Windows\System32\wininet.dll [2241024]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/9
~ Mes musiques (My Musics) : 1/277
~ Mes Favoris (My Favorites) : 1/314
~ Mes Documents (My Documents) : 1/8193
~ Mon Bureau (My Desktop) : 1/11429
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Scanned in 00mn 26s
---\\ Processus lanc�s
[MD5.198B8C260AA185881415E2128E262497] - (.Panda Security - Internet resident proxy.) -- C:\PROGRAM FILES (X86)\PANDA SECURITY\PANDA INTERNET SECURITY 2013\WebProxy.exe [108032] [PID.3016]
[MD5.32C26797AB646074A2BB562F9D10ADB5] - (.Microsoft Corporation - Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3600]
[MD5.358C81ADA09E0B6906DB82EA75B836D5] - (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496] [PID.3508]
[MD5.0721CBC2561075ABA9A49FDAE1828664] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1406248] [PID.4072]
[MD5.08E6495D47C6F1E9E73EA389794C6058] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [943168] [PID.3620]
[MD5.D7936ED15F4AEF0FC33F329D0F21ED46] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [151952] [PID.3628]
[MD5.F9413654DBA2F81CA2FDC827C41BDF6E] - (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\ApVxdWin.exe [1038192] [PID.3496]
[MD5.74D1E004483998E076FBBC0DE9B59763] - (.Panda Security, S.L. - PavBckPT Aplicaci�n.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavBckPT.exe [112128] [PID.2464]
[MD5.E6DFE6F92AFC183ABE8DFB52A7BADF77] - (.Druide informatique inc. - Antidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\Antido32.exe [9594424] [PID.4964]
[MD5.07DFD28E57879554D054464EE4A5662D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\IEXPLORE.exe [770648] [PID.4472]
[MD5.3A32FAFEEE290E6E6C058DE59EC4EC88] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7478272] [PID.6724]
[MD5.5A19667A580B1CE886EAF968B9743F45] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [383264] [PID.780]
[MD5.341457B79B3FC31A80C346C767045879] - (.Panda Security, S.L. - Anti-malware protection support executable.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PskSvc.exe [28992] [PID.1212]
[MD5.71D19B5D542B6EEA00C99D9984DC901F] - (.Panda Security, S.L. - TPSrv Application.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\TPSrvWow.exe [173344] [PID.1252]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1740]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.1792]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.1964]
[MD5.752DC511EA5B107539EE06FA9FF9C138] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\Windows\SysWOW64\NLSSRV32.exe [69640] [PID.1044]
[MD5.54F00466439F749EDDF29CBA0BC1A28A] - (.Panda Security, S.L. - Panda Software Controler.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsCtrls.exe [177440] [PID.1544]
[MD5.F458128A5321BB48DF7B3D8E279F6393] - (.Panda Security, S.L. - Panda Function Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavFnSvr.exe [202016] [PID.1508]
[MD5.2AE3F6B23448443BBEF5DE207159213B] - (.Panda Security, S.L. - Panda Process Protection Service.) -- C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe [62768] [PID.1128]
[MD5.4D8C2645A12FDDF9CD4A68DDE8496BEF] - (.Panda Security, S.L. - Enhanced On-Access Anti-Malware Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\pavsrvx86.exe [313664] [PID.2060]
[MD5.532053E8E3BB8FA7166AB4E7685FDDCC] - (.Panda Security International - Panda Host Service.) -- c:\program files (x86)\panda security\panda internet security 2013\firewall\PSHOST.exe [226560] [PID.2100]
[MD5.196C450F2779D0B462C444DA4906EA7F] - (.Panda Security S.L. - Panda Interface Manager Service.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsImSvc.exe [108288] [PID.2120]
[MD5.CC85A36EB009F45A53FF5344CCEFD58E] - (.Panda Security, S.L. - Enhanced On-Access Anti-Malware Protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\AVENGINE.exe [225088] [PID.2160]
[MD5.BDF348850A404F8433E6275B2B98174C] - (.Panda Security - USB Vaccine.) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe [1268808] [PID.3748]
[MD5.D4106AC79DA6DF822AD3BFCD09802F5D] - (.Panda Security, S.L. - Panda AntiSpam Trainer.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\SRVLOAD.exe [91648] [PID.5096]
[MD5.934BB0D23A25C8C136570800A5A149B6] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [687400] [PID.2056]
[MD5.472DC18B6C061CE2E869F77A415DE8DD] - (.Panda Security S.L. - Panda Interface Manager Application [Report.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\psimreal.exe [60672] [PID.2392]
~ Processes Running: Scanned in 00mn 03s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M3 - MFPP: Plugins - [papy] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\babylon.xml =>Toolbar.Babylon
~ Firefox Browser: 2 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://websearch.a-searchpage.info
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://isearch.glarysoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://isearch.glarysoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.babylon.com =>Toolbar.Babylon
~ IE Browser: 19 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: coontinueetosavei [64Bits] - {07B98736-3411-A5EE-77D7-6B02CF0666A2} . (...) -- C:\ProgramData\coontinueetosavei\5197535cec210.dll =>PUP.OfferWare
O2 - BHO: coontiinueTosoave [64Bits] - {13ACD8D1-B90B-C697-A53A-896E1683B495} . (...) -- C:\ProgramData\coontiinueTosoave\519f9696a43ba.dll =>PUP.OfferWare
O2 - BHO: conteinueatoisaave [64Bits] - {1D38CBD1-9758-873A-F04A-85369A42D04E} . (...) -- C:\ProgramData\conteinueatoisaave\51aba1620b64b.dll =>PUP.OfferWare
O2 - BHO: SearchNewTab [64Bits] - {3EFEBE07-1C78-8C5F-2F2F-CC7A6D397A3C} . (...) -- C:\ProgramData\SearchNewTab\519762860995f.dll =>Adware.FastSaveApp
O2 - BHO: SearchNewTab [64Bits] - {4D5D2CDB-2FCA-DB41-C323-7199FC170EDA} . (...) -- C:\ProgramData\SearchNewTab\519f96bca29a4.dll =>Adware.FastSaveApp
O2 - BHO: SearchNewTab [64Bits] - {50EB618C-99DB-4549-6EB9-39A833C05229} . (...) -- C:\ProgramData\SearchNewTab\519fa136a8383.dll =>Adware.FastSaveApp
O2 - BHO: coontinueetosavei [64Bits] - {7F17AFF5-5B4C-70F5-A071-C92A9EE96B5A} . (...) -- C:\ProgramData\coontinueetosavei\519762508ed4d.dll =>PUP.OfferWare
O2 - BHO: coontinueetosavei [64Bits] - {8E7EA199-EDFD-A163-4D68-F838AF852E31} . (...) -- C:\ProgramData\coontinueetosavei\5197536858c7a.dll =>PUP.OfferWare
O2 - BHO: TBSB05810 [64Bits] - {A7AF277D-1466-4A7B-93AF-B043984A5671} . (.Pas de propri�taire - Internet Explorer Toolbar Engine.) -- C:\Program Files (x86)\Glarysoft Toolbar\tbcore3.dll
O2 - BHO: coontiinueTosoave [64Bits] - {BF48401D-7A7D-1558-54B4-DBA3D27076E9} . (...) -- C:\ProgramData\coontiinueTosoave\519fa12f819d3.dll =>PUP.OfferWare
O2 - BHO: coontiinueTosoave [64Bits] - {C7CDA52A-AAE4-6CDB-955B-A3241095E89F} . (...) -- C:\ProgramData\coontiinueTosoave\519fa33ba3e91.dll =>PUP.OfferWare
O2 - BHO: coNtoinauettoosavE [64Bits] - {FC76120A-441B-73B1-2779-804F615B99CF} . (...) -- C:\ProgramData\coNtoinauettoosavE\51a25dac7fc36.dll =>PUP.OfferWare
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar [64Bits] - [HKLM]{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.NEC Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe
O4 - HKLM\..\Wow6432Node\Run: [agentantidote64.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes64\agentantidote64.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKLM\..\Wow6432Node\Run: [APVXDWIN] . (.Panda Security, S.L. - Panda permanent protection.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\APVXDWIN.exe
O4 - HKLM\..\Wow6432Node\Run: [SCANINICIO] . (.Panda Security, S.L. - Inicio Programado.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\Inicio.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: Google Chrome.lnk . (...) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch: Panda Internet Security 2013.lnk . (.Panda Security, S.L. - Panda Console.) -- C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\Iface.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\TaskBar: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Microsoft Office Outlook 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
O4 - GS\TaskBar: Nero Burning ROM 10.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{7A5D731D-B4B3-490E-B339-75685712BAAB}\ScBurningROMStartM_7533AE23D677474387D2A66427FA7052.exe
O4 - GS\TaskBar: Nero StartSmart 10.lnk . (.Acresso Software Inc. - InstallShield.) -- C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe
O4 - GS\TaskBar: Panda Cloud Cleaner.lnk . (...) -- C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PAsCleaner.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: BeAnywhere Drive.lnk . (.MN - BeAnywhere Drive.) -- C:\Users\papy\AppData\Local\BeAnywhere_Drive\BADrive.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Picasa 3.lnk . (.Google Inc. - Picasa.) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop: Billard - Raccourci (2).lnk . (...) -- C:\Billard\Billard.exe
O4 - GS\Desktop: Billard - Raccourci.lnk . (...) -- C:\Users\papy\Documents\Billard
O4 - GS\Desktop: DVDFab 8 Qt.lnk . (.Fengtao Software Inc. - DVDFab is the all-in-one software package f.) -- C:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe
O4 - GS\Desktop: Format Factory.lnk . (.Free Time - FormatFactory.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe
O4 - GS\Desktop: Glary Utilities.lnk . (.Glarysoft Ltd - Glary Utilities.) -- C:\Program Files (x86)\Glary Utilities\Integrator.exe
O4 - GS\Desktop: HP Deskjet F4200 series - Raccourci.lnk - Cl� orpheline
O4 - GS\Desktop: Mes documents - Raccourci.lnk . (...) -- C:\Users\papy\Documents
O4 - GS\Desktop: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\Desktop: T�l�chargements - Raccourci.lnk . (...) -- C:\Users\papy\Downloads
~ Global Startup: Scanned in 00mn 01s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A07D7B28-0AC5-46B3-93A2-3501E808560F}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: avldr . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\System32\avldr64.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\contin~1\sprote~1.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (PCloudBroom64.exe \systemroot\system32\BroomData.bit) - File not found
~ BEX: 2 Legitimates Filtered in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{00C0E222-1A22-4A4A-98D7-5AE8C7A9B242}] (...) -- D:\SETUP.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{366FE2F3-AF2A-4E5A-993A-A11BA0020F77}] (...) -- C:\Users\papy\Downloads\NVE-3.1.0.7_eng.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{69B8AEB7-D53B-443F-995A-491E24F045BE}] (...) -- E:\Nero-9.4.13.2b_trial.exe (.not file.) [0]
[MD5.6B2165DB53D39F61C836C2D87C72C502] [APT] [{6B900AA7-9EC7-402A-8281-5109E7120267}] (.Motorola.) -- C:\Users\papy\Downloads\MML_Installer-v1.5.4090.2.exe [52329296]
[MD5.00000000000000000000000000000000] [APT] [{97EEA8AF-88EE-44D9-9A7D-1AB8C867B040}] (...) -- D:\WINDOWS\Installe Antidote.exe (.not file.) [0]
~ Scheduled Task: 16 Legitimates Filtered in 00mn 07s
---\\ Logiciels install�s (O42)
O42 - Logiciel: BeAnywhere Drive - (...) [HKCU][64Bits] -- BeAnyWhere Drive
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {E5C8C056-DF29-4121-A3CA-970B3E2BE2A0} =>Adware.Browse2Save
O42 - Logiciel: ContinueToSave - (...) [HKLM][64Bits] -- {09C326D4-8B44-456F-A784-C366D2200422} =>PUP.OfferWare
O42 - Logiciel: MasterCook 5 : LGLC - (...) [HKLM][64Bits] -- MasterCook 5 : LGLC
O42 - Logiciel: Search Assistant WebSearch 1.74 - (...) [HKLM][64Bits] -- SP_4e24eecb
O42 - Logiciel: SearchNewTab - (.SearchNewTab.) [HKLM][64Bits] -- {C670DCAE-E392-AA32-6F42-143C7FC4BDFD} =>Adware.FastSaveApp
O42 - Logiciel: conteinueatoisaave - (.continue to save.) [HKLM][64Bits] -- {C1C6816E-CBB3-A748-85F9-A8B47B68985B} =>PUP.OfferWare
~ Logic: 126 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\SProtector] =>PUP.Mocaflix
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\ChatZum Toolbar]
[HKCU\Software\Datamngr] =>PUP.Datamngr
[HKCU\Software\Doctor Web]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\InstallCore] =>PUP.InstallCore
[HKCU\Software\Multiplicar Negocios]
[HKCU\Software\Softonic]
[HKCU\Software\WandouLabs]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\Doctor Web]
[HKLM\Software\Wow6432Node\Babylon] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\ChatZum Toolbar]
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.Mocaflix
~ Key Software: 183 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/07/2012 - 12:30:52 - [1,262] ----D C:\Program Files (x86)\ChatZum Toolbar
O43 - CFD: 3/06/2013 - 12:27:29 - [1,473] ----D C:\Program Files (x86)\ContinueToSave =>PUP.Offerware
O43 - CFD: 18/05/2012 - 12:55:42 - [1,244] ----D C:\Program Files (x86)\DrWeb
O43 - CFD: 3/06/2013 - 12:27:29 - [1,470] ----D C:\Program Files (x86)\WebSearch
O43 - CFD: 19/05/2011 - 17:02:27 - [0,017] ----D C:\Program Files (x86)\Common Files\Doctor Web
O43 - CFD: 13/08/2011 - 09:14:14 - [0,000] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 10/03/2013 - 23:34:59 - [0,161] ----D C:\ProgramData\Broowise2suavve =>Adware.Browse2Save
O43 - CFD: 13/03/2013 - 15:54:25 - [0,160] ----D C:\ProgramData\BrowoSE2isavve =>Adware.Browse2Save
O43 - CFD: 21/04/2013 - 17:23:28 - [0,095] ----D C:\ProgramData\Broywsee2save =>Adware.Browse2Save
O43 - CFD: 2/06/2013 - 21:16:35 - [0,199] ----D C:\ProgramData\conteinueatoisaave =>PUP.OfferWare
O43 - CFD: 26/05/2013 - 23:02:25 - [0,267] ----D C:\ProgramData\coNtoinauettoosavE =>PUP.OfferWare
O43 - CFD: 24/05/2013 - 18:44:21 - [0,516] ----D C:\ProgramData\coontiinueTosoave =>PUP.OfferWare
O43 - CFD: 18/05/2013 - 12:30:09 - [0,516] ----D C:\ProgramData\coontinueetosavei =>PUP.OfferWare
O43 - CFD: 9/06/2013 - 16:03:59 - [17,072] ----D C:\ProgramData\InstallMate
O43 - CFD: 24/05/2013 - 18:35:36 - [0,440] ----D C:\ProgramData\SearchNewTab =>Adware.FastSaveApp
O43 - CFD: 24/07/2012 - 11:27:25 - [0,007] ----D C:\Users\papy\AppData\Roaming\Babylon =>Toolbar.Babylon
O43 - CFD: 18/05/2012 - 13:09:41 - [60,165] ----D C:\Users\papy\AppData\Local\BeAnywhere_Drive
O43 - CFD: 18/05/2012 - 13:09:40 - [0,011] ----D C:\Users\papy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BeAnywhere Drive
~ Program Folder: 175 Legitimates Filtered in 00mn 38s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.2DACB60CAFEFF233C34497116F1405A9] - 13/06/2013 - 12:05:38 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT [265376]
O44 - LFC:[MD5.2DACB60CAFEFF233C34497116F1405A9] - 13/06/2013 - 12:05:38 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFCONT.DAT.bck [265376]
O44 - LFC:[MD5.01DC00EECDA3A336C9C448F7D1CE1DC4] - 13/06/2013 - 11:33:07 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG [1132]
O44 - LFC:[MD5.01DC00EECDA3A336C9C448F7D1CE1DC4] - 13/06/2013 - 11:33:07 RSHAD . (...) -- C:\Windows\System32\Drivers\APPFLTR.CFG.bck [1132]
O44 - LFC:[MD5.8A64C45F467FB30C47A30AE2819DDD62] - 10/06/2013 - 18:49:58 RSHAD . (.Pas de propri�taire - COMFiltr.) -- C:\Windows\System32\Drivers\COMFiltr.sys [15928]
O44 - LFC:[MD5.3E08131A46624FBC2F572C4810E41A9F] - 10/06/2013 - 18:49:49 ---A- . (...) -- C:\Windows\SysNative\PavCPL64.dat [274]
O44 - LFC:[MD5.3E08131A46624FBC2F572C4810E41A9F] - 10/06/2013 - 18:49:49 RSHAD . (...) -- C:\Windows\System32\PavCPL64.dat [274]
O44 - LFC:[MD5.631F4DB2FC9043152F2157EE03A22FBD] - 10/06/2013 - 18:48:01 ---A- . (.Panda Software - PavCPL.) -- C:\Windows\SysNative\pavcpl64.cpl [46640]
O44 - LFC:[MD5.631F4DB2FC9043152F2157EE03A22FBD] - 10/06/2013 - 18:48:01 RSHAD . (.Panda Software - PavCPL.) -- C:\Windows\System32\pavcpl64.cpl [46640]
O44 - LFC:[MD5.B4382FC88E2F89B059E021EA89B4E4DF] - 10/06/2013 - 18:47:48 ---A- . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\SysNative\avldr64.dll [64768]
O44 - LFC:[MD5.B4382FC88E2F89B059E021EA89B4E4DF] - 10/06/2013 - 18:47:48 RSHAD . (.On-Access Anti-Malware Scanner Sync - On-Access Anti-Malware Scanner Sync.) -- C:\Windows\System32\avldr64.dll [64768]
O44 - LFC:[MD5.9909F37A0AC6D4C7B0307D9CCCB89A9E] - 31/05/2013 - 21:03:02 ---A- . (...) -- C:\Windows\SysNative\PCloudBroom64.exe [22752]
O44 - LFC:[MD5.9909F37A0AC6D4C7B0307D9CCCB89A9E] - 31/05/2013 - 21:03:02 RSHAD . (...) -- C:\Windows\System32\PCloudBroom64.exe [22752]
~ Files: 100 Legitimates Filtered in 00mn 53s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ MWPS: 17 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 3 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/09/2009 - C:\Windows\system32\Drivers\DSAFLT64.sys (DSAFLT) .(.Panda Security, S.L. - Pas de description.) - LEGACY_DSAFLT
~ Legacy: 126 Legitimates Filtered in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.js>
~ FASS Keys: 18 Legitimates Filtered in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (ChatZum Search) - http://search.chatzum.com
O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com
O69 - SBI: SearchScopes [HKCU] {1F096B29-E9DA-4D64-8D63-936BE7762CC5} - (Search the web (Babylon)) - http://search.babylon.com =>Adware.IMBooster
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {713DE85E-4C4F-4425-B589-4E8D11C242B4} - (Yahoo! Search) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} - (ChatZum Search) - http://search.chatzum.com
O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} - (Web Search) - http://www.searchqu.com =>PUP.Datamngr
O69 - SBI: SearchScopes [HKCU] {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} - (WebSearch) - http://websearch.a-searchpage.info
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
O69 - SBI: SearchScopes [HKCU] {C3B387E5-79E1-4D5E-9E73-FCD13DC21105} [DefaultScope] - (Recherche s�curis�e) - http://search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {FE2FCB82-DAAB-4518-8140-8A0A08D91DB2} - (Secure Search) - http://search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.5403DEE05293E6E30174B571F2C35DFB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_0_11366637134e.dat [2835]
[MD5.7AB910D2052C0636693F438103EC5660] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_101358775383r.dat [350468]
[MD5.0182D0BE1A616C8D6BE62A5565CE8E36] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_101371076211f.dat [2088]
[MD5.25A270F1918F991AF2B3D3600AD7085E] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_111371063611r.dat [197508]
[MD5.36F6224751B0343D4245B4DA5FCE2FA5] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_111371066701f.dat [2253]
[MD5.9D4A77AADDE3FC4FC480DAA75403A950] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11370044466r.dat [310532]
[MD5.A0D997D1D7D754CB21FFB02FBA441F85] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11370947585c.dat [1881]
[MD5.E47C86C39C4A562D5F2CE56311640F6D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_11371103938f.dat [2110]
[MD5.038DA2A68610C759A09E377C2956E78A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_121370759844r.dat [321276]
[MD5.901CE99D8C0C56C82B39C893B74FD32B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_121371016288f.dat [2512]
[MD5.7F575FFC478F5B5A705FDBA547F9387D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_131368667468r.dat [304416]
[MD5.DD6C03E54A69D3F5146414B0B294D75B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_131371042330f.dat [2286]
[MD5.C6246880AF49D58E0AA2FEEF9690DF41] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_141371023345r.dat [223400]
[MD5.5443B77B21646E564432AD34612B51A4] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_141371118699f.dat [947]
[MD5.1BB22CF109F00907C5A7163C72608233] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_151369215257r.dat [415608]
[MD5.C7AEAA1AA5A79922DB8199FFAC4165D7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_161370052021r.dat [278252]
[MD5.7B2F2690ABD5B9E467BAE5A6043446E8] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_171371013580r.dat [222544]
[MD5.E5C347E0366D9B90FDA63F24FE059CCB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_181371119412r.dat [199664]
[MD5.BD28A49B84ADB54822E10078AAA81592] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_191369921050r.dat [458648]
[MD5.26865EF778A579519C8F72D13A592D77] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_201371118173r.dat [198468]
[MD5.EA222253806E4B28105A2CAE5F8514E5] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_211370866521r.dat [231880]
[MD5.96654D1ACD4EB947E7D50E4CA27B3266] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_21371058689r.dat [357768]
[MD5.CE0C698B39B37AC18C581ECBF17423B3] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_21371103937f.dat [2312]
[MD5.963E01BB61FBDFCE8147C881F8C2EF23] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_221370977287r.dat [365108]
[MD5.8059EE24A380F51D100081EB64E5C4F0] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_231371083772r.dat [288536]
[MD5.2D62869297EAF96FA019DF358D055B5B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_241371048378r.dat [369004]
[MD5.A330A8A3DD01B8F0BD1EDAABF540DA91] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_311370005936r.dat [248512]
[MD5.EE6F1EF63723C31CA531CB6BD9CB892C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_31370671941r.dat [255860]
[MD5.D03F3924BFA4C91AA16B2E7B2DA6B676] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_31371015968f.dat [2197]
[MD5.733B65A0BD856A221B26C0F81392790A] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_41371049503r.dat [226032]
[MD5.482A6C2DC46D84879438B49A804DAB07] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_41371119054f.dat [2010]
[MD5.4DE94C09D1DF67C5AAEE0D426AA00BED] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_441371023816r.dat [213380]
[MD5.97A25A2E8228B530618133D301376255] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_51370972585f.dat [2221]
[MD5.62E894200464E413E39CF060E48E649B] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_51370978825r.dat [306196]
[MD5.AF3FCEBF5BBFCD25FA99A62D96B6D98B] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_61370959474r.dat [225152]
[MD5.5E741D1F16DB30F7AD5D3779AB916D3F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_61371119054f.dat [2181]
[MD5.60A46D97CF5BF1E19146476852B5AE3A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_71368011497r.dat [427040]
[MD5.0325560706A95FEC49DD94C3C6DAB369] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_71371119054f.dat [1793]
[MD5.5A3ABBFBC3511A31AC33993501071F6F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_81369995854r.dat [228912]
[MD5.7C968545BB1C86321C464EBB6C6614D1] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_81371119054f.dat [2238]
[MD5.E896CE2F0F2F1818C5FAEFD0D0AADA29] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_91370933067r.dat [431088]
[MD5.45B1D0CBF4FA6BC1C239EC321423D9E0] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_1_91371103937f.dat [2178]
[MD5.4B6BC06065CF6E0FA3401D30F32CB410] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_101371026924r.dat [36128]
[MD5.C7855D26709A29BADA2E8C5C9A2B1154] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_101371119054f.dat [1103]
[MD5.1B1811A78D9A2148860EB226EF5E9245] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_111370784228f.dat [1185]
[MD5.B6BC174B1E5D857D8ABCA27823864418] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_11370996539r.dat [35136]
[MD5.DE0E43F1E16549DBC83B608746430786] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_11371078728f.dat [1174]
[MD5.C229FB7B42935EDC6B0DF7C8E19F86A3] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_121371026466f.dat [1030]
[MD5.9BECD8008D1D997A984476A2AC594C1D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_131370900780r.dat [47468]
[MD5.6AA34B4584059FD66608C8595091B092] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_131371071175f.dat [1116]
[MD5.A38EC21282E900C23C7377130A1433FE] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_141370762303r.dat [41456]
[MD5.547F90FB124513DA922E92CE114BD568] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_141370985599f.dat [1242]
[MD5.490849DA1906AAFCA7799E1F0DA7AE13] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_151371111390f.dat [851]
[MD5.514B98245FE493F3CBA5E68C8F56D311] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_161371116537f.dat [978]
[MD5.F71B223BA654F6E582A4C43AD215A35C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_171369087933r.dat [53788]
[MD5.510484D4FE25E5EE84B7F2AEE85C600D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_171371078728f.dat [913]
[MD5.C4A289A2F16883B4711283907975BAF2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_181352733026f.dat [1332]
[MD5.E45D421A01F46F25291A98FE18B151BE] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_181371115905r.dat [47392]
[MD5.B96ED48D14DDC560E85DECC40980C25C] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_191371037937r.dat [36472]
[MD5.2B1AE90F0F86ABF1E0C50D58898FDB5A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_191371076210f.dat [1341]
[MD5.6C1390E2F9793FFA90CA6FC2563C3C75] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_201362574845f.dat [1024]
[MD5.31234572ED3BAEBC100D87B3FDA08A8B] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_201371115377r.dat [37516]
[MD5.B917623BEDCF42AED3902E9E7A486362] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_211364983933f.dat [1024]
[MD5.66A054EB7CF38675039A35EB99949DF2] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_211371031093r.dat [42560]
[MD5.13889B773E1E93EE43887783A2400F2A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_21367559863f.dat [2227]
[MD5.6E1AFE41B292836B29DAC01E15CBE223] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_21370877799r.dat [64764]
[MD5.F152085D5FDC55F71FC707FBFA1016AD] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_221368487454r.dat [63728]
[MD5.146B8C2FBA64D49545F382969AEC208D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_241370455052r.dat [51924]
[MD5.A907BB040CB6021B87BB4AF548AEB197] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_281371101411r.dat [39364]
[MD5.83AB688F34FE1973DBF5D934A11F59E2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_311340009659f.dat [2718]
[MD5.48DECEE5D6E601FE797565460F692E51] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_311363094663r.dat [92636]
[MD5.E5DC2350843AFFD1D28CB5CF2912A11F] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_31371029657f.dat [1180]
[MD5.1EDBB231A58B0A246815150846C71974] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_321340009659f.dat [3261]
[MD5.65AA4B52274B761D32B8D36806210668] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_331340009663f.dat [3812]
[MD5.B04E6153C3468E53FEC443D89B3AE3C2] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_341340009668f.dat [5785]
[MD5.0C7D50845E3665FEF8C91299AE00C9DC] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_351340009695f.dat [6731]
[MD5.3AAF56FDC597C3CF08E752572BB8704F] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_361326924029r.dat [374752]
[MD5.4AA6CA36F610BD1076B24D52E6C741ED] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_361340009707f.dat [3088]
[MD5.FDD0F8CDE3EA56844187783B9095963D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_371340009707f.dat [3553]
[MD5.90AF4048FB332A914563C0DC472D2725] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_381340009707f.dat [3022]
[MD5.2BFA8EDE98FCE92A0021F1636844CA94] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_391340009711f.dat [2711]
[MD5.3204414CD1C89082BA459DFCD8298AEF] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_401340009715f.dat [3155]
[MD5.3F5556E28F16CA8998AC3D48DA6DEC32] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_411340009720f.dat [4004]
[MD5.E3C41044A1DFE08A622F376E1D43D831] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_41339552847r.dat [108788]
[MD5.97A29BF9BDCE248F009BF069FCD20158] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_41371119054f.dat [1112]
[MD5.1D3BE2A58654B416C7D32AEC822DE545] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_421340009725f.dat [4354]
[MD5.B960F72500D807E1236EA9B29C4748AA] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_431340009734f.dat [8264]
[MD5.2DEEC99A5B91A8846BC4B7A6B6BFD77A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_441340009740f.dat [8223]
[MD5.27DEF8038DB654A9E3066FFA5F75D062] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_451340009745f.dat [4534]
[MD5.CE06D0D2F06E697CA1C221254B039222] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_461340009767f.dat [2920]
[MD5.5DD8584F5211690DD8A32853D9EAC76E] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_471340009769f.dat [3082]
[MD5.486297A431E1DFE3EB71EB0135A423E7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_481340009771f.dat [2533]
[MD5.F0D3A29B35D50F1D8BD8E8F7FF009B68] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_51371098894f.dat [1012]
[MD5.29EA726EA678BD757B4B512818948C04] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_581371037178r.dat [39640]
[MD5.F7BA9FFCA660D855B1C89914E00ED4F6] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_61370839695r.dat [42496]
[MD5.5023C9B10F900D975A810DDD3550AC7E] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_61371028080f.dat [1100]
[MD5.A2F7E31B78DEAAE0E262F2F67975C88B] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_631366924360r.dat [78224]
[MD5.1102D1BCD07D6E888DF5F0DF55161FD4] [SPRF][12/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_651371007580r.dat [35884]
[MD5.55777A54BAA36DBA5034AE2E6FD2AFCD] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_671368333421r.dat [56304]
[MD5.EAA71541A764BF7506876503D14533CF] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_71371106450f.dat [1236]
[MD5.556BA80C08E26B2588646054FD135F22] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_741368511458r.dat [75288]
[MD5.FA31BC194F2BD4DDF3DD27613DF426B4] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_81370965824r.dat [34336]
[MD5.20272ACF992C8F49EAA7CA4844538538] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_81371076210f.dat [1073]
[MD5.32F060D0F420A4CECB0FBA7CEBF3D27A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_91371071174f.dat [1012]
[MD5.084645AF07F2A627379EA97C51904DA7] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_2_921370769680r.dat [49528]
[MD5.B1558682FB473DF406326C5DF57896C6] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_3_11356656766e.dat [164]
[MD5.B8534A2B7B83A830FFAD39DD891C624C] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_1_4_11331077257f.dat [1092]
[MD5.195FC1AF3A4CB7EE51529497B72FD072] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_1_21354624210r.dat [1108]
[MD5.B21915A84FE6EE7B57FC698EB4D64057] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_2_11316951329r.dat [18708]
[MD5.B1CB36B1309F6EF41647AF2D1F39B6FB] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_8_2_21316952017r.dat [19168]
[MD5.62DC3151298E449FCBAEBEF4441A12BD] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_cindex.dat [23]
[MD5.01FA8801E61DE3910556754DCF1F6406] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_eindex.dat [46]
[MD5.27A1C99A88281A9B352ADCEECE568142] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_findex.dat [1277]
[MD5.978439050F9BBBE06A656EBE22AB4E5A] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_frmc1.dat [79402]
[MD5.4ADDA123521AB55FC82C95AB98FFCF6D] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\cteng_index.dat [1149]
[MD5.EAAA2562BB1C15F6941061C62F4DA912] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~glaryutilities-version.dat [514]
[MD5.153793FF8EF7E6EF2479693ADB6B37DA] [SPRF][11/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~gu-ver.dat [162]
[MD5.60D1869190F08364D55D8442C86A4B32] [SPRF][13/06/2013] (...) -- C:\Users\papy\AppData\Local\Temp\~upgrade.dat [936]
[MD5.16E53BFC96CE14021C0E07EB1C198478] [SPRF][10/04/2012] (...) -- C:\Users\papy\AppData\Roaming\inst.exe [99384]
[MD5.AF7CE12C4F3DC8CB2B07685C916BBCFE] [SPRF][10/04/2012] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\papy\AppData\Roaming\pcouffin.sys [82816]
[MD5.A07A260EE0A32B0BEC9B2A2BF7263070] [SPRF][11/04/2011] (.Adobe Systems, Inc. - Adobe� Flash� Player Installer/Uninstaller 10.2 r159.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2871968]
[MD5.8C3AB14E42B39C25EAEF1739B1802535] [SPRF][7/12/2010] (.Microsoft Corp - Microsoft Support Diagnostic Tool Control.) -- C:\Windows\Downloaded Program Files\MSDcode.dll [562000]
~ Files: Scanned in 00mn 03s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{33420656-55A4-4EA4-B7D5-226723CCEDB1}" |In - Public - P6 - FALSE | .(...) -- C:\Users\papy\AppData\Local\Temp\incredibar_installer.exe (.not file.) =>Adware.IncrediBar
O87 - FAEL: "{61B64016-4644-43B7-922A-F85D3FACBCA0}" |In - Public - P17 - FALSE | .(...) -- C:\Users\papy\AppData\Local\Temp\incredibar_installer.exe (.not file.) =>Adware.IncrediBar
O87 - FAEL: "{7EB99309-8565-4D58-A7A1-B75864A4793C}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\WandouLabs\wandoujia2.exe (.not file.)
O87 - FAEL: "{52F78A55-F825-4764-AF1D-01076A2258A6}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\WandouLabs\wandoujia2.exe (.not file.)
~ Firewall: 208 Legitimates Filtered in 00mn 04s
---\\ Scan Additionnel (O88)
Database Version : v2.12437 - (10/06/2013)
Cl�s trouv�es (Keys found) : 146
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 18
Fichiers trouv�s (Files found) : 1
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar
[HKLM\Software\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{2a42d13c-d427-4787-821b-cf6973855778}] =>Adware.Agent
[HKLM\Software\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{3d8478aa-7b88-48a9-8bcb-b85d594411ec}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}] =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4897bba6-48d9-468c-8efa-846275d7701b}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}] =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}] =>Adware.CDNHelper
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}] =>Adware.SocialSkinz
[HKLM\Software\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}] =>Hijacker.Seeearch
[HKLM\Software\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}] =>Adware.BullseyeToolbar
[HKLM\Software\Classes\TypeLib\{EC4085F2-8DB3-45a6-AD0B-CA289F3C5D7E}] =>Adware.SocialSkinz
[HKLM\Software\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}] =>Adware.SocialSkinz
[HKLM\Software\Classes\AppID\TbCommonUtils.DLL] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler] =>Toolbar.Agent
[HKLM\Software\Classes\comobject.deskbarenabler.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils] =>Toolbar.Agent
[HKLM\Software\Classes\TbCommonUtils.CommonUtils.1] =>Toolbar.Agent
[HKLM\Software\Classes\URLSearchHook.ToolbarURLSearchHook] =>Toolbar.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook] =>Adware.Agent
[HKLM\Software\Classes\urlsearchhook.toolbarurlsearchhook.1] =>Adware.Agent
[HKCU\Software\BabylonToolbar] =>Toolbar.Babylon
[HKCU\Software\ChatZum Toolbar] =>Toolbar.ChatZum
[HKLM\Software\Wow6432Node\ChatZum Toolbar] =>Toolbar.ChatZum
[HKCU\Software\DataMngr] =>Adware.Bandoo
[HKLM\Software\DataMngr] =>Adware.Bandoo
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>Adware.Bandoo
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\SP Global] =>PUP.AdvancedSystemProtector
[HKCU\Software\AppDataLow\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\SProtector] =>PUP.AdvancedSystemProtector
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASAPI32] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\incredibar_installer_RASMANCS] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASAPI32] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\MyBabylontb_RASMANCS] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SearchquMediaBar_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS] =>Adware.Bandoo
[HKLM\Software\Classes\Prod.cap] =>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32D47EA5-9473-4CAD-805D-9999F15D5AE2}] =>Toolbar.Agent
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKLM\Software\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}] =>Adware.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA}] =>Adware.Browse2Save
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}] =>Adware.Browse2Save
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7AF277D-1466-4A7B-93AF-B043984A5671}] =>Toolbar.Glarysoft
[HKLM\Software\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}] =>Adware.MagniPic
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion] =>Toolbar.Yahoo
[HKLM\Software\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Classes\TBSB05810.TBSB05810.3] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.TBSB05810.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbDownloadManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbPropertyManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbRequest.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.TbTask.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TbHelper.ToolbarHelper.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.IEToolbar] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.IEToolbar.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\TBSB05810.TBSB05810.3] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB05810] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.TBSB05810.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.ContextMenuNotifier.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.CustomInternetSecurityImpl.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SearchProviderManager.1] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\TbHelper.EXE] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}] =>Adware.Bandoo^
[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{CA3EB689-8F09-4026-AA10-B9534C691CE0} =>Adware.SocialSkinz
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Program Files (x86)\ChatZum Toolbar =>Toolbar.ChatZum
C:\Program Files (x86)\continuetosave =>PUP.Offerware
C:\Program Files (x86)\WebSearch =>Adware.Browse2Save
C:\ProgramData\SearchNewTab =>Adware.FastSaveApp
C:\ProgramData\InstallMate =>Toolbar.Agent
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SearchNewTab =>Adware.FastSaveApp
C:\Users\papy\AppData\Roaming\Babylon =>Toolbar.Babylon
C:\Users\papy\AppData\LocalLow\BabylonToolbar =>Toolbar.Babylon
C:\Users\papy\AppData\LocalLow\SearchNewTab =>Adware.FastSaveApp
C:\Users\papy\AppData\LocalLow\searchquband =>Adware.Bandoo
C:\Users\papy\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\ProgramData\Broowise2suavve =>Adware.Browse2Save
C:\ProgramData\BrowoSE2isavve =>Adware.Browse2Save
C:\ProgramData\Broywsee2save =>Adware.Browse2Save
C:\ProgramData\conteinueatoisaave =>PUP.Offerware^
C:\ProgramData\coNtoinauettoosavE =>PUP.Offerware^
C:\ProgramData\coontiinueTosoave =>PUP.Offerware^
C:\ProgramData\coontinueetosavei =>PUP.Offerware^
C:\Users\papy\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
~ Additionnel Scan: 270711 Items scanned in 00mn 16s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 10/05/2013 65640 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/06/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Demand 15/08/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 29/11/2012 640912 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 4/03/2013 120592 | (McAfee SiteAdvisor Service) . (.McAfee, Inc..) - C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
SR - | Auto 25/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 24/09/2012 230920 | (NitroDriverReadSpool8) . (.Nitro PDF Software.) - C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
SR - | Auto 24/09/2012 69640 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\Windows\SysWOW64\NLSSRV32.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll (nosGetPlusHelper) . (.NOS Microsystems Ltd..) - C:\Windows\System32\svchost.exe
SR - | Auto 18/01/2013 884512 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SS - | Auto 29/12/2012 1260472 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 19/11/2012 177440 | (Panda Software Controller) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsCtrls.exe
SR - | Auto 21/09/2012 202016 | (PAVFNSVR) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PavFnSvr.exe
SR - | Auto 4/02/2008 62768 | (PavPrSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Common Files\Panda Security\PavShld\pavprsrv.exe
SR - | Auto 13/04/2011 313664 | (PAVSRV) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\pavsrvx86.exe
SR - | Auto 26/11/2009 226560 | (PSHost) . (.Panda Security International.) - c:\program files (x86)\panda security\panda internet security 2013\firewall\PSHOST.exe
SR - | Auto 19/06/2008 108288 | (PSIMSVC) . (.Panda Security S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PsImSvc.exe
SR - | Auto 16/08/2010 28992 | (PskSvcRetail) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\PskSvc.exe
SR - | Auto 18/01/2013 383264 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 16/11/2012 173344 | (TPSrv) . (.Panda Security, S.L..) - C:\Program Files (x86)\Panda Security\Panda Internet Security 2013\TPSrvWow.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s
~ 1185 Legitimates filtered by white list
End of the scan (801 lines in 03mn 09s)(0)