Rapport de ZHPDiag v1.3.5.92 par Nicolas Coolman, Update du 17/02/2013 Run by Famille at 17/02/2013 19:48:00 State : Version à jour. High Elevated Privileges : OK UAC : Deactivate by user ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 18.0.2 v18.0.2 (Defaut) GCIE: Google Chrome Frame v24.0.1312.57 OBIE: Safari v5.34.57.2 ---\\ Windows Product Information ~ Langage: Français Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002) Windows Server License Manager Script : OK ~ Vista, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : WQD8Q Windows License : OK Windows Automatic Updates : OK ---\\ System Information ~ Processor: x86 Family 15 Model 6 Stepping 4, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 2045 MB (42% free) System Restore: Désactivé (Disabled) System drive C: has 114 GB (50%) free of 228 GB ---\\ Logged in mode ~ Computer Name: PC-DE-FAMILLE ~ User Name: Famille ~ All Users Names: UpdatusUser, IUSR_NMPR, Famille, Administrateur, ~ Unselected Option: O45,O61,O62 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Famille\AppData\Roaming\ ~ %Desktop% : C:\Users\Famille\Desktop\ ~ %Favorites% : C:\Users\Famille\Favorites\ ~ %LocalAppData% : C:\Users\Famille\AppData\Local\ ~ %StartMenu% : C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 114 Go of 228 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 5 Go) E:\ CD-ROM drive (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 22:27:38.) -- C:\WINDOWS\Explorer.exe [2926592] [MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.18/01/2008 - 22:33:38.) -- C:\WINDOWS\System32\Wininit.exe [96768] [MD5.02F98B5C0E397AD06124D84428CF8F1A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/02/2012 - 23:38:26.) -- C:\WINDOWS\System32\wininet.dll [1127424] [MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 22:28:14.) -- C:\WINDOWS\System32\Winlogon.exe [314368] [MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408] [MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.10/04/2009 - 22:32:28.) -- C:\WINDOWS\system32\Drivers\atapi.sys [19944] [MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20:28:04.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144] [MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 20:39:18.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072] [MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264] [MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 20:42:44.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152] [MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.18/01/2008 - 20:49:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784] [MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20:56:30.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864] [MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496] [MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 20:45:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856] [MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.10/04/2009 - 22:32:50.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1083880] [MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360] [MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20:56:36.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288] [MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688] [MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 20:45:24.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560] [MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 20:45:58.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192] [MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.10/04/2009 - 22:32:56.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [226280] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 1/3 ~ Mes Videos (My Videos) : 1/309 ~ Mes Favoris (My Favorites) : 1/31 ~ Mes Documents (My Documents) : 1/2286 ~ Mon Bureau (My Desktop) : 1/134 ~ Menu demarrer (Programs) : 1/161 ~ Scan Hidden Files in 00mn 03s ---\\ Processus lancés [MD5.C83B89C432E5CCC6BD3040EB0A6645A5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [373864] [PID.1720] [MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.1752] [MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952] [PID.1792] [MD5.A2FE5B7894C347FCAE189A01F82E0216] - (.Logiciels13 - Agenda Informatique.) -- C:\Program Files\Pense-bete\pb79g.exe [2192384] [PID.948] [MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1032] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.1424] [MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.3924] [MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe [2388336] [PID.408] [MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.5616] [MD5.58ED0528F2B1BFB3301BC10E0E707C35] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.5076] [MD5.B45F1D52C0A9519028BD95D34FFAB216] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.5104] [MD5.F7DB6336DEFE82D7EAE25A6B656ED64A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5685760] [PID.4836] [MD5.63391020BC1FD82E8F8073024276B0B7] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvvsvc.exe [612456] [PID.820] [MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1200] [MD5.D46223F3342085D25C4F890EFEDD3254] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [841832] [PID.1348] [MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1980] [MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1376] [MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.1740] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.936] [MD5.A0B584C33F55545D56F9E71FB4E203AC] - (.Pas de propriétaire - DQLWinSe Application.) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896] [PID.2068] [MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.2172] [MD5.D98350792A7CE82E7459A7C36481BEDA] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [139632] [PID.2216] [MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.2248] [MD5.8C91BD35AE9AA8B628EEC5E637BB1D0F] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.2932] [MD5.71E63293328BCA65B9DBBC6FDCE04B3C] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2218600] [PID.3544] [MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.1588] [MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.1520] [MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.3508] [MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.4004] ~ Scan Processes Running in 00mn 02s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Famille\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] http://home.sweetim.com ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\prefs.js C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\user.js M3 - MFPP: Plugins - [Famille] -- C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\searchplugins\cherche.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Famille - r0mby9rt.default] http://www.google.fr P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - CIG Mycamera Plugin Module.) -- C:\Program Files\Mozilla Firefox\Plugins\MyCamera.dll P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - NPCIG 1.0.0.3.) -- C:\Program Files\Mozilla Firefox\Plugins\NPCIG.dll P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll P2 - FPN: [HKLM] [@canon.com/CCBPL] - (.Canon Inc. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\APU\npCCBPLFirefox.dll P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.1.1.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.69] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.69] - (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.cherche.us R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) (No version) -- (.not file.) ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 06s ~ Nombre de lignes (Lines number): 14812 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} . (.Google Inc. - Chrome Frame renders the Web of the future.) -- C:\Program Files\Google\Chrome Frame\Application\24.0.1312.57\npchrome_frame.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [NWEReboot] Clé orpheline O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O4 - HKLM\..\RunOnce: [SpybotSnD] . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [ehTray.exe] Clé orpheline O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [WMPNSCFG] Clé orpheline ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\UpdatusUser\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\Full Pack Codecs.lnk . (...) -- C:\Program Files\Full Pack Codecs\FullPackCodecs_FR.exe O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Famille\Desktop\A la Une - Le Progrès.URL . (...) -- C:\Users\Famille\Desktop\A la Une - Le Progrès.URL O4 - Global Startup: C:\Users\Famille\Desktop\ABC Bourse.URL . (...) -- C:\Users\Famille\Desktop\ABC Bourse.URL O4 - Global Startup: C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL . (...) -- C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL O4 - Global Startup: C:\Users\Famille\Desktop\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe O4 - Global Startup: C:\Users\Famille\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe O4 - Global Startup: C:\Users\Famille\Desktop\Belote en ligne, belote contrée, belote coinchée, tarot, coinche, scrabble, sudoku et jeux en ligne gratuits - BFmania.URL . (...) -- C:\Users\Famille\Desktop\Belote en ligne, belote contrée, belote coinchée O4 - Global Startup: C:\Users\Famille\Desktop\Boursier.com.URL . (...) -- C:\Users\Famille\Desktop\Boursier.com.URL O4 - Global Startup: C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL O4 - Global Startup: C:\Users\Famille\Desktop\Crédit Agricole Sud Rhône Alpes - Crédit Agricole Sud Rhône Alpes - Accueil - Particuliers.URL . (...) -- C:\Users\Famille\Desktop\Crédit Agricole Sud Rhône Alpes - Crédit Agricole Sud Rhône Alpes - Accueil O4 - Global Startup: C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL . (...) -- C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL O4 - Global Startup: C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL . (...) -- C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL O4 - Global Startup: C:\Users\Famille\Desktop\Famille - Raccourci.lnk . (...) -- C:\Users\Famille O4 - Global Startup: C:\Users\Famille\Desktop\Google.URL . (...) -- C:\Users\Famille\Desktop\Google.URL O4 - Global Startup: C:\Users\Famille\Desktop\Groupe APRI protection sociale en santé, prévoyance et retraite complémentaire.URL . (...) -- C:\Users\Famille\Desktop\Groupe APRI protection sociale en santé, prévoyance et retraite complémentaire.URL O4 - Global Startup: C:\Users\Famille\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la planète jardin.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la planète jardin.URL O4 - Global Startup: C:\Users\Famille\Desktop\La Banque Postale.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\La Banque Postale.URL O4 - Global Startup: C:\Users\Famille\Desktop\la coinche du sud.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\la coinche du sud.URL O4 - Global Startup: C:\Users\Famille\Desktop\Le Dauphiné Libéré - L'information en Rhône Alpes, Isère, Haute-Savoie, Savoie, Vaucluse, Drôme, Ardèche et Hautes-Alpes.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Dauphiné Libéré - L'inf O4 - Global Startup: C:\Users\Famille\Desktop\Le Progrès de Lyon - Avis de décès.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Progrès de Lyon - Avis de décès.URL O4 - Global Startup: C:\Users\Famille\Desktop\Ludi.lnk - Clé orpheline O4 - Global Startup: C:\Users\Famille\Desktop\mail Orange.URL . (...) -- C:\Users\Famille\Desktop\mail Orange.URL O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 12 jours.URL . (...) -- C:\Users\Famille\Desktop\meteo a 12 jours.URL O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 7 jourd.URL . (...) -- C:\Users\Famille\Desktop\meteo a 7 jourd.URL O4 - Global Startup: C:\Users\Famille\Desktop\Microsoft Works.LNK . (.Microsoft® Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe O4 - Global Startup: C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL . (...) -- C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL O4 - Global Startup: C:\Users\Famille\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Famille\Desktop\Trading-sat.URL . (.Safer Networking Limited.) -- C:\Users\Famille\Desktop\Trading-sat.URL O4 - Global Startup: C:\Users\Famille\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe O4 - Global Startup: C:\Users\Famille\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO PhotoOnWeb.lnk . (.VSO Software.) -- C:\Program Files\VSO\PhotoOnWeb\PhotoOnWeb.exe O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe ~ Scan Global Startup in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline ~ Scan IE Extra Buttons in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org ~ Scan IE Zone Confiance in 00mn 03s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS3\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll ~ Scan Winlogon in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\Windows\System32\webcheck.dll ~ Scan SSODL in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll ~ Scan STS/SSO in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: DQLWinService (DQLWinService) . (.Pas de propriétaire - DQLWinSe Application.) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: Intel DH Service (IntelDHSvcConf) . (.Intel(R) Corporation - Intel(R) Factory Mode Service.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) - C:\WINDOWS\System32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe ~ Scan Services in 00mn 05s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (sdnclean.exe) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.) [MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [IntenetServiceOffers] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.) [MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [MD5.00000000000000000000000000000000] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.) [MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [MD5.0477C2F9171599CA5BC3307FDFBA8D89] [APT] [Spybot - Search & Destroy - Scheduled Task] (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe [MD5.61CFEDAF9C527A1463F34F71240F9BB5] [APT] [{2D87AB58-6C03-48D3-AFAB-2A47AB0F9C6E}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe [MD5.ACBE7D5694C1B7BBB8ADF19470EDB59F] [APT] [{AAB8C008-C670-4985-9698-1EDD13C068F0}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\system32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\system32\iedkcs32.dll O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\System32\themeui.dll O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.3 r181.) -- C:\Windows\system32\Macromed\Flash\Flash10q.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\WINDOWS\System32\DRIVERS\pacer.sys O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\WINDOWS\System32\DRIVERS\smb.sys O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0 O42 - Logiciel: Adobe Reader X (10.1.5) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player O42 - Logiciel: AlerteGPS G320 - (.Pas de propriétaire.) [HKCU] -- AlerteGPS G320 O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {343666E2-A059-48AC-AD67-230BF74E2DB2} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B} O42 - Logiciel: Boris Graffiti - (.Boris FX, Inc..) [HKLM] -- {262BF2CD-601D-4F43-919C-4B00B1D1F338} O42 - Logiciel: CANON iMAGE GATEWAY Album Plugin Utility - (.Canon Inc..) [HKLM] -- APU O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CANON iMAGE GATEWAY Task O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: CD-LabelPrint - (.Pas de propriétaire.) [HKLM] -- MediaNavigation.CDLabelPrint O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1 O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- Canon Internet Library for ZoomBrowser EX O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM] -- Canon MOV Decoder O42 - Logiciel: Canon MP Navigator EX 1.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 1.0 O42 - Logiciel: Canon MP610 series - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6 O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenu O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29} O42 - Logiciel: Driver Genius - (.Driver-Soft Inc..) [HKLM] -- Driver Genius_is1 O42 - Logiciel: Enregistrement utilisateur de Canon MP610 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MP610 series O42 - Logiciel: Full Pack Codecs - (.Electronic Commerce Factory S.L..) [HKLM] -- Full Pack O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Chrome Frame - (.Google Inc..) [HKLM] -- Google Chrome Frame O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1 O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB} O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Pas de propriétaire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E} O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF} O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF} O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-210328764D10} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: Logiciel Intel® Viiv™ - (.Intel Corporation.) [HKLM] -- Intel(R) Configuration Center O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: Ludi - (.Pas de propriétaire.) [HKLM] -- Ludi O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {05FA1356-EE77-490D-A376-5DBAD53E0FA2} O42 - Logiciel: Magic Bullet Looks Studio - (.Pas de propriétaire.) [HKLM] -- Magic Bullet Looks Studio O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800} O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42} O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3} O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C} O42 - Logiciel: Mises à jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Mozilla Firefox 18.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.2 (x86 fr) O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF} O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: OcxSetup - (.Hewlett-Packard Company.) [HKLM] -- {C3DC29BC-A8CF-4578-9DFC-37F049C44771} O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM] -- {2F90A789-DD1E-41CE-BFCA-BD78213BABC7} O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows O42 - Logiciel: PCI Audio Driver - (.Pas de propriétaire.) [HKLM] -- PCI Audio Driver O42 - Logiciel: Pense-Bete 79g - (.Pas de propriétaire.) [HKLM] -- Pense-Bête 7.9g_is1 O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM] -- {5EB90C06-964F-4195-B83E-BD7E55C88415} O42 - Logiciel: Pinnacle Studio 12 - (.Pinnacle Systems.) [HKLM] -- {D041EB9E-890A-4098-8F94-51DA194AC72A} O42 - Logiciel: Pinnacle Studio 12 Ultimate Plugins - (.Pinnacle Systems.) [HKLM] -- {D1860E6E-520E-4380-8433-E58E8F88B473} O42 - Logiciel: Python 2.4.3 - (.Martin v. Löwis.) [HKLM] -- {75E71ADD-042C-4F30-BFAC-A9EC42351313} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82} O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C} O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048} O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87} O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B} O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF} O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D} O42 - Logiciel: ScanSoft OmniPage SE 4 - (.Nuance Communications, Inc..) [HKLM] -- {DEE88727-779B-47A9-ACEF-F87CA5F92A65} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA} O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6} O42 - Logiciel: Skype™ 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8} O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 O42 - Logiciel: SureThing Express Labeler - (.MicroVision Development, Inc..) [HKLM] -- stax-Pinnacle_is1 O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B} O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player O42 - Logiciel: VSO PhotoOnWeb 0.9.1e - (.VSO-Software SARL.) [HKLM] -- VSO PhotoOnWeb_is1 O42 - Logiciel: Vista Codec Package - (..) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99} O42 - Logiciel: WinZip 12.1 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240B8} O42 - Logiciel: proDAD Vitascene 1.0 - (.Pas de propriétaire.) [HKLM] -- proDAD-Vitascene-1.0 ---\\ HKCU & HKLM Software Keys [HKCU\Software\AC3filter] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Adobe] [HKCU\Software\AppDataLow\Software\JavaSoft] [HKCU\Software\AppDataLow\Software\Macromedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software\Smartbar] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avira] [HKCU\Software\BitDefender] [HKCU\Software\CDBurnerXP] [HKCU\Software\CanonBJ] [HKCU\Software\Canon] [HKCU\Software\Canon_Inc_IC] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\CoreVorbis] [HKCU\Software\DivXNetworks] [HKCU\Software\EasyBits] [HKCU\Software\EffectMgr] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\JEDI-VCL] [HKCU\Software\JavaSoft] [HKCU\Software\Lavasoft] [HKCU\Software\Licenses] [HKCU\Software\LightScribe] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Logicool] [HKCU\Software\Logitech] [HKCU\Software\Ludi] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MediaNavigation] [HKCU\Software\MicroVision] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\Nico Mak Computing] [HKCU\Software\OpenOffice.org] [HKCU\Software\Pense-bete] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\RealNetworks] [HKCU\Software\Red Giant Software] [HKCU\Software\Roxio] [HKCU\Software\Safer Networking Limited] [HKCU\Software\ScanSoft] [HKCU\Software\Skype] [HKCU\Software\Sonic] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VOB] [HKCU\Software\VSO] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\WinZip Computing] [HKCU\Software\Windows Live Writer] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\cybelsoft] [HKCU\Software\lollipop] [HKCU\Software\madFlac] [HKLM\Software\AGEIA Technologies] [HKLM\Software\Adobe] [HKLM\Software\Ahead] [HKLM\Software\AppDataLow] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avira] [HKLM\Software\Boris FX, Inc.] [HKLM\Software\C-Media] [HKLM\Software\Canon] [HKLM\Software\Canon_Inc_IC] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Driver-Soft] [HKLM\Software\FAST Multimedia] [HKLM\Software\GIMP_Back_Mode] [HKLM\Software\GNU] [HKLM\Software\Google] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Lavasoft] [HKLM\Software\Ligos Corporation] [HKLM\Software\Logitech] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MicroVision] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\Nico Mak Computing] [HKLM\Software\ODBC] [HKLM\Software\OpenOffice.org] [HKLM\Software\Oracle] [HKLM\Software\PC-Doctor] [HKLM\Software\Pegasus Imaging] [HKLM\Software\PegasusImaging] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\RealNetworks] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\Red Giant Software] [HKLM\Software\RegisteredApplications] [HKLM\Software\Roxio] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\ScanSoft] [HKLM\Software\Skype] [HKLM\Software\Sonic] [HKLM\Software\SymNRT] [HKLM\Software\Symantec] [HKLM\Software\Systweak] [HKLM\Software\Uniblue] [HKLM\Software\VSO] [HKLM\Software\VideoLAN] [HKLM\Software\Vittalia] [HKLM\Software\Volatile] [HKLM\Software\Wilson WindowWare] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wow6432Node] [HKLM\Software\WwGame] [HKLM\Software\X-AVCSD] [HKLM\Software\cybelsoft] [HKLM\Software\mozilla.org] [HKLM\Software\proDAD] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 25/03/2010 - 08:41:04 - [0] ----D C:\Program Files\7-Zip O43 - CFD: 21/05/2012 - 10:17:57 - [253,918] ----D C:\Program Files\Adobe O43 - CFD: 18/11/2010 - 16:10:20 - [33,049] ----D C:\Program Files\AlerteGPS O43 - CFD: 03/02/2012 - 00:23:20 - [2,316] ----D C:\Program Files\Apple Software Update O43 - CFD: 02/05/2012 - 11:11:44 - [196,892] ----D C:\Program Files\Avira O43 - CFD: 03/02/2012 - 00:24:09 - [0,602] ----D C:\Program Files\Bonjour O43 - CFD: 21/02/2010 - 12:21:12 - [295,604] ----D C:\Program Files\Boris FX, Inc O43 - CFD: 14/02/2013 - 20:23:58 - [486,784] ----D C:\Program Files\Canon O43 - CFD: 07/08/2009 - 04:51:04 - [24,161] --H-D C:\Program Files\CanonBJ O43 - CFD: 15/01/2011 - 18:26:22 - [3,351] ----D C:\Program Files\CCleaner O43 - CFD: 01/08/2009 - 10:29:06 - [6,474] ----D C:\Program Files\CDBurnerXP O43 - CFD: 25/08/2012 - 09:14:43 - [526,761] ----D C:\Program Files\Common Files O43 - CFD: 16/09/2010 - 07:48:47 - [6,842] ----D C:\Program Files\DivX O43 - CFD: 17/02/2013 - 16:55:42 - [25,730] ----D C:\Program Files\Driver-Soft O43 - CFD: 30/07/2009 - 11:18:10 - [0] R---D C:\Program Files\Fichiers communs O43 - CFD: 15/10/2009 - 18:51:07 - [0,278] ----D C:\Program Files\Full Pack Codecs O43 - CFD: 15/11/2011 - 19:18:30 - [422,328] ----D C:\Program Files\Google O43 - CFD: 17/02/2013 - 10:01:38 - [1,234] ----D C:\Program Files\HD Tune O43 - CFD: 30/07/2009 - 11:42:53 - [0,692] ----D C:\Program Files\Hewlett-Packard O43 - CFD: 31/07/2009 - 16:30:36 - [3,808] ----D C:\Program Files\HP O43 - CFD: 09/11/2011 - 18:35:05 - [11,067] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 05/01/2012 - 19:33:57 - [3,965] ----D C:\Program Files\InstantTouch O43 - CFD: 01/12/2006 - 09:59:47 - [30,096] ----D C:\Program Files\Intel O43 - CFD: 02/02/2012 - 23:39:44 - [5,111] ----D C:\Program Files\Internet Explorer O43 - CFD: 14/02/2013 - 11:55:57 - [208,542] ----D C:\Program Files\Java O43 - CFD: 21/02/2010 - 12:21:35 - [9,120] ----D C:\Program Files\LooksBuilderSE O43 - CFD: 29/07/2012 - 22:01:31 - [0,728] ----D C:\Program Files\Ludi O43 - CFD: 17/02/2013 - 16:50:40 - [7,358] ----D C:\Program Files\ma-config.com O43 - CFD: 15/02/2013 - 06:40:04 - [12,308] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 31/07/2009 - 14:49:22 - [2,541] ----D C:\Program Files\Microsoft O43 - CFD: 31/07/2009 - 15:18:09 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games O43 - CFD: 21/02/2011 - 11:45:14 - [50,217] ----D C:\Program Files\Microsoft LifeCam O43 - CFD: 01/08/2009 - 10:35:26 - [33,229] ----D C:\Program Files\Microsoft Office O43 - CFD: 13/05/2012 - 21:31:33 - [36,641] ----D C:\Program Files\Microsoft Silverlight O43 - CFD: 09/08/2009 - 07:56:06 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition O43 - CFD: 24/10/2009 - 08:44:21 - [143,405] ----D C:\Program Files\Microsoft Works O43 - CFD: 09/11/2010 - 05:53:43 - [7,789] ----D C:\Program Files\Microsoft.NET O43 - CFD: 16/09/2010 - 17:20:27 - [94,740] ----D C:\Program Files\Movie Maker O43 - CFD: 06/02/2013 - 21:14:50 - [46,621] ----D C:\Program Files\Mozilla Firefox O43 - CFD: 07/02/2013 - 03:33:42 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service O43 - CFD: 02/11/2006 - 13:37:34 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 01/08/2009 - 10:35:21 - [26,600] ----D C:\Program Files\MSECache O43 - CFD: 31/07/2009 - 13:29:56 - [0] ----D C:\Program Files\MSXML 4.0 O43 - CFD: 09/11/2011 - 18:25:37 - [317,631] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 22/09/2012 - 18:51:47 - [291,676] ----D C:\Program Files\OpenOffice.org 3 O43 - CFD: 02/06/2012 - 12:44:23 - [33,186] ----D C:\Program Files\Oracle O43 - CFD: 01/12/2006 - 10:20:52 - [103,184] ----D C:\Program Files\PC-Doctor 5 for Windows O43 - CFD: 03/11/2009 - 06:01:17 - [5,946] ----D C:\Program Files\Pense-bete O43 - CFD: 21/02/2010 - 12:18:03 - [1240,926] ----D C:\Program Files\Pinnacle O43 - CFD: 21/02/2010 - 12:21:37 - [116,969] ----D C:\Program Files\proDAD O43 - CFD: 09/11/2011 - 18:24:23 - [24,170] ----D C:\Program Files\Realtek O43 - CFD: 02/11/2006 - 13:37:34 - [36,902] ----D C:\Program Files\Reference Assemblies O43 - CFD: 01/12/2006 - 10:01:53 - [15,440] ----D C:\Program Files\Roxio O43 - CFD: 14/05/2012 - 10:49:41 - [102,605] ----D C:\Program Files\Safari O43 - CFD: 06/08/2009 - 07:36:46 - [115,938] ----D C:\Program Files\ScanSoft O43 - CFD: 31/07/2009 - 12:59:00 - [0,438] ----D C:\Program Files\Services en ligne O43 - CFD: 17/02/2011 - 13:43:59 - [26,964] R---D C:\Program Files\Skype O43 - CFD: 17/02/2013 - 14:46:23 - [66,642] ----D C:\Program Files\Spybot - Search & Destroy O43 - CFD: 17/02/2013 - 13:52:06 - [152,202] ----D C:\Program Files\Spybot - Search & Destroy 2 O43 - CFD: 05/03/2010 - 19:44:01 - [13,149] ----D C:\Program Files\SureThing Express Labeler O43 - CFD: 27/04/2012 - 04:17:40 - [0,386] ----D C:\Program Files\Trend Micro O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 01/08/2009 - 10:31:53 - [71,017] ----D C:\Program Files\VideoLAN O43 - CFD: 01/08/2009 - 10:31:11 - [44,628] ----D C:\Program Files\VistaCodecPack O43 - CFD: 05/12/2009 - 22:29:46 - [28,419] ----D C:\Program Files\VSO O43 - CFD: 31/07/2009 - 19:14:44 - [0,970] ----D C:\Program Files\Windows Calendar O43 - CFD: 31/07/2009 - 19:14:43 - [2,610] ----D C:\Program Files\Windows Collaboration O43 - CFD: 31/07/2009 - 19:14:42 - [4,283] ----D C:\Program Files\Windows Defender O43 - CFD: 31/07/2009 - 19:14:43 - [6,756] ----D C:\Program Files\Windows Journal O43 - CFD: 08/08/2011 - 08:58:06 - [148,710] ----D C:\Program Files\Windows Live O43 - CFD: 02/02/2012 - 23:39:37 - [8,694] ----D C:\Program Files\Windows Mail O43 - CFD: 05/11/2010 - 11:19:22 - [4,290] ----D C:\Program Files\Windows Media Player O43 - CFD: 30/07/2009 - 11:18:10 - [7,589] ----D C:\Program Files\Windows NT O43 - CFD: 31/07/2009 - 19:14:43 - [12,902] ----D C:\Program Files\Windows Photo Gallery O43 - CFD: 04/12/2009 - 04:04:33 - [0,128] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 31/07/2009 - 19:14:43 - [6,225] ----D C:\Program Files\Windows Sidebar O43 - CFD: 16/06/2010 - 07:47:36 - [3,706] ----D C:\Program Files\WinRAR O43 - CFD: 16/12/2009 - 19:17:21 - [15,721] ----D C:\Program Files\WinZip O43 - CFD: 17/02/2013 - 19:48:29 - [15,536] ----D C:\Program Files\ZHPDiag O43 - CFD: 21/05/2012 - 10:18:10 - [51,639] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 03/02/2012 - 00:23:38 - [60,457] ----D C:\Program Files\Common Files\Apple O43 - CFD: 05/12/2009 - 20:24:26 - [2,252] ----D C:\Program Files\Common Files\CANON O43 - CFD: 01/08/2009 - 10:30:09 - [7,653] ----D C:\Program Files\Common Files\DivX Shared O43 - CFD: 01/12/2006 - 10:18:09 - [9,500] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 01/12/2006 - 09:59:47 - [48,782] ----D C:\Program Files\Common Files\Intel O43 - CFD: 25/08/2012 - 09:14:43 - [1,184] ----D C:\Program Files\Common Files\Java O43 - CFD: 16/09/2010 - 07:49:39 - [1,505] ---AD C:\Program Files\Common Files\LightScribe O43 - CFD: 01/12/2006 - 10:02:12 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started O43 - CFD: 08/08/2011 - 08:57:40 - [265,394] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 21/02/2010 - 11:52:16 - [3,229] ----D C:\Program Files\Common Files\Pinnacle O43 - CFD: 01/12/2006 - 10:01:39 - [23,190] ----D C:\Program Files\Common Files\Roxio Shared O43 - CFD: 06/08/2009 - 07:37:08 - [0,201] ----D C:\Program Files\Common Files\ScanSoft Shared O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 17/02/2011 - 13:42:40 - [2,150] ----D C:\Program Files\Common Files\Skype O43 - CFD: 01/12/2006 - 10:01:42 - [1,031] ----D C:\Program Files\Common Files\Sonic Shared O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 21/02/2010 - 12:12:40 - [0,696] ----D C:\Program Files\Common Files\SureThing Shared O43 - CFD: 02/02/2012 - 20:02:13 - [8,333] ----D C:\Program Files\Common Files\System O43 - CFD: 31/07/2009 - 13:43:38 - [0] ----D C:\Program Files\Common Files\Windows Live O43 - CFD: 21/02/2010 - 11:47:56 - [0,301] ----D C:\Program Files\Common Files\Yahoo! O43 - CFD: 21/05/2012 - 10:18:02 - [167,478] ----D C:\ProgramData\Adobe O43 - CFD: 03/02/2012 - 00:23:18 - [26,388] ----D C:\ProgramData\Apple O43 - CFD: 03/02/2012 - 00:24:23 - [90,984] ----D C:\ProgramData\Apple Computer O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 02/05/2012 - 11:11:44 - [88,833] ----D C:\ProgramData\Avira O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Bureau O43 - CFD: 07/08/2009 - 04:51:44 - [18,027] --H-D C:\ProgramData\CanonBJ O43 - CFD: 18/09/2010 - 08:16:59 - [0,000] --H-D C:\ProgramData\CanonIJEGV O43 - CFD: 21/10/2010 - 10:18:12 - [0,000] --H-D C:\ProgramData\CanonIJEPPEX O43 - CFD: 18/09/2010 - 08:12:10 - [0,000] --H-D C:\ProgramData\CanonIJMyPrinter O43 - CFD: 18/09/2010 - 08:12:27 - [0,000] --H-D C:\ProgramData\CanonIJSolutionMenu O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 17/02/2013 - 16:56:19 - [0,001] ----D C:\ProgramData\DriverGenius O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Favoris O43 - CFD: 23/02/2011 - 12:49:02 - [0] ----D C:\ProgramData\Google O43 - CFD: 01/12/2006 - 10:27:19 - [0,614] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 01/12/2006 - 10:07:49 - [0,001] ----D C:\ProgramData\InstallShield O43 - CFD: 01/12/2006 - 09:59:48 - [0,000] ----D C:\ProgramData\Intel O43 - CFD: 12/09/2010 - 14:39:03 - [0,010] ----D C:\ProgramData\LightScribe O43 - CFD: 17/02/2013 - 16:50:40 - [1,526] ----D C:\ProgramData\ma-config.com O43 - CFD: 03/04/2010 - 07:16:27 - [16,418] ----D C:\ProgramData\Malwarebytes O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Menu Démarrer O43 - CFD: 17/02/2013 - 13:52:05 - [420,940] -S--D C:\ProgramData\Microsoft O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Modèles O43 - CFD: 27/04/2012 - 06:03:24 - [0,001] ----D C:\ProgramData\Mozilla O43 - CFD: 12/09/2010 - 14:22:13 - [0,001] ----D C:\ProgramData\Nero O43 - CFD: 09/11/2011 - 17:57:04 - [2,303] ----D C:\ProgramData\NVIDIA O43 - CFD: 09/11/2011 - 10:28:25 - [0,552] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 17/07/2011 - 10:22:01 - [0] ----D C:\ProgramData\PhotoStitch O43 - CFD: 21/02/2010 - 11:47:56 - [0,438] ----D C:\ProgramData\Pinnacle O43 - CFD: 21/02/2010 - 11:47:56 - [0] ----D C:\ProgramData\Pinnacle Studio Plus O43 - CFD: 21/02/2010 - 11:52:01 - [0,035] ----D C:\ProgramData\Pinnacle Studio Ultimate O43 - CFD: 12/09/2010 - 12:16:28 - [0] ----D C:\ProgramData\Roxio O43 - CFD: 06/08/2009 - 07:37:11 - [0,128] ----D C:\ProgramData\ScanSoft O43 - CFD: 17/02/2011 - 13:42:37 - [24,809] ----D C:\ProgramData\Skype O43 - CFD: 12/09/2010 - 12:16:06 - [0,001] ----D C:\ProgramData\Sonic O43 - CFD: 17/02/2013 - 16:24:33 - [0,015] ----D C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 21/02/2010 - 11:47:56 - [127,878] ----D C:\ProgramData\Studio 12 O43 - CFD: 15/01/2011 - 18:25:41 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 01/08/2009 - 10:31:11 - [18,762] ----D C:\ProgramData\VistaCodecs O43 - CFD: 28/04/2010 - 16:44:54 - [0] ----D C:\ProgramData\WindowsSearch O43 - CFD: 16/12/2009 - 19:17:46 - [0,000] ----D C:\ProgramData\WinZip O43 - CFD: 08/11/2009 - 14:31:48 - [0] ----D C:\ProgramData\ZoomBrowser O43 - CFD: 01/09/2011 - 22:34:06 - [0,010] ----D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42} O43 - CFD: 17/07/2011 - 11:56:12 - [13,532] ----D C:\Users\Famille\AppData\Roaming\Adobe O43 - CFD: 03/02/2012 - 05:41:45 - [4,431] ----D C:\Users\Famille\AppData\Roaming\Apple Computer O43 - CFD: 06/08/2010 - 19:41:14 - [0] ----D C:\Users\Famille\AppData\Roaming\Ariane Software O43 - CFD: 02/05/2012 - 11:15:11 - [0] ----D C:\Users\Famille\AppData\Roaming\Avira O43 - CFD: 01/08/2009 - 10:29:24 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Canneverbe_Limited O43 - CFD: 17/07/2011 - 10:09:08 - [4,024] ----D C:\Users\Famille\AppData\Roaming\Canon O43 - CFD: 10/09/2009 - 22:18:53 - [0] ----D C:\Users\Famille\AppData\Roaming\DivX O43 - CFD: 15/06/2011 - 12:57:12 - [0] ----D C:\Users\Famille\AppData\Roaming\Download Manager O43 - CFD: 29/01/2013 - 07:06:02 - [0,000] ----D C:\Users\Famille\AppData\Roaming\dvdcss O43 - CFD: 24/04/2010 - 21:51:03 - [0,000] ----D C:\Users\Famille\AppData\Roaming\gtk-2.0 O43 - CFD: 30/07/2009 - 11:23:29 - [0] ----D C:\Users\Famille\AppData\Roaming\Hewlett-Packard O43 - CFD: 30/07/2009 - 11:27:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Identities O43 - CFD: 31/07/2009 - 16:33:42 - [0] ----D C:\Users\Famille\AppData\Roaming\InstallShield O43 - CFD: 01/08/2009 - 09:37:03 - [0,001] ----D C:\Users\Famille\AppData\Roaming\Macromedia O43 - CFD: 03/04/2010 - 07:16:39 - [0] ----D C:\Users\Famille\AppData\Roaming\Malwarebytes O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Famille\AppData\Roaming\Media Center Programs O43 - CFD: 02/01/2012 - 15:21:50 - [1584,742] -S--D C:\Users\Famille\AppData\Roaming\Microsoft O43 - CFD: 06/08/2009 - 03:27:04 - [17,966] ----D C:\Users\Famille\AppData\Roaming\Mozilla O43 - CFD: 12/09/2010 - 14:28:20 - [0,131] ----D C:\Users\Famille\AppData\Roaming\Nero O43 - CFD: 01/08/2009 - 10:38:05 - [37,592] ----D C:\Users\Famille\AppData\Roaming\OpenOffice.org O43 - CFD: 24/04/2010 - 23:07:42 - [0,000] ----D C:\Users\Famille\AppData\Roaming\PhotoFiltre O43 - CFD: 21/02/2010 - 12:21:38 - [0,064] ----D C:\Users\Famille\AppData\Roaming\proDAD O43 - CFD: 14/11/2010 - 09:00:39 - [0,120] ----D C:\Users\Famille\AppData\Roaming\QuickScan O43 - CFD: 04/08/2009 - 21:50:15 - [0] ----D C:\Users\Famille\AppData\Roaming\Real O43 - CFD: 12/09/2010 - 12:16:27 - [0] ----D C:\Users\Famille\AppData\Roaming\Roxio O43 - CFD: 06/08/2009 - 07:37:13 - [0] ----D C:\Users\Famille\AppData\Roaming\ScanSoft O43 - CFD: 26/09/2011 - 09:21:37 - [3,990] ----D C:\Users\Famille\AppData\Roaming\Skype O43 - CFD: 26/09/2011 - 16:46:40 - [0,027] ----D C:\Users\Famille\AppData\Roaming\skypePM O43 - CFD: 22/09/2012 - 18:46:28 - [0] ----D C:\Users\Famille\AppData\Roaming\Systweak O43 - CFD: 08/08/2009 - 20:48:16 - [0,028] ----D C:\Users\Famille\AppData\Roaming\Template O43 - CFD: 01/08/2009 - 10:31:11 - [0,001] ----D C:\Users\Famille\AppData\Roaming\VistaCodecs O43 - CFD: 17/02/2013 - 06:46:38 - [0,454] ----D C:\Users\Famille\AppData\Roaming\vlc O43 - CFD: 31/03/2012 - 10:39:22 - [5,048] ----D C:\Users\Famille\AppData\Roaming\VSO O43 - CFD: 31/07/2009 - 16:17:32 - [0] ----D C:\Users\Famille\AppData\Roaming\WinBatch O43 - CFD: 09/08/2009 - 09:29:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Windows Live Writer O43 - CFD: 08/07/2010 - 14:24:41 - [0,000] ----D C:\Users\Famille\AppData\Roaming\WinRAR O43 - CFD: 08/11/2009 - 14:46:35 - [0] ----D C:\Users\Famille\AppData\Roaming\ZoomBrowser EX O43 - CFD: 15/01/2011 - 18:09:21 - [15,776] ----D C:\Users\Famille\AppData\Local\Adobe O43 - CFD: 03/02/2012 - 00:23:22 - [0] ----D C:\Users\Famille\AppData\Local\Apple O43 - CFD: 03/02/2012 - 00:25:12 - [111,863] ----D C:\Users\Famille\AppData\Local\Apple Computer O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Application Data O43 - CFD: 14/02/2013 - 21:16:20 - [0,017] ----D C:\Users\Famille\AppData\Local\Canon Easy-PhotoPrint EX O43 - CFD: 21/02/2010 - 11:52:14 - [5,073] ----D C:\Users\Famille\AppData\Local\Downloaded Installations O43 - CFD: 19/03/2011 - 16:20:41 - [30,909] ----D C:\Users\Famille\AppData\Local\Google O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Historique O43 - CFD: 14/02/2013 - 09:15:32 - [0] ----D C:\Users\Famille\AppData\Local\Lollipop O43 - CFD: 18/12/2012 - 21:36:25 - [34,323] ----D C:\Users\Famille\AppData\Local\Ludi O43 - CFD: 21/02/2011 - 12:09:19 - [672,165] ----D C:\Users\Famille\AppData\Local\Microsoft O43 - CFD: 17/08/2009 - 14:23:55 - [0,000] ----D C:\Users\Famille\AppData\Local\Microsoft Games O43 - CFD: 12/09/2010 - 12:35:49 - [0,075] ----D C:\Users\Famille\AppData\Local\MicroVision Applications O43 - CFD: 06/08/2009 - 03:26:50 - [61,554] ----D C:\Users\Famille\AppData\Local\Mozilla O43 - CFD: 12/09/2010 - 14:53:38 - [6,877] ----D C:\Users\Famille\AppData\Local\Nero O43 - CFD: 12/09/2010 - 14:31:06 - [0,002] ----D C:\Users\Famille\AppData\Local\Nero_AG O43 - CFD: 01/09/2011 - 22:25:42 - [0] ----D C:\Users\Famille\AppData\Local\PackageAware O43 - CFD: 02/01/2013 - 15:11:32 - [0,019] ----D C:\Users\Famille\AppData\Local\Pense-bete O43 - CFD: 05/04/2010 - 06:14:37 - [0,161] ----D C:\Users\Famille\AppData\Local\Pinnacle O43 - CFD: 06/08/2009 - 07:42:00 - [0] ----D C:\Users\Famille\AppData\Local\Scansoft O43 - CFD: 17/02/2013 - 19:48:30 - [8,989] ----D C:\Users\Famille\AppData\Local\Temp O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Temporary Internet Files O43 - CFD: 10/01/2010 - 19:34:06 - [0,122] ----D C:\Users\Famille\AppData\Local\VirtualStore O43 - CFD: 13/07/2012 - 23:32:26 - [0,148] ----D C:\Users\Famille\AppData\Local\Windows Live O43 - CFD: 09/08/2009 - 09:29:04 - [0,340] ----D C:\Users\Famille\AppData\Local\Windows Live Writer O43 - CFD: 31/07/2009 - 13:00:49 - [0,010] ----D C:\Users\Famille\AppData\Local\WindowsUpdate O43 - CFD: 05/11/2011 - 09:48:16 - [0] ----D C:\Users\Famille\AppData\Local\{010A1DC1-C6E3-48EE-944F-89459751AD87} O43 - CFD: 03/08/2011 - 04:40:12 - [0] ----D C:\Users\Famille\AppData\Local\{03E420CD-F9E3-460C-965E-EBA4540947EA} O43 - CFD: 08/08/2011 - 08:56:30 - [0] ----D C:\Users\Famille\AppData\Local\{0C507DFD-BEF8-418B-B9E1-45BAF5B7914E} O43 - CFD: 03/08/2011 - 08:59:42 - [0] ----D C:\Users\Famille\AppData\Local\{20DF2568-F971-484F-87D2-7FCBDFC8113B} O43 - CFD: 07/08/2011 - 19:31:16 - [0] ----D C:\Users\Famille\AppData\Local\{25D882BA-4A0A-42F6-8025-D61F46A5BD04} O43 - CFD: 30/07/2011 - 08:47:54 - [0] ----D C:\Users\Famille\AppData\Local\{31CEF206-C21C-44FF-8B1E-F41A891CFB54} O43 - CFD: 03/08/2011 - 03:50:47 - [0] ----D C:\Users\Famille\AppData\Local\{321AC7A7-B548-4A21-AE53-2CC115F8C735} O43 - CFD: 31/03/2012 - 17:00:32 - [0] ----D C:\Users\Famille\AppData\Local\{37E2C478-3104-434A-B914-F76B4E45C6C6} O43 - CFD: 08/08/2011 - 08:55:53 - [0] ----D C:\Users\Famille\AppData\Local\{3C59F4F0-964D-4AF9-A56C-95E49B15ABCF} O43 - CFD: 31/03/2012 - 17:00:55 - [0] ----D C:\Users\Famille\AppData\Local\{47316EA3-587F-48DB-919A-9F140098DC1B} O43 - CFD: 28/03/2012 - 08:11:24 - [0] ----D C:\Users\Famille\AppData\Local\{4CBD5A68-4F47-4972-9317-35EB996BC27D} O43 - CFD: 08/08/2011 - 08:54:08 - [0] ----D C:\Users\Famille\AppData\Local\{52689C81-3CF8-44E5-9AED-5BAE279E86B9} O43 - CFD: 03/08/2011 - 23:54:05 - [0] ----D C:\Users\Famille\AppData\Local\{57BB0E1B-40D1-40C7-A826-5FF612ACFE7F} O43 - CFD: 25/09/2011 - 22:58:20 - [0] ----D C:\Users\Famille\AppData\Local\{5883FCD8-3A6C-4707-8A99-7EA63D5AFF13} O43 - CFD: 31/03/2012 - 14:28:46 - [0] ----D C:\Users\Famille\AppData\Local\{5D9D49E4-3D0E-4C96-8439-C89C0270C256} O43 - CFD: 25/09/2011 - 22:58:31 - [0] ----D C:\Users\Famille\AppData\Local\{5E0C0E56-1708-48C3-9344-A5DC683B9C5A} O43 - CFD: 08/08/2011 - 05:31:37 - [0] ----D C:\Users\Famille\AppData\Local\{65B4992C-63D1-4FB5-92F3-C0EA850BBAC9} O43 - CFD: 02/01/2012 - 15:22:07 - [0] ----D C:\Users\Famille\AppData\Local\{6DDBC834-990E-4B7E-8FFB-B49DDA24FDEE} O43 - CFD: 08/08/2011 - 09:06:44 - [0] ----D C:\Users\Famille\AppData\Local\{6E08F8F5-A26B-4077-AF1C-5F5127AC91D8} O43 - CFD: 03/08/2011 - 07:43:08 - [0] ----D C:\Users\Famille\AppData\Local\{6E9347F2-4992-416A-90BF-5FA45615BB30} O43 - CFD: 03/08/2011 - 07:41:05 - [0] ----D C:\Users\Famille\AppData\Local\{763FCDE7-76A9-47C8-9B46-AEC1C569B199} O43 - CFD: 01/11/2011 - 11:38:50 - [0] ----D C:\Users\Famille\AppData\Local\{87E5F1C6-681E-4740-8689-0C8C854E27A8} O43 - CFD: 07/08/2011 - 19:27:00 - [0] ----D C:\Users\Famille\AppData\Local\{8DD0DA1D-1BB4-4126-8FDB-ED153B292EF0} O43 - CFD: 30/07/2011 - 08:52:29 - [0] ----D C:\Users\Famille\AppData\Local\{90D472A2-1169-4C72-BC72-51A96E8974F8} O43 - CFD: 30/07/2011 - 10:10:47 - [0] ----D C:\Users\Famille\AppData\Local\{94039877-D2DE-42D3-BFE1-E29411504314} O43 - CFD: 08/08/2011 - 07:58:28 - [0] ----D C:\Users\Famille\AppData\Local\{9840C69E-0301-4CAD-BC56-D31599F78F13} O43 - CFD: 03/08/2011 - 04:42:43 - [0] ----D C:\Users\Famille\AppData\Local\{A191B62C-BFDB-4AF9-945F-2A1FC9AB4076} O43 - CFD: 30/07/2011 - 10:09:57 - [0] ----D C:\Users\Famille\AppData\Local\{B39C7509-B819-4875-B3CB-1221FC6722E9} O43 - CFD: 22/09/2012 - 17:46:35 - [0] ----D C:\Users\Famille\AppData\Local\{BB8B6C75-FF00-4CAC-B2FC-B5C935613CD1} O43 - CFD: 30/07/2011 - 10:09:27 - [0] ----D C:\Users\Famille\AppData\Local\{BC0F1272-C486-4CE5-BD4A-8ED5944431C9} O43 - CFD: 22/01/2013 - 15:53:33 - [0] ----D C:\Users\Famille\AppData\Local\{BDD7E48D-EC3F-4F6A-996D-076F5ED69491} O43 - CFD: 08/08/2011 - 03:50:12 - [0] ----D C:\Users\Famille\AppData\Local\{C211376A-B60D-47D3-8DA9-172A40757AE8} O43 - CFD: 26/09/2011 - 11:06:42 - [0] ----D C:\Users\Famille\AppData\Local\{C2E4A770-213D-45F9-8C68-BE733A4A34CD} O43 - CFD: 26/09/2011 - 11:06:31 - [0] ----D C:\Users\Famille\AppData\Local\{C4BACE68-8757-4BDE-80E3-C1A16591E211} O43 - CFD: 31/03/2012 - 16:59:51 - [0] ----D C:\Users\Famille\AppData\Local\{C8F0236D-5F58-444A-BFB2-38AA90069483} O43 - CFD: 08/08/2011 - 09:06:33 - [0] ----D C:\Users\Famille\AppData\Local\{CE67963E-FEA7-4B2C-B5E2-9362F633B94E} O43 - CFD: 08/08/2011 - 08:05:45 - [0] ----D C:\Users\Famille\AppData\Local\{D5198CFB-E707-4198-ABFA-77524A9C56AE} O43 - CFD: 08/08/2011 - 03:44:00 - [0] ----D C:\Users\Famille\AppData\Local\{DDAB6B84-9510-464B-8401-AC5F53A86E88} O43 - CFD: 03/08/2011 - 23:51:20 - [0] ----D C:\Users\Famille\AppData\Local\{E682EAE1-9239-45A6-9B0E-1C5740B48CE5} O43 - CFD: 13/07/2012 - 23:32:25 - [0] ----D C:\Users\Famille\AppData\Local\{E69BB797-CB7C-4536-A007-23E38BA555F7} O43 - CFD: 12/01/2012 - 11:07:00 - [0] ----D C:\Users\Famille\AppData\Local\{F9F314EE-AA4B-43BD-ACDA-F2161F9F94DF} O43 - CFD: 08/08/2011 - 08:07:02 - [0] ----D C:\Users\Famille\AppData\Local\{FECFF51D-BEAD-446F-9F34-249536C395FD} O43 - CFD: 02/11/2006 - 13:54:36 - [0,015] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 30/07/2009 - 11:27:07 - [0,000] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 03/07/2012 - 13:08:56 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AlerteGPS O43 - CFD: 15/10/2009 - 18:51:06 - [0] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Full Pack Codecs O43 - CFD: 29/07/2012 - 21:57:08 - [0,003] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ludi O43 - CFD: 02/11/2006 - 13:50:41 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 03/11/2009 - 06:01:17 - [0,005] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pense-Bête O43 - CFD: 17/02/2013 - 11:32:13 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 16/06/2010 - 07:47:36 - [0,002] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Scan Program Folder in 00mn 25s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3442DC85C73E15769F6A1B96F7CAF8DE] - 17/02/2013 - 16:23:13 ----- . (...) -- C:\WINDOWS\WindowsUpdate.log [1974813] O44 - LFC:[MD5.BF7DC0927233CFB1781843BC4E67ACD0] - 17/02/2013 - 16:22:38 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584] O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 17/02/2013 - 13:51:52 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\WINDOWS\System32\sdnclean.exe [15224] O44 - LFC:[MD5.E828134279A6BB5EF3032F9B88D335F9] - 14/02/2013 - 11:56:04 ---A- . (.Oracle Corporation - Pas de description.) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [94112] O44 - LFC:[MD5.ABC4230E67C8E68E070A22C1E4A8F673] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [174496] O44 - LFC:[MD5.FBE59F564DFEEBBFCDBBDFAB54C64501] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [262560] O44 - LFC:[MD5.4951D2D49B400A1A722BC48FADEBD6F4] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [174496] O44 - LFC:[MD5.2616B4D6D04F18C579B7861F02B0B592] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\WINDOWS\System32\npDeployJava1.dll [861088] O44 - LFC:[MD5.BB8996FE972847B5879FDE24F24F034E] - 14/02/2013 - 11:56:00 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [782240] O44 - LFC:[MD5.56E85735BFAC560F4AFF5B64CFD52959] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1495948] O44 - LFC:[MD5.306C968D21746B870D2D8A03162EE516] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [103872] O44 - LFC:[MD5.CAAF1E9D535F76D79019DFE724DFFE16] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [126420] O44 - LFC:[MD5.7B8F9BB4C218449CFB9417D508C40D23] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [595798] O44 - LFC:[MD5.991A328663ACAC478C71AAB512D2D201] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [678804] O44 - LFC:[MD5.EC82D3908EE04E004D36A20958CF540D] - 07/02/2013 - 18:45:24 ---A- . (...) -- C:\WINDOWS\Bbt97.INI [56] O44 - LFC:[MD5.D85A08214CDBDEBDCC2D3EB8C4FA32B5] - 07/02/2013 - 16:54:51 ---A- . (...) -- C:\WINDOWS\BELOTEXP.INI [34] ~ Scan Files in 00mn 54s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe ~ Scan Keys in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\WINDOWS\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\WINDOWS\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\WINDOWS\System32\iccvid.dll O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\System32\xvidvfw.dll O52 - TDSD: \Drivers32\"vidc.mjpg"="pvmjpg30.dll" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\System32\ff_vfw.dll O52 - TDSD: \drivers.desc\"pvmjpg30.dll"="PICVideo 3 M-JPEG VfW Codec" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\binternet [Key] . (...) -- C:\Users\Famille\binternet.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (...) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\NBAgent [Key] . (...) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\NvSvc [Key] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvsvc.dll O53 - SMSR:HKLM\...\startupreg\OpwareSE4 [Key] . (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0 O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys [420968] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - 02/06/2008 - C:\WINDOWS\System32\drivers\iastor.sys (iaStor) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTOR O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\WINDOWS\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\WINDOWS\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("browser.search.defaultenginename", "SweetIM Search"); O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SweetIM Search"); O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaulturl", ""); O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SweetIM Search"); O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://home.sweetim.com/?crg=3.1010000.10015"); O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.10015"); O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {BF4AC517-DA6E-4D46-A55D-412A2B1F6E6B} - (Google) - http://www.google.fr ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\WINDOWS\System32\aelupsvc.dll [24576] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\WINDOWS\System32\wercplsupport.dll [62976] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\System32\srvsvc.dll [125952] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [576512] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [438784] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\WINDOWS\System32\Audiosrv.dll [315392] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\WINDOWS\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\WINDOWS\System32\rasmans.dll [262144] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\WINDOWS\System32\mprdim.dll [68608] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\WINDOWS\System32\sens.dll [47104] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance à Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [288256] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [242688] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [449024] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\WINDOWS\System32\qmgr.dll [758784] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [199168] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [19968] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\WINDOWS\System32\appinfo.dll [33280] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [111616] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\WINDOWS\System32\mmcss.dll [45056] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [153088] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [57344] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [162304] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\WINDOWS\System32\schedsvc.dll [601600] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\WINDOWS\System32\sessenv.dll [84992] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\WINDOWS\System32\browser.dll [81920] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\WINDOWS\System32\kmsvc.dll [68096] ~ Scan Services in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.5BBD552B3FD39B77F696A00C6D921422] [SPRF][10/01/2012] (...) -- C:\Users\Famille\AppData\Local\d3d9caps.dat [1356] [MD5.6FC26F584D91A85046AEA121625057E5] [SPRF][25/10/2010] (...) -- C:\Users\Famille\AppData\Roaming\sprkwi.dat [32] [MD5.0C561D5244170036E15C8DFAC995B796] [SPRF][24/03/2010] (...) -- C:\Users\Famille\AppData\Roaming\wklnhst.dat [116] [MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576] [MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608] [MD5.3F4413DCD8D3BBABF08F68F25E6D60E1] [SPRF][16/02/2005] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [401408] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{99AC75B0-01CB-4D7E-806C-182F20C6781F}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe O87 - FAEL: "{B71F7E93-7A2C-4544-885A-6C9152FF5298}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe O87 - FAEL: "{0E94A681-33C4-46EF-923F-AE08B9812348}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O87 - FAEL: "{989F3F80-CB8F-476E-89A3-5B665F63CED4}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O87 - FAEL: "{11985DD7-E12F-4E87-8F91-841E03D717D9}" | In - Public - P6 - TRUE | .(.Intel(R) Corporation - Intel® Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O87 - FAEL: "{47133D57-4ED0-4B8D-BC12-0A033EB53D6E}" | In - Public - P17 - TRUE | .(.Intel(R) Corporation - Intel® Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O87 - FAEL: "{4A3C0D44-8FBE-4E98-A4FC-35134B383000}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.) O87 - FAEL: "{4AD6A076-1D64-4B6F-98DE-C70847F192BE}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.) O87 - FAEL: "TCP Query User{BBB068EF-2C9A-4D6A-8B42-A6684C48DFD4}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe O87 - FAEL: "UDP Query User{30CD1ED5-6E1A-48EE-8ABA-3CD5DBAE0205}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe O87 - FAEL: "TCP Query User{FA7F0184-2572-4697-8E18-3F20D795930F}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe O87 - FAEL: "UDP Query User{18E93412-5D6A-40CF-9D4F-45BD27E089AC}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe O87 - FAEL: "TCP Query User{A30C349B-52C2-41D5-975E-4B43164BC160}C:\program files\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe O87 - FAEL: "UDP Query User{66C6A395-5E17-4AF0-8495-0D12ACBDE95B}C:\program files\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe O87 - FAEL: "{3DFB9FC5-5AFF-4AB9-855F-F3BF2F2F218B}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe O87 - FAEL: "{35C8EC6F-A375-4323-934F-6275F6279795}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe O87 - FAEL: "{DB637064-90A3-4926-A36A-81E17558C548}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe O87 - FAEL: "{16204657-EE62-4DC1-B068-ABE2CA343B81}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe O87 - FAEL: "{C9D6B1ED-18BC-4754-8440-ACE991667147}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe O87 - FAEL: "{A011EFC4-E17E-4D84-B36D-88F769460FA0}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe O87 - FAEL: "{54E017D6-819B-4DEE-9545-4F201CFE969D}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe O87 - FAEL: "{0FF2F983-7CD6-4DBA-985E-2E65E749CB2A}" | In - Domain - P6 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe O87 - FAEL: "TCP Query User{1BB2D705-4E53-4067-A981-8B4C9E356E17}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "UDP Query User{EF610CC1-45A1-4AB1-B4FA-96F3969290BC}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe O87 - FAEL: "TCP Query User{B62842D3-A853-4A39-B0C4-D647074A4FF0}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe O87 - FAEL: "UDP Query User{75BB331F-D399-4B04-A38F-8345DD052C64}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe O87 - FAEL: "{A37EB95C-B442-4725-AB4D-B942A544B178}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{F6FBAEE7-5FF4-4D62-A751-BBED19A74E83}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{585F6C9B-79BB-4080-B374-8BDFCCF2C135}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{6893B45D-5D64-4C1F-86F2-FC67EB49B2C2}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{B26E2F02-5391-4DAE-B71F-FF121D643D97}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "{AB13006E-627E-46E5-86E4-7AB60C4C3C6D}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{A95C317D-2D89-4487-AED1-A591E9F83184}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "TCP Query User{3DEE73F1-F7B0-4911-B75A-C47D56D6E1FE}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.) O87 - FAEL: "UDP Query User{CFD27752-F192-47E1-8D9E-8A1EF31A6019}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.) O87 - FAEL: "TCP Query User{CD5A9662-F7EC-4072-9992-33E41030AA4C}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P6 - TRUE | .(.Pas de propriétaire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe O87 - FAEL: "UDP Query User{14CA58C1-8F61-4916-8F9B-6EBBBA1C343B}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P17 - TRUE | .(.Pas de propriétaire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe O87 - FAEL: "{B28665AD-CDBD-4EF3-A98C-1C66AF6CECEA}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) O87 - FAEL: "{E2D8B2ED-93ED-413B-8CAB-6617D0C74581}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.) O87 - FAEL: "{6ED121D2-8577-4AFE-863D-B52444F2B50F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{4043FBD4-03A0-41FA-978A-1B8843AE7490}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe ~ Scan Firewall in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : v2.10777 - (17/02/2013) Clés trouvées (Keys found) : 22 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 1 [HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR [HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent [HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent [HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask [HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR [HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent [HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent [HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent [HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR [HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR [HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\binternet] =>Spyware.BHO [HKCU\Software\lollipop] =>Adware.Lollipop [HKLM\Software\Classes\Installer\Features\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Classes\Installer\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype [HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow]:*.chat-land.org =>Hijacker.ChercheUS [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR C:\Users\Famille\AppData\Local\lollipop =>Adware.Lollipop C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\SearchPlugins\cherche.xml =>Hijacker.ChercheUS ~ Scan Additionnel in 00mn 22s ---\\ Recherche détournement de DNS routeur (O89) (None) ---\\ Product Upgrade Codes (O90) O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0 O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe O90 - PUC: "1271C3A5DE8F0E11A8BF8BCAF6798BE8" . (.Google Earth.) -- C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon O90 - PUC: "2E666343950ACA84DA7632B07FE4D22B" . (.Apple Application Support.) -- C:\Windows\Installer\{343666E2-A059-48AC-AD67-230BF74E2DB2}\WinInstall.ico O90 - PUC: "393793D005B925c4485D773E4482F978" . (.Roxio Creator Data.) -- c:\Windows\Installer\{0D397393-9B50-4c52-84D5-77E344289F87}\RoxioCentral.exe O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico O90 - PUC: "521D59DC299285843BFEF5F65BF2AB6D" . (.Skype Toolbars.) -- C:\Windows\Installer\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}\IconUninstallIco O90 - PUC: "61F61FCBE0CAEBA49AFE14C24F48AB15" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}\fssicon.ico O90 - PUC: "6531AF5077EED0943A67D5AB5DE3F02A" . (.Ma-Config.com.) -- C:\Windows\Installer\{05FA1356-EE77-490D-A376-5DBAD53E0FA2}\maconfico O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.5) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O90 - PUC: "693D336E8815D9E4F8B6FB8BFB43768E" . (.Skype™ 5.1.) -- C:\Windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe O90 - PUC: "72788EEDB9779A74CAFE8FC75A9FA256" . (.ScanSoft OmniPage SE 4.) -- C:\Windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\ARPPRODUCTICON.exe O90 - PUC: "7CFCFF386C886c14782559A85423C528" . (.Roxio Creator Audio.) -- c:\Windows\Installer\{83FFCFC7-88C6-41c6-8752-958A45325C82}\RoxioCentral.exe O90 - PUC: "8CDC4930DBAF8de41B4030938367FDFD" . (.Roxio Creator Tools.) -- c:\Windows\Installer\{0394CDC8-FABD-4ed8-B104-03393876DFDF}\RoxioCentral.exe O90 - PUC: "987A09F2E1DDEC14FBACDB8712B3BA7C" . (.OpenOffice.org 3.4.) -- C:\Windows\Installer\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}\soffice.ico O90 - PUC: "9B8BD42DC6BB43346991ABC156E0313D" . (.Microsoft Primary Interoperability Assemblies 2005.) -- C:\Windows\Installer\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}\[SystemFolder]msiexec.exe O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico O90 - PUC: "A8DDC9166B411a34BAC6F0E44EC80E84" . (.Roxio Creator Copy.) -- c:\Windows\Installer\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}\RoxioCentral.exe O90 - PUC: "B0860B8CEADC9084F91983B7D60EF0C7" . (.Roxio Creator Basic v9.) -- c:\Windows\Installer\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}\RoxioCentral.exe O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico O90 - PUC: "B4B39F110F84E4A4EA77FD9AA69966B4" . (.Roxio Creator EasyArchive.) -- c:\Windows\Installer\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}\RoxioCentral.exe O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico O90 - PUC: "C5BA7CF5CF16FD249A321593CB1FD024" . (.Microsoft LifeCam.) -- C:\Windows\Installer\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}\LifeCamIcon.ico O90 - PUC: "CE6FB7E67E3C7A34A830D002E4E30CB1" . (.Logiciel Intel® Viiv™.) -- C:\Windows\Installer\{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}\ARPPRODUCTICON.exe O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- c:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe O90 - PUC: "E6E0681DE025083448335EE8F8884B37" . (.Pinnacle Studio 12 Ultimate Plugins.) -- C:\Windows\Installer\{D1860E6E-520E-4380-8433-E58E8F88B473}\ARPPRODUCTICON.exe O90 - PUC: "E9BE140DA0988904F84915AD91A47CA2" . (.Pinnacle Studio 12.) -- C:\Windows\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe O90 - PUC: "EC08DF9F8440F4D4B8DC77CF15C4F399" . (.Vista Codec Package.) -- C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe O90 - PUC: "F6071111A6667304777712308267D401" . (.JavaFX 2.1.0.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-210328764D10}\javaIcon.ico ~ Scan Files in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe SS - | Demand 11/09/2006 188416 | (AlertService) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe SR - | Auto 21/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe SR - | Auto 21/07/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 208896 | (DQLWinService) . (...) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe SS - | Auto 13/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 13/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 02/06/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe SS - | Auto 10/05/2006 29696 | (IntelDHSvcConf) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe SS - | Demand 11/09/2006 75264 | (ISSM) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe SS - | Demand 26624 | (M1 Server) . (...) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe SS - | Demand 05/02/2013 312704 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SS - | Demand 11/09/2006 167936 | (MCLServiceATL) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe SS - | Demand 06/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe SR - | Auto 07/04/2011 612456 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\nvvsvc.exe SR - | Auto 08/04/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SS - | Demand 11/09/2006 544256 | (Remote UI Service) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe SS - | Demand 01/11/2006 78752 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe SR - | Auto 18/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe SR - | Auto 18/01/2008 21504 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe ~ Scan Services in 00mn 01s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net Run by Famille at 17/02/2013 19:52:34 device: opened successfully user: MBR read successfully Disk trace: called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys 1 ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Harddisk0\DR0[0x85E3CAC8] 3 CLASSPNP[0x833AA8B3] -> ntkrnlpa!IofCallDriver[0x82458912] -> [0x8560FC10] 5 acpi[0x805C26BC] -> ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Ide\IdeDeviceP1T0L0-2[0x8560A390] kernel: MBR read successfully user & kernel MBR OK ~ Scan MBR in 00mn 02s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Famille at 17/02/2013 19:52:37 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 04s End of the scan (1441 lines in 04mn 36s)(0)