Information concernant les Cookies et services Web tiers
Nos partenaires et nous-mêmes utilisons différentes technologies, telles que les cookies, pour personnaliser les contenus et les publicités, proposer des fonctionnalités sur les réseaux sociaux et analyser le trafic. Merci de cliquer sur le bouton ci-dessous pour donner votre accord. Vous pouvez changer d’avis et modifier vos choix à tout moment. Informations RGPD
ZHPDiag.txt
À propos
- Type de fichier
- Fichier TXT de 320 Ko (text/plain)
- Confidentialité
- Fichier public, envoyé le 7 décembre 2013 à 10:51, depuis l'adresse IP 92.153.x.x (France)
- Sécurité
- Ne contient aucun Virus ou Malware connus - Dernière vérification: 02/06/19
- Statistiques
- La présente page de téléchargement a été vue 1418 fois depuis l'envoi du fichier
- Page de téléchargement
Aperçu du fichier
~ Rapport de ZHPDiag v2013.12.6.12 - Nicolas Coolman (06/12/2013)
~ Lancé par slvanessa (07/12/2013 10:10:59)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Désactivée par l'utilisateur
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v9.0.8112.16421
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
AVG 2012 v12.1.2238
Microsoft Security Client v4.4.0304.0
Windows Defender W7
---\\ Logiciels d'optimisation du système
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Adobe Reader XI
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3893 MB (64% free)
System Restore: Activé (Enable)
System drive C: has 396 GB (88%) free of 449 GB
---\\ Mode de connexion au système
~ Computer Name: SLVANESSA-HP
~ User Name: slvanessa
~ All Users Names: slvanessa, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\slvanessa\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\slvanessa\AppData\Roaming\
~ %Desktop% : C:\Users\slvanessa\Desktop\
~ %Favorites% : C:\Users\slvanessa\Favorites\
~ %LocalAppData% : C:\Users\slvanessa\AppData\Local\
~ %StartMenu% : C:\Users\slvanessa\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 396 Go of 449 Go)
D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 17 Go)
E: CD-ROM drive (Not Inserted)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: 44 Scanned in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.A4F6142CABA82FB7293ECE5FF864B440] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 07:20:51.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.18/07/2010 - 02:33:03.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Bibliothèque de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.9A6089B056EA1B83B36424FC9D0A300E] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:36:37.) -- C:\Windows\system32\Drivers\ntfs.sys [1653096]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.06/09/2012 - 18:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Scanned in 00mn 01s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 6/1456
~ Mes musiques (My Musics) : 94/632
~ Mes Favoris (My Favorites) : 1/103
~ Mes Documents (My Documents) : 1/307
~ Mon Bureau (My Desktop) : 8/17
~ Menu demarrer (Programs) : 1/58
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lancés
[MD5.371BA71B566260932DCCCF843BF6C7E7] - (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe [2598520] [PID.2112]
[MD5.4814072025E3BD4A3544F3E0A31666EF] - (.Visicom Media Inc. (Powered by Panda Securi - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [232616] [PID.1096]
[MD5.D81F10E8A9D25A8527745BDB1F9638F2] - (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe [1425952] [PID.1092]
[MD5.749949494676218FFA99501F4AA22ECC] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe [10376704] [PID.788]
[MD5.4EE367B8B1964160A1F1B80095183D3A] - (.OpenOffice.org - OpenOffice.org 3.4.1.) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin [10368512] [PID.3320]
[MD5.AADD0892A428B133ABEF5EBCCE5E1799] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8281600] [PID.624]
[MD5.F720502AAA03FAB627A96E5EAADAA28D] - (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) -- C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104] [PID.1680]
[MD5.ADDA5E1951B90D3D23C56D3CF0622ADC] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65640] [PID.1968]
[MD5.EA1145DEBCD508FD25BD1E95C4346929] - (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288] [PID.1996]
[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.1584]
[MD5.AB673BA95E8FA446E9C00AA7A34B96DA] - (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) -- C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5175856] [PID.2160]
~ Processes Running: Scanned in 00mn 01s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20913.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll
~ Firefox Browser: 2 Scanned in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R0 - HKCU\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.chatzum.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.qvo6.com =>Hijacker.Qvo6
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: (no name) [64Bits] - {3f1fbbdd-1444-4838-b1b7-726d9bcf32ab} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 20 Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <local>
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: script helper for ie [64Bits] - {00cbb66b-1d3b-46d3-9577-323a336acb50} Clé orpheline
O2 - BHO: ToolbarOrange.InitToolbarBHO [64Bits] - {1d970ed5-3eda-438d-bffd-715931e2775b} . (...) -- mscoree.dll (.not file.)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter [64Bits] - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} . (.AVG Technologies CZ, s.r.o. - Safe Search for Internet Explorer.) -- C:\Program Files (x86)\AVG\AVG2012\avgssie.dll
O2 - BHO: Update Timer [64Bits] - {963B125B-8B21-49A2-A3A8-E37092276531} Clé orpheline
O2 - BHO: DataMngr [64Bits] - {9D717F81-9148-4f12-8568-69135F087DB0} Clé orpheline =>PUP.Datamngr
O2 - BHO: (no name) [64Bits] - {bb184e6d-26d1-461a-9226-b93ca8da2af9} Clé orpheline
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Yontoo Layers [64Bits] - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} . (.Yontoo LLC - Yontoo Runtime.) -- C:\Program Files (x86)\Yontoo\YontooIEClient.dll =>Adware.Yontoo
~ BHO: 11 Scanned in 00mn 01s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKCU]{710EB7A1-45ED-11D0-924A-0020AFC7AC4D} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{A057A204-BACC-4D26-9990-79A187E2698E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{53BCF99A-B7BE-4D6D-B65D-EA2FD115B83F} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{3F1FBBDD-1444-4838-B1B7-726D9BCF32AB} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{EEE6C35B-6118-11DC-9C72-001320C79847} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{CCC7A320-B3CA-4199-B1A6-9F516DD69829} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{D4027C7F-154A-4066-A1AD-4243D8127440} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{4D51F677-2A0B-43E2-B444-A2B384D24B91} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{77F8C945-4B74-4BD6-A073-E0D1997EDCE8} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{05EEB91A-AEF7-4F8A-978F-FB83E7B03F8E} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) [64Bits] - [HKCU]{19803860-B306-423C-BBB5-F60A7D82CDE5} Clé orpheline
~ Toolbar: Scanned in 00mn 01s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop [Public]: Canon MP280 series Manuel en ligne.lnk . (.CANON INC. - Easy Guide Viewer.) -- C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe
O4 - GS\Desktop [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Desktop [Public]: SLOW-PCfighter.lnk . (...) -- C:\Program Files (x86)\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe (.not file.)
O4 - GS\Program [Public]: Adobe Reader XI.lnk . (...) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O4 - GS\Program [Public]: Audacity.lnk . (.The Audacity Team - Audacity®, the Free, Cross-Platform Sound E.) -- C:\Program Files (x86)\Audacity\audacity.exe =>.The Audacity Team
O4 - GS\Program [Public]: Encore plus de jeux.lnk - Clé orpheline
O4 - GS\Program [Public]: Game Manager.lnk . (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe
O4 - GS\Program [Public]: Media Center.lnk . (.Microsoft Corporation - Windows Media Center.) -- C:\Windows\ehome\ehshell.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Microsoft Security Essentials.lnk . (...) -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - GS\Program [Public]: TuneUp Utilities 2012.lnk . (.TuneUp Software - TuneUp Utilities - Interface de démarrage.) -- C:\Program Files (x86)\TuneUp Utilities 2012\Integrator.exe
O4 - GS\Program [Public]: Windows Anytime Upgrade.lnk . (.Microsoft Corporation - Interface utilisateur de Mise à niveau expr.) -- C:\Windows\system32\WindowsAnytimeUpgradeUI.exe
O4 - GS\Program [Public]: Windows DVD Maker.lnk . (...) -- C:\Program Files (x86)\DVD Maker\DVDMaker.exe (.not file.)
O4 - GS\Program [Public]: Windows Fax and Scan.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [Public]: XPS Viewer.lnk . (.Microsoft Corporation - Visionneuse XPS.) -- C:\Windows\system32\xpsrchvw.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: displayswitch.lnk . (.Microsoft Corporation - Afficher le commutateur.) -- C:\Windows\system32\displayswitch.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Mobility Center.lnk . (.Microsoft Corporation - Centre de mobilité Windows.) -- C:\Windows\system32\mblctr.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Paint.lnk . (.Microsoft Corporation - Paint.) -- C:\Windows\system32\mspaint.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Remote Desktop Connection.lnk . (.Microsoft Corporation - Connexion Bureau à distance.) -- C:\Windows\system32\mstsc.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sound Recorder.lnk . (.Microsoft Corporation - Magnétophone Windows.) -- C:\Windows\system32\SoundRecorder.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sticky Notes.lnk . (.Microsoft Corporation - Pense-bête.) -- C:\Windows\system32\StikyNot.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Sync Center.lnk . (.Microsoft Corporation - Microsoft Sync Center.) -- C:\Windows\System32\mobsync.exe =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Welcome Center.lnk . (.Microsoft Corporation - Mise en route.) -- C:\Windows\system32\OobeFldr.dll =>.Microsoft Corporation
O4 - GS\Accessories [Public]: Wordpad.lnk . (.Microsoft Corporation - Application Windows Wordpad.) -- C:\Program Files (x86)\Windows NT\Accessories\wordpad.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Character Map.lnk . (.Microsoft Corporation - Table des caractères.) -- C:\Windows\system32\charmap.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: dfrgui.lnk . (.Microsoft Corporation - Défragmenteur de disque Microsoft®.) -- C:\Windows\system32\dfrgui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\system32\cleanmgr.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Resource Monitor.lnk . (.Microsoft Corporation - Moniteur de ressources et de performances.) -- C:\Windows\system32\perfmon.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Information.lnk . (.Microsoft Corporation - Informations système.) -- C:\Windows\system32\msinfo32.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: System Restore.lnk . (.Microsoft Corporation - Restauration du système de Microsoft® Windo.) -- C:\Windows\system32\rstrui.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Task Scheduler.lnk . (...) -- C:\Windows\system32\taskschd.msc
O4 - GS\SystemTools [Public]: Windows Easy Transfer Reports.lnk . (.Microsoft Corporation - Application post-migration de transfert de.) -- C:\Windows\system32\migwiz\postmig.exe =>.Microsoft Corporation
O4 - GS\SystemTools [Public]: Windows Easy Transfer.lnk . (.Microsoft Corporation - Application Transfert de fichiers et paramè.) -- C:\Windows\system32\migwiz\migwiz.exe =>.Microsoft Corporation
O4 - GS\QuickLaunch [slvanessa]: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [slvanessa]: Internet Explorer (2).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\TaskBar [slvanessa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\TaskBar [slvanessa]: Microsoft Security Essentials.lnk . (...) -- C:\Program Files (x86)\Microsoft Security Client\msseces.exe (.not file.)
O4 - GS\TaskBar [slvanessa]: Reset VLC media player preferences and cache files.lnk . (.VideoLAN - VLC media player 2.0.4.) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe =>.VideoLAN
O4 - GS\TaskBar [slvanessa]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\TaskBar [slvanessa]: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe =>.Microsoft Corporation
O4 - GS\Program [slvanessa]: iMesh.lnk . (.iMesh, Inc - iMesh.) -- C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe =>PUP.iMesh
O4 - GS\Program [slvanessa]: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe http://www.delta-homes.com =>Toolbar.DeltaSearch
O4 - GS\Program [slvanessa]: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Accessories [slvanessa]: Command Prompt.lnk . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - GS\Accessories [slvanessa]: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\system32\notepad.exe =>.Microsoft Corporation
O4 - GS\Accessories [slvanessa]: Run.lnk - Clé orpheline
O4 - GS\Accessories [slvanessa]: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe =>.Microsoft Corporation
O4 - GS\SystemTools [slvanessa]: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SystemTools [slvanessa]: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe =>.Microsoft Corporation
O4 - GS\Desktop [slvanessa]: Manuel utilisateur ASIO4ALL v2.lnk . (...) -- C:\Program Files (x86)\ASIO4ALL v2\ASIO4ALL v2 Instruction Manual Fr.pdf
O4 - GS\Desktop [slvanessa]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe =>.Nicolas Coolman
O4 - GS\Desktop [slvanessa]: ZHPFix.lnk . (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe =>.Nicolas Coolman
~ Global Startup: 55 Scanned in 00mn 03s
---\\ Applications lancées au démarrage du sytème (O4)
O4 - GS\Startup [slvanessa]: OpenOffice.org 3.4.1.lnk . (...) -- C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe =>.Realtek Semiconductor Corp
O4 - HKCU\..\Run: [orangeinside] . (...) -- C:\Users\slvanessa\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [AVG_TRAY] . (.AVG Technologies CZ, s.r.o. - AVG Tray Monitor.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
O4 - HKLM\..\Wow6432Node\Run: [Anti-phishing Domain Advisor] . (.Visicom Media Inc. (Powered by Panda Securi - Visicom Media Anti-phishing Domain Advisor.) -- C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
O4 - HKLM\..\Wow6432Node\Run: [CommonToolkitTray] . (.SPAMfighter ApS - FIGHTERtools Update Manager.) -- C:\Program Files (x86)\Fighters\Tray\FightersTray.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [AvgUninstallURL] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\Run: [orangeinside] . (...) -- C:\Users\slvanessa\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-4131387925-2258615089-634791745-1000\..\RunOnce: [Uninstall C:\Users\slvanessa\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\system32\cmd.exe =>.Microsoft Corporation
~ Application: Scanned in 00mn 00s
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ IE Control Panel: 1 Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll =>.Microsoft Corporation
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
~ Winsock: 6 Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CCS\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CS1\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{8F0882DD-A4C7-4A66-8CFF-2E53E92B78B6}: NameServer = 178.33.41.181,46.4.70.20
O17 - HKLM\System\CS2\Services\Tcpip\..\{678B8304-DA8C-4303-B355-2C420321E1BE}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (...) - C:\Program Files (x86)\MUSICT~1\Datamngr\x64\mgrldr.dll (.not file.) =>PUP.Datamngr
~ AppInit DLL: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ SSODL: 1 Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AVGIDSAgent (AVGIDSAgent) . (.AVG Technologies CZ, s.r.o. - AVG Identity Protection Service.) - C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) . (.AVG Technologies CZ, s.r.o. - AVG Watchdog Service.) - C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
O23 - Service: eSafe Service (eSafeSvc) . (...) - C:\ProgramData\eSafe\eSafeSvc.exe (.not file.) =>PUP.eSafeSecurity
O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
O23 - Service: WinZiper service (winzipersvc) . (.Taiwan Shui Mu Chih Ching Technology Limite - update service.) - C:\Program Files (x86)\WinZipper\winzipersvc.exe
~ Services: 6 Scanned in 00mn 10s
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Desktop Component: 4 Scanned in 00mn 00s
---\\ Enumère les données de BootExecute (BEX) (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart) (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Service.) -- C:\PROGRA~2\AVG\AVG2012\avgrsa.exe
~ BEX: 2 Scanned in 00mn 00s
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-slvanessa-Notification.job [392]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SLOW-PCfighter64-slvanessa-Startup.job [390]
[MD5.00000000000000000000000000000000] [APT] [4813] (...) -- C:\Users\slvanessa\AppData\Local\Temp\launchie.vbs \\B (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [0]
[MD5.438F31336B3DC248ABC632F1C8F34A24] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [257416]
[MD5.00000000000000000000000000000000] [APT] [Dealply] (...) -- C:\Users\slvanessa\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.exe (.not file.) [0] =>PUP.DealPly
[MD5.00000000000000000000000000000000] [APT] [Desk 365 RunAsStdUser] (...) -- C:\Program Files (x86)\Desk 365\desk365.exe (.not file.) [0] =>Hijacker.22Find
[MD5.00000000000000000000000000000000] [APT] [Java Update Scheduler] (...) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [LaunchApp] (...) -- C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (.not file.) [0] =>PUP.MyPCBackup
[MD5.00000000000000000000000000000000] [APT] [Omiga Plus RunAsStdUser] (...) -- C:\Program Files (x86)\Omiga Plus\omigaplus.exe (.not file.) [0] =>Hijacker.OmigaPlus
[MD5.14D133377D80BB4F28B71C2BFDC4D41B] [APT] [PenWes] (...) -- C:\Program Files (x86)\PenWes\penwes.exe [1426432] =>PUP.Penwes
[MD5.48BE298F7FD1BEF4D8FBACB04D8D95C4] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576]
[MD5.C637FC4638A96165256B28D38DE7B953] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208]
[MD5.00000000000000000000000000000000] [APT] [RecoveryCDWin7] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe (.not file.) [0]
[MD5.3EAB0C3140FA819968A2F582F7BCF5AD] [APT] [SLOW-PCfighter64-slvanessa-Notification] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\Sync.exe [441896]
[MD5.EE37861B791C8F0800FBC26B63F35857] [APT] [SLOW-PCfighter64-slvanessa-Startup] (.SPAMfighter ApS.) -- C:\Program Files\Fighters\SLOW-PCfighter\SLOW-PCfighter64.exe [13483048]
[MD5.00000000000000000000000000000000] [APT] [Test TimeTrigger] (...) -- C:\Users\slvanessa\AppData\Local\Temp\Runner.exe (.not file.) [0]
[MD5.ABF13FCD4C8282CEB2A58EC9D25F0EB8] [APT] [TuneUpUtilities_Task_BkGndMaintenance2012] (.TuneUp Software.) -- C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [558392]
[MD5.00000000000000000000000000000000] [APT] [{20694AFA-798B-4F48-A3FE-FD12ECBD068F}] (...) -- C:\Program Files (x86)\IncrediMail\Bin\ImSetup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{367C6B0E-2BD8-4D48-82B8-294A81AD0559}] (...) -- C:\Program Files (x86)\PC_GEA~1\UNWISE.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{59ED684F-5E01-41A9-B26B-44EEBE6E97D5}] (...) -- E:\autorun.exe (.not file.) [0]
[MD5.644F26C608667CE40813FFCFF351E0A2] [APT] [{66517324-FD40-4812-BB65-3BE107207357}] (.AVG Technologies CZ, s.r.o..) -- C:\Program Files (x86)\AVG\AVG2012\avgmfapx.exe [6098992]
[MD5.00000000000000000000000000000000] [APT] [{9177F1E5-A83F-413E-9870-B0409BA9FA43}] (...) -- C:\Program Files (x86)\HP\Digital Imaging\{7F08A772-2816-4F46-84F1-49578502AD28}\setup\hwsetupwizard\setup_guide.exe (.not file.) [0]
[MD5.8DFB7B44BAA1FAA4EEEC5D6E84797D9C] [APT] [{B58B9EBA-5B94-4B60-971F-142B465043D3}] (...) -- C:\Program Files (x86)\bfgclient\bfgclient.exe [4468536]
[MD5.C155A13687144076286989EF078112C2] [APT] [{BE41A751-3AFB-490F-B213-EC04A4E5B6E3}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix\ZHPhep.exe [1917440]
[MD5.00000000000000000000000000000000] [APT] [{C0C43F72-9113-4D80-B3DD-59F8C8982B5C}] (...) -- C:\Users\slvanessa\Desktop\Install_MSN_Messenger.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{D0BF86B7-7291-4CA6-9E85-C2C4DBEF4294}] (...) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.) [0]
[MD5.C155A13687144076286989EF078112C2] [APT] [{D14C777E-6F5E-4FEE-AD6E-5A5618424DC3}] (.Nicolas Coolman.) -- C:\Program Files (x86)\ZHPDiag\ZHPhep.exe [1917440]
[MD5.86F4A155854BF52631354AB8D63578F9] [APT] [{D4B0C225-3DEC-401B-8813-78EB17C0ADF9}] (.Macrovision Corporation.) -- C:\Program Files (x86)\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe [778240]
[MD5.00000000000000000000000000000000] [APT] [{EE4227C8-1AE0-4667-8DB4-4B998628B9E0}] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) [0]
~ Scheduled Task: 32 Scanned in 00mn 09s
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll =>.Microsoft Corporation
O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe =>.Microsoft Corporation
O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll =>.Microsoft Corporation
O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Active Setup: 10 Scanned in 00mn 00s
---\\ Pilotes lancés au démarrage du système (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver: (Avgldx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\System32\DRIVERS\avgldx64.sys
O41 - Driver: (Avgmfx64) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\System32\DRIVERS\avgmfx64.sys
O41 - Driver: (Avgtdia) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\System32\DRIVERS\avgtdia.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver: (MpKsl297f39ef) . (. - .) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{8AA55869-2C66-4645-98D3-3875B903CDC1}\MpKsl297f39ef.sys (.not file.)
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Drivers: 72 Scanned in 00mn 00s
---\\ Logiciels installés (O42)
O42 - Logiciel: 64 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM][64Bits] -- {FF21C3E6-97FD-474F-9518-8DCBE94C2854}
O42 - Logiciel: ASIO4ALL - (.Michael Tippach.) [HKLM][64Bits] -- ASIO4ALL
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- AVG
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {31CE1406-5C12-44C5-B6C5-0F55F2039DE3}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {3BF72D44-08F2-4F8D-ABD9-76860C63E7CD}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {445E399B-444F-4DE3-9ACA-061B1FC95190}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {996EEE69-10BB-4F30-AE40-6C1B9B7D17A4}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {A108BD40-0A8C-4385-8874-74C4B6086CC3}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {BF46C84D-1AC3-4CC3-A45C-EF6257B80984}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {D050583D-5CEC-47B1-88AA-8B328CAA8621}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {DFE4E6BB-70F0-4292-B7EB-7A3AD48EBB5C}
O42 - Logiciel: AVG 2012 - (.AVG Technologies.) [HKLM][64Bits] -- {F2A13695-0BD3-47E2-91E0-2F5DB86FA439}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {52E225FC-FCB4-41F7-837B-6E37FB05BD7B}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader XI (11.0.05) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: Adobe Shockwave Player 12.0 - (.Adobe Systems, Inc..) [HKLM][64Bits] -- Adobe Shockwave Player
O42 - Logiciel: Anti-phishing Domain Advisor - (.Visicom Media Inc. (Powered by Panda Security).) [HKLM][64Bits] -- Anti-phishing Domain Advisor
O42 - Logiciel: Audacity 2.0.5 - (.Audacity Team.) [HKLM][64Bits] -- Audacity_is1
O42 - Logiciel: Audacity 2.0.5 Packages - (...) [HKCU][64Bits] -- Audacity 2.0.5 Packages
O42 - Logiciel: Audacity Packages - (...) [HKCU][64Bits] -- Audacity Packages
O42 - Logiciel: Awakening: Le Clocher du Soleil Edition Collector - (...) [HKLM][64Bits] -- BFG-Awakening - Le Clocher du Soleil Edition Collector
O42 - Logiciel: Clockwork Tales: De Verre et d'Encre Edition Collector - (...) [HKLM][64Bits] -- BFG-Clockwork Tales - De Verre et d Encre Edition Collector
O42 - Logiciel: Cooking Academy 2: Cuisine du Monde - (...) [HKLM][64Bits] -- BFG-Cooking Academy 2 - Cuisine du Monde
O42 - Logiciel: ESU for Microsoft Windows 7 - (.Hewlett-Packard.) [HKLM][64Bits] -- {3877C901-7B90-4727-A639-B6ED2DD59D43}
O42 - Logiciel: Google Update Helper - (.BonanzaDeals.) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} =>Adware.BonanzaDeals
O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM][64Bits] -- {07FA4960-B038-49EB-891B-9F95930AA544}
O42 - Logiciel: HPDiagnosticAlert - (.Microsoft.) [HKLM][64Bits] -- {846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}
O42 - Logiciel: Intel(R) Rapid Storage Technology - (.Intel Corporation.) [HKLM][64Bits] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}
O42 - Logiciel: Java(TM) 6 Update 20 (64-bit) - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416020FF}
O42 - Logiciel: Left in the Dark: Personne à Bord - (...) [HKLM][64Bits] -- BFG-Left in the Dark - Personne a Bord
O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM][64Bits] -- {E0E55FC1-C53D-4F8D-B14B-B59C312747C8}
O42 - Logiciel: Luxor 3 - (...) [HKLM][64Bits] -- BFG-Luxor 3
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM][64Bits] -- {E102B843-786A-4F58-AF75-6504570E207B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM][64Bits] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Mountain Crime: Vengeance - (...) [HKLM][64Bits] -- BFG-Mountain Crime - Vengeance
O42 - Logiciel: MyFreeCodec - (...) [HKCU][64Bits] -- MyFreeCodec
O42 - Logiciel: OpenOffice.org 3.4.1 - (.Apache Software Foundation.) [HKLM][64Bits] -- {7DA1C06F-C913-46C7-8A0F-DA2CBA17EA1D}
O42 - Logiciel: Orange Inside - (.Orange.) [HKCU][64Bits] -- Orange Inside
O42 - Logiciel: Orange Installeur version 1.2.3.1 - (.Orange.) [HKLM][64Bits] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.3.1
O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager
O42 - Logiciel: PenWes [7309] - (...) [HKLM][64Bits] -- Penwes =>PUP.Penwes
O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail.) [HKLM][64Bits] -- {788A0222-5690-4212-AA9C-C48FD0E1C9AE}
O42 - Logiciel: QuickTime - (.Apple Computer, Inc..) [HKLM][64Bits] -- InstallShield_{C21D5524-A970-42FA-AC8A-59B8C7CDCA31}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM][64Bits] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS.) [HKLM][64Bits] -- {7648D847-AEBC-4DEF-ADA2-F93314A5F4F2}
O42 - Logiciel: SLOW-PCfighter - (.SPAMfighter ApS..) [HKLM][64Bits] -- SLOW-PCfighter
O42 - Logiciel: SpecialSavings - (.Special Savings.) [HKLM][64Bits] -- {09C14BAE-2D45-4133-B0FA-5EA4FE5CF978} =>PUP.SpecialSavings
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM][64Bits] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM][64Bits] -- TuneUp Utilities 2012
O42 - Logiciel: VLC media player 2.0.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player =>.VideoLAN
O42 - Logiciel: Visual Studio 2008 x64 Redistributables - (.AVG Technologies.) [HKLM][64Bits] -- {FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}
O42 - Logiciel: WinZipper - (.Taiwan Shui Mu Chih Ching Technology Limited..) [HKLM][64Bits] -- WinZipper
O42 - Logiciel: iMesh - (.iMesh Inc.) [HKCU][64Bits] -- iMesh =>PUP.iMesh
O42 - Logiciel: iMesh - (.iMesh Inc..) [HKLM][64Bits] -- {8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} =>PUP.iMesh
O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}
O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}
~ Logic: 32 Scanned in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\5257df8ab469b940] =>Rogue.PCPerformer
[HKCU\Software\APN PIP]
[HKCU\Software\APN]
[HKCU\Software\ATI]
[HKCU\Software\AVS4YOU]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Avg]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\Crossrider] =>PUP.CrossRider
[HKCU\Software\AppDataLow\Software\LyricsParty] =>Adware.AddLyrics
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\MarkAny]
[HKCU\Software\AppDataLow\Software\Orange]
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\AppDataLow\Software\SFT_France]
[HKCU\Software\AppDataLow\Software\Smartbar] =>Hijacker.SmartBar
[HKCU\Software\AppDataLow\Software\Yahoo]
[HKCU\Software\AppDataLow\Software\blekkotb_001] =>Toolbar.Blekko
[HKCU\Software\AppDataLow\Software\iGraal]
[HKCU\Software\AppDataLow\Software\mediabarim] =>PUP.iMesh
[HKCU\Software\AppDataLow\Software\pc_gear_fr]
[HKCU\Software\AppDataLow\Software\searchqutoolbar] =>PUP.Datamngr
[HKCU\Software\AppDataLow\Software\toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Auchan]
[HKCU\Software\Aurigma]
[HKCU\Software\Auslogics]
[HKCU\Software\Avg]
[HKCU\Software\BabSolution] =>Hijacker.BabSolution
[HKCU\Software\Big Fish Games, Inc.]
[HKCU\Software\Big Fish Games]
[HKCU\Software\BigBlueBubble]
[HKCU\Software\Blabbers] =>PUP.Blabbers
[HKCU\Software\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKCU\Software\BrowserChoice]
[HKCU\Software\BrowserCompanion] =>PUP.Blabbers
[HKCU\Software\CDIP]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\ChatZum Toolbar]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CodeGear]
[HKCU\Software\Complitly] =>Adware.PredictAd
[HKCU\Software\Conduit] =>Toolbar.Conduit
[HKCU\Software\CyberLink]
[HKCU\Software\DataMngr_Toolbar] =>PUP.Datamngr
[HKCU\Software\DealPlyLive] =>PUP.DealPly
[HKCU\Software\EasyBits]
[HKCU\Software\FWT_DLM]
[HKCU\Software\Fighters]
[HKCU\Software\FileScout] =>PUP.FileScout
[HKCU\Software\FissaSearch] =>PUP.OfferBox
[HKCU\Software\Fugazo]
[HKCU\Software\Gabest]
[HKCU\Software\Garmin]
[HKCU\Software\GoBit]
[HKCU\Software\Gogii Games]
[HKCU\Software\Gogii]
[HKCU\Software\Google]
[HKCU\Software\HP]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\HookNetwork]
[HKCU\Software\IM Providers]
[HKCU\Software\IM]
[HKCU\Software\Icaros]
[HKCU\Software\ImInstaller]
[HKCU\Software\Image-Line]
[HKCU\Software\IncrediMail]
[HKCU\Software\InstallCore] =>Adware.InstallCore
[HKCU\Software\Intel]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JollyBear]
[HKCU\Software\KC Softwares]
[HKCU\Software\Lake]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Macromedia]
[HKCU\Software\Macrovision]
[HKCU\Software\Magnet]
[HKCU\Software\Meridian93]
[HKCU\Software\Mindscape]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Myfree Codec]
[HKCU\Software\NCH Software]
[HKCU\Software\NCH Swift Sound]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Norton]
[HKCU\Software\Nosibay]
[HKCU\Software\Oberon Media]
[HKCU\Software\Oberon]
[HKCU\Software\OceanMediaGames]
[HKCU\Software\OfferBox] =>PUP.OfferBox
[HKCU\Software\OpenOffice.org]
[HKCU\Software\OrangeInside]
[HKCU\Software\PlayfulAge]
[HKCU\Software\Policies]
[HKCU\Software\PopCap] =>Adware.PopCap
[HKCU\Software\PowerPack]
[HKCU\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Raptr]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\Shaman Games]
[HKCU\Software\Skype]
[HKCU\Software\SoftVoice]
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\Softwis]
[HKCU\Software\SpecialBit Games]
[HKCU\Software\SpecialSavings] =>PUP.SpecialSavings
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\Swift Creek Games LLC]
[HKCU\Software\Systweak]
[HKCU\Software\Torch]
[HKCU\Software\Trolltech]
[HKCU\Software\TuneUp]
[HKCU\Software\Tuto4PC] =>PUP.Eorezo
[HKCU\Software\TutoTag] =>Spyware.AgenceExclusive
[HKCU\Software\Tutorials] =>Spyware.AgenceExclusive
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\WildTangent]
[HKCU\Software\WinMaximizer]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\Wow6432Node]
[HKCU\Software\Yahoo]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\Zylom]
[HKCU\Software\ej-technologies]
[HKCU\Software\funkitron]
[HKCU\Software\kde.org]
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKCU\Software\mysearchdial] =>Adware.MyWebSearch
[HKCU\Software\pc_gear_fr]
[HKLM\Software\AMD]
[HKLM\Software\ASIO]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\AVS4YOU]
[HKLM\Software\Agere]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CXT]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Common Toolkit Suite]
[HKLM\Software\Cyberlink]
[HKLM\Software\DataMngr] =>PUP.Datamngr
[HKLM\Software\DomaIQ] =>Adware.DomaIQ
[HKLM\Software\Fighters]
[HKLM\Software\Google]
[HKLM\Software\HPQ]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\LSI]
[HKLM\Software\Macromedia]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SAMSUNG]
[HKLM\Software\SRS Labs]
[HKLM\Software\Sonic]
[HKLM\Software\Speedchecker Limited]
[HKLM\Software\Tarma Installer] =>PUP.Tarma
[HKLM\Software\TuneUp]
[HKLM\Software\Volatile]
[HKLM\Software\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node\5257df8ab469b940] =>Rogue.PCPerformer
[HKLM\Software\Wow6432Node\ASIO]
[HKLM\Software\Wow6432Node\ATI Technologies]
[HKLM\Software\Wow6432Node\AVG]
[HKLM\Software\Wow6432Node\AVS4YOU]
[HKLM\Software\Wow6432Node\Adobe]
[HKLM\Software\Wow6432Node\AedgePerformanceBCN] =>Adware.SPointer
[HKLM\Software\Wow6432Node\Ahead]
[HKLM\Software\Wow6432Node\Amazon]
[HKLM\Software\Wow6432Node\AppDataLow]
[HKLM\Software\Wow6432Node\Apple Computer, Inc.]
[HKLM\Software\Wow6432Node\AskTBar]
[HKLM\Software\Wow6432Node\AskToolbar]
[HKLM\Software\Wow6432Node\Auchan]
[HKLM\Software\Wow6432Node\Babylon] =>PUP.Babylon
[HKLM\Software\Wow6432Node\Bandoo] =>Adware.Bandoo
[HKLM\Software\Wow6432Node\BcmSetup]
[HKLM\Software\Wow6432Node\Big Fish Games]
[HKLM\Software\Wow6432Node\BonanzaDealsLive] =>Adware.BonanzaDeals
[HKLM\Software\Wow6432Node\Boxore] =>Adware.Boxore
[HKLM\Software\Wow6432Node\BrowserCompanion] =>PUP.Blabbers
[HKLM\Software\Wow6432Node\Bunndle]
[HKLM\Software\Wow6432Node\Canon]
[HKLM\Software\Wow6432Node\Caphyon]
[HKLM\Software\Wow6432Node\ChatZum Toolbar]
[HKLM\Software\Wow6432Node\Classes]
[HKLM\Software\Wow6432Node\Clients]
[HKLM\Software\Wow6432Node\Common Toolkit Suite]
[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\CyberLink]
[HKLM\Software\Wow6432Node\Datamngr] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\DealPlyLive] =>PUP.DealPly
[HKLM\Software\Wow6432Node\EasyBits]
[HKLM\Software\Wow6432Node\Fighters]
[HKLM\Software\Wow6432Node\FlvPlayer]
[HKLM\Software\Wow6432Node\Freeze.com] =>Adware.Freeze
[HKLM\Software\Wow6432Node\Funmoods] =>PUP.Funmoods
[HKLM\Software\Wow6432Node\GameInstaller]
[HKLM\Software\Wow6432Node\Garmin]
[HKLM\Software\Wow6432Node\Google]
[HKLM\Software\Wow6432Node\Hewlett-Packard]
[HKLM\Software\Wow6432Node\ImInstaller]
[HKLM\Software\Wow6432Node\Image-Line]
[HKLM\Software\Wow6432Node\Iminent] =>Adware.IMBooster
[HKLM\Software\Wow6432Node\IncrediMail]
[HKLM\Software\Wow6432Node\InstallCore] =>Adware.InstallCore
[HKLM\Software\Wow6432Node\InstallShield]
[HKLM\Software\Wow6432Node\Intel]
[HKLM\Software\Wow6432Node\JAM Software]
[HKLM\Software\Wow6432Node\JavaSoft]
[HKLM\Software\Wow6432Node\JreMetrics]
[HKLM\Software\Wow6432Node\KasperskyLab]
[HKLM\Software\Wow6432Node\Kaydara]
[HKLM\Software\Wow6432Node\Lake]
[HKLM\Software\Wow6432Node\Lavasoft]
[HKLM\Software\Wow6432Node\Licenses]
[HKLM\Software\Wow6432Node\LightScribe]
[HKLM\Software\Wow6432Node\Macromedia]
[HKLM\Software\Wow6432Node\MarkAny]
[HKLM\Software\Wow6432Node\MimarSinan]
[HKLM\Software\Wow6432Node\Mindscape]
[HKLM\Software\Wow6432Node\Mircrosoft]
[HKLM\Software\Wow6432Node\MozillaPlugins]
[HKLM\Software\Wow6432Node\Mozilla]
[HKLM\Software\Wow6432Node\MusicNet]
[HKLM\Software\Wow6432Node\Myfree Codec]
[HKLM\Software\Wow6432Node\NCH Software]
[HKLM\Software\Wow6432Node\NCH Swift Sound]
[HKLM\Software\Wow6432Node\Nero]
[HKLM\Software\Wow6432Node\ODBC]
[HKLM\Software\Wow6432Node\Oberon Media]
[HKLM\Software\Wow6432Node\OfferBox] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\OpenOffice.org]
[HKLM\Software\Wow6432Node\Orange]
[HKLM\Software\Wow6432Node\Outsim]
[HKLM\Software\Wow6432Node\PENSEWEB]
[HKLM\Software\Wow6432Node\PIP]
[HKLM\Software\Wow6432Node\Photo Notifier and Animation Creator]
[HKLM\Software\Wow6432Node\Policies]
[HKLM\Software\Wow6432Node\Propellerhead Software]
[HKLM\Software\Wow6432Node\Raptr]
[HKLM\Software\Wow6432Node\Realtek Semiconductor Corp.]
[HKLM\Software\Wow6432Node\Realtek]
[HKLM\Software\Wow6432Node\RegisteredApplications]
[HKLM\Software\Wow6432Node\Savings Wave Plugin] =>PUP.CrossRider
[HKLM\Software\Wow6432Node\SearchquMediabarTb] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\SearchquSRTB] =>PUP.Datamngr
[HKLM\Software\Wow6432Node\SecureDigitalServices]
[HKLM\Software\Wow6432Node\SoftVoice]
[HKLM\Software\Wow6432Node\SoftwareUpdater] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\Software]
[HKLM\Software\Wow6432Node\Supreme Savings Plugin] =>PUP.RewardsArcade
[HKLM\Software\Wow6432Node\SweetIM] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Symantec]
[HKLM\Software\Wow6432Node\Systweak]
[HKLM\Software\Wow6432Node\TUTO4PC] =>PUP.Eorezo
[HKLM\Software\Wow6432Node\The Learning Company]
[HKLM\Software\Wow6432Node\Torch]
[HKLM\Software\Wow6432Node\Trymedia Systems] =>Adware.Trymedia
[HKLM\Software\Wow6432Node\TuneUp]
[HKLM\Software\Wow6432Node\Uniblue]
[HKLM\Software\Wow6432Node\V9]
[HKLM\Software\Wow6432Node\VBGenerator]
[HKLM\Software\Wow6432Node\VST]
[HKLM\Software\Wow6432Node\VideoLAN]
[HKLM\Software\Wow6432Node\Vittalia] =>PUP.Vittalia
[HKLM\Software\Wow6432Node\Volatile]
[HKLM\Software\Wow6432Node\W3i]
[HKLM\Software\Wow6432Node\Web Assistant] =>Adware.IncrediBar
[HKLM\Software\Wow6432Node\WildTangent]
[HKLM\Software\Wow6432Node\Win32 Services]
[HKLM\Software\Wow6432Node\WinMaximizer]
[HKLM\Software\Wow6432Node\Windows]
[HKLM\Software\Wow6432Node\Yahoo]
[HKLM\Software\Wow6432Node\delta-homesSoftware] =>Toolbar.DeltaSearch
[HKLM\Software\Wow6432Node\deskSvc]
[HKLM\Software\Wow6432Node\eSafeSecControl] =>PUP.eSafeSecurity
[HKLM\Software\Wow6432Node\ej-technologies]
[HKLM\Software\Wow6432Node\hdcode]
[HKLM\Software\Wow6432Node\iMeshSRTB] =>PUP.iMesh
[HKLM\Software\Wow6432Node\iMesh] =>PUP.iMesh
[HKLM\Software\Wow6432Node\mcafeeupdater]
[HKLM\Software\Wow6432Node\mozilla.org]
[HKLM\Software\Wow6432Node\omigaplusSvc] =>Hijacker.OmigaPlus
[HKLM\Software\Wow6432Node\optimidata]
[HKLM\Software\Wow6432Node\pc_gear_fr]
[HKLM\Software\Wow6432Node\qvo6Software] =>Hijacker.Qvo6
[HKLM\Software\Wow6432Node\winzipersvc]
[HKLM\Software\Wow6432Node]
~ Key Software: 404 Scanned in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/02/2013 - 21:05:25 - [151,785] ----D C:\Program Files (x86)\Adobe
O43 - CFD: 25/12/2012 - 16:11:45 - [0,744] ----D C:\Program Files (x86)\ASIO4ALL v2
O43 - CFD: 14/07/2011 - 17:56:28 - [0,002] ----D C:\Program Files (x86)\ATI Technologies
O43 - CFD: 27/11/2013 - 14:48:42 - [45,734] ----D C:\Program Files (x86)\Audacity
O43 - CFD: 16/02/2012 - 19:44:46 - [157,270] ----D C:\Program Files (x86)\AVG
O43 - CFD: 05/12/2012 - 17:47:11 - [0] ----D C:\Program Files (x86)\AVS4YOU
O43 - CFD: 09/11/2013 - 21:47:44 - [565,479] ----D C:\Program Files (x86)\Awakening - Le Clocher du Soleil Edition Collector
O43 - CFD: 05/08/2013 - 16:33:06 - [678,244] ----D C:\Program Files (x86)\Barn Yarn
O43 - CFD: 01/09/2013 - 20:11:57 - [11,301] ----D C:\Program Files (x86)\bfgclient
O43 - CFD: 02/12/2013 - 11:59:07 - [0,851] ----D C:\Program Files (x86)\BonanzaDeals =>Adware.BonanzaDeals
O43 - CFD: 02/12/2013 - 12:00:18 - [0] ----D C:\Program Files (x86)\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 03/07/2013 - 11:43:53 - [16,510] ----D C:\Program Files (x86)\Canon
O43 - CFD: 04/11/2013 - 15:31:00 - [1056,768] ----D C:\Program Files (x86)\Clockwork Tales - De Verre et d Encre Edition Collector
O43 - CFD: 24/05/2013 - 08:47:19 - [215,496] ----D C:\Program Files (x86)\Common Files
O43 - CFD: 16/01/2012 - 20:10:43 - [1,218] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 10/11/2013 - 20:55:46 - [92,750] ----D C:\Program Files (x86)\Cooking Academy 2 - Cuisine du Monde
O43 - CFD: 17/08/2013 - 12:05:09 - [0,851] ----D C:\Program Files (x86)\DealPly =>PUP.DealPly
O43 - CFD: 17/08/2013 - 12:38:17 - [0] ----D C:\Program Files (x86)\DealPlyLive =>PUP.DealPly
O43 - CFD: 04/03/2012 - 16:40:59 - [0] ----D C:\Program Files (x86)\denouvel
O43 - CFD: 17/07/2013 - 19:50:53 - [0,008] ----D C:\Program Files (x86)\Desk 365 =>Hijacker.22Find
O43 - CFD: 13/11/2012 - 12:32:57 - [0] ----D C:\Program Files (x86)\DsNET Corp
O43 - CFD: 25/07/2013 - 21:20:39 - [360,923] ----D C:\Program Files (x86)\European Mystery - Un Parfum de Mystere Edition Collector
O43 - CFD: 22/06/2013 - 11:46:08 - [5,400] ----D C:\Program Files (x86)\Fighters
O43 - CFD: 22/01/2013 - 15:00:56 - [0,293] ----D C:\Program Files (x86)\File Scout =>PUP.FileScout
O43 - CFD: 02/12/2013 - 10:13:46 - [0] ----D C:\Program Files (x86)\Google
O43 - CFD: 04/08/2013 - 19:29:28 - [0,029] ----D C:\Program Files (x86)\GUM1A34.tmp
O43 - CFD: 25/07/2012 - 17:04:29 - [69,092] ----D C:\Program Files (x86)\Hewlett-Packard
O43 - CFD: 23/02/2012 - 12:59:50 - [12,906] ----D C:\Program Files (x86)\HP
O43 - CFD: 26/05/2012 - 17:50:08 - [0] ----D C:\Program Files (x86)\hpmonitor
O43 - CFD: 17/10/2011 - 14:58:22 - [34,213] ----D C:\Program Files (x86)\iLivid =>Adware.Bandoo
O43 - CFD: 25/07/2012 - 17:05:59 - [0] ----D C:\Program Files (x86)\Image-Line
O43 - CFD: 15/10/2013 - 12:58:04 - [51,994] ----D C:\Program Files (x86)\iMesh Applications =>PUP.iMesh
O43 - CFD: 03/07/2012 - 17:06:40 - [0,316] ----D C:\Program Files (x86)\Install-studio-scrap-v4
O43 - CFD: 24/06/2013 - 20:22:11 - [74,121] --H-D C:\Program Files (x86)\InstallShield Installation Information
O43 - CFD: 10/06/2011 - 18:56:03 - [6,280] ----D C:\Program Files (x86)\Intel
O43 - CFD: 11/04/2013 - 11:52:57 - [6,032] ----D C:\Program Files (x86)\Internet Explorer
O43 - CFD: 17/12/2011 - 22:21:43 - [86,648] ----D C:\Program Files (x86)\Java
O43 - CFD: 04/11/2013 - 11:28:14 - [594,415] ----D C:\Program Files (x86)\Left in the Dark - Personne a Bord
O43 - CFD: 21/07/2013 - 16:55:05 - [53,655] ----D C:\Program Files (x86)\Luxor 3
O43 - CFD: 05/12/2013 - 10:37:59 - [0] ----D C:\Program Files (x86)\Microsoft
O43 - CFD: 06/06/2011 - 12:35:44 - [0] ----D C:\Program Files (x86)\Microsoft Analysis Services
O43 - CFD: 14/11/2013 - 08:45:58 - [1,451] ----D C:\Program Files (x86)\Microsoft Security Client
O43 - CFD: 11/10/2013 - 13:27:26 - [40,851] ----D C:\Program Files (x86)\Microsoft Silverlight
O43 - CFD: 05/12/2012 - 17:55:19 - [5,397] ----D C:\Program Files (x86)\Microsoft SkyDrive =>.Microsoft Corporation
O43 - CFD: 16/05/2011 - 08:06:55 - [0,023] ----D C:\Program Files (x86)\Microsoft.NET
O43 - CFD: 02/12/2013 - 12:07:13 - [1,645] ----D C:\Program Files (x86)\Mobogenie
O43 - CFD: 23/01/2013 - 18:08:56 - [0,080] ----D C:\Program Files (x86)\MonProduit
O43 - CFD: 13/11/2013 - 16:16:39 - [289,879] ----D C:\Program Files (x86)\Mountain Crime - Vengeance
O43 - CFD: 16/07/2012 - 18:47:26 - [0,002] ----D C:\Program Files (x86)\Mozilla Firefox
O43 - CFD: 14/07/2009 - 06:32:38 - [0,025] ----D C:\Program Files (x86)\MSBuild
O43 - CFD: 22/01/2013 - 15:00:00 - [27,116] ----D C:\Program Files (x86)\MSECache
O43 - CFD: 22/06/2013 - 19:36:32 - [10,585] ----D C:\Program Files (x86)\MyFree Codec
O43 - CFD: 27/11/2013 - 14:55:48 - [0,015] ----D C:\Program Files (x86)\MyPC Backup =>PUP.MyPCBackup
O43 - CFD: 23/10/2013 - 17:30:54 - [0,590] ----D C:\Program Files (x86)\NCH Software
O43 - CFD: 03/07/2012 - 16:49:50 - [0] ----D C:\Program Files (x86)\Nosibay
O43 - CFD: 09/07/2013 - 20:43:10 - [4,583] ----D C:\Program Files (x86)\Oberon Media SIDR
O43 - CFD: 25/05/2013 - 08:56:59 - [0] ----D C:\Program Files (x86)\Omiga Plus =>Hijacker.OmigaPlus
O43 - CFD: 14/05/2011 - 19:13:17 - [20,599] R---D C:\Program Files (x86)\Online Services
O43 - CFD: 22/01/2013 - 15:11:35 - [288,773] ----D C:\Program Files (x86)\OpenOffice.org 3
O43 - CFD: 20/08/2011 - 18:37:56 - [34,144] ----D C:\Program Files (x86)\Orange
O43 - CFD: 02/03/2012 - 18:14:11 - [4,957] ----D C:\Program Files (x86)\Outsim
O43 - CFD: 25/05/2012 - 09:22:49 - [1,681] ----D C:\Program Files (x86)\PenWes =>PUP.Penwes
O43 - CFD: 14/07/2009 - 06:32:38 - [36,813] ----D C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 02/03/2013 - 09:32:16 - [0] ----D C:\Program Files (x86)\RelevantKnowledge =>Adware.RelevantKnowledge
O43 - CFD: 22/06/2013 - 19:37:57 - [2,433] ----D C:\Program Files (x86)\Samsung
O43 - CFD: 17/10/2011 - 14:45:27 - [0,052] ----D C:\Program Files (x86)\SearchCore for Browsers =>Adware.SearchCore
O43 - CFD: 17/05/2012 - 13:26:02 - [0] ----D C:\Program Files (x86)\Software
O43 - CFD: 22/01/2013 - 15:01:31 - [7,873] ----D C:\Program Files (x86)\SpecialSavings =>PUP.SpecialSavings
O43 - CFD: 17/09/2013 - 14:10:00 - [0] ----D C:\Program Files (x86)\SRToolbar
O43 - CFD: 17/07/2010 - 17:43:42 - [0,663] ----D C:\Program Files (x86)\Symantec
O43 - CFD: 25/07/2012 - 17:17:42 - [0] --H-D C:\Program Files (x86)\Temp
O43 - CFD: 01/11/2013 - 15:36:34 - [76,042] ----D C:\Program Files (x86)\TuneUp Utilities 2012
O43 - CFD: 14/07/2009 - 05:57:06 - [0] --H-D C:\Program Files (x86)\Uninstall Information
O43 - CFD: 23/02/2012 - 13:36:02 - [94,079] ----D C:\Program Files (x86)\VideoLAN
O43 - CFD: 02/03/2012 - 18:19:39 - [0] ----D C:\Program Files (x86)\VstPlugins
O43 - CFD: 26/10/2013 - 17:51:10 - [0] ----D C:\Program Files (x86)\Whilokii =>PUP.Whilokii
O43 - CFD: 18/07/2010 - 02:26:06 - [0,500] ----D C:\Program Files (x86)\Windows Defender
O43 - CFD: 17/12/2012 - 20:52:26 - [2,105] ----D C:\Program Files (x86)\Windows Live
O43 - CFD: 15/05/2011 - 14:37:05 - [5,895] ----D C:\Program Files (x86)\Windows Mail =>.Microsoft Corporation
O43 - CFD: 15/05/2011 - 14:36:49 - [5,090] ----D C:\Program Files (x86)\Windows Media Player =>.Microsoft Corporation
O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT
O43 - CFD: 18/07/2010 - 02:26:06 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer
O43 - CFD: 14/07/2009 - 06:32:40 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 14/05/2011 - 19:13:04 - [6,208] ----D C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 07/12/2013 - 09:38:03 - [7,177] ----D C:\Program Files (x86)\WinZipper
O43 - CFD: 30/08/2012 - 15:51:42 - [0,315] ----D C:\Program Files (x86)\Yontoo =>Adware.Yontoo
O43 - CFD: 07/12/2013 - 10:10:44 - [17,202] ----D C:\Program Files (x86)\ZHPDiag =>.Nicolas Coolman
O43 - CFD: 24/05/2013 - 08:47:19 - [33,331] ----D C:\Program Files (x86)\Common Files\337
O43 - CFD: 08/11/2012 - 17:17:52 - [6,289] ----D C:\Program Files (x86)\Common Files\Adobe
O43 - CFD: 15/10/2013 - 13:50:53 - [45,947] ----D C:\Program Files (x86)\Common Files\Adobe AIR
O43 - CFD: 05/12/2012 - 17:47:11 - [28,676] ----D C:\Program Files (x86)\Common Files\AVSMedia
O43 - CFD: 07/12/2010 - 09:14:33 - [0] ----D C:\Program Files (x86)\Common Files\CyberLink
O43 - CFD: 31/05/2011 - 12:32:53 - [0,164] ----D C:\Program Files (x86)\Common Files\Hewlett-Packard
O43 - CFD: 15/05/2011 - 12:14:43 - [5,138] ----D C:\Program Files (x86)\Common Files\InstallShield
O43 - CFD: 08/09/2012 - 18:17:56 - [37,336] ----D C:\Program Files (x86)\Common Files\LightScribe
O43 - CFD: 22/01/2013 - 15:01:58 - [7,959] ----D C:\Program Files (x86)\Common Files\microsoft shared
O43 - CFD: 08/02/2013 - 18:54:41 - [1,819] ----D C:\Program Files (x86)\Common Files\Oberon Media
O43 - CFD: 07/12/2010 - 09:02:02 - [0] ----D C:\Program Files (x86)\Common Files\postureAgent
O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services
O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines
O43 - CFD: 17/07/2011 - 13:06:59 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared
O43 - CFD: 10/11/2011 - 09:07:30 - [9,634] ----D C:\Program Files (x86)\Common Files\System
O43 - CFD: 17/07/2010 - 16:57:58 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live
O43 - CFD: 03/11/2013 - 18:50:29 - [0] ----D C:\ProgramData\.mono
O43 - CFD: 15/08/2013 - 23:07:42 - [0,004] ----D C:\ProgramData\2A2F6
O43 - CFD: 15/09/2013 - 17:48:53 - [0,004] ----D C:\ProgramData\35280
O43 - CFD: 20/08/2013 - 20:29:59 - [0,004] ----D C:\ProgramData\3B17F
O43 - CFD: 16/08/2013 - 10:34:19 - [159,145] ----D C:\ProgramData\Adobe
O43 - CFD: 21/05/2012 - 14:13:00 - [1,209] ----D C:\ProgramData\Anti-phishing Domain Advisor
O43 - CFD: 15/05/2011 - 12:15:03 - [0,009] ----D C:\ProgramData\Apple Computer
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Application Data
O43 - CFD: 10/11/2013 - 19:15:04 - [0,004] ----D C:\ProgramData\Arizona Rose and the Pirates' Riddles
O43 - CFD: 17/12/2011 - 22:22:18 - [0] ----D C:\ProgramData\Ask
O43 - CFD: 06/11/2013 - 16:04:17 - [1063,760] ----D C:\ProgramData\AVG2012
O43 - CFD: 05/12/2012 - 17:37:18 - [0] ----D C:\ProgramData\AVS4YOU
O43 - CFD: 03/08/2013 - 21:47:12 - [0,004] ----D C:\ProgramData\B172
O43 - CFD: 22/01/2013 - 15:01:16 - [0] ----D C:\ProgramData\Babylon =>PUP.Babylon
O43 - CFD: 01/09/2013 - 20:11:33 - [113,885] ----D C:\ProgramData\Big Fish
O43 - CFD: 29/07/2013 - 11:57:33 - [0] ----D C:\ProgramData\Big Fish Games
O43 - CFD: 23/10/2013 - 17:40:16 - [0,913] ----D C:\ProgramData\BonanzaDealsLive =>Adware.BonanzaDeals
O43 - CFD: 09/12/2012 - 17:56:00 - [0] ----D C:\ProgramData\boost_interprocess
O43 - CFD: 14/05/2011 - 19:10:54 - [0] -SH-D C:\ProgramData\Bureau
O43 - CFD: 24/02/2012 - 12:16:05 - [0] --H-D C:\ProgramData\CanonEPP
O43 - CFD: 24/02/2012 - 12:23:07 - [0] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 24/02/2012 - 12:16:05 - [0] --H-D C:\ProgramData\CanonIJEPPEX2
O43 - CFD: 24/02/2012 - 12:12:37 - [0,003] ----D C:\ProgramData\CanonIJMSetup
O43 - CFD: 17/06/2013 - 12:29:54 - [0] --H-D C:\ProgramData\CanonIJScan
O43 - CFD: 24/02/2012 - 12:16:06 - [0,002] --H-D C:\ProgramData\CanonIJSolutionMenuEX
O43 - CFD: 24/02/2012 - 12:11:44 - [0,065] ----D C:\ProgramData\CanonIJWSpt
O43 - CFD: 28/08/2013 - 09:43:27 - [0] ----D C:\ProgramData\Casual Arts
O43 - CFD: 22/10/2013 - 13:37:01 - [0] ----D C:\ProgramData\casualArts
O43 - CFD: 13/02/2013 - 11:50:36 - [0,003] ----D C:\ProgramData\clp
O43 - CFD: 05/08/2012 - 19:00:57 - [0] --H-D C:\ProgramData\Common Files
O43 - CFD: 17/09/2011 - 14:42:13 - [0,019] ----D C:\ProgramData\Computer Updater
O43 - CFD: 09/07/2012 - 20:57:18 - [0,040] ----D C:\ProgramData\CyberLink
O43 - CFD: 02/10/2013 - 14:22:39 - [0] ----D C:\ProgramData\DailyMagic
O43 - CFD: 01/07/2013 - 08:32:02 - [0,325] ----D C:\ProgramData\DealPlyLive =>PUP.DealPly
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Desktop
O43 - CFD: 25/08/2013 - 18:20:08 - [0,114] ----D C:\ProgramData\DivoGames
O43 - CFD: 14/07/2009 - 06:08:56 - [0] -SH-D C:\ProgramData\Documents
O43 - CFD: 21/11/2013 - 13:57:44 - [0] ----D C:\ProgramData\Elephant Games
O43 - CFD: 17/09/2011 - 14:52:57 - [0] ----D C:\ProgramData\eMule
O43 - CFD: 08/09/2013 - 23:42:30 - [0,063] ----D C:\ProgramData\eSafe =>PUP.eSafeSecurity