cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.3.22.75 par Nicolas Coolman, Update du 23/03/2013
Run by Mat Cel at 23/03/2013 12:49:15
State : Local version not found
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox v3.6.8 (fr) (Defaut)
OPIE: Opera v10.61
OBIE: Safari v5.34.57.2

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 3Q6C9
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2815 MB (49% free)
System Restore: Activ� (Enable)
System drive C: has 172 GB (37%) free of 457 GB

---\\ Logged in mode
~ Computer Name: MATCEL-HP
~ User Name: Mat Cel
~ All Users Names: Mat Cel, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Mat Cel\AppData\Roaming\
~ %Desktop% : C:\Users\Mat Cel\Desktop\
~ %Favorites% : C:\Users\Mat Cel\Favorites\
~ %LocalAppData% : C:\Users\Mat Cel\AppData\Local\
~ %StartMenu% : C:\Users\Mat Cel\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 172 Go of 457 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 9 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Legitimates Scanned in 00mn 00s



---\\ Search Generic System Files
[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 - 07:23:14.) -- C:\Windows\Explorer.exe [2870272]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FA274190682AA41A46B285208ED46A74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 07:47:19.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.DA3E2A6FA9660CC75B471530CE88453A] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.04/06/2010 - 18:21:06.) -- C:\Windows\System32\Winlogon.exe [389632]
[MD5.75341574F21E766748732BDF530C74BD] - (.Microsoft Corporation - Biblioth�que de licences.) (.14/07/2009 - 02:41:54.) -- C:\Windows\System32\sppcomapi.dll [231936]
[MD5.DB9D6C6B2CD95A9CA414D045B627422E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:11.) -- C:\Windows\system32\Drivers\AFD.sys [499200]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.83D2D75E1EFB81B3450C18131443F7DB] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/07/2009 - 00:19:54.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9C253CE7311CA60FC11C774692A13208] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.27/04/2011 - 03:57:40.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.0A49913402747A0B67DE940FB42CBDBB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.14/07/2009 - 01:06:13.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.040D62A9D8AD28922632137ACDD984F2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.04/05/2011 - 03:51:08.) -- C:\Windows\system32\Drivers\MRxSmb.sys [157696]
[MD5.9162B273A44AB9DCE5B44362731D062A] - (.Microsoft Corporation - MBT Transport driver.) (.14/07/2009 - 00:21:29.) -- C:\Windows\system32\Drivers\netBT.sys [259072]
[MD5.184C189D4FC416978550FC599BB4EDDA] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:02:20.) -- C:\Windows\system32\Drivers\ntfs.sys [1656688]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.87A6E852A22991580D6D39ADC4790463] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 01:10:12.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [130048]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.079125C4B17B01FCAEEBCE0BCB290C0F] - (.Microsoft Corporation - TDI Translation Driver.) (.14/07/2009 - 00:21:15.) -- C:\Windows\system32\Drivers\tdx.sys [99840]
[MD5.9E425AC5C9A5A973273D169F43B4F5E1] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.06/09/2012 - 18:38:18.) -- C:\Windows\system32\Drivers\volsnap.sys [295792]
~ Generic Processes: Legitimates Scanned in 00mn 00s



---\\ Hidden files state (Hidden/Total)
~ Mes images (My Pictures) : 2/4983
~ Mes musiques (My Musics) : 72/11063
~ Mes Videos (My Videos) : 2/6
~ Mes Favoris (My Favorites) : 1/97
~ Mes Documents (My Documents) : 2/24328
~ Mon Bureau (My Desktop) : 16/14926
~ Menu demarrer (Programs) : 1/43
~ Hidden Files: Legitimates Scanned in 00mn 48s



---\\ Running Processes
[MD5.554A50B5310E702029D3A675459108FF].(.Hewlett-Packard.hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.3296]
[MD5.829F6239B032C1DAA490B74442B4C89F].(.Sony.Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [446648] [PID.3324]
[MD5.8D069E28B1C2DC1EBD95466FBACB114D].(...) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe [67072] [PID.3424]
[MD5.FD4E68497AE7177A9F64480140C3397C].(...) -- C:\Users\Mat Cel\AppData\Roaming\cacaoweb\cacaoweb.exe [450560] [PID.3488]
[MD5.F0EA603E7B91046CA48EA4B3593A007D].(.Micro Application..) -- C:\Program Files (x86)\Micro Application\LauncherMA.exe [485376] [PID.3504]
[MD5.32C26797AB646074A2BB562F9D10ADB5].(.Microsoft Corporation.Microsoft Office OneNote Quick Launcher.) -- C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.exe [97680] [PID.3532]
[MD5.6E3245DF783E58375B3465F03274743E].(.Sun Microsystems, Inc..Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.3596]
[MD5.92DCCD7AD8FB9FB475A4F48086938838].(.SweetIM Technologies Ltd..SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [114992] [PID.3608]
[MD5.D658AB1B55127D18DCFBCAC8CAAEA522].(.Hewlett-Packard.hpwuSchd Application.) -- C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe [49208] [PID.3628]
[MD5.148C545849C1379A3D4448F5DE768E86].(.AVAST Software.avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4767304] [PID.3644]
[MD5.34086F1DBB4065047EA3671CB70505CC].(.Apple Inc..iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776] [PID.3684]
[MD5.B95AC0CDB8F068F0C024CD344B354298].(.Google Inc..Google Chrome.) -- C:\Users\Mat Cel\AppData\Local\Google\Chrome\Application\chrome.exe [1274320] [PID.4892]
[MD5.F61C36F79384DA4FB1D34CFDC50ABCBD].(.Nicolas Coolman.ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5943296] [PID.2656]
~ Processes Running: Legitimates Scanned in 00mn 00s



---\\ Opera, Plugins,Start,Search (P1,B0,B1)
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Opera\Program\Plugins\NPOFF12.DLL
P1 - OPN:Opera Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Opera\Program\Plugins\NPOFF12.DLL
~ Opera Browser: Legitimates Scanned in 00mn 00s



---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)
C:\Users\Mat Cel\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Legitimates Scanned in 00mn 00s



---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)
C:\Users\Mat Cel\AppData\Roaming\Mozilla\Firefox\Profiles\yvznc302.default\prefs.js
M3 - MFPP: Plugins - [Mat Cel] -- C:\Users\Mat Cel\AppData\Roaming\Mozilla\Firefox\Profiles\yvznc302.default\searchplugins\sweetim.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Mat Cel] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Mat Cel - yvznc302.default] http://search.iminent.com
M0 - MFSP: prefs.js [Mat Cel - yvznc302.default]
M2 - MFEP: prefs.js [Mat Cel - yvznc302.default\cacaoweb@cacaoweb.org] [] cacaoweb v1.0.30 (.http://www.cacaoweb.org/.)
M2 - MFEP: prefs.js [Mat Cel - yvznc302.default\personas@christopher.beard] [personas] Personas v1.5.3 (.Chris Beard.)
M2 - MFEP: prefs.js [Mat Cel - yvznc302.default\{C9B68337-E93A-44EA-94DC-CB300EC06444}] [] IMinent Toolbar v4.51.0 (.IMinent.)
M2 - MFEP: prefs.js [Mat Cel - yvznc302.default\{EEE6C361-6118-11DC-9C72-001320C79847}] [] SweetIM Toolbar for Firefox v1.4.0.0 (.SweetIM Technologies LTD..)
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npnul32.dll
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\NPOFF12.DLL
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Mat Cel\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Mat Cel\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll
~ Firefox Browser: Legitimates Scanned in 00mn 00s



---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.uk.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R3 - URLSearchHook: WhiteSmoke US New Toolbar [64Bits] - {462be121-2b54-4218-bf00-b9bf8135b23f} . (.Conduit Ltd. - Conduit Toolbar.) (6.4.0.0) -- C:\Program Files (x86)\WhiteSmoke_US_New\prxtbWhit.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Legitimates Scanned in 00mn 00s



---\\ Line Analysis F0, F1, F2, F3 - IniFiles, Auto loading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Legitimates Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 0



---\\ Browser Helper Objects (O2)
O2 - BHO: WhiteSmoke US New [64Bits] - {462be121-2b54-4218-bf00-b9bf8135b23f} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\WhiteSmoke_US_New\prxtbWhit.dll
O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\IPSBHO.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll
O2 - BHO: avast! WebRep [64Bits] - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SWEETIE [64Bits] - {EEE6C35C-6118-11DC-9C72-001320C79847} . (.SweetIM Technologies Ltd. - SweetPacks Toolbar module for Internet Expl.) -- C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
~ BHO: Legitimates Scanned in 00mn 00s



---\\ Internet Explorer toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}
O3 - Toolbar: Google Toolbar [64Bits] - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
~ Toolbar: Legitimates Scanned in 00mn 00s



---\\ Auto loading programs from Registry and folders (O4)
O4 - HKLM\..\Run: [FullScreen] C:\BLOCK\CFG\flexbuild\FullScreen\launchFS.cmd (.not file.)
O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Mat Cel\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKCU\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKCU\..\Run: [cacaoweb] . (...) -- C:\Users\Mat Cel\AppData\Roaming\cacaoweb\cacaoweb.exe
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst� Control Center Launcher.) -- c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Wow6432Node\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation - Norton Online Backup Service.) -- C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NOBuActivation.exe
O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [Easybits Recovery] . (.EasyBits Software AS - .) -- C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Wow6432Node\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
O4 - HKLM\..\Wow6432Node\Run: [SweetIM] . (.SweetIM Technologies Ltd. - SweetIM Instant Messenger Enhancer.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Wow6432Node\Run: [HP Software Update] . (.Hewlett-Packard - hpwuSchd Application.) -- C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-1822836303-377258476-4074784413-1000\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (.not file.)
O4 - HKUS\S-1-5-21-1822836303-377258476-4074784413-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Mat Cel\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-21-1822836303-377258476-4074784413-1000\..\Run: [Sony PC Companion] . (.Sony - Sony PC Companion.) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
O4 - HKUS\S-1-5-21-1822836303-377258476-4074784413-1000\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - HKUS\S-1-5-21-1822836303-377258476-4074784413-1000\..\Run: [cacaoweb] . (...) -- C:\Users\Mat Cel\AppData\Roaming\cacaoweb\cacaoweb.exe
~ Application: Legitimates Scanned in 00mn 00s



---\\ Other User Links (O4)
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Mat Cel\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Live Messenger Beta.lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - GS\QuickLaunch: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Opera.lnk . (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\opera.exe
O4 - GS\QuickLaunch: WildTangent Games App - hp.lnk . (.WildTangent - WildTangent Games App.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe
O4 - GS\QuickLaunch: �Torrent.lnk . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: -.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\Mat Cel\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: Calculator.lnk . (.Microsoft Corporation - Calculatrice de Windows.) -- C:\Windows\system32\calc.exe
O4 - GS\Desktop: Cours Educateur Sp� - Raccourci.lnk . (...) -- C:\Users\Mat Cel\Documents\C�line\Cours Educateur Sp�
O4 - GS\Desktop: Documents - Raccourci.lnk . (...) -- C:\Users\Mat Cel\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms
O4 - GS\Desktop: Downloads.lnk . (...) -- C:\Users\Mat Cel\Downloads
O4 - GS\Desktop: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
~ Global Startup: Legitimates Scanned in 00mn 00s



---\\ IE Options icon not visible in Control Panel (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 9 Legitimates Scanned in 00mn 00s



---\\ Lop.com/Domain Hijackers (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{4BE935B3-D19E-424D-9834-F8D8194E1410}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Legitimates Scanned in 00mn 00s



---\\ Extra protocols (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Legitimates Scanned in 00mn 00s



---\\ ShellServiceObjectDelayLoad (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Services: 12 Legitimates Scanned in 00mn 00s



---\\ Windows Active Desktop Components & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ Task Planned Automatically(039)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\AmiUpdXp.job [364]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1066]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1070]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1822836303-377258476-4074784413-1000Core.job [1034]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1822836303-377258476-4074784413-1000UA.job [1086]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDRScheduledMaintenance.job [544]
[MD5.B2442E25949A5EA619A44B2AC213503D] [APT] [AmiUpdXp] (.Amonetize ltd..) -- C:\Users\Mat Cel\AppData\Local\SwvUpdater\Updater.exe [300584]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1822836303-377258476-4074784413-1000Core] (.Google Inc..) -- C:\Users\Mat Cel\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1822836303-377258476-4074784413-1000UA] (.Google Inc..) -- C:\Users\Mat Cel\AppData\Local\Google\Update\GoogleUpdate.exe [136176]
[MD5.87E7AABE4F6A0DFD6105224E4D88C4D7] [APT] [HPCustParticipation HP Deskjet 2050 J510 series] (.Hewlett-Packard Co..) -- C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HPCustPartic.exe [3794792]
[MD5.F05DBDB807DE2DB50CA2C7B0286FE7B5] [APT] [PCDRScheduledMaintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor for Windows\pcdrcui.exe [156144]
[MD5.869C51A87817563644547C58308A7B66] [APT] [{169BC817-2D30-4AF7-8630-A28C623235CD}] (.Acresso Software Inc..) -- C:\Users\Mat Cel\Downloads\The Sims 3 - Razor1911 Final MAXSPEED\Final Version Patch\Sims3_1.0.632.00002_from_1.0.631.00002.exe [10720392]
[MD5.3F65440049622DFF102D1C8559471370] [APT] [{4FFE905D-DFFB-4E8D-9757-CF12CC7B0949}] (...) -- C:\Program Files (x86)\LG Electronics\LG USB Modem Driver\InstallUSB.exe [98304]
[MD5.87FE7B500506A4820613DDAFDA1E9BA2] [APT] [{7174FDAC-164A-48DD-8603-E6FCA5A8ACCC}] (.Igor Pavlov.) -- C:\Users\Mat Cel\AppData\Local\Temp\HP Support Assistant\26179\GmdClientSetup.exe [3607616]
[MD5.00000000000000000000000000000000] [APT] [{CA0D8DD5-7241-469E-A942-481F771E0281}] (...) -- C:\Users\Mat Cel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JFQTX9O0\Deepburner1[1].exe (.not file.) [0]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
~ Scheduled Task: Legitimates Scanned in 00mn 01s



---\\ ActiveSetup Installed Components (O40)
~ Active Setup: 11 Legitimates Scanned in 00mn 00s



---\\ Drivers launched at startup (O41)
~ Drivers: 66 Legitimates Scanned in 00mn 00s



---\\ Software installed (O42)
O42 - Logiciel: Auto-�cole 3D - (...) [HKLM][64Bits] -- Auto-�cole 3D
O42 - Logiciel: BankPerfect 7.2 - (.Fabio Chelly.) [HKLM][64Bits] -- BankPerfect
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}
O42 - Logiciel: Bus Driver - (.WildTangent.) [HKLM][64Bits] -- WT082439
O42 - Logiciel: DeepBurner v1.8.0.224 - (...) [HKLM][64Bits] -- {1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}
O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT082396
O42 - Logiciel: Dream Chronicles - (.WildTangent.) [HKLM][64Bits] -- WT083521
O42 - Logiciel: Gem Shop - (.WildTangent.) [HKLM][64Bits] -- WT083529
O42 - Logiciel: Google�Earth - (.Google.) [HKLM][64Bits] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
O42 - Logiciel: High-Definition Video Playback 10 - (.Nero AG.) [HKLM][64Bits] -- {237CCB62-8454-43E3-B158-3ACD0134852E}
O42 - Logiciel: LG USB Modem driver - (...) [HKLM][64Bits] -- {C3ABE126-2BB2-4246-BFE1-6797679B3579}
O42 - Logiciel: Livre Photo Snapfish - (...) [HKLM][64Bits] -- Livre Photo Snapfish
O42 - Logiciel: Mystery P.I. - The Vegas Heist - (.WildTangent.) [HKLM][64Bits] -- WT082414
O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU][64Bits] -- Notification de cadeaux MSN
O42 - Logiciel: Playviz 1.8.0 - (.Previznet, sarl.) [HKCU][64Bits] -- Playviz 1.8.0
O42 - Logiciel: Pochette Express 2 - (...) [HKLM][64Bits] -- Pochette Express 2
O42 - Logiciel: Software Version Updater - (...) [HKLM][64Bits] -- {99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
O42 - Logiciel: SweetIM for Messenger 3.6 - (.SweetIM Technologies Ltd..) [HKLM][64Bits] -- {B85C4CB2-B352-4BD8-818C-BCE353599107}
O42 - Logiciel: WhiteSmoke US New Toolbar - (.WhiteSmoke US New.) [HKLM][64Bits] -- WhiteSmoke_US_New Toolbar
O42 - Logiciel: �Torrent - (...) [HKLM][64Bits] -- uTorrent
~ Logic: 194 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\Anuman Interactive]
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\PriceGong]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software\WhiteSmoke_US_New]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\Aurigma]
[HKCU\Software\Auto-�cole 3D]
[HKCU\Software\BankPerfect]
[HKCU\Software\Besier 3D-Edutainment]
[HKCU\Software\BitTorrent]
[HKCU\Software\Softonic]
[HKCU\Software\SweetIM]
[HKCU\Software\cacaoweb]
[HKLM\Software\Wow6432Node\Conduit]
[HKLM\Software\Wow6432Node\HPS]
[HKLM\Software\Wow6432Node\Iminent]
[HKLM\Software\Wow6432Node\RocketLife]
[HKLM\Software\Wow6432Node\SweetIM]
[HKLM\Software\Wow6432Node\WhiteSmoke_US_New]
~ Key Software: 227 Legitimates Scanned in 00mn 00s



---\\ Contents of the Common Files folders (O43)
O43 - CFD: 29/08/2011 - 14:37:10 - [1617,999] ----D C:\Program Files (x86)\Anuman Interactive
O43 - CFD: 29/08/2011 - 14:31:18 - [142,510] ----D C:\Program Files (x86)\Auto-�cole 3D
O43 - CFD: 10/10/2010 - 16:36:10 - [1,466] ----D C:\Program Files (x86)\BankPerfect
O43 - CFD: 03/08/2010 - 23:28:24 - [32,619] ----D C:\Program Files (x86)\Bbox
O43 - CFD: 03/08/2010 - 23:28:36 - [0,219] ----D C:\Program Files (x86)\BboxUpdate
O43 - CFD: 19/12/2012 - 20:33:11 - [0,609] ----D C:\Program Files (x86)\Conduit
O43 - CFD: 18/01/2011 - 17:49:30 - [90,179] ----D C:\Program Files (x86)\Livre Photo Snapfish
O43 - CFD: 02/07/2011 - 22:45:26 - [2,405] ----D C:\Program Files (x86)\Pochette Express 2
O43 - CFD: 23/02/2012 - 17:41:02 - [8,487] ----D C:\Program Files (x86)\SweetIM
O43 - CFD: 10/04/2011 - 22:01:37 - [0,381] ----D C:\Program Files (x86)\uTorrent
O43 - CFD: 19/12/2012 - 20:32:52 - [4,856] ----D C:\Program Files (x86)\WhiteSmoke_US_New
O43 - CFD: 04/06/2010 - 08:52:40 - [0,054] ---AD C:\Program Files (x86)\Common Files\LS Getting Started
O43 - CFD: 19/12/2012 - 20:31:16 - [0] ----D C:\ProgramData\CloudSoft
O43 - CFD: 18/01/2011 - 17:51:53 - [0,000] ----D C:\ProgramData\hps
O43 - CFD: 19/12/2012 - 20:33:32 - [3,935] ----D C:\ProgramData\InstallMate
O43 - CFD: 03/08/2010 - 22:12:05 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 15/02/2011 - 14:19:53 - [0] ----D C:\ProgramData\PlayFirst
O43 - CFD: 10/07/2012 - 13:09:10 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 23/02/2012 - 17:40:47 - [2,137] ----D C:\ProgramData\SweetIM
O43 - CFD: 07/08/2010 - 14:26:29 - [7,847] ----D C:\ProgramData\Wild Tangent
O43 - CFD: 06/02/2012 - 17:46:28 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}
O43 - CFD: 10/10/2010 - 16:39:50 - [0,001] ----D C:\Users\Mat Cel\AppData\Roaming\BankPerfect
O43 - CFD: 17/03/2013 - 14:23:48 - [0,445] ----D C:\Users\Mat Cel\AppData\Roaming\cacaoweb
O43 - CFD: 12/12/2010 - 14:16:35 - [0,000] ----D C:\Users\Mat Cel\AppData\Roaming\DeepBurner
O43 - CFD: 15/02/2011 - 14:19:53 - [0,001] ----D C:\Users\Mat Cel\AppData\Roaming\PlayFirst
O43 - CFD: 20/04/2012 - 23:48:04 - [0,068] ----D C:\Users\Mat Cel\AppData\Roaming\Template
O43 - CFD: 16/03/2013 - 01:12:51 - [5,797] ----D C:\Users\Mat Cel\AppData\Roaming\uTorrent
O43 - CFD: 30/10/2011 - 23:51:47 - [0,001] ----D C:\Users\Mat Cel\AppData\Local\BuildAGadget Content
O43 - CFD: 19/12/2012 - 20:32:51 - [0,063] ----D C:\Users\Mat Cel\AppData\Local\Conduit
O43 - CFD: 28/12/2012 - 00:18:43 - [0,288] ----D C:\Users\Mat Cel\AppData\Local\SwvUpdater
O43 - CFD: 29/08/2011 - 14:27:33 - [0] ----D C:\Users\Mat Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Auto-�cole 3D
O43 - CFD: 10/10/2010 - 16:36:10 - [0,005] ----D C:\Users\Mat Cel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BankPerfect
~ 1568 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 1777 Legitimates Scanned in 00mn 08s



---\\ Last modified or created files under Windows and System32 (O44)
O44 - LFC:[MD5.C6AD289E8CA1D526FAA74AADF68D28F0] - 22/03/2013 - 23:01:35 ---A- . (...) -- C:\Windows\ntbtlog.txt [114130]
O44 - LFC:[MD5.DB1F1B46C0903E78833620FE4438E264] - 21/03/2013 - 23:38:35 ----- . (...) -- C:\bootsqm.dat [7280]
O44 - LFC:[MD5.93D1FEA3676F8EBB6503FB61ACDB31F3] - 09/03/2013 - 00:12:37 ---A- . (...) -- C:\Windows\DPINST.LOG [491892]
O44 - LFC:[MD5.DE6759B8D8E62BF0FFF2B05F05AFCEE6] - 07/03/2013 - 00:33:21 RSHAD . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65336]
O44 - LFC:[MD5.7E44C2684A6CA779B9D07CB4BD3F649D] - 07/03/2013 - 00:33:21 RSHAD . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [178624]
~ Files: 64 Legitimates Scanned in 00mn 04s



---\\ Local Security Authority-LSA Deny (O48)
~ LSA: 9 Legitimates Scanned in 00mn 00s



---\\ Safe Boot Control (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (MPKS) (O51)
O51 - MPSK:{e686856d-eaa0-11e1-bbb2-78e7d1c27e0c}\AutoRun\command. (...) -- G:\Startme.exe (.not file.)
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)
~ TDSD: 3 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (MCSP) (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "HideFastUserSwitching"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableLockWorkstation"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableChangePassword"=0
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1
~ Keys: Legitimates Scanned in 00mn 00s



---\\ System Drivers List (SDL) (O58)
O58 - SDL:[MD5.C4CB79F8F1BE813492D93825A132C32E] - 07/03/2013 - 00:33:20 ---A- . (.AVAST Software - avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP.) -- C:\Windows\System32\Drivers\aavmker4.sys [27744]
~ Drivers: Legitimates Scanned in 00mn 00s



---\\ List all tools cleaner (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Legitimates Scanned in 00mn 00s



---\\ List all legacy services(LALS) (O64)
O64 - Services: CurCS - 02/02/2010 - C:\Windows\System32\DRIVERS\atipmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK
O64 - Services: CurCS - 07/03/2013 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT
O64 - Services: CurCS - 07/03/2013 - C:\Windows\system32\Drivers\aswrdr2.sys (aswRdr) .(.AVAST Software - avast! WFP Redirect Driver.) - LEGACY_ASWRDR
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP
O64 - Services: CurCS - 07/03/2013 - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI
O64 - Services: CurCS - 19/01/2010 - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) .(.PC-Doctor, Inc. - Kernel Driver.) - LEGACY_PCDSRVC{F36B3A4C-F95654BD-06000000}_0
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 30/08/2009 - C:\Windows\system32\drivers\NISx64\1100000.088\SRTSP64.sys (SRTSP) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSP
O64 - Services: CurCS - 30/08/2009 - C:\Windows\system32\drivers\NISx64\1100000.088\SRTSPX64.sys (SRTSPX) .(.Symantec Corporation - Symantec AutoProtect.) - LEGACY_SRTSPX
~ Services: Legitimates Scanned in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Mat Cel\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Opera.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files (x86)\Safari\Safari.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Search Browser Infection (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {FF54C89C-AB55-475B-A5AE-2AE126D51D14} - (WhiteSmoke US New Customized Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKUS\.DEFAULT] {747CA382-E201-4B51-850B-D96B78BE30A8} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKUS\S-1-5-18] {747CA382-E201-4B51-850B-D96B78BE30A8} [DefaultScope] - (Bing) - http://www.bing.com
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Search Svchost Services (SSS) (O83)
~ Services: 32 Legitimates Scanned in 00mn 00s



---\\ Search Particular Root Folder (SPRF) (O84)
[MD5.D481CDA2625D9DD2731A00F482484D86] [SPRF][25/08/2008] (.Microsoft Corporation - .NET Framework 3.5 Setup.) -- C:\Users\Mat Cel\AppData\Local\Temp\dotnetfx35_sp1.exe [242743296]
[MD5.8AC15141D0CE77133C4BEFE8ADBD6316] [SPRF][17/05/2012] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\ICReinstall_Selah_Sue_-_Raggamuffin.mp3_downloader.exe [1056016]
[MD5.8EB1BADFBA54939BE4201516B0F11736] [SPRF][28/04/2012] (.Solid State Networks - Adobe Flash Player Installer.) -- C:\Users\Mat Cel\AppData\Local\Temp\install_flashplayer11x32_chra_aih.exe [795848]
[MD5.C41B29F0FEE117CED47248CC7FECAD11] [SPRF][16/03/2009] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\Users\Mat Cel\AppData\Local\Temp\install_flash_player_10_active_x.exe [1914000]
[MD5.920E73C4E9426A0571C430174B2764DE] [SPRF][12/04/2011] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_32.exe [44809728]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][25/11/2012] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\se3exiav.dll [0]
[MD5.48B667CCAE6FFCF407BB3CD8A90B37E2] [SPRF][23/02/2012] (.SweetIM Technologies Ltd. - SweetIM Installer by SweetPacks.) -- C:\Users\Mat Cel\AppData\Local\Temp\Shortcut_SweetImSetup.exe [375600]
[MD5.A62912D14501566ECB8F3B3476E217D2] [SPRF][06/02/2012] (.Hewlett-Packard Development Company, L.P. - HP Support Assistant Application Update.) -- C:\Users\Mat Cel\AppData\Local\Temp\sp54931.exe [57826304]
[MD5.7C7C95C271A66FDF8351FE1ADEC87334] [SPRF][09/09/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Mat Cel\AppData\Local\Temp\UninstallHPSA.exe [449592]
[MD5.7C7C95C271A66FDF8351FE1ADEC87334] [SPRF][09/09/2011] (.Hewlett-Packard Company - HP Support Assistant Uninstaller.) -- C:\Users\Mat Cel\AppData\Local\Temp\UninstallHPTCA.exe [449592]
[MD5.B2442E25949A5EA619A44B2AC213503D] [SPRF][28/01/2013] (.Amonetize ltd. - Software version updater.) -- C:\Users\Mat Cel\AppData\Local\Temp\Updater.exe [300584]
[MD5.A95328FC1A9C80E493559F320C44311E] [SPRF][10/04/2011] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\utt7FBA.tmp.bat [74]
[MD5.A95328FC1A9C80E493559F320C44311E] [SPRF][10/04/2011] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\utt8008.tmp.bat [74]
[MD5.0334D9B74EEA6150759F6F4A5DD16C0C] [SPRF][10/08/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Mat Cel\AppData\Local\Temp\uttA4BC.tmp.exe [1022352]
[MD5.914CC6E2F6BB309AE363B26FD4B7E883] [SPRF][16/06/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Mat Cel\AppData\Local\Temp\uttD1F7.tmp.exe [1020816]
[MD5.914CC6E2F6BB309AE363B26FD4B7E883] [SPRF][16/06/2012] (.BitTorrent, Inc. - �Torrent.) -- C:\Users\Mat Cel\AppData\Local\Temp\uttEDA1.tmp.exe [1020816]
[MD5.40395C175553CB14D2050888EFCCDF00] [SPRF][13/05/2011] (.Microsoft Corporation - Microsoft Visual C++ 2008 Redistributable Setup.) -- C:\Users\Mat Cel\AppData\Local\Temp\vcredist_x64.exe [4961800]
[MD5.E563A65BAEA25CEF8F49FB0228CB8555] [SPRF][13/03/2013] (...) -- C:\Users\Mat Cel\AppData\Local\Temp\vlc-2.0.5-win32.exe [22916830]
[MD5.342F79337765760AD4E392EB67D5ED2C] [SPRF][15/12/2008] (.Microsoft Corporation - Update Package.) -- C:\Users\Mat Cel\AppData\Local\Temp\Wi3.1-x86.exe [2585872]
[MD5.6414694E5ADC839E56C28F8807E0B5EA] [SPRF][07/12/2006] (.Microsoft Corporation - Self-Extracting Cabinet.) -- C:\Users\Mat Cel\AppData\Local\Temp\wmfdist11.exe [8100680]
[MD5.BBBE0A839B3C138F07478305038D3CC2] [SPRF][16/03/2013] (...) -- C:\Users\Mat Cel\AppData\Roaming\wklnhst.dat [37230]
[MD5.FD4E68497AE7177A9F64480140C3397C] [SPRF][23/03/2013] (...) -- C:\Users\Mat Cel\Desktop\cacaoweb.exe [450560]
[MD5.6F315BDFE7148459DE3B4B59E6DFA1D4] [SPRF][19/08/2009] (.Microsoft� Corporation - Windows Live Photo Upload Tool.) -- C:\Windows\Downloaded Program Files\MsnPUpld.dll [641368]
[MD5.732CACA8E848F6E721B093E51FC50B1D] [SPRF][09/01/2007] (.Microsoft� Corporation - Outil MSN T�l�chargement de photos.) -- C:\Windows\Downloaded Program Files\PURfr-fr.dll [110592]
~ Files: Legitimates Scanned in 00mn 06s



---\\ Firewall Active Exception List (FirewallRules) (O87)
~ Firewall: 237 Legitimates Scanned in 00mn 01s



---\\ Additionnal Scan (O88)
Database Version : v2.11299 - (23/03/2013)
Cl�s trouv�es (Keys found) : 86
Valeurs trouv�es (Values found) : 1
Dossiers trouv�s (Folders found) : 15
Fichiers trouv�s (Files found) : 8

[HKCU\Software\cacaoweb] =>PUP.CacaoWeb
[HKCU\Software\AppDataLow\Software\ConduitSearchScopes] =>Toolbar.Conduit
[HKCU\Software\AppDataLow\Software\PriceGong] =>Adware.PriceGong
[HKCU\Software\Softonic] =>Toolbar.Conduit
[HKCU\Software\SweetIM] =>PUP.SweetIM
[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{462be121-2b54-4218-bf00-b9bf8135b23f}] =>PUP.Whitesmoke
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{462be121-2b54-4218-bf00-b9bf8135b23f}] =>PUP.Whitesmoke
[HKLM\Software\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar.CT3244149] =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SWEETIE.IEToolbar.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1] =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar.CT3244149] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe] =>PUP.SweetIM
[HKLM\Software\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D] =>PUP.SweetIM^
[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:cacaoweb =>PUP.CacaoWeb
C:\Program Files (x86)\Conduit =>Toolbar.Conduit
C:\Program Files (x86)\SweetIM =>PUP.SweetIM
C:\Program Files (x86)\WhiteSmoke_US_New =>PUP.Whitesmoke
C:\ProgramData\InstallMate =>Toolbar.Agent
C:\ProgramData\SweetIM =>PUP.SweetIM
C:\Users\Mat Cel\AppData\Roaming\cacaoweb =>PUP.CacaoWeb
C:\Users\Mat Cel\AppData\Local\Conduit =>Toolbar.Conduit
C:\Users\Mat Cel\AppData\Local\SwvUpdater =>PUP.Software.Updater
C:\Users\Mat Cel\AppData\LocalLow\Conduit =>Toolbar.Conduit
C:\Users\Mat Cel\AppData\LocalLow\PriceGong =>Adware.PriceGong
C:\Users\Mat Cel\AppData\LocalLow\SweetIM =>PUP.SweetIM
C:\Users\Mat Cel\AppData\LocalLow\Toolbar4 =>Toolbar.Conduit
C:\Users\Mat Cel\AppData\LocalLow\WhiteSmoke_US_New =>PUP.Whitesmoke
C:\Users\Mat Cel\AppData\Local\Temp\Iminent =>Adware.IMBooster
C:\Users\Mat Cel\AppData\Roaming\Mozilla\Firefox\Profiles\yvznc302.default\Extensions\cacaoweb@cacaoweb.org =>PUP.CacaoWeb
C:\Users\Mat Cel\AppData\Roaming\Mozilla\Firefox\Profiles\yvznc302.default\SearchPlugins\sweetim.xml =>PUP.SweetIM
C:\Users\Mat Cel\Downloads\cacaoweb.exe =>PUP.CacaoWeb
C:\Users\Mat Cel\AppData\Local\Temp\Shortcut_SweetImSetup.exe =>PUP.SweetIM
C:\Users\Mat Cel\AppData\Local\Temp\SweetIESetup.exe.7z =>PUP.SweetIM
C:\Users\Mat Cel\AppData\Local\Temp\SweetIMSetup.exe.7z =>PUP.SweetIM
C:\Users\Mat Cel\AppData\Local\Temp\GoogleToolbarInstaller1.log =>Toolbar.Babylon
C:\Users\Mat Cel\AppData\Local\Temp\GoogleToolbarInstaller2.log =>Toolbar.Babylon
~ Additionnel: Legitimates Scanned in 01mn 14s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "0A1149233F91047478F47104B021F672" . (.Nero Vision 10 Help (CHM).) -- C:\Windows\Installer\{329411A0-19F3-4740-874F-17400B126F27}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "1271C3A5DE8F0E11A8BF8BCAF6798BE8" . (.Google�Earth.) -- C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "26BCC73245483E341B85A3DC104358E2" . (.High-Definition Video Playback 10.) -- C:\Windows\Installer\{237CCB62-8454-43E3-B158-3ACD0134852E}\ARPPRODUCTICON.exe
O90 - PUC: "2BC4C58B253B8DB418C8CB3E35951970" . (.SweetIM for Messenger 3.6.) -- C:\Windows\Installer\{B85C4CB2-B352-4BD8-818C-BCE353599107}\ARPPRODUCTICON.exe
O90 - PUC: "358CECE8D3C501B45B7CFF11FF278470" . (.Nero Recode 10.) -- C:\Windows\Installer\{8ECEC853-5C3D-4B10-B5C7-FF11FF724807}\ARPPRODUCTICON.exe
O90 - PUC: "3910550722C1C544F84A65E451D51B7A" . (.Nero Express 10.) -- C:\Windows\Installer\{70550193-1C22-445C-8FA4-564E155DB1A7}\ARPPRODUCTICON.exe
O90 - PUC: "3F7924A915A29DE429ACB4BC380849E7" . (.Nero Vision 10.) -- C:\Windows\Installer\{9A4297F3-2A51-4ED9-92CA-4BCB8380947E}\ARPPRODUCTICON.exe
O90 - PUC: "4CA0853C728C23349B53A982E25DBB79" . (.Nero Dolby Files 10.) -- C:\Windows\Installer\{C3580AC4-C827-4332-B935-9A282ED5BB97}\ARPPRODUCTICON.exe
O90 - PUC: "531940669569DAA41996C9AC62E9BBE3" . (.Nero InfoTool 10 Help (CHM).) -- C:\Windows\Installer\{66049135-9659-4AAD-9169-9CCA269EBB3E}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "54A306F2659DB694185B057D28249467" . (.SweetPacks Toolbar for Internet Explorer 4.4.) -- C:\Windows\Installer\{2F603A45-D956-496B-81B5-50D782424976}\ARPPRODUCTICON.exe
O90 - PUC: "55C3723C4E1EFF14D896108590D08B8D" . (.Nero CoverDesigner 10 Help (CHM).) -- C:\Windows\Installer\{C3273C55-E1E4-41FF-8D69-0158090DB8D8}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "5DAFDCDE08FD00644A399EAD6D182003" . (.Nero WaveEditor 10.) -- C:\Windows\Installer\{EDCDFAD5-DF80-4600-A493-E9DAD6810230}\ARPPRODUCTICON.exe
O90 - PUC: "6C868555BF94F484BB34980856A1B100" . (.Nero BurnRights 10 Help (CHM).) -- C:\Windows\Installer\{555868C6-49FB-484F-BB43-8980651A1B00}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "76C858071678444498A5A0B8E2E941E4" . (.Opera 10.61.) -- C:\Windows\Installer\{70858C67-8761-4444-895A-0A8B2E9E144E}\Opera
O90 - PUC: "787E733E16FCB7B48BF40529205A0432" . (.Nero RescueAgent 10.) -- C:\Windows\Installer\{E337E787-CF61-4B7B-B84F-509202A54023}\ARPPRODUCTICON.exe
O90 - PUC: "8140A81CA2446814FA890DF805452ACF" . (.Nero DiscSpeed 10 Help (CHM).) -- C:\Windows\Installer\{C18A0418-442A-4186-AF98-D08F5054A2FC}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "8193463375979384297CAE69BC26A189" . (.Nero Express 10 Help (CHM).) -- C:\Windows\Installer\{33643918-7957-4839-92C7-EA96CB621A98}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "83252E293A16DCA44A70C384E0FE747A" . (.Nero RescueAgent 10 Help (CHM).) -- C:\Windows\Installer\{92E25238-61A3-4ACD-A407-3C480EEF47A7}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "9335EE1E23D5F854ABBA1BF93610CB2E" . (.Nero SoundTrax 10.) -- C:\Windows\Installer\{E1EE5339-5D32-458F-BAAB-B19F6301BCE2}\ARPPRODUCTICON.exe
O90 - PUC: "9551C7727FC4FF44D87089AAC931AADB" . (.Nero Multimedia Suite 10.) -- C:\Windows\Installer\{277C1559-4CF7-44FF-8D07-98AA9C13AABD}\ARPPRODUCTICON.exe
O90 - PUC: "99E78961C59C31542993B7440A7AD15B" . (.Nero SoundTrax 10 Help (CHM).) -- C:\Windows\Installer\{16987E99-C95C-4513-9239-7B44A0A71DB5}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "A268764FAC9DDE74D8184B3B9C932927" . (.Nero MediaHub 10 Help (CHM).) -- C:\Windows\Installer\{F467862A-D9CA-47ED-8D81-B4B3C9399272}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "A4D1C7BDAB80E7C48AAA7B9FBB73D2FC" . (.Nero Recode 10 Help (CHM).) -- C:\Windows\Installer\{DB7C1D4A-08BA-4C7E-A8AA-B7F9BB372DCF}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "B1B2B325BD8D14B409FF4C7D992E57A8" . (.Nero ControlCenter 10 Help (CHM).) -- C:\Windows\Installer\{523B2B1B-D8DB-4B41-90FF-C4D799E2758A}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "B6668C80205C3BA44BBC7DA44CD241EF" . (.Nero BackItUp 10 Help (CHM).) -- C:\Windows\Installer\{08C8666B-C502-4AB3-B4CB-D74AC42D14FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "BAE3AA36BB322B84A90D448F87706540" . (.Nero 10 Menu TemplatePack Basic.) -- C:\Windows\Installer\{63AA3EAB-23BB-48B2-9AD0-44F878075604}\ARPPRODUCTICON.exe
O90 - PUC: "C9F7116F5BDA0954B94E217CEB2C7820" . (.Nero StartSmart 10 Help (CHM).) -- C:\Windows\Installer\{F6117F9C-ADB5-4590-9BE4-12C7BEC28702}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "DF00E05129E2BA44BB782502E5FC78A0" . (.Plug-in du navigateur BlackBerry App World.) -- C:\Windows\Installer\{150E00FD-2E92-44AB-BB87-52205ECF870A}\ARPIcon
O90 - PUC: "E17A8F77515323848B2BF2E1BD2D0E1F" . (.Bing Bar.) -- C:\Windows\Installer\{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}\icon_installer_ico
O90 - PUC: "E6F30ED82DCF79448AFF6F4C3460816B" . (.BlackBerry App World Browser Plugin.) -- C:\Windows\Installer\{8DE03F6E-FCD2-4497-A8FF-F6C4430618B6}\ARPIcon
O90 - PUC: "E984D16F44C6CA94DA20D78ACA7AA356" . (.Nero StartSmart 10.) -- C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ARPPRODUCTICON.exe
O90 - PUC: "EB42B6B97E084C64F95A1B765D0E3F54" . (.Nero BurningROM 10 Help (CHM).) -- C:\Windows\Installer\{9B6B24BE-80E7-46C4-9FA5-B167D5E0F345}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "F228BC5F563B1D34CB0CF4ADA102717A" . (.Nero 10 Movie ThemePack Basic.) -- C:\Windows\Installer\{F5CB822F-B365-43D1-BCC0-4FDA1A2017A7}\ARPPRODUCTICON.exe
O90 - PUC: "F86BF7F16F253A644BF283EC6492A55E" . (.Nero MediaHub 10.) -- C:\Windows\Installer\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}\NeroMediaHub._63C8A7B0BBE5459F9AC436392B2FF50D.exe
O90 - PUC: "F8D592A7B484BFF498BA1CDF945719EF" . (.Nero WaveEditor 10 Help (CHM).) -- C:\Windows\Installer\{7A295D8F-484B-4FFB-89AB-C1FD497591FE}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "F998BFD62A710F845A33DED88666FC83" . (.Nero Control Center 10.) -- C:\Windows\Installer\{6DFB899F-17A2-48F0-A533-ED8D6866CF38}\ARPPRODUCTICON.exe
O90 - PUC: "FA4B214FC8835FF4B9F233BDC1359635" . (.Nero InfoTool 10.) -- C:\Windows\Installer\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}\ARPPRODUCTICON.exe
~ Update Products: 175 Legitimates Scanned in 00mn 00s



---\\ General States of Services not Microsoft (EGS) (SR:='Running, SS:='Stopped)
SR - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/02/2010 202752 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Demand 28/02/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe
SR - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
SR - | Auto 20/08/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Demand 20/08/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Demand 23/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
SR - | Demand 07/06/2012 936848 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 22/01/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 25/03/2010 490280 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 24/08/2009 126392 | (NIS) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton Internet Security\Engine\17.0.0.136\ccSvcHst.exe
SR - | Demand 19/01/2010 23536 | (PCDSRVC{F36B3A4C-F95654BD-06000000}_0) . (.PC-Doctor, Inc..) - c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms
SR - | Auto 14/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SR - | Auto 09/11/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Demand 18/01/2012 155320 | (Sony PC Companion) . (.Avanquest Software.) - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Legitimates Scanned in 00mn 04s



End of the scan (840 lines in 02mn 47s)(0)

Publicité


Signaler le contenu de ce document

Publicité