Rapport de ZHPDiag v1.3.5.100 par Nicolas Coolman, Update du 19/02/2013
Run by dédé at 19/02/2013 22:23:48
State : Version à jour.
High Elevated Privileges : OK
UAC : Activate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows 7 Business Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7TP9F
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: x86 Family 15 Model 107 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (62% free)
System Restore: Activé (Enable)
System drive C: has 52 GB (22%) free of 233 GB

---\\ Logged in mode
~ Computer Name: DÉDÉ-PC
~ User Name: dédé
~ All Users Names: HomeGroupUser$, dédé, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\dédé\AppData\Roaming\
~ %Desktop% : C:\Users\dédé\Desktop\
~ %Favorites% : C:\Users\dédé\Favorites\
~ %LocalAppData% : C:\Users\dédé\AppData\Local\
~ %StartMenu% : C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 52 Go of 233 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]
[MD5.B49B56B64F57699A1A663D2CF7D0A56F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.08/01/2013 - 23:03:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 22:29:06.) -- C:\Windows\System32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 22:29:24.) -- C:\Windows\System32\sppcomapi.dll [193536]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 22:29:08.) -- C:\Windows\system32\Drivers\netBT.sys [187904]
[MD5.0D87503986BB3DFED58E343FE39DDE13] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 18:18:09.) -- C:\Windows\system32\Drivers\ntfs.sys [1211760]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848]
[MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 22:29:49.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 22:29:07.) -- C:\Windows\system32\Drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 22:29:03.) -- C:\Windows\system32\Drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/30
Mes musiques (My Musics) : 7/7   (Modified) 
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 1/171
~ Mon Bureau (My Desktop) : 1/24
~ Menu demarrer (Programs) : 1/32
~ Scan Hidden Files in 00mn 00s



---\\ Processus lancés
[MD5.F32FAA558015CF3D714AEA1003B29E38] - (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe   [1200880] [PID.1852]
[MD5.B70BCC55743C5A5BD7C7C6D6A02BB6F9] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe   [604704] [PID.2720]
[MD5.1F52E8EBC111C7C578CC9E5BDF06EBE6] - (.BitDefender S.R.L. - BitDefender Security Center.) -- C:\Program Files\BitDefender\BitDefender 2010\seccenter.exe   [1118232] [PID.2732]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.2752]
[MD5.4B9949208944C50B1A16FD1F05ED0A04] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe   [299008] [PID.2836]
[MD5.6E4020D918F14049188E0D8B5BB27F27] - (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe   [842048] [PID.3188]
[MD5.A9950F1C63BA70151803C6F24CEE23F3] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe   [299008] [PID.4040]
[MD5.4FA52F3693961257E3364AACF8F8B572] - (.Adobe Systems Incorporated - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\system32\Macromed\Flash\FlashUtil32_11_5_502_110_ActiveX.exe   [697272] [PID.4308]
[MD5.01BD76439F5D321BE54827F4949D905B] - (.Nicolas Coolman - ZHPFix.) -- C:\Program Files\ZHPDiag\ZHPFix\ZHPFix.exe   [2718208] [PID.5336]
[MD5.698EB1E5F8C66344D97C00B5699E871D] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe   [757280] [PID.5652]
[MD5.F6E3D406A555A557D0F7CF085362EB4C] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [5687296] [PID.5252]
~ Scan Processes Running in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\dédé\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default] jaedia":{"ack_external":true},"paoponfhfdfnjgddpnpjkambkcgdaaib":{"ack_external":true}}},"first_run_tabs":["http://www.google.comue,"urls_to_restore_on_startup":["http://www.google.com/"]},"sync_promo":{"show_on_first_run_allowed":false}}
~ Scan Google Browser in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.10.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.10.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.10.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.0.3.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\Program Files\Microsoft Office\Office14\NPSPWRAP.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.01.) -- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.sfr.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 11.0.01.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s
~ Nombre de lignes (Lines number): 21



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: BitDefender Toolbar - [HKLM]{381FFDE8-2394-4f90-B10D-FC6124A40F8C} . (.BitDefender S.R.L. - BitDefender Antiphishing Toolbar.) -- C:\Program Files\BitDefender\BitDefender 2010\IEToolbar.dll
~ Scan Toolbar in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [BDAgent] . (.BitDefender S.R.L. - BitDefender Agent.) -- C:\Program Files\BitDefender\BitDefender 2010\bdagent.exe 
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] . (.BitDefender S.R.L. - IEShow Application.) -- C:\Program Files\BitDefender\BitDefender 2010\IEShow.exe 
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Run: [AMD AVT] . (.Microsoft Corporation - Interpréteur de commandes Windows.) -- C:\Windows\System32\Cmd.exe 
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-21-2776646512-3961157152-1245913816-1001\..\Run: [DAEMON Tools Pro Agent] . (.DT Soft Ltd - DAEMON Tools Pro Agent.) -- C:\Program Files\DAEMON Tools Pro\DTAgent.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\dédé\Desktop\CIC » Communication bancaire  quelles solutions après ETEBAC  - E-banking, la démocratisation des solutions.url . (...)  -- C:\Users\dédé\Desktop\CIC » Communication bancaire  quelles solutions après ETEBAC  - E
O4 - Global Startup: C:\Users\dédé\Desktop\MediaInfo - Raccourci.lnk . (.MediaArea.net.)  -- C:\Program Files\MediaInfo\MediaInfo.exe
O4 - Global Startup: C:\Users\dédé\Desktop\RatioMaster - Raccourci.lnk . (.www.moofdev.net.)  -- C:\Program Files\ratiomaster\RatioMaster.exe
O4 - Global Startup: C:\Users\dédé\Desktop\SpeedFan.lnk . (.Almico Software (www.almico.com).)  -- C:\Program Files\SpeedFan\speedfan.exe
O4 - Global Startup: C:\Users\dédé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk . (...)  -- C:\Program Files\GRETECH\GomPlayer\GOM.exe
O4 - Global Startup: C:\Users\dédé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Global Startup in 00mn 00s



---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBttnIE.dll
O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~1\Office14\ONBTTN~1.dll
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} ((no name)) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ((no name)) - http://fichiers2.touslesdrivers.com/maconfig/MaConfig_6_5_0_3.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
~ Scan Objets ActiveX in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{BC61BCB5-3927-4EB2-AB16-91490EAE47F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{BC61BCB5-3927-4EB2-AB16-91490EAE47F9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{BC61BCB5-3927-4EB2-AB16-91490EAE47F9}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll
O18 - Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service:  (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\System32\atiesrxx.exe
O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) . (.BitDefender S.R.L. - BitDefender Update Service.) - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) . (.BitDefender S.R.L. - BitDefender Security Service.) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
~ Scan Services in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
[MD5.9FACF68EE6BDED00108002C61517D08A] [APT] [Game_Booster_AutoUpdate] (.IObit.) -- C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe
[MD5.10175384830569E3687DED022596F7C6] [APT] [{00ABA161-026C-41EB-8CED-0B408D3835CB}] (.VIA Technologies, Inc..) -- C:\Program Files\VIA4in1_MB\VIA\SETUP.exe
[MD5.00000000000000000000000000000000] [APT] [{33A96461-F5A1-4FD9-84B6-CD7C9727264D}] (...) -- C:\Program Files\KONAMI\Pro Evolution Soccer 2012\Installer.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [{49B9169A-0714-4F8A-96BD-977F87610DB2}] (...) -- E:\VIA4in1_MB\VIA\SETUP.exe (.not file.)
~ Scan Scheduled Task in 00mn 01s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (anodlwf) . (.Pas de propriétaire - NDIS 6.0 Filter Driver.) - C:\Windows\System32\DRIVERS\anodlwf.sys
O41 - Driver:  (BdfNdisf) . (.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - C:\Windows\System32\DRIVERS\BdfNdisf6.sys
O41 - Driver:  (bdfwfpf) . (.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys
O41 - Driver:  (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\System32\DRIVERS\dtsoftbus01.sys
O41 - Driver:  (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
O41 - Driver:  (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip
O42 - Logiciel: AMD Accelerated Video Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {70584E3B-7FA9-BB7F-A529-E7286CF8D8BE}
O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {DC9BEEB0-F7DC-071A-4558-7F3A17F8B39E}
O42 - Logiciel: AMD Drag and Drop Transcoding - (.Advanced Micro Devices, Inc..) [HKLM] -- {143D49C9-F61A-0E40-9333-A02E3C759FA6}
O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {9B36ADC8-05D6-BEF9-C819-C493DF66BBDC}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader XI (11.0.01) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AB0000000001}
O42 - Logiciel: BitDefender Internet Security 2010 - (.BitDefender.) [HKLM] -- {0DFF6117-CBBC-4F5C-9C57-6936644F10D4}
O42 - Logiciel: Call Of Duty Modern Warfare 3 - (.Activision.) [HKLM] -- {12A9ACF2-AB2A-4800-BED1-8396D1B5F056}_is1
O42 - Logiciel: Catalyst Control Center - Branding - (.Advanced Micro Devices, Inc..) [HKLM] -- {03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}
O42 - Logiciel: DAEMON Tools Pro - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Pro
O42 - Logiciel: Deadlight - (.Pas de propriétaire.) [HKLM] -- Deadlight_is1
O42 - Logiciel: Dutch Windmills 3D Screensaver 1.0 - (.3Planesoft.) [HKLM] -- Dutch Windmills 3D Screensaver_is1
O42 - Logiciel: GOM Player - (.Gretech Corporation.) [HKLM] -- GOM Player
O42 - Logiciel: Game Booster 3 - (.IObit.) [HKLM] -- Game Booster_is1
O42 - Logiciel: Hell Yeah Wrath of the Dead Rabbit (c) Sega version 1 - (.Pas de propriétaire.) [HKLM] -- Hell Yeah Wrath of the Dead Rabbit (c) Sega_is1
O42 - Logiciel: Java 7 Update 10 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217010FF}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {4CAF09A9-9F84-4ED4-81E8-E9039ABA7D90}
O42 - Logiciel: MediaInfo 0.7.58 - (.MediaArea.net.) [HKLM] -- MediaInfo
O42 - Logiciel: Microsoft XNA Framework Redistributable 4.0 Refresh - (.Microsoft Corporation.) [HKLM] -- {D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}
O42 - Logiciel: Pro Evolution Soccer 2012 - (.KONAMI.) [HKLM] -- {E737A098-F161-4B6F-AF22-86AAE34F6FBD}
O42 - Logiciel: Pro Evolution Soccer 2013 - (.KONAMI.) [HKLM] -- {C2523AE6-F335-4D0B-BC15-1C07E4ACE629}
O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E}
O42 - Logiciel: SaveVid Plug-in - (.Bandoo Media, Inc.) [HKLM] -- SaveVid Plug-in
O42 - Logiciel: SaveVid Plug-in - (.Bandoo Media, Inc.) [HKLM] -- {8D15E1B2-D2B7-4A17-B44B-D2DDE5981405}
O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan
O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}
O42 - Logiciel: ffdshow [rev 3154] [2009-12-09] - (.Pas de propriétaire.) [HKLM] -- ffdshow_is1

---\\ HKCU & HKLM Software Keys
[HKCU\Software\7-Zip]
[HKCU\Software\AMD]
[HKCU\Software\ANI]
[HKCU\Software\ATI]
[HKCU\Software\Ad-Remover]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\BitDefender]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\D-Link]
[HKCU\Software\DT Soft]
[HKCU\Software\FLT]
[HKCU\Software\GNU]
[HKCU\Software\GRETECH]
[HKCU\Software\Google]
[HKCU\Software\HeartWare]
[HKCU\Software\JavaSoft]
[HKCU\Software\Licenses]
[HKCU\Software\Macromedia]
[HKCU\Software\Might and Delight]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\ODBC]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Smart PC Utilities]
[HKCU\Software\SpeedFan]
[HKCU\Software\Sysinternals]
[HKCU\Software\THETA AnIn]
[HKCU\Software\Trolltech]
[HKCU\Software\Tunngle.net]
[HKCU\Software\Valve]
[HKCU\Software\WinRAR]
[HKCU\Software\ZebHelpProcess Helper]
[HKCU\Software\cybelsoft]
[HKCU\Software\mkvmergeGUI]
[HKLM\Software\3Planesoft]
[HKLM\Software\AMD]
[HKLM\Software\ATI Technologies]
[HKLM\Software\ATI]
[HKLM\Software\Activision]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\BitDefender]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CBSTEST]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\D-Link Wireless N DWA-140_WPS Service]
[HKLM\Software\DT Soft]
[HKLM\Software\GNU]
[HKLM\Software\GRETECH]
[HKLM\Software\Google]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\KONAMI]
[HKLM\Software\Macromedia]
[HKLM\Software\MidasHeurScanner]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\ODBC]
[HKLM\Software\Policies]
[HKLM\Software\Pro Data Doctor Pvt. Ltd.]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Softwin]
[HKLM\Software\Sonic]
[HKLM\Software\Systweak]
[HKLM\Software\TequilaWorks]
[HKLM\Software\Tunngle.net]
[HKLM\Software\VIA Technologies, Inc]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Windows]
[HKLM\Software\cybelsoft]
[HKLM\Software\lameme]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 13/11/2012 - 13:40:05 - [2,951] ----D C:\Program Files\7-Zip
O43 - CFD: 17/02/2013 - 20:34:16 - [152,536] ----D C:\Program Files\Ad-Remover
O43 - CFD: 17/10/2012 - 12:49:05 - [119,534] ----D C:\Program Files\Adobe
O43 - CFD: 23/12/2012 - 20:44:44 - [0,378] ----D C:\Program Files\AMD AVT
O43 - CFD: 23/12/2012 - 20:43:00 - [20,173] ----D C:\Program Files\ATI
O43 - CFD: 23/12/2012 - 20:44:23 - [68,002] ----D C:\Program Files\ATI Technologies
O43 - CFD: 17/08/2012 - 19:39:35 - [156,242] ----D C:\Program Files\BitDefender
O43 - CFD: 30/12/2012 - 19:22:26 - [0] ----D C:\Program Files\Black Forest Games
O43 - CFD: 01/02/2013 - 15:27:50 - [-1992,795] ----D C:\Program Files\Call Of Duty Modern Warfare 3
O43 - CFD: 23/12/2012 - 20:44:39 - [1221,668] ----D C:\Program Files\Common Files
O43 - CFD: 13/11/2012 - 19:35:00 - [45,487] ----D C:\Program Files\DAEMON Tools Pro
O43 - CFD: 30/12/2012 - 22:13:38 - [27,084] ----D C:\Program Files\Deadlight
O43 - CFD: 31/08/2012 - 09:11:27 - [0,716] ----D C:\Program Files\Dutch Windmills 3D Screensaver
O43 - CFD: 21/11/2010 - 01:39:54 - [79,371] ----D C:\Program Files\DVD Maker
O43 - CFD: 15/02/2013 - 21:25:46 - [16,633] ----D C:\Program Files\ffdshow
O43 - CFD: 17/08/2012 - 12:42:27 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 19/10/2012 - 18:32:34 - [0] ----D C:\Program Files\Google
O43 - CFD: 28/12/2012 - 21:22:55 - [92,554] ----D C:\Program Files\GoogleEarthPROPortable
O43 - CFD: 17/08/2012 - 20:50:58 - [27,218] ----D C:\Program Files\GRETECH
O43 - CFD: 13/11/2012 - 22:23:14 - [788,722] ----D C:\Program Files\Hell Yeah Wrath of the Dead Rabbit
O43 - CFD: 19/01/2013 - 08:06:07 - [3,854] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 15/02/2013 - 19:13:58 - [4,954] ----D C:\Program Files\Internet Explorer
O43 - CFD: 15/02/2013 - 21:25:41 - [19,635] ----D C:\Program Files\IObit
O43 - CFD: 16/12/2012 - 12:29:10 - [121,839] ----D C:\Program Files\Java
O43 - CFD: 28/08/2012 - 19:34:59 - [0,629] ----D C:\Program Files\jtk374en
O43 - CFD: 01/10/2012 - 18:35:08 - [-1993,359] ----D C:\Program Files\KONAMI
O43 - CFD: 09/01/2013 - 13:21:10 - [1,711] ----D C:\Program Files\Languages
O43 - CFD: 02/11/2012 - 22:05:17 - [7,342] ----D C:\Program Files\ma-config.com
O43 - CFD: 02/09/2012 - 12:35:30 - [7,240] ----D C:\Program Files\MediaInfo
O43 - CFD: 17/08/2012 - 21:07:52 - [38,002] ----D C:\Program Files\Microsoft Analysis Services
O43 - CFD: 17/08/2012 - 21:09:36 - [949,755] ----D C:\Program Files\Microsoft Office
O43 - CFD: 17/08/2012 - 21:09:35 - [1,722] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 17/08/2012 - 21:09:35 - [0,757] ----D C:\Program Files\Microsoft Sync Framework
O43 - CFD: 17/08/2012 - 21:09:57 - [0,312] ----D C:\Program Files\Microsoft Synchronization Services
O43 - CFD: 17/08/2012 - 21:08:45 - [1,314] ----D C:\Program Files\Microsoft Visual Studio 8
O43 - CFD: 13/11/2012 - 21:39:59 - [5,795] ----D C:\Program Files\Microsoft XNA
O43 - CFD: 20/08/2012 - 13:41:30 - [7,797] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 17/08/2012 - 21:10:26 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 30/12/2012 - 21:48:08 - [1212,793] ----D C:\Program Files\Pid
O43 - CFD: 06/09/2012 - 07:31:28 - [0,924] ----D C:\Program Files\ratiomaster
O43 - CFD: 17/08/2012 - 20:29:10 - [38,633] ----D C:\Program Files\Realtek AC97
O43 - CFD: 14/07/2009 - 05:52:30 - [37,357] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 14/12/2012 - 21:20:33 - [0,000] ----D C:\Program Files\SavevidPlug-in
O43 - CFD: 15/02/2013 - 20:10:56 - [5,523] ----D C:\Program Files\SpeedFan
O43 - CFD: 19/02/2013 - 22:20:25 - [1,491] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 09/01/2013 - 13:21:10 - [0,838] ---AD C:\Program Files\Sys
O43 - CFD: 14/07/2009 - 05:53:23 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 09/01/2013 - 13:21:10 - [0,959] ---AD C:\Program Files\User
O43 - CFD: 17/08/2012 - 19:12:38 - [1,866] ----D C:\Program Files\VIA
O43 - CFD: 17/08/2012 - 19:17:53 - [21,254] ----D C:\Program Files\VIA4in1_MB
O43 - CFD: 21/11/2010 - 01:30:45 - [2,909] ----D C:\Program Files\Windows Defender
O43 - CFD: 17/08/2012 - 19:21:42 - [6,689] ----D C:\Program Files\Windows Journal
O43 - CFD: 21/11/2010 - 01:30:45 - [5,895] ----D C:\Program Files\Windows Mail
O43 - CFD: 21/11/2010 - 01:30:45 - [6,298] ----D C:\Program Files\Windows Media Player
O43 - CFD: 17/08/2012 - 12:42:27 - [11,632] ----D C:\Program Files\Windows NT
O43 - CFD: 21/11/2010 - 01:30:45 - [4,213] ----D C:\Program Files\Windows Photo Viewer
O43 - CFD: 20/11/2010 - 22:33:48 - [0,181] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 21/11/2010 - 01:30:45 - [6,374] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 17/08/2012 - 20:02:23 - [4,490] ----D C:\Program Files\winrar 2
O43 - CFD: 19/02/2013 - 22:23:56 - [15,130] ----D C:\Program Files\ZHPDiag
O43 - CFD: 19/02/2013 - 21:30:40 - [4,757] ----D C:\Program Files\ZHPFix
O43 - CFD: 17/10/2012 - 12:49:13 - [6,274] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 23/12/2012 - 20:44:39 - [2,712] ----D C:\Program Files\Common Files\ATI Technologies
O43 - CFD: 17/08/2012 - 19:39:43 - [918,577] ----D C:\Program Files\Common Files\BitDefender
O43 - CFD: 17/08/2012 - 21:09:56 - [0,095] ----D C:\Program Files\Common Files\DESIGNER
O43 - CFD: 17/08/2012 - 20:28:49 - [5,826] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 16/12/2012 - 12:29:55 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 13/11/2012 - 21:39:59 - [237,443] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 14/07/2009 - 03:37:05 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 14/07/2009 - 03:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 13/11/2012 - 22:34:00 - [10,355] ----D C:\Program Files\Common Files\System
O43 - CFD: 01/12/2012 - 08:28:01 - [129,044] ----D C:\ProgramData\Adobe
O43 - CFD: 23/12/2012 - 20:44:45 - [0,000] ----D C:\ProgramData\AMD
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 23/12/2012 - 20:47:07 - [0,000] ----D C:\ProgramData\ATI
O43 - CFD: 17/08/2012 - 19:46:11 - [1,421] ----D C:\ProgramData\BitDefender
O43 - CFD: 17/08/2012 - 12:42:27 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 22/08/2012 - 11:51:44 - [0,000] --H-D C:\ProgramData\Common Files
O43 - CFD: 13/11/2012 - 19:27:26 - [0,001] ----D C:\ProgramData\DAEMON Tools Pro
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 17/08/2012 - 12:42:27 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 15/02/2013 - 21:25:41 - [1,882] ----D C:\ProgramData\IObit
O43 - CFD: 01/10/2012 - 18:35:08 - [43,596] ----D C:\ProgramData\KONAMI
O43 - CFD: 02/11/2012 - 22:05:16 - [1,259] ----D C:\ProgramData\ma-config.com
O43 - CFD: 17/08/2012 - 12:42:27 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 28/11/2012 - 13:09:48 - [247,970] -S--D C:\ProgramData\Microsoft
O43 - CFD: 15/02/2013 - 13:19:20 - [0,061] ----D C:\ProgramData\Microsoft Help
O43 - CFD: 17/08/2012 - 12:42:27 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 13/11/2012 - 21:41:40 - [0,119] ----D C:\ProgramData\RELOADED
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 14/12/2012 - 21:36:53 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 14/07/2009 - 05:53:55 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 14/12/2012 - 21:20:33 - [9,824] --H-D C:\ProgramData\{87386CEB-BC00-465C-96D6-71F13BE96DD1}
O43 - CFD: 17/10/2012 - 12:52:56 - [2,396] ----D C:\Users\dédé\AppData\Roaming\Adobe
O43 - CFD: 21/08/2012 - 19:56:34 - [0] ----D C:\Users\dédé\AppData\Roaming\ATI
O43 - CFD: 15/10/2012 - 21:17:20 - [0] ----D C:\Users\dédé\AppData\Roaming\AudioConverter
O43 - CFD: 17/08/2012 - 19:39:51 - [0,063] ----D C:\Users\dédé\AppData\Roaming\BitDefender
O43 - CFD: 13/11/2012 - 19:32:19 - [0,001] ----D C:\Users\dédé\AppData\Roaming\DAEMON Tools Pro
O43 - CFD: 17/08/2012 - 21:02:03 - [0,122] ----D C:\Users\dédé\AppData\Roaming\GRETECH
O43 - CFD: 17/08/2012 - 12:42:52 - [0] ----D C:\Users\dédé\AppData\Roaming\Identities
O43 - CFD: 19/08/2012 - 19:38:50 - [0,001] ----D C:\Users\dédé\AppData\Roaming\Macromedia
O43 - CFD: 21/11/2010 - 01:39:36 - [0] ----D C:\Users\dédé\AppData\Roaming\Media Center Programs
O43 - CFD: 25/11/2012 - 17:40:44 - [13,161] -S--D C:\Users\dédé\AppData\Roaming\Microsoft
O43 - CFD: 31/08/2012 - 19:57:54 - [0] ----D C:\Users\dédé\AppData\Roaming\mkvtoolnix
O43 - CFD: 16/12/2012 - 12:57:48 - [4,384] ----D C:\Users\dédé\AppData\Roaming\Mozilla
O43 - CFD: 05/10/2012 - 19:24:22 - [0,044] ----D C:\Users\dédé\AppData\Roaming\QuickScan
O43 - CFD: 27/12/2012 - 14:03:08 - [0,002] ----D C:\Users\dédé\AppData\Roaming\Tunngle
O43 - CFD: 17/08/2012 - 20:03:33 - [0,447] ----D C:\Users\dédé\AppData\Roaming\WinRAR
O43 - CFD: 17/10/2012 - 12:52:56 - [17,230] ----D C:\Users\dédé\AppData\Local\Adobe
O43 - CFD: 21/08/2012 - 19:56:39 - [0,000] ----D C:\Users\dédé\AppData\Local\AMD
O43 - CFD: 17/08/2012 - 12:42:39 - [0] ----D C:\Users\dédé\AppData\Local\Application Data
O43 - CFD: 21/08/2012 - 19:56:34 - [0,060] ----D C:\Users\dédé\AppData\Local\ATI
O43 - CFD: 16/12/2012 - 12:57:53 - [2,619] ----D C:\Users\dédé\AppData\Local\CRE
O43 - CFD: 26/11/2012 - 21:39:45 - [0,954] ----D C:\Users\dédé\AppData\Local\Diagnostics
O43 - CFD: 25/11/2012 - 15:48:37 - [0] ----D C:\Users\dédé\AppData\Local\ElevatedDiagnostics
O43 - CFD: 30/12/2012 - 22:16:45 - [0] ----D C:\Users\dédé\AppData\Local\FLT
O43 - CFD: 19/10/2012 - 11:57:38 - [0,280] ----D C:\Users\dédé\AppData\Local\Google
O43 - CFD: 17/08/2012 - 12:42:39 - [0] ----D C:\Users\dédé\AppData\Local\Historique
O43 - CFD: 21/11/2012 - 12:59:35 - [363,997] ----D C:\Users\dédé\AppData\Local\Microsoft
O43 - CFD: 28/08/2012 - 11:52:55 - [0,139] ----D C:\Users\dédé\AppData\Local\Microsoft Help
O43 - CFD: 30/12/2012 - 22:08:09 - [0] ----D C:\Users\dédé\AppData\Local\Programs
O43 - CFD: 23/12/2012 - 20:56:15 - [0,004] ----D C:\Users\dédé\AppData\Local\SKIDROW
O43 - CFD: 19/02/2013 - 22:24:06 - [900,959] ----D C:\Users\dédé\AppData\Local\Temp
O43 - CFD: 17/08/2012 - 12:42:39 - [0] ----D C:\Users\dédé\AppData\Local\Temporary Internet Files
O43 - CFD: 31/08/2012 - 20:31:57 - [722,737] ----D C:\Users\dédé\AppData\Local\VirtualStore
O43 - CFD: 14/07/2009 - 05:42:04 - [0,014] R---D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 17/08/2012 - 19:24:23 - [0,000] R---D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 14/07/2009 - 05:37:42 - [0,001] R---D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 02/09/2012 - 12:35:30 - [0,004] ----D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo
O43 - CFD: 30/12/2012 - 20:57:08 - [0,002] ----D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pid
O43 - CFD: 17/08/2012 - 19:24:23 - [0,000] R---D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 17/08/2012 - 20:04:01 - [0,003] ----D C:\Users\dédé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 01s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.28DBCC83114FCC917708E8BC764DF838] - 19/02/2013 - 21:47:40 ---A- . (...) -- C:\Windows\setupact.log   [27333]
O44 - LFC:[MD5.759D396B3D4FF48E5B25F8C979AAF2C4] - 19/02/2013 - 21:47:36 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.317AAD6BF43B4A939061BF9C223945E2] - 19/02/2013 - 21:46:49 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1972010]
O44 - LFC:[MD5.07C2F95D61DA2B221C22E324A7A44813] - 19/02/2013 - 21:46:22 ---A- . (...) -- C:\AdwCleaner[S2].txt   [968]
O44 - LFC:[MD5.72458455A03DFBB18CA446291BD5EE95] - 19/02/2013 - 19:18:19 ---A- . (...) -- C:\Windows\PFRO.log   [39380]
O44 - LFC:[MD5.EDB98905A97720982611F8F4DA404973] - 18/02/2013 - 14:02:45 ---A- . (...) -- C:\Windows\System32\ashttpstats.csv   [52]
O44 - LFC:[MD5.7B3CBAD157FF9B7B589E38916B3C6009] - 18/02/2013 - 13:36:59 ---A- . (...) -- C:\AdwCleaner[S1].txt   [4809]
O44 - LFC:[MD5.486F6D52CBC1E47B369133D9A1FAFA3F] - 18/02/2013 - 13:23:34 ---A- . (...) -- C:\Windows\System32\asdict.dat   [16]
O44 - LFC:[MD5.F1D3FF8443297732862DF21DC4E57262] - 18/02/2013 - 13:23:34 ---A- . (...) -- C:\Windows\System32\aspdict-en.dat   [4]
O44 - LFC:[MD5.6E9D21C4E7CCEC4E752C5EFA24DFA927] - 15/02/2013 - 19:56:01 ---A- . (...) -- C:\bdlog.txt   [59149]
O44 - LFC:[MD5.A5B5A16EEAEFADC50674478C94703223] - 15/02/2013 - 19:15:48 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [408616]
O44 - LFC:[MD5.FBF3E467AC160D58AC6651C320228780] - 14/02/2013 - 08:53:17 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1683252]
O44 - LFC:[MD5.6FDE172CBD66335C0792F9F4FEDA6DC0] - 14/02/2013 - 08:53:17 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [120870]
O44 - LFC:[MD5.B6A6D59CDD8C05FF844F40795F11630C] - 14/02/2013 - 08:53:17 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [148574]
O44 - LFC:[MD5.3719DD046608DF499A593624C08EEB5B] - 14/02/2013 - 08:53:17 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [651938]
O44 - LFC:[MD5.0C5EAA3D0C6AA4B5B71D06DBE80D6091] - 14/02/2013 - 08:53:17 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [745056]
O44 - LFC:[MD5.3628F95B80D8DAAFD04F6B454F5C92BA] - 03/02/2013 - 15:08:07 ---A- . (...) -- C:\Windows\wininit.ini   [6086]
O44 - LFC:[MD5.715275A3222C96CDA12F03AF386E8E77] - 03/02/2013 - 13:15:40 ---A- . (...) -- C:\Windows\System32\Dutch Windmills.log   [8422]
O44 - LFC:[MD5.C5582FED3BF46AFD05D521AE2ECB3A59] - 05/12/2009 - 19:42:28 ---A- . (...) -- C:\Windows\System32\ff_vfw.dll   [85504]
~ Scan Files in 00mn 05s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL
~ Scan ShellExecuteHooks in 00mn 00s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\Windows\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\Windows\System32\ff_vfw.dll
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422976]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ZHPFix 1.3 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 25/04/2011 - C:\Windows\system32\drivers\afd.sys (AFD)  .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 06/04/2012 - C:\Windows\System32\DRIVERS\atikmdag.sys (amdkmdag)  .(.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG
O64 - Services: CurCS - 06/03/2009 - C:\Windows\System32\DRIVERS\anodlwf.sys (anodlwf)  .(.Pas de propriétaire - NDIS 6.0 Filter Driver.) - LEGACY_ANODLWF
O64 - Services: CurCS - 03/02/2010 - C:\Windows\System32\DRIVERS\bdfm.sys (BDFM)  .(.BitDefender S.R.L. Bucharest, ROMANIA - BitDefender Active Virus Control Filter Dri.) - LEGACY_BDFM
O64 - Services: CurCS - 17/08/2012 - C:\Windows\System32\DRIVERS\BdfNdisf6.sys (BdfNdisf)  .(.BitDefender LLC - BitDefender Firewall NDIS6 Filter Driver.) - LEGACY_BDFNDISF
O64 - Services: CurCS - 22/02/2010 - C:\Windows\System32\DRIVERS\bdfsfltr.sys (bdfsfltr)  .(.BitDefender - BitDefender AntiVirus FS filter driver.) - LEGACY_BDFSFLTR
O64 - Services: CurCS - 17/08/2012 - C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfwfpf.sys (bdfwfpf)  .(.BitDefender LLC - BitDefender Firewall WFP Filter Driver.) - LEGACY_BDFWFPF
O64 - Services: CurCS - 19/01/2010 - C:\Program Files\BitDefender\BitDefender 2010\bdvedisk.sys (BDVEDISK)  .(.BitDefender - FileVault Disk Driver.) - LEGACY_BDVEDISK
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\clfs.sys (CLFS)  .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 02/06/2012 - C:\Windows\System32\Drivers\cng.sys (CNG)  .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (driverhardwarev2)  .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\dxgkrnl.sys (DXGKrnl)  .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 03/04/1996 - C:\Windows\System32\giveio.sys - giveio (giveio)  .(...) - LEGACY_GIVEIO
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy)  .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\lltdio.sys (lltdio)  .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\drivers\luafv.sys (luafv)  .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\wkssvc.dll (mrxsmb20)  .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20
O64 - Services: CurCS - 22/08/2012 - C:\Windows\system32\drivers\ndis.sys (NDIS)  .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT)  .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\parvdm.sys (Parvdm)  .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\pacer.sys (Psched)  .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\DRIVERS\rspndr.sys (rspndr)  .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR
O64 - Services: CurCS - 13/07/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 18/03/2011 - C:\Windows\System32\speedfan.sys (speedfan)  .(.Almico Software - SpeedFan x32 Driver.) - LEGACY_SPEEDFAN
O64 - Services: CurCS - 29/04/2011 - C:\Windows\System32\DRIVERS\srvnet.sys (srvnet)  .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\vmstorfltres.dll (storflt)  .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT
O64 - Services: CurCS - 17/08/2012 - C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\trufos.sys (Trufos)  .(.BitDefender S.R.L. - Trufos Kernel Module.) - LEGACY_TRUFOS
O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\viaide.sys (viaide)  .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE
O64 - Services: CurCS - 20/11/2010 - C:\Windows\System32\drivers\volsnap.sys (volsnap)  .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 14/07/2009 - C:\Windows\system32\rascfg.dll (Wanarpv6)  .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
O64 - Services: CurCS - 01/11/2010 - C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys (WinRing0_1_2_0)  .(.OpenLibSys.org - WinRing0.) - LEGACY_WINRING0_1_2_0
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <ChromeHTML>[HKCR\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {7EEDDEF8-0BAA-41DC-B4A8-8F0345D02195} - (Google) - http://www.google.com
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll   [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll   [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll   [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll   [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll   [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll   [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [102912]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll   [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll   [76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll   [149504]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.2E4925B6CCD3A9952935463B954659C4] [SPRF][20/11/2012] (.Gretech Corporation - GOM AUDIO Installer.) -- C:\Users\dédé\AppData\Local\Temp\GomAudDnInstaller.exe   [217088]
[MD5.D0103DA25CEF21CDC1591683FB96F5FC] [SPRF][30/10/2009] (.Gretech Corporation - GOM ENCODER Installer.) -- C:\Users\dédé\AppData\Local\Temp\GomEncDnInstaller.exe   [217088]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][03/12/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\dédé\AppData\Local\Temp\htmlayout.dll   [947200]
[MD5.5E6CF95C49315317B3EA1D3836D40720] [SPRF][14/03/2012] (...) -- C:\Users\dédé\AppData\Local\Temp\Installhelper.dll   [1511424]
[MD5.E0487AE4E30D9F7FA82E3E6196AC70F8] [SPRF][14/12/2012] (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Users\dédé\AppData\Local\Temp\jre-6u22-windows-i586-s.exe   [17127200]
[MD5.16A6E01F63E43DE83FF9F33D87101F17] [SPRF][30/11/2012] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\dédé\AppData\Local\Temp\jre-7u10-windows-i586-iftw.exe   [896488]
[MD5.1453E9B2A7696D94E895B0D505482543] [SPRF][22/08/2012] (.Pas de propriétaire - MachineIdCreator Application.) -- C:\Users\dédé\AppData\Local\Temp\MachineIdCreator.exe   [163936]
[MD5.7DF6D09AC7743750ABBAC98803FE519C] [SPRF][22/08/2012] (.Pas de propriétaire - IntToolbarInstaller Application.) -- C:\Users\dédé\AppData\Local\Temp\oi_{83DFF02C-1891-4D34-BF93-ACB443143519}.exe   [12743264]
[MD5.FD935F20C1AD83CBE4E6DD079506DE1D] [SPRF][03/02/2013] (...) -- C:\Users\dédé\AppData\Local\Temp\report.dat   [8]
[MD5.7E7EB7AFF595774E5E500B34058CC1A7] [SPRF][15/02/2013] (...) -- C:\Users\dédé\AppData\Local\Temp\sfamcc00001.dll   [192512]
[MD5.A4A8CE1C7696B143356208609BA1A4C9] [SPRF][18/12/2010] (...) -- C:\Users\dédé\AppData\Local\Temp\sfextra.dll   [55296]
[MD5.72412B526BCC716382E62B7939DCFD8F] [SPRF][26/05/2011] (...) -- C:\Users\dédé\AppData\Local\Temp\SRAssetsHelper.dll   [1085952]
[MD5.48AFDB8EA7665E64FF0B11B8B1E93006] [SPRF][05/11/2012] (.Advanced Micro Devices, Inc. - 12-10_vista_win7_win8_32_dd_ccc_whql_net4.) -- C:\Users\dédé\AppData\Local\Temp\tmp160A.exe   [141227704]
[MD5.62E5411ECD81BB6512F3AE648CD7C74D] [SPRF][14/10/2012] (.Advanced Micro Devices, Inc. - 12-8_vista_win7_win8_32_dd_ccc_whql.) -- C:\Users\dédé\AppData\Local\Temp\tmp545F.exe   [106750512]
[MD5.48AFDB8EA7665E64FF0B11B8B1E93006] [SPRF][23/12/2012] (.Advanced Micro Devices, Inc. - 12-10_vista_win7_win8_32_dd_ccc_whql_net4.) -- C:\Users\dédé\AppData\Local\Temp\tmp7D98.exe   [141227704]
[MD5.62E5411ECD81BB6512F3AE648CD7C74D] [SPRF][04/09/2012] (.Advanced Micro Devices, Inc. - 12-8_vista_win7_win8_32_dd_ccc_whql.) -- C:\Users\dédé\AppData\Local\Temp\tmp83A8.exe   [106750512]
[MD5.62E5411ECD81BB6512F3AE648CD7C74D] [SPRF][30/09/2012] (.Advanced Micro Devices, Inc. - 12-8_vista_win7_win8_32_dd_ccc_whql.) -- C:\Users\dédé\AppData\Local\Temp\tmp9CDF.exe   [106750512]
[MD5.4A1A9FA94DCA9E369584645E3F139674] [SPRF][23/10/2012] (.Advanced Micro Devices, Inc. - 12-10_vista_win7_win8_32_dd_ccc_whql_net4.) -- C:\Users\dédé\AppData\Local\Temp\tmpFB6B.exe   [141250576]
[MD5.F4ED5DD08A9416B66ED90FB4FDCAD65E] [SPRF][22/08/2012] (.Pas de propriétaire - ToolbarInstaller.) -- C:\Users\dédé\AppData\Local\Temp\ToolbarInstaller.exe   [8824416]
[MD5.F6278B5A16F830885B184D5F72E1B935] [SPRF][03/12/2012] (.Terra Informatica Software, Inc., British C - HTMLayout - embeddable HTML rendering and layout component.) -- C:\Users\dédé\AppData\Local\Temp\uninstall10349203.exe   [947200]
[MD5.42A4A556174887662EE0E00DC7B0A6B2] [SPRF][16/12/2012] (...) -- C:\Users\dédé\AppData\Local\Temp\utt560B.tmp.exe   [7732736]
[MD5.56940B50AB0E5923822F47B0E4463885] [SPRF][26/06/2012] (.Bitdefender LLC - Bitdefender QuickScan.) -- C:\Windows\Downloaded Program Files\qsax.dll   [731688]
~ Scan Files in 01mn 13s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{2A32A1FD-98EE-4560-BFBF-8E8E91DD4A53}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (.not file.)
O87 - FAEL: "TCP Query User{74D1152E-EACF-407F-A6E1-E399BB487F49}C:\program files\ratiomaster\ratiomaster.exe" | In - Private - P6 - TRUE | .(.www.moofdev.net - Ratio Master.) -- C:\program files\ratiomaster\ratiomaster.exe
O87 - FAEL: "UDP Query User{3BBAE555-E95D-4FA6-8A7E-2D109DCD388A}C:\program files\ratiomaster\ratiomaster.exe" | In - Private - P17 - TRUE | .(.www.moofdev.net - Ratio Master.) -- C:\program files\ratiomaster\ratiomaster.exe
O87 - FAEL: "{C0E6F538-677A-421D-A49C-EF8EC46F29A3}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{EE343651-63F1-436C-9DAE-C8F55638DD9C}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{C54F0041-F5DF-4A8B-935C-F0DBB340EE18}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\ExpressFiles\ExpressFiles.exe (.not file.)
O87 - FAEL: "{062C00A6-DB02-4B02-8A4F-32019F07335F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\ExpressFiles\ExpressFiles.exe (.not file.)
O87 - FAEL: "{87A20DC7-0E6E-4DBF-AF31-D65C87BD0B8E}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (.not file.)
O87 - FAEL: "{C42E6C85-7A12-481C-BE81-64843F7B7583}" |Out - Public - P6 - TRUE | .(...) -- C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (.not file.)
O87 - FAEL: "{6C081D16-19E3-4CEE-9092-FC20CB8608B7}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe (.not file.)
O87 - FAEL: "{7EE7B9B1-C896-4860-B57A-4C67FDDEB6A5}" | In - Private - P6 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
O87 - FAEL: "{3D9F898E-81E4-407C-AC1C-64770CFAA089}" | In - Private - P17 - TRUE | .(.Konami Digital Entertainment Co., Ltd. - Pro Evolution Soccer 2013.) -- C:\Program Files\KONAMI\Pro Evolution Soccer 2013\pes2013.exe
~ Scan Firewall in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.10791 - (19/02/2013)
Clés trouvées (Keys found) : 5
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E]   =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094]   =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536]   =>PUP.SweetIM^
C:\Users\dédé\AppData\Local\Temp\ToolbarInstaller.exe  =>Toolbar.Babylon
~ Scan Additionnel in 00mn 10s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "007C4D30EFB20E340A4B59214BC3B5F9" . (.Catalyst Control Center - Branding.) -- C:\Windows\Installer\{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}\ARPPRODUCTICON.exe
O90 - PUC: "0BEEB9CDCD7FA1705485F7A3718F3BE9" . (.AMD Catalyst Install Manager.) -- C:\Windows\Installer\{DC9BEEB0-F7DC-071A-4558-7F3A17F8B39E}\ARPPRODUCTICON.exe
O90 - PUC: "362075FAD3915132ED7BF9CF67BF957E" . (.AMD Fuel.) -- C:\Windows\Installer\{AF570263-193D-2315-DEB7-9FFC76FB59E7}\ARPPRODUCTICON.exe
O90 - PUC: "575FAF479E1EFAD20C20D259940A6826" . (.AMD VISION Engine Control Center.) -- C:\Windows\Installer\{74FAF575-E1E9-2DAF-C002-2D9549A08662}\ARPPRODUCTICON.exe
O90 - PUC: "68AB67CA7DA76301B744BA0000000010" . (.Adobe Reader XI (11.0.01) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AB0000000001}\SC_Reader.ico
O90 - PUC: "6EA3252C533FB0D4CB51C1704ECA6E92" . (.Pro Evolution Soccer 2013.) -- C:\Windows\Installer\{C2523AE6-F335-4D0B-BC15-1C07E4ACE629}\ARPPRODUCTICON.exe
O90 - PUC: "6F099CF6974F611F7DC0E8F839EC7EA5" . (.Catalyst Control Center InstallProxy.) -- C:\Windows\Installer\{6FC990F6-F479-F116-D70C-8E8F93CEE75A}\ARPPRODUCTICON.exe
O90 - PUC: "7116FFD0CBBCC5F4C975966346F4014D" . (.BitDefender Internet Security 2010.) -- C:\Windows\Installer\{0DFF6117-CBBC-4F5C-9C57-6936644F10D4}\register_icon.exe
O90 - PUC: "890A737E161FF6B4FA2268AA3EF4F6DB" . (.Pro Evolution Soccer 2012.) -- C:\Windows\Installer\{E737A098-F161-4B6F-AF22-86AAE34F6FBD}\ARPPRODUCTICON.exe
O90 - PUC: "8CDA63B96D509FEB8C914C39FD66BBCD" . (.AMD Media Foundation Decoders.) -- C:\Windows\Installer\{9B36ADC8-05D6-BEF9-C819-C493DF66BBDC}\ARPPRODUCTICON.exe
O90 - PUC: "9A90FAC448F94DE4188E9E30A9ABD709" . (.Ma-Config.com.) -- C:\Windows\Installer\{4CAF09A9-9F84-4ED4-81E8-E9039ABA7D90}\maconfico
O90 - PUC: "9C94D341A16F04E039330AE2C357F96A" . (.AMD Drag and Drop Transcoding.) -- C:\Windows\Installer\{143D49C9-F61A-0E40-9333-A02E3C759FA6}\ARPPRODUCTICON.exe
O90 - PUC: "A788988023DA3105A631574A34EE4D98" . (.Catalyst Control Center Localization All.) -- C:\Windows\Installer\{0889887A-AD32-5013-6A13-75A443EED489}\ARPPRODUCTICON.exe
O90 - PUC: "B3E485079AF7F7BB5A927E82C68F8DEB" . (.AMD Accelerated Video Transcoding.) -- C:\Windows\Installer\{70584E3B-7FA9-BB7F-A529-E7286CF8D8BE}\ARPPRODUCTICON.exe
O90 - PUC: "C9F13E355746225F8470637BD659B1DC" . (.Catalyst Control Center Graphics Previews Common.) -- C:\Windows\Installer\{53E31F9C-6475-F522-4807-36B76D951BCD}\ARPPRODUCTICON.exe
O90 - PUC: "DD098FF0665C71F54B987AA3D7FF9DC1" . (.ccc-utility.) -- C:\Windows\Installer\{0FF890DD-C566-5F17-B489-A73A7DFFD91C}\ARPPRODUCTICON.exe
O90 - PUC: "EDE8C96D5CBBB634E8E05C6A3D11FCF4" . (.Microsoft XNA Framework Redistributable 4.0 Refresh.) -- C:\Windows\Installer\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}\ProductIcon
~ Scan Files in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 06/04/2012 217600 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 05/04/2012 291840 |  (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SS - | Demand 19/10/2009 183880 |  (Arrakis3) . (.BitDefender S.R.L. http://www.bitdefender.c.) - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe
SR - | Auto 17/08/2012 310856 |  (LIVESRV) . (.BitDefender S.R.L..) - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
SS - | Demand 28/10/2012 312264 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Common Files\BitDefender\BitDefender Threat Scanner\scan.dll (scan) . (.S.C. BitDefender S.R.L.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/04/2010 1615688 |  (VSSERV) . (.BitDefender S.R.L..) - C:\Program Files\BitDefender\BitDefender 2010\vsserv.exe
SS - | Demand 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



---\\ Liste des émulateurs de CD/DVD (Hook du MBR)
O42 - Logiciel: DAEMON Tools Pro - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Pro
~ Scan Emulateurs in 00mn 00s



End of the scan (956 lines in 01mn 53s)(0)