cjoint

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Publicité

Priorité au Logiciel Libre! Je soutiens l'April.

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.9.51 par Nicolas Coolman, Update du 09/04/2013
Run by Administrateur at 09/04/2013 20:10:57
State : Version � jour.
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.43 (Defaut)

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : R8CJR
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ Protection
Antivirus : Avira Free Antivirus v13.0.0.2678
Firewall : Windows Defender

---\\ System Information
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3951 MB (53% free)
System Restore: Activ� (Enable)
System drive C: has 207 GB (73%) free of 281 GB

---\\ Logged in mode
~ Computer Name: PROBOOK-HP
~ User Name: Administrateur
~ All Users Names: Lolis, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Administrateur\AppData\Roaming\
~ %Desktop% : C:\Users\Administrateur\Desktop\
~ %Favorites% : C:\Users\Administrateur\Favorites\
~ %LocalAppData% : C:\Users\Administrateur\AppData\Local\
~ %StartMenu% : C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 207 Go of 281 Go)
D:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 29 Go)
E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 2 Go)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FA274190682AA41A46B285208ED46A74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 07:47:19.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/1056
~ Mes musiques (My Musics) : 1/1075
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/18
~ Mes Documents (My Documents) : 1/3275
~ Mon Bureau (My Desktop) : 0/4
~ Menu demarrer (Programs) : 1/31
~ Hidden Files: Scanned in 00mn 06s



---\\ Processus lanc�s
[MD5.E00DE20F0F6BED5CD2160247DDC9443B] - (...) -- C:\Program Files (x86)\ERUNT\AUTOBACK.exe [38912] [PID.1220]
[MD5.B18DD75D9A482A56A1E61D8512EB4206] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [634192] [PID.3748]
[MD5.47CA2F039FDB67697EE60C260CB8083C] - (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3297280] [PID.4008]
[MD5.B0BF698030DB6561393AE753C6D3F936] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.492]
[MD5.65B8106CB122142FD0A4A26783D7963F] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232] [PID.1276]
[MD5.1293866CB77F6BD2D74E52745AFB0AF6] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1099608] [PID.1324]
[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4088]
[MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.4076]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.4424]
[MD5.B93499B1D1058C86C1A60C026C334971] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6581760] [PID.3940]
[MD5.5AFB3F9B74553BD933555E1C800D2CE1] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192] [PID.756]
[MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1668]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1836]
[MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1896]
[MD5.CC598405B3B2AE48896CB5B5D9D75376] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688] [PID.1152]
[MD5.657E81DF0625198C97F91C09AE9611FC] - (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768] [PID.2128]
[MD5.94C74D758E0F7B1D962DA452B4D28C91] - (.Hewlett-Packard Company - HP DayStarter service.) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112] [PID.2204]
[MD5.9BFDA0BC109EB6D16F2CB862BB85E28C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [197536] [PID.2236]
[MD5.EE963D96BFD97E54BA6CE6D2AC58DE35] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2260]
[MD5.BB4E55778D8DE3885E1CDAC795DE7BCE] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2288]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.2312]
[MD5.39B9DCD7040654C2E57D7396736C718E] - (.Pas de propri�taire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576] [PID.2360]
[MD5.4A8CC4D25525F456069887D5E8C53225] - (.Portrait Displays, Inc. - pdisrvc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264] [PID.2400]
[MD5.E7483BE1E7A6FB16FC9AD6B54F99DEE4] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2452]
[MD5.E6E9610D76418357A7EC725989687CB4] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Plugin.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512] [PID.2948]
[MD5.514455F6586473791C5C6B25BA4E1BAB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1001376] [PID.3024]
[MD5.BECDDA0990DEBD72A30096533521AD73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe [213384] [PID.3964]
[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.5792]
[MD5.44AA8D5D3B3B5610FEF46CA8A9C52D8C] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.5744]
~ Processes Running: Scanned in 00mn 00s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
~ Firefox Browser: 3 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://newtab.certified-toolbar.com
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 14 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 07s
~ Nombre de lignes (Lines number): 15309



---\\ Browser Helper Objects de navigateur (O2)
~ BHO: 4 Legitimates Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.)
O4 - HKCU\..\Run: [googletalk] . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3DE6F9DAC2F066BCF257E2837CA5BC6E] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [googletalk] . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [GoogleChromeAutoLaunch_3DE6F9DAC2F066BCF257E2837CA5BC6E] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\Desktop: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Google Talk.lnk . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe
O4 - GS\Desktop: JBL Micro Wireless - Raccourci.lnk - Cl� orpheline
O4 - GS\TaskBar: Finale 2010.lnk . (.MakeMusic Inc. - Finale 2010 for Windows.) -- C:\Program Files (x86)\Finale 2010\finale.exe
O4 - GS\TaskBar: JBL Micro Wireless.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe (.not file.)
O4 - GS\TaskBar: MyDefrag.lnk . (.J.C. Kessels - MyDefrag Script Interpreter.) -- C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe
O4 - GS\TaskBar: Panneau de configuration.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\Programs: Recherche Google.lnk . (...) -- C:\Users\Administrateur\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O4 - GS\QuickLaunch: Finale 2010.lnk . (.MakeMusic Inc. - Finale 2010 for Windows.) -- C:\Program Files (x86)\Finale 2010\finale.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
~ Global Startup: Scanned in 00mn 00s



---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 9 Legitimates Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.200
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Garmin Core Update Service (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: HP Power Assistant Service (HP Power Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) . (.Hewlett-Packard Company - HP DayStarter service.) - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpHotkeyMonitor (hpHotkeyMonitor) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (.not file.)
O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\windows\system32\vcsFPService.exe
~ Services: 28 Legitimates Scanned in 00mn 05s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.E00DE20F0F6BED5CD2160247DDC9443B] [APT] [sauvegarde Hebdomadaire ERDNT] (...) -- C:\Program Files (x86)\ERUNT\AUTOBACK.exe [38912]
[MD5.AE22608F16AAAC086A46E2153573ED77] [APT] [Updater26766.exe] (.215 Apps.) -- C:\Users\Administrateur\AppData\Local\Updater26766\Updater26766.exe [210312] =>PUP.SpecialSavings
[MD5.00000000000000000000000000000000] [APT] [{1494DFCD-96FC-4657-8DE8-B4130D89B664}] (...) -- F:\Setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{6B49149F-1728-4F86-AF86-CC5EA95BEB64}] (...) -- C:\Users\Administrateur\Desktop\SetupBtwDownloadSE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{880421F9-BE0E-44CA-8ED5-D57F4720588E}] (...) -- C:\Users\Administrateur\Desktop\SetupBtwDownloadSE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{EF9AEC63-D5FB-4652-B810-86D17E88EACE}] (...) -- C:\Users\Administrateur\Downloads\Windows_Movie_Maker_2.0.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) [0] =>Spyware.ProtectedSearch
~ Scheduled Task: 37 Legitimates Scanned in 00mn 08s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 11 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
~ Drivers: 69 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: ARIA Engine v1.0.7.3 - (.Garritan.) [HKLM][64Bits] -- ARIA Engine_is1
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.6) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: CertifiedToolbar 2.4 - (.CertifiedToolbar.) [HKLM][64Bits] -- {32ee3985-8708-4412-b83a-da429bfb6baf}_is1
O42 - Logiciel: Discount Buddy - (.215 Apps.) [HKLM][64Bits] -- Discount Buddy =>PUP.SpecialSavings
O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {9A280A86-0E21-432A-BD56-D2A6CBBB5C6B}
O42 - Logiciel: Finale 2010 - (.MakeMusic.) [HKLM][64Bits] -- Finale 2010
O42 - Logiciel: Garritan Instruments for Finale - (.Garritan.) [HKLM][64Bits] -- __ARIA_1013___is1
O42 - Logiciel: Gateway Indexer 1.0.1127.33 - (.Dension Audio Systems.) [HKLM][64Bits] -- gwi_is1
O42 - Logiciel: Licensing Service Install - (.Protexis Inc..) [HKLM][64Bits] -- {AF72E557-0647-4DE5-ACDA-ECFB38D5D732}
O42 - Logiciel: Neato Updater Tool v2 - (.Neato Robotics, Inc.) [HKLM][64Bits] -- {292156D3-43B5-4C96-B79A-94E40F8D8991}
O42 - Logiciel: Neato Updater Tool version 1.0 - (.Neato Robotics, Inc.) [HKLM][64Bits] -- {24B6A5B2-C002-4709-BDB1-1C1C13741F70}_is1
O42 - Logiciel: Remote Control USB Driver - (...) [HKLM][64Bits] -- {8471021C-F529-43DE-84DF-3612E10F58C4}
~ Logic: 147 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Ability 5.0]
[HKCU\Software\AppDataLow\Software\Discount Buddy]
[HKCU\Software\CertifiedToolbar]
[HKCU\Software\Finale2010_Reg]
[HKCU\Software\Garritan]
[HKCU\Software\IPE MUSIC]
[HKCU\Software\MakeMusic]
[HKCU\Software\Portrait Displays]
[HKCU\Software\SOMUSQUE]
[HKLM\Software\Cogent Inc.]
[HKLM\Software\Garritan]
[HKLM\Software\Plogue Art et Technologie, Inc]
[HKLM\Software\SafeBoot International]
[HKLM\Software\Wow6432Node\Ability 5.0]
[HKLM\Software\Wow6432Node\Cogent Inc.]
[HKLM\Software\Wow6432Node\MakeMusic]
[HKLM\Software\Wow6432Node\Portrait Displays]
[HKLM\Software\Wow6432Node\Remote Control USB Driver]
[HKLM\Software\Wow6432Node\SafeBoot International]
~ Key Software: 202 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 23/01/2013 - 16:11:20 - [0] ----D C:\Program Files (x86)\3RVX
O43 - CFD: 09/04/2013 - 15:49:23 - [3,913] ----D C:\Program Files (x86)\Discount Buddy
O43 - CFD: 27/11/2012 - 17:22:08 - [436,681] ----D C:\Program Files (x86)\Finale 2010
O43 - CFD: 06/04/2013 - 17:24:18 - [1,076] ----D C:\Program Files (x86)\Gateway Indexer
O43 - CFD: 10/01/2013 - 10:44:21 - [2,342] ----D C:\Program Files (x86)\Neato
O43 - CFD: 22/01/2013 - 11:08:06 - [0,238] ----D C:\Program Files (x86)\Neato Robotics
O43 - CFD: 19/11/2012 - 14:31:20 - [2,269] ----D C:\Program Files (x86)\Common Files\Portrait Displays
O43 - CFD: 09/02/2013 - 14:07:21 - [54,239] ----D C:\Program Files (x86)\Common Files\Remote Control Software Common
O43 - CFD: 19/11/2012 - 14:31:25 - [3,596] ----D C:\Program Files (x86)\Common Files\Remote Control USB Driver
O43 - CFD: 19/11/2012 - 14:44:29 - [0,432] ----D C:\Users\Administrateur\AppData\Roaming\Garritan
O43 - CFD: 19/11/2012 - 14:44:29 - [0,000] ----D C:\Users\Administrateur\AppData\Roaming\Gmail Notifier Plus
O43 - CFD: 19/11/2012 - 14:44:36 - [0,134] ----D C:\Users\Administrateur\AppData\Roaming\Plogue
O43 - CFD: 19/11/2012 - 14:44:37 - [15,299] ----D C:\Users\Administrateur\AppData\Roaming\XTC-Clip
O43 - CFD: 09/04/2013 - 15:49:11 - [0,065] ----D C:\Users\Administrateur\AppData\Local\Discount Buddy
O43 - CFD: 19/11/2012 - 14:44:21 - [0,003] ----D C:\Users\Administrateur\AppData\Local\matt.malensek.net
O43 - CFD: 22/01/2013 - 11:11:15 - [0,015] ----D C:\Users\Administrateur\AppData\Local\NeatoUpgrader
O43 - CFD: 09/04/2013 - 15:49:13 - [0,201] ----D C:\Users\Administrateur\AppData\Local\Updater26766
O43 - CFD: 27/11/2012 - 17:03:10 - [0,007] ----D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Finale 2010
~ Program Folder: 178 Legitimates Scanned in 00mn 05s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.3357322B0C491093629B346F60844F08] - 09/04/2013 - 18:51:48 ---A- . (...) -- C:\AdwCleaner[S1].txt [12106]
O44 - LFC:[MD5.DA2E0E0D6FFDA5AA00D404F0020D636E] - 09/04/2013 - 14:48:39 ---A- . (...) -- C:\SetSearchAndHomepageInBrowserLog.txt [337]
O44 - LFC:[MD5.EB03A86F0A41462C49D87DBEB40AD753] - 09/04/2013 - 14:48:36 ---A- . (.Pas de propri�taire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [16384]
~ Files: 57 Legitimates Scanned in 00mn 43s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.B55D4DBE6EDA715CE1CDF33386A90280] - 09/04/2013 - 17:52:18 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-2B1AD8E5.pf
O45 - LFCP:[MD5.15945046F15716FB33AD9F15F0F52A9A] - 09/04/2013 - 17:52:22 ---A- - C:\Windows\Prefetch\BI.EXE-95E03879.pf
O45 - LFCP:[MD5.1A42F67F69019254321AF587DE0D5D33] - 09/04/2013 - 17:52:45 ---A- - C:\Windows\Prefetch\DELTA4FFX.EXE-56E95CBD.pf
O45 - LFCP:[MD5.611A5B36DEE61587D673FF28D05AEDC4] - 09/04/2013 - 17:52:45 ---A- - C:\Windows\Prefetch\DELTASRV.EXE-317DC9E3.pf
O45 - LFCP:[MD5.0BC9E8405F79733711C49394DEE5BDE8] - 09/04/2013 - 17:52:46 ---A- - C:\Windows\Prefetch\DELTA4IE.EXE-434FC73F.pf
O45 - LFCP:[MD5.3F1724570738CBBEE04690A7E954478A] - 09/04/2013 - 17:52:51 ---A- - C:\Windows\Prefetch\MYBABYLONTB.EXE-190148A2.pf =>Toolbar.Babylon
O45 - LFCP:[MD5.61D55A47C7A81D0D8669A202CC63D217] - 09/04/2013 - 17:52:57 ---A- - C:\Windows\Prefetch\BPROTECT.EXE-27EEE52C.pf
O45 - LFCP:[MD5.A96F0E290A9CB31FCC2E168CCAA64E97] - 09/04/2013 - 18:04:41 ---A- - C:\Windows\Prefetch\BROWSERPROTECT.EXE-EAF067F3.pf =>Toolbar.Babylon
O45 - LFCP:[MD5.216B161D78E8D4DDEA250118A19DCCA1] - 09/04/2013 - 18:17:32 ---A- - C:\Windows\Prefetch\TFC.EXE-AB7819D9.pf
O45 - LFCP:[MD5.380C50961D455BE3858ABB6FE4C83D74] - 09/04/2013 - 18:22:53 ---A- - C:\Windows\Prefetch\DEEPBURNER_DEEPBURNER_1.9.0.2-67310D43.pf
O45 - LFCP:[MD5.34C3CDF983FC6C3E5A7400EDE6BC35BB] - 09/04/2013 - 18:23:20 ---A- - C:\Windows\Prefetch\DEEPBURNER.EXE-3A579B2A.pf
O45 - LFCP:[MD5.27868D97BB51993CCCF872A332611DF4] - 09/04/2013 - 18:29:33 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-811F9999.pf
O45 - LFCP:[MD5.38BE289E0D49B797D8D3F30A8126E21B] - 09/04/2013 - 18:29:33 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-93C00940.pf
O45 - LFCP:[MD5.17339714295A56BDB8A3D057328C625B] - 09/04/2013 - 18:29:37 ---A- - C:\Windows\Prefetch\BI.EXE-1FD75A16.pf
O45 - LFCP:[MD5.D779BE05417BDB641513B77821AC6223] - 09/04/2013 - 18:30:14 ---A- - C:\Windows\Prefetch\DISCOUNT BUDDY-BG.EXE-CB4E3631.pf
O45 - LFCP:[MD5.7968306F6C014210CF930AC0317F86C0] - 09/04/2013 - 18:30:18 ---A- - C:\Windows\Prefetch\BURN4FREE.EXE-95FFFDAB.pf
O45 - LFCP:[MD5.CCB37C469DA1354EA9FF136C4567FD98] - 09/04/2013 - 18:30:22 ---A- - C:\Windows\Prefetch\UPGRADER4.EXE-B6F22EEC.pf
O45 - LFCP:[MD5.2CBE91A01C0B700F207118575FEC2BC5] - 09/04/2013 - 18:30:57 ---A- - C:\Windows\Prefetch\DELTATB.EXE-7E6A0F2E.pf
O45 - LFCP:[MD5.F516F6A2D34A1549B9B180A332D55151] - 09/04/2013 - 18:46:02 ---A- - C:\Windows\Prefetch\BTWUIEXT.EXE-196ACE43.pf
O45 - LFCP:[MD5.AA63B93EB127D4839D114B571459E37C] - 09/04/2013 - 18:52:14 ---A- - C:\Windows\Prefetch\BCDEDIT.EXE-10FC5AAB.pf
O45 - LFCP:[MD5.1D30CDF3A03073EEF66CAF905E3D3893] - 09/04/2013 - 18:54:41 ---A- - C:\Windows\Prefetch\GOOGLETALK.EXE-54A8ED38.pf
O45 - LFCP:[MD5.5F98B0FB681E226C4BE8ABB0A170FCF5] - 09/04/2013 - 18:55:40 ---A- - C:\Windows\Prefetch\HPPA_SERVICE.EXE-419DDB9A.pf
~ Prefetcher: 141 Legitimates Scanned in 00mn 01s



---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe
O47 - AAKE:Key Export DP - "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" [Enabled] .(.Pas de propri�taire.) -- C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe
~ Keys Export: 2 Legitimates Scanned in 00mn 00s



---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll
~ LSA: 11 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 2 Legitimates Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\3RVX [Key] . (...) -- C:\Program Files (x86)\3RVX\3RVX.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\GarminExpressTrayApp [Key] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (.Pas de propri�taire - HTC UPCT Loader.) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe
~ SMSR Keys: 16 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.5C368F4B04ED2A923E6AFCA2D37BAFF5] - 13/05/2011 - 17:57:58 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43320]
O58 - SDL:[MD5.6CCD1135320109D6B219F1A6E04AD9F6] - 14/11/2006 - 11:31:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\afc.sys [22784]
O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 05/02/2013 - 09:54:40 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 06/04/2013 - 12:15:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000113 [61526]
O61 - LFC: 06/04/2013 - 15:20:12 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\You're so vain.wav [45640842]
O61 - LFC: 06/04/2013 - 15:20:54 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Wuthering heights.wav [50874042]
O61 - LFC: 06/04/2013 - 15:21:36 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The letter.wav [44876426]
O61 - LFC: 06/04/2013 - 15:22:22 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Hot love.wav [52456940]
O61 - LFC: 06/04/2013 - 15:22:44 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The witch queen of New Orleans.wav [29294440]
O61 - LFC: 06/04/2013 - 15:23:30 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Europa.wav [53207224]
O61 - LFC: 06/04/2013 - 15:23:56 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Dust in the wind.wav [36616238]
O61 - LFC: 06/04/2013 - 15:25:08 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The partisan.wav [34656988]
O61 - LFC: 06/04/2013 - 15:25:56 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Yellow river.wav [29275616]
O61 - LFC: 06/04/2013 - 15:26:50 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Smoke on the water.wav [59983334]
O61 - LFC: 06/04/2013 - 15:27:20 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Hold the line.wav [41999940]
O61 - LFC: 06/04/2013 - 15:28:02 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Lola.wav [44330780]
O61 - LFC: 06/04/2013 - 15:28:38 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Black Betty.wav [42336272]
O61 - LFC: 06/04/2013 - 15:29:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\More than a feeling.wav [50243726]
O61 - LFC: 06/04/2013 - 15:30:14 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Badlands.wav [43241790]
O61 - LFC: 06/04/2013 - 16:23:21 ---A- C:\Users\Administrateur\Downloads\gatewayindexer.zip [417008]
O61 - LFC: 06/04/2013 - 16:23:59 ---A- C:\Users\Administrateur\Downloads\gatewayindexer\gwi-1.0.1127.33.lic.exe [440108]
O61 - LFC: 06/04/2013 - 16:23:59 ---A- C:\Users\Administrateur\Downloads\gatewayindexer\readme.txt [2919]
O61 - LFC: 06/04/2013 - 16:51:55 ---A- C:\Users\Administrateur\Downloads\gatewayindexer (1).zip [417008]
O61 - LFC: 07/04/2013 - 20:11:13 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000114 [61526]
O61 - LFC: 07/04/2013 - 20:11:24 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000115 [240465]
O61 - LFC: 07/04/2013 - 20:11:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000116 [315392]
O61 - LFC: 07/04/2013 - 20:14:13 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000117 [61526]
O61 - LFC: 07/04/2013 - 20:14:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000118 [263085]
O61 - LFC: 07/04/2013 - 20:14:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000119 [315491]
O61 - LFC: 07/04/2013 - 20:16:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-devtools_devtools_0.localstorage [3072]
O61 - LFC: 07/04/2013 - 20:16:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-devtools_devtools_0.localstorage-journal [3608]
O61 - LFC: 07/04/2013 - 20:23:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_chrome.google.com_0.localstorage [3072]
O61 - LFC: 07/04/2013 - 20:23:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_chrome.google.com_0.localstorage-journal [3608]
O61 - LFC: 08/04/2013 - 08:15:10 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.myfreecams.com_0.localstorage [3072]
O61 - LFC: 08/04/2013 - 08:15:10 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.myfreecams.com_0.localstorage-journal [3608]
O61 - LFC: 08/04/2013 - 08:52:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_support.google.com_0.localstorage [3072]
O61 - LFC: 08/04/2013 - 08:52:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_support.google.com_0.localstorage-journal [512]
O61 - LFC: 08/04/2013 - 09:11:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lc.iadvize.com_0.localstorage [3072]
O61 - LFC: 08/04/2013 - 09:11:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lc.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 08/04/2013 - 09:45:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lr.iadvize.com_0.localstorage [3072]
O61 - LFC: 08/04/2013 - 09:45:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lr.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 08/04/2013 - 09:48:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_halc.iadvize.com_0.localstorage [3072]
O61 - LFC: 08/04/2013 - 09:48:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_halc.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 08/04/2013 - 11:18:42 ---A- C:\Users\Administrateur\Downloads\Alleluia_cohen_TENOR2.mscz.mid [1824]
O61 - LFC: 08/04/2013 - 13:07:39 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\02The lion sleeps tonight.mp3 [6148420]
O61 - LFC: 08/04/2013 - 13:07:39 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\04My year is a day.mp3 [7140220]
O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\06bourree.mp3 [8911888]
O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\10oh carol.mp3 [5492788]
O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\12guantanamera.mp3 [6839548]
O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\15sugar sugar.mp3 [6727840]
O61 - LFC: 08/04/2013 - 16:48:38 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000122 [243841]
O61 - LFC: 08/04/2013 - 16:48:47 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000123 [307199]
O61 - LFC: 08/04/2013 - 17:14:20 ---A- C:\Users\Administrateur\Downloads\mp3tag_mp3tag_2.54_francais_12753.exe [12369]
O61 - LFC: 08/04/2013 - 17:14:46 ---A- C:\Users\Administrateur\Downloads\mp3tag_mp3tag_2.54_francais_12753 (1).exe [12369]
O61 - LFC: 08/04/2013 - 17:16:22 ---A- C:\Users\Administrateur\Downloads\tag-rename_tag_rename_3.5.7_anglais_10462.exe [3726744]
O61 - LFC: 08/04/2013 - 17:18:22 ---A- C:\Users\Administrateur\Downloads\TagRename366.exe [3433696]
O61 - LFC: 08/04/2013 - 17:18:31 ---A- C:\Users\Administrateur\Downloads\TagMaster_1.03.exe [233961]
O61 - LFC: 08/04/2013 - 17:21:18 ---A- C:\Users\Administrateur\Downloads\id3-tagit_id3-tagit_3.3.0_anglais_18156.exe [1324251]
O61 - LFC: 09/04/2013 - 07:42:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_high-tech-discount.fr_0.localstorage [3072]
O61 - LFC: 09/04/2013 - 07:42:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_high-tech-discount.fr_0.localstorage-journal [512]
O61 - LFC: 09/04/2013 - 08:05:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Shortcuts [12288]
O61 - LFC: 09/04/2013 - 08:05:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Shortcuts-journal [12824]
O61 - LFC: 09/04/2013 - 08:31:19 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Archived History [57344]
O61 - LFC: 09/04/2013 - 08:31:19 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Archived History-journal [16384]
O61 - LFC: 09/04/2013 - 08:51:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\LOG.old [145]
O61 - LFC: 09/04/2013 - 08:58:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Bookmarks [46823]
O61 - LFC: 09/04/2013 - 08:58:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Bookmarks.bak [46823]
O61 - LFC: 09/04/2013 - 14:42:05 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pixlc.iadvize.com_0.localstorage [3072]
O61 - LFC: 09/04/2013 - 14:42:05 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pixlc.iadvize.com_0.localstorage-journal [3608]
O61 - LFC: 09/04/2013 - 14:44:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\f_00000b [431666]
O61 - LFC: 09/04/2013 - 14:44:47 ---A- C:\Users\Administrateur\Downloads\sample.mid [827]
O61 - LFC: 09/04/2013 - 14:46:34 ---A- C:\Users\Administrateur\Downloads\amazingmidi-setup.exe [1117040]
O61 - LFC: 09/04/2013 - 14:49:11 ---A- C:\Users\Administrateur\AppData\Local\Discount Buddy\Chrome\26766.xml [312]
O61 - LFC: 09/04/2013 - 14:49:11 ---A- C:\Users\Administrateur\AppData\Local\Discount Buddy\Chrome\Discount Buddy.crx [53023]
O61 - LFC: 09/04/2013 - 14:49:13 ---A- C:\Users\Administrateur\AppData\Local\Updater26766\Updater26766.exe [210312]
O61 - LFC: 09/04/2013 - 14:50:38 ---A- C:\Users\Administrateur\Downloads\azmid170.exe [761380]
O61 - LFC: 09/04/2013 - 14:54:14 ---A- C:\Users\Administrateur\Documents\A'chor\CD printemps 2013\Alto1\ah ce joly alto seule.spd [940916]
O61 - LFC: 09/04/2013 - 15:00:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\Databases.db [7168]
O61 - LFC: 09/04/2013 - 15:00:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\Databases.db-journal [5672]
O61 - LFC: 09/04/2013 - 17:17:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\data_0 [45056]
O61 - LFC: 09/04/2013 - 17:17:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\data_1 [270336]
O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\background.html [1080]
O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\crossriderManifest.json [370] =>PUP.CrossRider
O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\actions\1.png [1223]
O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\popup.html [153]
O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon128.png [3496]
O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon16.png [815]
O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon48.png [3920]
O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\manifest.json [1088]
O61 - LFC: 09/04/2013 - 17:19:24 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0\6 [286720]
O61 - LFC: 09/04/2013 - 17:19:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage [3072]
O61 - LFC: 09/04/2013 - 17:19:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage-journal [3608]
O61 - LFC: 09/04/2013 - 17:22:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Network Action Predictor [24576]
O61 - LFC: 09/04/2013 - 17:22:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Network Action Predictor-journal [14960]
O61 - LFC: 09/04/2013 - 17:24:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268548]
O61 - LFC: 09/04/2013 - 17:52:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\SyncData.sqlite3 [2707456]
O61 - LFC: 09/04/2013 - 17:52:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\SyncData.sqlite3-journal [16384]
O61 - LFC: 09/04/2013 - 17:52:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data [124928]
O61 - LFC: 09/04/2013 - 17:52:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data [81920]
O61 - LFC: 09/04/2013 - 17:52:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences [66209]
O61 - LFC: 09/04/2013 - 17:52:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences [85802]
O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\.usage [24]
O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\CURRENT [16]
O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\MANIFEST-000574 [151]
O61 - LFC: 09/04/2013 - 17:53:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Top Sites [32768]
O61 - LFC: 09/04/2013 - 17:53:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Top Sites-journal [16384]
O61 - LFC: 09/04/2013 - 17:55:54 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\lost\MANIFEST-000496 [311]
O61 - LFC: 09/04/2013 - 18:04:53 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\LOG [148]
O61 - LFC: 09/04/2013 - 18:06:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:06:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\MANIFEST-000031 [426]
O61 - LFC: 09/04/2013 - 18:06:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0\5 [17408]
O61 - LFC: 09/04/2013 - 18:12:28 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Cookies [6144]
O61 - LFC: 09/04/2013 - 18:12:28 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Cookies-journal [1544]
O61 - LFC: 09/04/2013 - 18:12:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOCK [0]
O61 - LFC: 09/04/2013 - 18:12:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOG.old [47]
O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\000005.sst [273]
O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOG [259]
O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\MANIFEST-000004 [65]
O61 - LFC: 09/04/2013 - 18:15:35 ---A- C:\Users\Administrateur\Downloads\TFC.exe [448512]
O61 - LFC: 09/04/2013 - 18:15:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\000502.sst [52272]
O61 - LFC: 09/04/2013 - 18:22:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000005.sst [189686]
O61 - LFC: 09/04/2013 - 18:22:29 ---A- C:\Users\Administrateur\Downloads\deepburner_deepburner_1.9.0.228_francais_12674.exe [2801569]
O61 - LFC: 09/04/2013 - 18:24:46 ---A- C:\Users\Administrateur\AppData\Roaming\DeepBurner\config.cfg [117]
O61 - LFC: 09/04/2013 - 18:29:09 ---A- C:\Users\Administrateur\Downloads\burn4free_burn4free_5.8.0.0_francais_14723.exe [2317824]
O61 - LFC: 09/04/2013 - 18:39:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000008.sst [373827]
O61 - LFC: 09/04/2013 - 18:39:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\000504.sst [482]
O61 - LFC: 09/04/2013 - 18:43:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\https_www.google.com_0\1 [547840]
O61 - LFC: 09/04/2013 - 18:44:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-01 [4534272]
O61 - LFC: 09/04/2013 - 18:45:18 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-03 [29003776]
O61 - LFC: 09/04/2013 - 18:47:17 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Login Data [75776]
O61 - LFC: 09/04/2013 - 18:47:17 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Login Data-journal [14904]
O61 - LFC: 09/04/2013 - 18:47:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-02 [10854400]
O61 - LFC: 09/04/2013 - 18:48:52 ---A- C:\Users\Administrateur\Downloads\adwcleaner.exe [613083]
O61 - LFC: 09/04/2013 - 18:49:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\LOG.old [269]
O61 - LFC: 09/04/2013 - 18:50:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\LOG.old [148]
O61 - LFC: 09/04/2013 - 18:50:21 ---A- C:\Users\Administrateur\Downloads\JRT.exe [551587]
O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\LOG.old [148]
O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\LOG.old [262]
O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Visited Links [131072]
O61 - LFC: 09/04/2013 - 18:54:37 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\LOG [0]
O61 - LFC: 09/04/2013 - 18:54:37 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\LOG.old [0]
O61 - LFC: 09/04/2013 - 18:54:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:54:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\MANIFEST-000885 [156]
O61 - LFC: 09/04/2013 - 18:54:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\LOG [148]
O61 - LFC: 09/04/2013 - 18:54:40 ---A- C:\Users\Administrateur\AppData\Roaming\Garmin\Express\autolaunch.config [1]
O61 - LFC: 09/04/2013 - 18:54:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:54:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\MANIFEST-000479 [427]
O61 - LFC: 09/04/2013 - 18:54:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\LOG [0]
O61 - LFC: 09/04/2013 - 18:54:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Managed Mode Settings [8]
O61 - LFC: 09/04/2013 - 18:54:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Application Cache\Index [379904]
O61 - LFC: 09/04/2013 - 18:54:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Application Cache\Index-journal [16384]
O61 - LFC: 09/04/2013 - 18:57:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Provider Cache [486419]
O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\.usage [24]
O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\MANIFEST-000506 [311]
O61 - LFC: 09/04/2013 - 18:58:02 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\LOG [148]
O61 - LFC: 09/04/2013 - 18:58:30 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\QuotaManager [13312]
O61 - LFC: 09/04/2013 - 18:58:30 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\QuotaManager-journal [6704]
O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000011.sst [189525]
O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\CURRENT [16]
O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\LOG [264]
O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\MANIFEST-000010 [173]
O61 - LFC: 09/04/2013 - 19:00:43 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Last Tabs [37061]
O61 - LFC: 09/04/2013 - 19:00:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Last Session [71238]
O61 - LFC: 09/04/2013 - 19:01:26 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data [245760]
O61 - LFC: 09/04/2013 - 19:01:26 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal [14904]
O61 - LFC: 09/04/2013 - 19:04:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Favicons [3489792]
O61 - LFC: 09/04/2013 - 19:04:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Favicons-journal [16384]
O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History [4554752]
O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-04 [9142272]
O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-04-journal [16384]
O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History-journal [16384]
O61 - LFC: 09/04/2013 - 19:09:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\TransportSecurity [1108]
O61 - LFC: 09/04/2013 - 19:09:38 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\https_mail.google.com_0\2 [1086464]
O61 - LFC: 09/04/2013 - 19:10:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_plus.google.com_0.localstorage [3072]
O61 - LFC: 09/04/2013 - 19:10:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_plus.google.com_0.localstorage-journal [3608]
O61 - LFC: 09/04/2013 - 19:11:09 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences [93586]
O61 - LFC: 09/04/2013 - 19:11:21 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Cookies [1050624]
O61 - LFC: 09/04/2013 - 19:11:21 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Cookies-journal [16384]
O61 - LFC: 09/04/2013 - 19:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Local State [27082]
O61 - LFC: 09/04/2013 - 19:13:01 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_mail.google.com_0.localstorage [65536]
O61 - LFC: 09/04/2013 - 19:13:01 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_mail.google.com_0.localstorage-journal [16384]
~ 16 Fichiers temporaires (Temporary files)
~ Files: 1693 Legitimates Scanned in 04mn 26s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 05/08/2010 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 01/02/2010 - C:\Windows\System32\Drivers\RsvLock.sys (RsvLock) .(.McAfee, Inc. - McAfee Endpoint Encryption Reserved Files L.) - LEGACY_RSVLOCK
O64 - Services: CurCS - 04/06/2009 - C:\Windows\System32\Drivers\SbAlg.sys (SbAlg) .(.McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit).) - LEGACY_SBALG
O64 - Services: CurCS - 01/02/2010 - C:\Windows\System32\Drivers\SbFsLock.sys (SbFsLock) .(.McAfee, Inc. - McAfee Endpoint Encryption FS Locker.) - LEGACY_SBFSLOCK
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de clich� instantan� du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
~ Legacy: 114 Legitimates Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.)
~ FASS Keys: 19 Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Lolis\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Invit�\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Web Search) - http://search.certified-toolbar.com
O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.57D984CAB289E968CAACE0EB090AFBAB] [SPRF][25/02/2013] (...) -- C:\ProgramData\CEF97DECF0.sys [88]
[MD5.7B072989C879CFE84FDDE1DDDE8927B3] [SPRF][25/02/2013] (...) -- C:\ProgramData\KGyGaAvL.sys [2516]
[MD5.C66293CCD7CBE84B1B8F393CA5E4E6D7] [SPRF][08/11/2012] (.Somoto Ltd. - Better Installer Host.) -- C:\Users\Administrateur\AppData\Local\Temp\BI_RunOnce.exe [224256] =>Adware.MegaSearch
[MD5.5AC98C84160A9400DB448D153C959BB6] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\DeltaTB.exe [773104]
[MD5.AD3F64941EC27B66D3E83A27FA52AB6B] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\pricepeep_130001_1001.exe [589768] =>Toolbar.PricePeep
[MD5.02542D9B168433EDC10FB76EF9DF4954] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\Upgrader4.exe [10240]
~ Files: Scanned in 00mn 00s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{6BCC659F-5C6E-43E5-9238-4F785D0C77D8}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
O87 - FAEL: "{598B4E23-F5B6-4882-BC59-A849BFC07CF5}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch
~ Firewall: 204 Legitimates Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11496 - (09/04/2013)
Cl�s trouv�es (Keys found) : 32
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 4
Fichiers trouv�s (Files found) : 11

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM
[HKLM\Software\Classes\b4fm.sxcontextmenu1] =>Adware.Burn4Free
[HKLM\Software\Classes\burn4free project] =>Adware.Burn4Free
[HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM
[HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\AppDataLow\Software\Discount Buddy] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASAPI32] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASMANCS] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
C:\Program Files (x86)\Discount Buddy =>PUP.RewardsArcade
C:\Users\Administrateur\AppData\Local\Discount Buddy =>PUP.RewardsArcade
C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph =>Adware.GamePlayLabs
C:\Users\Administrateur\AppData\Local\\Updater26766 =>PUP.CrossRider^
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.0 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.1 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.2 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.3 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.4 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.5 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.6 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.7 =>Adware.Lollipop
C:\Users\Administrateur\AppData\Local\Temp\pricepeep_130001_1001.exe =>Toolbar.PricePeep
C:\Users\Administrateur\AppData\Local\Temp\BI_RunOnce.exe =>Adware.MegaSearch
~ Additionnel: Scanned in 00mn 11s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "3D6512925B3469C47BA9494EF0D89819" . (.Neato Updater Tool v2.) -- C:\Windows\Installer\{292156D3-43B5-4C96-B79A-94E40F8D8991}\ARPPRODUCTICON.exe
O90 - PUC: "68A082A912E0A234DB652D6ABCBBC5B6" . (.Elevated Installer.) -- C:\Windows\Installer\{9A280A86-0E21-432A-BD56-D2A6CBBB5C6B}\express.ico
O90 - PUC: "715AD6150A378F04C89D5EDEE43C385E" . (.Validity Fingerprint Driver.) -- C:\Windows\Installer\{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}\ValidityLogo.ico
O90 - PUC: "B42F9C3329D123649A51183EBBD1D5B6" . (.Theft Recovery.) -- C:\Windows\Installer\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}\ARPPRODUCTICON.exe
O90 - PUC: "FEC669DD9AE52AB42B0194F0BE2CE77A" . (.Validity Fingerprint Driver.) -- C:\windows\Installer\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}\ValidityLogo.ico
~ Update Products: 114 Legitimates Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 09/10/2012 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 09/02/2013 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe
SR - | Auto 05/08/2010 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 28/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
SR - | Auto 28/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 01/04/2012 957216 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SR - | Demand 01/02/2010 704512 | (DEBridge) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
SR - | Auto 16/07/2010 462160 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
SS - | Demand 17/11/2009 362040 | (FLCDLOCK) . (.Hewlett-Packard Ltd.) - c:\Windows\SysWOW64\flcdlock.exe
SR - | Auto 12/03/2013 185688 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
SS - | Auto 17/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 17/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 12/09/2011 142904 | (HP Power Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
SR - | Auto 19/10/2010 32768 | (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 05/04/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
SR - | Auto 10/05/2010 90112 | (HPDayStarterService) . (.Hewlett-Packard Company.) - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
SR - | Auto 06/09/2012 197536 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Auto 01/02/2010 281192 | (HpFkCryptService) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
SS - | Auto 0 | (hpHotkeyMonitor) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
SR - | Demand 06/09/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Auto 13/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 27/06/2012 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 88576 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 16/03/2011 113264 | (PdiService) . (.Portrait Displays, Inc..) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
SR - | Auto 10/09/2009 185632 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 09/02/2013 271360 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe
SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Auto 18/02/2010 2045232 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\windows\system32\vcsFPService.exe
SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Administrateur at 09/04/2013 20:19:24

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



~ 2987 Legitimates filtered by white list
End of the scan (875 lines in 08mn 27s)(0)

Publicité

Soutenons La Quadrature du Net ! Soutenons La Quadrature du Net !

Signaler le contenu de ce document

Publicité

Soutenons La Quadrature du Net !