Rapport de ZHPDiag v2013.4.9.51 par Nicolas Coolman, Update du 09/04/2013 Run by Administrateur at 09/04/2013 20:10:57 State : Version à jour. High Elevated Privileges : OK UAC : Activate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v26.0.1410.43 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_COA_SLP channel Windows ID Activation : OK ~ Windows Partial Key : R8CJR Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Protection Antivirus : Avira Free Antivirus v13.0.0.2678 Firewall : Windows Defender ---\\ System Information ~ Processor: Intel64 Family 6 Model 37 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 3951 MB (53% free) System Restore: Activé (Enable) System drive C: has 207 GB (73%) free of 281 GB ---\\ Logged in mode ~ Computer Name: PROBOOK-HP ~ User Name: Administrateur ~ All Users Names: Lolis, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Administrateur\AppData\Roaming\ ~ %Desktop% : C:\Users\Administrateur\Desktop\ ~ %Favorites% : C:\Users\Administrateur\Favorites\ ~ %LocalAppData% : C:\Users\Administrateur\AppData\Local\ ~ %StartMenu% : C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 207 Go of 281 Go) D:\ Floppy drive, Flash card reader, USB Key (Free 1 Go of 29 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 2 Go) F:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.FA274190682AA41A46B285208ED46A74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 07:47:19.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/1056 ~ Mes musiques (My Musics) : 1/1075 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/18 ~ Mes Documents (My Documents) : 1/3275 ~ Mon Bureau (My Desktop) : 0/4 ~ Menu demarrer (Programs) : 1/31 ~ Hidden Files: Scanned in 00mn 06s ---\\ Processus lancés [MD5.E00DE20F0F6BED5CD2160247DDC9443B] - (...) -- C:\Program Files (x86)\ERUNT\AUTOBACK.exe [38912] [PID.1220] [MD5.B18DD75D9A482A56A1E61D8512EB4206] - (.DigitalPersona, Inc. - DigitalPersona Local Agent.) -- C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe [634192] [PID.3748] [MD5.47CA2F039FDB67697EE60C260CB8083C] - (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3297280] [PID.4008] [MD5.B0BF698030DB6561393AE753C6D3F936] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1312720] [PID.492] [MD5.65B8106CB122142FD0A4A26783D7963F] - (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe [1509232] [PID.1276] [MD5.1293866CB77F6BD2D74E52745AFB0AF6] - (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1099608] [PID.1324] [MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696] [PID.4088] [MD5.5B8E2CA848D2336013D46701CC1DD5F8] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [345312] [PID.4076] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\RunDll32.exe [0] [PID.4424] [MD5.B93499B1D1058C86C1A60C026C334971] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [6581760] [PID.3940] [MD5.5AFB3F9B74553BD933555E1C800D2CE1] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [281192] [PID.756] [MD5.E41F55D0B71734BB68FF26963EB250E4] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86752] [PID.1668] [MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1836] [MD5.880AE0BEDE234F27AC252049373B8CB9] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110816] [PID.1896] [MD5.CC598405B3B2AE48896CB5B5D9D75376] - (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688] [PID.1152] [MD5.657E81DF0625198C97F91C09AE9611FC] - (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) -- C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [32768] [PID.2128] [MD5.94C74D758E0F7B1D962DA452B4D28C91] - (.Hewlett-Packard Company - HP DayStarter service.) -- c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [90112] [PID.2204] [MD5.9BFDA0BC109EB6D16F2CB862BB85E28C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [197536] [PID.2236] [MD5.EE963D96BFD97E54BA6CE6D2AC58DE35] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2260] [MD5.BB4E55778D8DE3885E1CDAC795DE7BCE] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [268824] [PID.2288] [MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.2312] [MD5.39B9DCD7040654C2E57D7396736C718E] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [88576] [PID.2360] [MD5.4A8CC4D25525F456069887D5E8C53225] - (.Portrait Displays, Inc. - pdisrvc.) -- C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [113264] [PID.2400] [MD5.E7483BE1E7A6FB16FC9AD6B54F99DEE4] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2452] [MD5.E6E9610D76418357A7EC725989687CB4] - (.McAfee, Inc. - Drive Encryption for HP ProtectTools Plugin.) -- C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [704512] [PID.2948] [MD5.514455F6586473791C5C6B25BA4E1BAB] - (.Hewlett-Packard Company - HP Software Framework WMI Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1001376] [PID.3024] [MD5.BECDDA0990DEBD72A30096533521AD73] - (.Google Inc. - Google Crash Handler.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe [213384] [PID.3964] [MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.5792] [MD5.44AA8D5D3B3B5610FEF46CA8A9C52D8C] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2320920] [PID.5744] ~ Processes Running: Scanned in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Preferences ~ Google Browser: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) ~ Firefox Browser: 3 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = http://newtab.certified-toolbar.com R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ IE Browser: 14 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 07s ~ Nombre de lignes (Lines number): 15309 ---\\ Browser Helper Objects de navigateur (O2) ~ BHO: 4 Legitimates Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe (.not file.) O4 - HKCU\..\Run: [googletalk] . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_3DE6F9DAC2F066BCF257E2837CA5BC6E] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKCU\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [googletalk] . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [GoogleChromeAutoLaunch_3DE6F9DAC2F066BCF257E2837CA5BC6E] . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe O4 - HKUS\S-1-5-21-99177191-3906475906-962906571-500\..\Run: [GarminExpressTrayApp] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\QuickLaunch: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.) -- C:\Windows\system32\eudcedit.exe O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe O4 - GS\Desktop: DeepBurner.lnk . (.Astonsoft - CD/DVD recording software.) -- C:\Program Files (x86)\Astonsoft\DeepBurner\DeepBurner.exe O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - GS\Desktop: Google Talk.lnk . (.Google - Google Talk.) -- C:\Program Files (x86)\Google\Google Talk\googletalk.exe O4 - GS\Desktop: JBL Micro Wireless - Raccourci.lnk - Clé orpheline O4 - GS\TaskBar: Finale 2010.lnk . (.MakeMusic Inc. - Finale 2010 for Windows.) -- C:\Program Files (x86)\Finale 2010\finale.exe O4 - GS\TaskBar: JBL Micro Wireless.lnk . (...) -- C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTWUIExt.exe (.not file.) O4 - GS\TaskBar: MyDefrag.lnk . (.J.C. Kessels - MyDefrag Script Interpreter.) -- C:\Program Files\MyDefrag v4.3.1\MyDefrag.exe O4 - GS\TaskBar: Panneau de configuration.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe O4 - GS\Programs: Recherche Google.lnk . (...) -- C:\Users\Administrateur\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O4 - GS\QuickLaunch: Finale 2010.lnk . (.MakeMusic Inc. - Finale 2010 for Windows.) -- C:\Program Files (x86)\Finale 2010\finale.exe O4 - GS\QuickLaunch: Samsung Kies.lnk . (.Samsung - Kies.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 [64Bits] - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) ~ Winsock: 9 Legitimates Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200 O17 - HKLM\System\CS1\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200 O17 - HKLM\System\CS2\Services\Tcpip\..\{BC3594DA-F879-4FB0-9324-66A2421C9F10}: DhcpNameServer = 192.168.1.200 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.200 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) ~ SSODL: 1 Legitimates Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Garmin Core Update Service (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries - Garmin Core Update Service.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe O23 - Service: HP Power Assistant Service (HP Power Assistant Service) . (.Hewlett-Packard Company - HPPA_Service.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe O23 - Service: HP ProtectTools Service (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P - PTChangeFilterService.) - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe O23 - Service: HP DayStarter Service (HPDayStarterService) . (.Hewlett-Packard Company - HP DayStarter service.) - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe O23 - Service: Drive Encryption Service (HpFkCryptService) . (.McAfee, Inc. - Drive Encryption for HP ProtectTools Servic.) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe O23 - Service: hpHotkeyMonitor (hpHotkeyMonitor) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (.not file.) O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: Portrait Displays SDK Service (PdiService) . (.Portrait Displays, Inc. - pdisrvc.) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe O23 - Service: Validity VCS Fingerprint Service (vcsFPService) . (.Validity Sensors, Inc. - Validity Sensors Fingerprint Service.) - C:\windows\system32\vcsFPService.exe ~ Services: 28 Legitimates Scanned in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s ---\\ BootExecute (O34) ~ BEX: 1 Legitimates Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) [MD5.E00DE20F0F6BED5CD2160247DDC9443B] [APT] [sauvegarde Hebdomadaire ERDNT] (...) -- C:\Program Files (x86)\ERUNT\AUTOBACK.exe [38912] [MD5.AE22608F16AAAC086A46E2153573ED77] [APT] [Updater26766.exe] (.215 Apps.) -- C:\Users\Administrateur\AppData\Local\Updater26766\Updater26766.exe [210312] =>PUP.SpecialSavings [MD5.00000000000000000000000000000000] [APT] [{1494DFCD-96FC-4657-8DE8-B4130D89B664}] (...) -- F:\Setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{6B49149F-1728-4F86-AF86-CC5EA95BEB64}] (...) -- C:\Users\Administrateur\Desktop\SetupBtwDownloadSE.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{880421F9-BE0E-44CA-8ED5-D57F4720588E}] (...) -- C:\Users\Administrateur\Desktop\SetupBtwDownloadSE.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{EF9AEC63-D5FB-4652-B810-86D17E88EACE}] (...) -- C:\Users\Administrateur\Downloads\Windows_Movie_Maker_2.0.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Protected Search] (...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) [0] =>Spyware.ProtectedSearch ~ Scheduled Task: 37 Legitimates Scanned in 00mn 08s ---\\ Composants installés (ActiveSetup Installed Components) (O40) ~ Active Setup: 11 Legitimates Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) ~ Drivers: 69 Legitimates Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: ARIA Engine v1.0.7.3 - (.Garritan.) [HKLM][64Bits] -- ARIA Engine_is1 O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Reader X (10.1.6) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: CertifiedToolbar 2.4 - (.CertifiedToolbar.) [HKLM][64Bits] -- {32ee3985-8708-4412-b83a-da429bfb6baf}_is1 O42 - Logiciel: Discount Buddy - (.215 Apps.) [HKLM][64Bits] -- Discount Buddy =>PUP.SpecialSavings O42 - Logiciel: Elevated Installer - (.Garmin Ltd or its subsidiaries.) [HKLM][64Bits] -- {9A280A86-0E21-432A-BD56-D2A6CBBB5C6B} O42 - Logiciel: Finale 2010 - (.MakeMusic.) [HKLM][64Bits] -- Finale 2010 O42 - Logiciel: Garritan Instruments for Finale - (.Garritan.) [HKLM][64Bits] -- __ARIA_1013___is1 O42 - Logiciel: Gateway Indexer 1.0.1127.33 - (.Dension Audio Systems.) [HKLM][64Bits] -- gwi_is1 O42 - Logiciel: Licensing Service Install - (.Protexis Inc..) [HKLM][64Bits] -- {AF72E557-0647-4DE5-ACDA-ECFB38D5D732} O42 - Logiciel: Neato Updater Tool v2 - (.Neato Robotics, Inc.) [HKLM][64Bits] -- {292156D3-43B5-4C96-B79A-94E40F8D8991} O42 - Logiciel: Neato Updater Tool version 1.0 - (.Neato Robotics, Inc.) [HKLM][64Bits] -- {24B6A5B2-C002-4709-BDB1-1C1C13741F70}_is1 O42 - Logiciel: Remote Control USB Driver - (...) [HKLM][64Bits] -- {8471021C-F529-43DE-84DF-3612E10F58C4} ~ Logic: 147 Legitimates Scanned in 00mn 00s ---\\ HKCU & HKLM Software Keys [HKCU\Software\Ability 5.0] [HKCU\Software\AppDataLow\Software\Discount Buddy] [HKCU\Software\CertifiedToolbar] [HKCU\Software\Finale2010_Reg] [HKCU\Software\Garritan] [HKCU\Software\IPE MUSIC] [HKCU\Software\MakeMusic] [HKCU\Software\Portrait Displays] [HKCU\Software\SOMUSQUE] [HKLM\Software\Cogent Inc.] [HKLM\Software\Garritan] [HKLM\Software\Plogue Art et Technologie, Inc] [HKLM\Software\SafeBoot International] [HKLM\Software\Wow6432Node\Ability 5.0] [HKLM\Software\Wow6432Node\Cogent Inc.] [HKLM\Software\Wow6432Node\MakeMusic] [HKLM\Software\Wow6432Node\Portrait Displays] [HKLM\Software\Wow6432Node\Remote Control USB Driver] [HKLM\Software\Wow6432Node\SafeBoot International] ~ Key Software: 202 Legitimates Scanned in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 23/01/2013 - 16:11:20 - [0] ----D C:\Program Files (x86)\3RVX O43 - CFD: 09/04/2013 - 15:49:23 - [3,913] ----D C:\Program Files (x86)\Discount Buddy O43 - CFD: 27/11/2012 - 17:22:08 - [436,681] ----D C:\Program Files (x86)\Finale 2010 O43 - CFD: 06/04/2013 - 17:24:18 - [1,076] ----D C:\Program Files (x86)\Gateway Indexer O43 - CFD: 10/01/2013 - 10:44:21 - [2,342] ----D C:\Program Files (x86)\Neato O43 - CFD: 22/01/2013 - 11:08:06 - [0,238] ----D C:\Program Files (x86)\Neato Robotics O43 - CFD: 19/11/2012 - 14:31:20 - [2,269] ----D C:\Program Files (x86)\Common Files\Portrait Displays O43 - CFD: 09/02/2013 - 14:07:21 - [54,239] ----D C:\Program Files (x86)\Common Files\Remote Control Software Common O43 - CFD: 19/11/2012 - 14:31:25 - [3,596] ----D C:\Program Files (x86)\Common Files\Remote Control USB Driver O43 - CFD: 19/11/2012 - 14:44:29 - [0,432] ----D C:\Users\Administrateur\AppData\Roaming\Garritan O43 - CFD: 19/11/2012 - 14:44:29 - [0,000] ----D C:\Users\Administrateur\AppData\Roaming\Gmail Notifier Plus O43 - CFD: 19/11/2012 - 14:44:36 - [0,134] ----D C:\Users\Administrateur\AppData\Roaming\Plogue O43 - CFD: 19/11/2012 - 14:44:37 - [15,299] ----D C:\Users\Administrateur\AppData\Roaming\XTC-Clip O43 - CFD: 09/04/2013 - 15:49:11 - [0,065] ----D C:\Users\Administrateur\AppData\Local\Discount Buddy O43 - CFD: 19/11/2012 - 14:44:21 - [0,003] ----D C:\Users\Administrateur\AppData\Local\matt.malensek.net O43 - CFD: 22/01/2013 - 11:11:15 - [0,015] ----D C:\Users\Administrateur\AppData\Local\NeatoUpgrader O43 - CFD: 09/04/2013 - 15:49:13 - [0,201] ----D C:\Users\Administrateur\AppData\Local\Updater26766 O43 - CFD: 27/11/2012 - 17:03:10 - [0,007] ----D C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Finale 2010 ~ Program Folder: 178 Legitimates Scanned in 00mn 05s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3357322B0C491093629B346F60844F08] - 09/04/2013 - 18:51:48 ---A- . (...) -- C:\AdwCleaner[S1].txt [12106] O44 - LFC:[MD5.DA2E0E0D6FFDA5AA00D404F0020D636E] - 09/04/2013 - 14:48:39 ---A- . (...) -- C:\SetSearchAndHomepageInBrowserLog.txt [337] O44 - LFC:[MD5.EB03A86F0A41462C49D87DBEB40AD753] - 09/04/2013 - 14:48:36 ---A- . (.Pas de propriétaire - Toolbar_Exe_Launcher_Form.) -- C:\Windows\Launcher.exe [16384] ~ Files: 57 Legitimates Scanned in 00mn 43s ---\\ Derniers fichiers créés dans Windows Prefetcher (O45) O45 - LFCP:[MD5.B55D4DBE6EDA715CE1CDF33386A90280] - 09/04/2013 - 17:52:18 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-2B1AD8E5.pf O45 - LFCP:[MD5.15945046F15716FB33AD9F15F0F52A9A] - 09/04/2013 - 17:52:22 ---A- - C:\Windows\Prefetch\BI.EXE-95E03879.pf O45 - LFCP:[MD5.1A42F67F69019254321AF587DE0D5D33] - 09/04/2013 - 17:52:45 ---A- - C:\Windows\Prefetch\DELTA4FFX.EXE-56E95CBD.pf O45 - LFCP:[MD5.611A5B36DEE61587D673FF28D05AEDC4] - 09/04/2013 - 17:52:45 ---A- - C:\Windows\Prefetch\DELTASRV.EXE-317DC9E3.pf O45 - LFCP:[MD5.0BC9E8405F79733711C49394DEE5BDE8] - 09/04/2013 - 17:52:46 ---A- - C:\Windows\Prefetch\DELTA4IE.EXE-434FC73F.pf O45 - LFCP:[MD5.3F1724570738CBBEE04690A7E954478A] - 09/04/2013 - 17:52:51 ---A- - C:\Windows\Prefetch\MYBABYLONTB.EXE-190148A2.pf =>Toolbar.Babylon O45 - LFCP:[MD5.61D55A47C7A81D0D8669A202CC63D217] - 09/04/2013 - 17:52:57 ---A- - C:\Windows\Prefetch\BPROTECT.EXE-27EEE52C.pf O45 - LFCP:[MD5.A96F0E290A9CB31FCC2E168CCAA64E97] - 09/04/2013 - 18:04:41 ---A- - C:\Windows\Prefetch\BROWSERPROTECT.EXE-EAF067F3.pf =>Toolbar.Babylon O45 - LFCP:[MD5.216B161D78E8D4DDEA250118A19DCCA1] - 09/04/2013 - 18:17:32 ---A- - C:\Windows\Prefetch\TFC.EXE-AB7819D9.pf O45 - LFCP:[MD5.380C50961D455BE3858ABB6FE4C83D74] - 09/04/2013 - 18:22:53 ---A- - C:\Windows\Prefetch\DEEPBURNER_DEEPBURNER_1.9.0.2-67310D43.pf O45 - LFCP:[MD5.34C3CDF983FC6C3E5A7400EDE6BC35BB] - 09/04/2013 - 18:23:20 ---A- - C:\Windows\Prefetch\DEEPBURNER.EXE-3A579B2A.pf O45 - LFCP:[MD5.27868D97BB51993CCCF872A332611DF4] - 09/04/2013 - 18:29:33 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-811F9999.pf O45 - LFCP:[MD5.38BE289E0D49B797D8D3F30A8126E21B] - 09/04/2013 - 18:29:33 ---A- - C:\Windows\Prefetch\BURN4FREE_BURN4FREE_5.8.0.0_F-93C00940.pf O45 - LFCP:[MD5.17339714295A56BDB8A3D057328C625B] - 09/04/2013 - 18:29:37 ---A- - C:\Windows\Prefetch\BI.EXE-1FD75A16.pf O45 - LFCP:[MD5.D779BE05417BDB641513B77821AC6223] - 09/04/2013 - 18:30:14 ---A- - C:\Windows\Prefetch\DISCOUNT BUDDY-BG.EXE-CB4E3631.pf O45 - LFCP:[MD5.7968306F6C014210CF930AC0317F86C0] - 09/04/2013 - 18:30:18 ---A- - C:\Windows\Prefetch\BURN4FREE.EXE-95FFFDAB.pf O45 - LFCP:[MD5.CCB37C469DA1354EA9FF136C4567FD98] - 09/04/2013 - 18:30:22 ---A- - C:\Windows\Prefetch\UPGRADER4.EXE-B6F22EEC.pf O45 - LFCP:[MD5.2CBE91A01C0B700F207118575FEC2BC5] - 09/04/2013 - 18:30:57 ---A- - C:\Windows\Prefetch\DELTATB.EXE-7E6A0F2E.pf O45 - LFCP:[MD5.F516F6A2D34A1549B9B180A332D55151] - 09/04/2013 - 18:46:02 ---A- - C:\Windows\Prefetch\BTWUIEXT.EXE-196ACE43.pf O45 - LFCP:[MD5.AA63B93EB127D4839D114B571459E37C] - 09/04/2013 - 18:52:14 ---A- - C:\Windows\Prefetch\BCDEDIT.EXE-10FC5AAB.pf O45 - LFCP:[MD5.1D30CDF3A03073EEF66CAF905E3D3893] - 09/04/2013 - 18:54:41 ---A- - C:\Windows\Prefetch\GOOGLETALK.EXE-54A8ED38.pf O45 - LFCP:[MD5.5F98B0FB681E226C4BE8ABB0A170FCF5] - 09/04/2013 - 18:55:40 ---A- - C:\Windows\Prefetch\HPPA_SERVICE.EXE-419DDB9A.pf ~ Prefetcher: 141 Legitimates Scanned in 00mn 01s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe O47 - AAKE:Key Export DP - "C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe" [Enabled] .(.Pas de propriétaire.) -- C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe ~ Keys Export: 2 Legitimates Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Notification Packages . (.DigitalPersona, Inc. - Password Filter.) -- C:\Windows\System32\DPPassFilter.dll ~ LSA: 11 Legitimates Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) ~ CBS: 13 Legitimates Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) ~ TDSD: 2 Legitimates Scanned in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\3RVX [Key] . (...) -- C:\Program Files (x86)\3RVX\3RVX.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\GarminExpressTrayApp [Key] . (.Garmin Ltd or its subsidiaries - Express Tray.) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (.Pas de propriétaire - HTC UPCT Loader.) -- C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe O53 - SMSR:HKLM\...\startupreg\SysTrayApp [Key] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe ~ SMSR Keys: 16 Legitimates Scanned in 00mn 00s ---\\ Microsoft Control Security Providers (O54) ~ MSCP: 2 Legitimates Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 16 Legitimates Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.5C368F4B04ED2A923E6AFCA2D37BAFF5] - 13/05/2011 - 17:57:58 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [43320] O58 - SDL:[MD5.6CCD1135320109D6B219F1A6E04AD9F6] - 14/11/2006 - 11:31:00 ---A- . (.Arcsoft, Inc. - Arcsoft(R) ASPI Shell.) -- C:\Windows\SysWOW64\drivers\afc.sys [22784] O58 - SDL:[MD5.DDEE99DC54EFA20BD5A442CD733C4462] - 05/02/2013 - 09:54:40 ---A- . (...) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys [37344] ~ Drivers: Scanned in 00mn 00s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 06/04/2013 - 12:15:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000113 [61526] O61 - LFC: 06/04/2013 - 15:20:12 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\You're so vain.wav [45640842] O61 - LFC: 06/04/2013 - 15:20:54 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Wuthering heights.wav [50874042] O61 - LFC: 06/04/2013 - 15:21:36 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The letter.wav [44876426] O61 - LFC: 06/04/2013 - 15:22:22 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Hot love.wav [52456940] O61 - LFC: 06/04/2013 - 15:22:44 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The witch queen of New Orleans.wav [29294440] O61 - LFC: 06/04/2013 - 15:23:30 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Europa.wav [53207224] O61 - LFC: 06/04/2013 - 15:23:56 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Dust in the wind.wav [36616238] O61 - LFC: 06/04/2013 - 15:25:08 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\The partisan.wav [34656988] O61 - LFC: 06/04/2013 - 15:25:56 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Yellow river.wav [29275616] O61 - LFC: 06/04/2013 - 15:26:50 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Smoke on the water.wav [59983334] O61 - LFC: 06/04/2013 - 15:27:20 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Hold the line.wav [41999940] O61 - LFC: 06/04/2013 - 15:28:02 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Lola.wav [44330780] O61 - LFC: 06/04/2013 - 15:28:38 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Black Betty.wav [42336272] O61 - LFC: 06/04/2013 - 15:29:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\More than a feeling.wav [50243726] O61 - LFC: 06/04/2013 - 15:30:14 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Back to the '70s\Badlands.wav [43241790] O61 - LFC: 06/04/2013 - 16:23:21 ---A- C:\Users\Administrateur\Downloads\gatewayindexer.zip [417008] O61 - LFC: 06/04/2013 - 16:23:59 ---A- C:\Users\Administrateur\Downloads\gatewayindexer\gwi-1.0.1127.33.lic.exe [440108] O61 - LFC: 06/04/2013 - 16:23:59 ---A- C:\Users\Administrateur\Downloads\gatewayindexer\readme.txt [2919] O61 - LFC: 06/04/2013 - 16:51:55 ---A- C:\Users\Administrateur\Downloads\gatewayindexer (1).zip [417008] O61 - LFC: 07/04/2013 - 20:11:13 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000114 [61526] O61 - LFC: 07/04/2013 - 20:11:24 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000115 [240465] O61 - LFC: 07/04/2013 - 20:11:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000116 [315392] O61 - LFC: 07/04/2013 - 20:14:13 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000117 [61526] O61 - LFC: 07/04/2013 - 20:14:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000118 [263085] O61 - LFC: 07/04/2013 - 20:14:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000119 [315491] O61 - LFC: 07/04/2013 - 20:16:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-devtools_devtools_0.localstorage [3072] O61 - LFC: 07/04/2013 - 20:16:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-devtools_devtools_0.localstorage-journal [3608] O61 - LFC: 07/04/2013 - 20:23:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_chrome.google.com_0.localstorage [3072] O61 - LFC: 07/04/2013 - 20:23:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_chrome.google.com_0.localstorage-journal [3608] O61 - LFC: 08/04/2013 - 08:15:10 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.myfreecams.com_0.localstorage [3072] O61 - LFC: 08/04/2013 - 08:15:10 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.myfreecams.com_0.localstorage-journal [3608] O61 - LFC: 08/04/2013 - 08:52:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_support.google.com_0.localstorage [3072] O61 - LFC: 08/04/2013 - 08:52:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_support.google.com_0.localstorage-journal [512] O61 - LFC: 08/04/2013 - 09:11:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lc.iadvize.com_0.localstorage [3072] O61 - LFC: 08/04/2013 - 09:11:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lc.iadvize.com_0.localstorage-journal [3608] O61 - LFC: 08/04/2013 - 09:45:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lr.iadvize.com_0.localstorage [3072] O61 - LFC: 08/04/2013 - 09:45:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_lr.iadvize.com_0.localstorage-journal [3608] O61 - LFC: 08/04/2013 - 09:48:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_halc.iadvize.com_0.localstorage [3072] O61 - LFC: 08/04/2013 - 09:48:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_halc.iadvize.com_0.localstorage-journal [3608] O61 - LFC: 08/04/2013 - 11:18:42 ---A- C:\Users\Administrateur\Downloads\Alleluia_cohen_TENOR2.mscz.mid [1824] O61 - LFC: 08/04/2013 - 13:07:39 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\02The lion sleeps tonight.mp3 [6148420] O61 - LFC: 08/04/2013 - 13:07:39 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\04My year is a day.mp3 [7140220] O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\06bourree.mp3 [8911888] O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\10oh carol.mp3 [5492788] O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\12guantanamera.mp3 [6839548] O61 - LFC: 08/04/2013 - 13:07:40 ---A- C:\Users\Administrateur\Documents\Gateway 2\'60s and '70s\Super 60's\15sugar sugar.mp3 [6727840] O61 - LFC: 08/04/2013 - 16:48:38 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000122 [243841] O61 - LFC: 08/04/2013 - 16:48:47 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\01\00000123 [307199] O61 - LFC: 08/04/2013 - 17:14:20 ---A- C:\Users\Administrateur\Downloads\mp3tag_mp3tag_2.54_francais_12753.exe [12369] O61 - LFC: 08/04/2013 - 17:14:46 ---A- C:\Users\Administrateur\Downloads\mp3tag_mp3tag_2.54_francais_12753 (1).exe [12369] O61 - LFC: 08/04/2013 - 17:16:22 ---A- C:\Users\Administrateur\Downloads\tag-rename_tag_rename_3.5.7_anglais_10462.exe [3726744] O61 - LFC: 08/04/2013 - 17:18:22 ---A- C:\Users\Administrateur\Downloads\TagRename366.exe [3433696] O61 - LFC: 08/04/2013 - 17:18:31 ---A- C:\Users\Administrateur\Downloads\TagMaster_1.03.exe [233961] O61 - LFC: 08/04/2013 - 17:21:18 ---A- C:\Users\Administrateur\Downloads\id3-tagit_id3-tagit_3.3.0_anglais_18156.exe [1324251] O61 - LFC: 09/04/2013 - 07:42:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_high-tech-discount.fr_0.localstorage [3072] O61 - LFC: 09/04/2013 - 07:42:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_high-tech-discount.fr_0.localstorage-journal [512] O61 - LFC: 09/04/2013 - 08:05:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Shortcuts [12288] O61 - LFC: 09/04/2013 - 08:05:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Shortcuts-journal [12824] O61 - LFC: 09/04/2013 - 08:31:19 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Archived History [57344] O61 - LFC: 09/04/2013 - 08:31:19 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Archived History-journal [16384] O61 - LFC: 09/04/2013 - 08:51:23 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\LOG.old [145] O61 - LFC: 09/04/2013 - 08:58:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Bookmarks [46823] O61 - LFC: 09/04/2013 - 08:58:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Bookmarks.bak [46823] O61 - LFC: 09/04/2013 - 14:42:05 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pixlc.iadvize.com_0.localstorage [3072] O61 - LFC: 09/04/2013 - 14:42:05 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_pixlc.iadvize.com_0.localstorage-journal [3608] O61 - LFC: 09/04/2013 - 14:44:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\f_00000b [431666] O61 - LFC: 09/04/2013 - 14:44:47 ---A- C:\Users\Administrateur\Downloads\sample.mid [827] O61 - LFC: 09/04/2013 - 14:46:34 ---A- C:\Users\Administrateur\Downloads\amazingmidi-setup.exe [1117040] O61 - LFC: 09/04/2013 - 14:49:11 ---A- C:\Users\Administrateur\AppData\Local\Discount Buddy\Chrome\26766.xml [312] O61 - LFC: 09/04/2013 - 14:49:11 ---A- C:\Users\Administrateur\AppData\Local\Discount Buddy\Chrome\Discount Buddy.crx [53023] O61 - LFC: 09/04/2013 - 14:49:13 ---A- C:\Users\Administrateur\AppData\Local\Updater26766\Updater26766.exe [210312] O61 - LFC: 09/04/2013 - 14:50:38 ---A- C:\Users\Administrateur\Downloads\azmid170.exe [761380] O61 - LFC: 09/04/2013 - 14:54:14 ---A- C:\Users\Administrateur\Documents\A'chor\CD printemps 2013\Alto1\ah ce joly alto seule.spd [940916] O61 - LFC: 09/04/2013 - 15:00:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\Databases.db [7168] O61 - LFC: 09/04/2013 - 15:00:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\Databases.db-journal [5672] O61 - LFC: 09/04/2013 - 17:17:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\data_0 [45056] O61 - LFC: 09/04/2013 - 17:17:04 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Media Cache\data_1 [270336] O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\background.html [1080] O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\crossriderManifest.json [370] =>PUP.CrossRider O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\actions\1.png [1223] O61 - LFC: 09/04/2013 - 17:19:16 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\popup.html [153] O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon128.png [3496] O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon16.png [815] O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\icons\icon48.png [3920] O61 - LFC: 09/04/2013 - 17:19:20 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fjbgonfbgjdmlkjofohofdjnakkfppge\1.23.8_0\manifest.json [1088] O61 - LFC: 09/04/2013 - 17:19:24 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0\6 [286720] O61 - LFC: 09/04/2013 - 17:19:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage [3072] O61 - LFC: 09/04/2013 - 17:19:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0.localstorage-journal [3608] O61 - LFC: 09/04/2013 - 17:22:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Network Action Predictor [24576] O61 - LFC: 09/04/2013 - 17:22:56 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Network Action Predictor-journal [14960] O61 - LFC: 09/04/2013 - 17:24:51 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268548] O61 - LFC: 09/04/2013 - 17:52:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\SyncData.sqlite3 [2707456] O61 - LFC: 09/04/2013 - 17:52:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Sync Data\SyncData.sqlite3-journal [16384] O61 - LFC: 09/04/2013 - 17:52:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data [124928] O61 - LFC: 09/04/2013 - 17:52:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 3\Web Data [81920] O61 - LFC: 09/04/2013 - 17:52:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences [66209] O61 - LFC: 09/04/2013 - 17:52:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 3\Preferences [85802] O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\.usage [24] O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\CURRENT [16] O61 - LFC: 09/04/2013 - 17:52:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\MANIFEST-000574 [151] O61 - LFC: 09/04/2013 - 17:53:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Top Sites [32768] O61 - LFC: 09/04/2013 - 17:53:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Top Sites-journal [16384] O61 - LFC: 09/04/2013 - 17:55:54 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\lost\MANIFEST-000496 [311] O61 - LFC: 09/04/2013 - 18:04:53 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\000\p\Paths\LOG [148] O61 - LFC: 09/04/2013 - 18:06:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\CURRENT [16] O61 - LFC: 09/04/2013 - 18:06:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\MANIFEST-000031 [426] O61 - LFC: 09/04/2013 - 18:06:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\chrome-extension_fjbgonfbgjdmlkjofohofdjnakkfppge_0\5 [17408] O61 - LFC: 09/04/2013 - 18:12:28 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Cookies [6144] O61 - LFC: 09/04/2013 - 18:12:28 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Cookies-journal [1544] O61 - LFC: 09/04/2013 - 18:12:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOCK [0] O61 - LFC: 09/04/2013 - 18:12:33 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOG.old [47] O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\000005.sst [273] O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\CURRENT [16] O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\LOG [259] O61 - LFC: 09/04/2013 - 18:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\IndexedDB\https_docs.google.com_0.indexeddb.leveldb\MANIFEST-000004 [65] O61 - LFC: 09/04/2013 - 18:15:35 ---A- C:\Users\Administrateur\Downloads\TFC.exe [448512] O61 - LFC: 09/04/2013 - 18:15:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\000502.sst [52272] O61 - LFC: 09/04/2013 - 18:22:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000005.sst [189686] O61 - LFC: 09/04/2013 - 18:22:29 ---A- C:\Users\Administrateur\Downloads\deepburner_deepburner_1.9.0.228_francais_12674.exe [2801569] O61 - LFC: 09/04/2013 - 18:24:46 ---A- C:\Users\Administrateur\AppData\Roaming\DeepBurner\config.cfg [117] O61 - LFC: 09/04/2013 - 18:29:09 ---A- C:\Users\Administrateur\Downloads\burn4free_burn4free_5.8.0.0_francais_14723.exe [2317824] O61 - LFC: 09/04/2013 - 18:39:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000008.sst [373827] O61 - LFC: 09/04/2013 - 18:39:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\000504.sst [482] O61 - LFC: 09/04/2013 - 18:43:35 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\https_www.google.com_0\1 [547840] O61 - LFC: 09/04/2013 - 18:44:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-01 [4534272] O61 - LFC: 09/04/2013 - 18:45:18 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-03 [29003776] O61 - LFC: 09/04/2013 - 18:47:17 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Login Data [75776] O61 - LFC: 09/04/2013 - 18:47:17 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Login Data-journal [14904] O61 - LFC: 09/04/2013 - 18:47:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-02 [10854400] O61 - LFC: 09/04/2013 - 18:48:52 ---A- C:\Users\Administrateur\Downloads\adwcleaner.exe [613083] O61 - LFC: 09/04/2013 - 18:49:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\LOG.old [269] O61 - LFC: 09/04/2013 - 18:50:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\LOG.old [148] O61 - LFC: 09/04/2013 - 18:50:21 ---A- C:\Users\Administrateur\Downloads\JRT.exe [551587] O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\LOG.old [148] O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\LOG.old [262] O61 - LFC: 09/04/2013 - 18:51:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Visited Links [131072] O61 - LFC: 09/04/2013 - 18:54:37 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\LOG [0] O61 - LFC: 09/04/2013 - 18:54:37 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension Rules\LOG.old [0] O61 - LFC: 09/04/2013 - 18:54:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\CURRENT [16] O61 - LFC: 09/04/2013 - 18:54:39 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\MANIFEST-000885 [156] O61 - LFC: 09/04/2013 - 18:54:40 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\Origins\LOG [148] O61 - LFC: 09/04/2013 - 18:54:40 ---A- C:\Users\Administrateur\AppData\Roaming\Garmin\Express\autolaunch.config [1] O61 - LFC: 09/04/2013 - 18:54:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\CURRENT [16] O61 - LFC: 09/04/2013 - 18:54:41 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\MANIFEST-000479 [427] O61 - LFC: 09/04/2013 - 18:54:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Extension State\LOG [0] O61 - LFC: 09/04/2013 - 18:54:44 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Managed Mode Settings [8] O61 - LFC: 09/04/2013 - 18:54:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Application Cache\Index [379904] O61 - LFC: 09/04/2013 - 18:54:50 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Application Cache\Index-journal [16384] O61 - LFC: 09/04/2013 - 18:57:03 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Provider Cache [486419] O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\.usage [24] O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\CURRENT [16] O61 - LFC: 09/04/2013 - 18:58:00 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\MANIFEST-000506 [311] O61 - LFC: 09/04/2013 - 18:58:02 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\File System\001\t\Paths\LOG [148] O61 - LFC: 09/04/2013 - 18:58:30 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\QuotaManager [13312] O61 - LFC: 09/04/2013 - 18:58:30 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\QuotaManager-journal [6704] O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\000011.sst [189525] O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\CURRENT [16] O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\LOG [264] O61 - LFC: 09/04/2013 - 18:58:42 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Session Storage\MANIFEST-000010 [173] O61 - LFC: 09/04/2013 - 19:00:43 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Last Tabs [37061] O61 - LFC: 09/04/2013 - 19:00:45 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Last Session [71238] O61 - LFC: 09/04/2013 - 19:01:26 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data [245760] O61 - LFC: 09/04/2013 - 19:01:26 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal [14904] O61 - LFC: 09/04/2013 - 19:04:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Favicons [3489792] O61 - LFC: 09/04/2013 - 19:04:29 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Favicons-journal [16384] O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History [4554752] O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-04 [9142272] O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History Index 2013-04-journal [16384] O61 - LFC: 09/04/2013 - 19:09:25 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\History-journal [16384] O61 - LFC: 09/04/2013 - 19:09:27 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\TransportSecurity [1108] O61 - LFC: 09/04/2013 - 19:09:38 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\databases\https_mail.google.com_0\2 [1086464] O61 - LFC: 09/04/2013 - 19:10:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_plus.google.com_0.localstorage [3072] O61 - LFC: 09/04/2013 - 19:10:55 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_plus.google.com_0.localstorage-journal [3608] O61 - LFC: 09/04/2013 - 19:11:09 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences [93586] O61 - LFC: 09/04/2013 - 19:11:21 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Cookies [1050624] O61 - LFC: 09/04/2013 - 19:11:21 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Cookies-journal [16384] O61 - LFC: 09/04/2013 - 19:12:34 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Local State [27082] O61 - LFC: 09/04/2013 - 19:13:01 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_mail.google.com_0.localstorage [65536] O61 - LFC: 09/04/2013 - 19:13:01 ---A- C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\https_mail.google.com_0.localstorage-journal [16384] ~ 16 Fichiers temporaires (Temporary files) ~ Files: 1693 Legitimates Scanned in 04mn 26s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 28/12/2011 - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 05/08/2010 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS O64 - Services: CurCS - 24/08/2012 - C:\Windows\System32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20 O64 - Services: CurCS - 21/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED O64 - Services: CurCS - 01/02/2010 - C:\Windows\System32\Drivers\RsvLock.sys (RsvLock) .(.McAfee, Inc. - McAfee Endpoint Encryption Reserved Files L.) - LEGACY_RSVLOCK O64 - Services: CurCS - 04/06/2009 - C:\Windows\System32\Drivers\SbAlg.sys (SbAlg) .(.McAfee, Inc. - SafeBoot FIPS AES Algorithm (256 bit).) - LEGACY_SBALG O64 - Services: CurCS - 01/02/2010 - C:\Windows\System32\Drivers\SbFsLock.sys (SbFsLock) .(.McAfee, Inc. - McAfee Endpoint Encryption FS Locker.) - LEGACY_SBFSLOCK O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 21/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6 ~ Legacy: 114 Legitimates Scanned in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Not Key.) ~ FASS Keys: 19 Legitimates Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (...) -- C:\Users\Lolis\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Not Key.) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Invité\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Web Search) - http://search.certified-toolbar.com O69 - SBI: SearchScopes [HKCU] {c1d89ae7-449d-4929-b24b-fded04adbe06} - (Glary Search) - http://isearch.glarysoft.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) ~ Services: 32 Legitimates Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.57D984CAB289E968CAACE0EB090AFBAB] [SPRF][25/02/2013] (...) -- C:\ProgramData\CEF97DECF0.sys [88] [MD5.7B072989C879CFE84FDDE1DDDE8927B3] [SPRF][25/02/2013] (...) -- C:\ProgramData\KGyGaAvL.sys [2516] [MD5.C66293CCD7CBE84B1B8F393CA5E4E6D7] [SPRF][08/11/2012] (.Somoto Ltd. - Better Installer Host.) -- C:\Users\Administrateur\AppData\Local\Temp\BI_RunOnce.exe [224256] =>Adware.MegaSearch [MD5.5AC98C84160A9400DB448D153C959BB6] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\DeltaTB.exe [773104] [MD5.AD3F64941EC27B66D3E83A27FA52AB6B] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\pricepeep_130001_1001.exe [589768] =>Toolbar.PricePeep [MD5.02542D9B168433EDC10FB76EF9DF4954] [SPRF][09/04/2013] (...) -- C:\Users\Administrateur\AppData\Local\Temp\Upgrader4.exe [10240] ~ Files: Scanned in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{6BCC659F-5C6E-43E5-9238-4F785D0C77D8}" |In - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch O87 - FAEL: "{598B4E23-F5B6-4882-BC59-A849BFC07CF5}" |Out - None - P17 - TRUE | .(...) -- C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (.not file.) =>Spyware.ProtectedSearch ~ Firewall: 204 Legitimates Scanned in 00mn 01s ---\\ Scan Additionnel (O88) Database Version : v2.11496 - (09/04/2013) Clés trouvées (Keys found) : 32 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 4 Fichiers trouvés (Files found) : 11 [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635] =>PUP.SweetIM [HKLM\Software\Classes\b4fm.sxcontextmenu1] =>Adware.Burn4Free [HKLM\Software\Classes\burn4free project] =>Adware.Burn4Free [HKLM\Software\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon [HKLM\Software\Wow6432Node\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}] =>Toolbar.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3] =>PUP.SweetIM [HKLM\Software\Classes\AppID\secman.DLL] =>Toolbar.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA] =>PUP.SweetIM [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420] =>PUP.SweetIM [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKCU\Software\AppDataLow\Software\Discount Buddy] =>PUP.RewardsArcade [HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASAPI32] =>Toolbar.Conduit [HKLM\Software\Wow6432Node\Microsoft\Tracing\Setup_RASMANCS] =>Toolbar.Conduit [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399] =>PUP.SweetIM^ [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156] =>PUP.SweetIM^ C:\Program Files (x86)\Discount Buddy =>PUP.RewardsArcade C:\Users\Administrateur\AppData\Local\Discount Buddy =>PUP.RewardsArcade C:\Users\Administrateur\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph =>Adware.GamePlayLabs C:\Users\Administrateur\AppData\Local\\Updater26766 =>PUP.CrossRider^ C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.0 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.1 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.2 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.3 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.4 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.5 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.6 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\LollipopInstaller_somoto_14693.exe.7 =>Adware.Lollipop C:\Users\Administrateur\AppData\Local\Temp\pricepeep_130001_1001.exe =>Toolbar.PricePeep C:\Users\Administrateur\AppData\Local\Temp\BI_RunOnce.exe =>Adware.MegaSearch ~ Additionnel: Scanned in 00mn 11s ---\\ Product Upgrade Codes (O90) O90 - PUC: "3D6512925B3469C47BA9494EF0D89819" . (.Neato Updater Tool v2.) -- C:\Windows\Installer\{292156D3-43B5-4C96-B79A-94E40F8D8991}\ARPPRODUCTICON.exe O90 - PUC: "68A082A912E0A234DB652D6ABCBBC5B6" . (.Elevated Installer.) -- C:\Windows\Installer\{9A280A86-0E21-432A-BD56-D2A6CBBB5C6B}\express.ico O90 - PUC: "715AD6150A378F04C89D5EDEE43C385E" . (.Validity Fingerprint Driver.) -- C:\Windows\Installer\{516DA517-73A0-40F8-8CD9-E5ED4EC383E5}\ValidityLogo.ico O90 - PUC: "B42F9C3329D123649A51183EBBD1D5B6" . (.Theft Recovery.) -- C:\Windows\Installer\{33C9F24B-1D92-4632-A915-81E3BB1D5D6B}\ARPPRODUCTICON.exe O90 - PUC: "FEC669DD9AE52AB42B0194F0BE2CE77A" . (.Validity Fingerprint Driver.) -- C:\windows\Installer\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}\ValidityLogo.ico ~ Update Products: 114 Legitimates Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 09/10/2012 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 09/02/2013 89600 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Program Files\IDT\WDM\AESTSr64.exe SR - | Auto 05/08/2010 203264 | (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe SR - | Auto 28/03/2013 86752 | (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 28/03/2013 110816 | (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 01/04/2012 957216 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe SR - | Demand 01/02/2010 704512 | (DEBridge) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe SR - | Auto 16/07/2010 462160 | (DpHost) . (.DigitalPersona, Inc..) - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe SS - | Demand 17/11/2009 362040 | (FLCDLOCK) . (.Hewlett-Packard Ltd.) - c:\Windows\SysWOW64\flcdlock.exe SR - | Auto 12/03/2013 185688 | (Garmin Core Update Service) . (.Garmin Ltd or its subsidiaries.) - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe SS - | Auto 17/10/2012 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 17/10/2012 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 12/09/2011 142904 | (HP Power Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe SR - | Auto 19/10/2010 32768 | (HP ProtectTools Service) . (.Hewlett-Packard Development Company, L.P.) - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe SR - | Auto 27/09/2012 86528 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe SR - | Auto 05/04/2010 103992 | (HP Wireless Assistant Service) . (.Hewlett-Packard.) - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe SR - | Auto 10/05/2010 90112 | (HPDayStarterService) . (.Hewlett-Packard Company.) - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe SR - | Auto 06/09/2012 197536 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SR - | Auto 01/02/2010 281192 | (HpFkCryptService) . (.McAfee, Inc..) - C:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe SS - | Auto 0 | (hpHotkeyMonitor) . (...) - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe SR - | Demand 06/09/2012 1001376 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 13/05/2011 30520 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 27/06/2012 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 04/11/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SS - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 88576 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe SR - | Auto 16/03/2011 113264 | (PdiService) . (.Portrait Displays, Inc..) - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe SR - | Auto 10/09/2009 185632 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe SR - | Auto 09/02/2013 271360 | (STacSV) . (.IDT, Inc..) - C:\Program Files\IDT\WDM\STacSV64.exe SR - | Auto 04/11/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Auto 18/02/2010 2045232 | (vcsFPService) . (.Validity Sensors, Inc..) - C:\windows\system32\vcsFPService.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 01s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net ~ MBR: 1 Legitimates Scanned in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Administrateur at 09/04/2013 20:19:24 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 04s ~ 2987 Legitimates filtered by white list End of the scan (875 lines in 08mn 27s)(0)