~ Rapport de ZHPDiag v2013.9.1.2 - Nicolas Coolman  (01/09/2013)
~ Lancé par cladiere (02/09/2013 17:13:38)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Traduit par Nicolas Coolman
~ Etat de la version : Version à jour.
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Not Found


---\\ Navigateurs Internet
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 23.0.1 (Defaut)

---\\ Informations sur les produits Windows
~ Langage: Français
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK

---\\ Logiciels de protection du système
Malwarebytes Anti-Malware version 1.75.0.1300
Symantec Endpoint Protection v11.0.5002.333
Spybot - Search & Destroy v1.6.2

---\\ Logiciels d'optimisation du système
CCleaner v4.03  =>Piriform Ltd

---\\ Logiciels de partage PeerToPeer
eMule

---\\ Surveillance de Logiciels
Adobe Flash Player 11 Plugin
Java 7 Update 25

---\\ Informations sur le système
~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (59% free)
System Restore: Activé (Enable)
System drive C: has 12 GB (17%) free of 70 GB

---\\ Mode de connexion au système
~ Computer Name: SBR3-L023
~ User Name: cladiere
~ All Users Names: SUPPORT_388945a0, HelpAssistant, cladiere, Administrateur, admin, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Variables d'environnement
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\cladiere\Application Data\
~ %Desktop% : C:\Documents and Settings\cladiere\Bureau\
~ %Favorites% : C:\Documents and Settings\cladiere\Favoris\
~ %LocalAppData% : C:\Documents and Settings\cladiere\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\cladiere\Menu Démarrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\

---\\ Enumération des unités disques
C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 70 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 79 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Etat du Centre de Sécurité Windows
~ Security Center: 33 Legitimates Filtered in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.E1948293F7CBC38987270432935D8D05] - (.Microsoft Corporation - Internet Extensions for Win32.) (.26/07/2013 - 03:47:15.) -- C:\WINDOWS\system32\wininet.dll [920064]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.13/04/2008 - 11:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.13/04/2008 - 11:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/5
~ Mes musiques (My Musics) : 1/872
~ Mes Favoris (My Favorites) : 1/8
~ Mes Documents (My Documents) : 2/19679
~ Mon Bureau (My Desktop) : 0/3262
~ Menu demarrer (Programs) : 1/51
~ Hidden Files:  Scanned in 00mn 18s



---\\ Processus lancés au démarrage du système
[MD5.20F261E78CCF0EA36D4FE2C363A2EF8A] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe   [1183744] [PID.1968]
[MD5.A58C1A086D9C09C6572C948F22CC0E94] - (.Symantec Corporation - Symantec CMC Smc.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe   [1864888] [PID.300]
[MD5.27D036FB3D22CA8A6662FE960D1A937D] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe   [108392] [PID.1032]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [57008] [PID.1516]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [390504] [PID.1584]
[MD5.ED5411A69C5BAC78D245C893AF64352A] - (.CobianSoft, Luis Cobian - Cobian Backup Boletus VSC service.) -- C:\Program Files\Cobian\cbVSCService.exe   [67584] [PID.1712]
[MD5.06302EA7EDA9DCDD7F82CEC2A03D2015] - (.Luis Cobian, CobianSoft - Cobian Backup Boletus Service.) -- C:\Program Files\Cobian\cbService.exe   [1125376] [PID.1304]
[MD5.F10E7AA8BDF4488E3DFA989B8E7F7C9F] - (.Intel Corporation - Intel(R) PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe   [794624] [PID.1732]
[MD5.0796C1E47ADB9825269E64B9DAB4E741] - (.Teruten - FsUsbDevice.) -- C:\WINDOWS\system32\FsUsbExService.exe   [233472] [PID.1820]
[MD5.9ECF00E19736054E019C532AED8228FC] - (.Oracle Corporation - Java Quick Starter Service.) -- C:\Program Files\Java\jre7\bin\jqs.exe   [182184] [PID.176]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe   [418376] [PID.1392]
[MD5.F6D0A922BD18260609D7219B4519F845] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 307.7.) -- C:\WINDOWS\system32\nvsvc32.exe   [156600] [PID.452]
[MD5.AAFE7426BD3514764A9014DB9CE34F03] - (.http://www.ocsinventory-ng.org - Open Computers and Software Inventory Agent.) -- C:\Program Files\OCS Inventory Agent\ocsservice.exe   [69632] [PID.1184]
[MD5.7274BD434B6165BAA382BDD87F6CA4CE] - (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe   [483328] [PID.2132]
[MD5.6F855B5625A47F3AC731A262FDC379A6] - (.SigmaTel, Inc. - STacSV Module.) -- C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe   [94208] [PID.2184]
[MD5.BA2FB8F8AB24D0279CAA98A4C118150E] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe   [2477304] [PID.3032]
[MD5.C2ED9211101F3C9CF70B9CBDB3E99C8C] - (.Intel Corporation - WLANKEEPER.) -- C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe   [356352] [PID.3116]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe   [53784] [PID.3396]
[MD5.F98D49320CBF7095051ECCB5A672DA98] - (.Symantec Corporation - Symantec CMC SmcGui.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe   [1455432] [PID.3408]
[MD5.988CDA5B406C1931A78E52BD8CC3BBFE] - (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe   [995328] [PID.3980]
[MD5.094849718C47651CA255D08CAF42A904] - (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe   [1101824] [PID.3992]
[MD5.187A956FB8F79DB449A28A0D08657EFF] - (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe   [115560] [PID.4000]
[MD5.012844A8E13BE3941C9CAF1F91F47DF2] - (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe   [405504] [PID.464]
[MD5.9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F] - (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe   [30192] [PID.664]
[MD5.9E2944289377456DDC4FE3B50F39B5A0] - (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) -- C:\Program Files\Cobian\cbInterface.exe   [3154432] [PID.684]
[MD5.532AE1A774441B001804F93A77826423] - (...) -- C:\Program Files\Aqua Dock\Aqua Dock.exe   [386560] [PID.2656]
[MD5.0262C8C8E690567CA8FA326DCB43FF6F] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\DoScan.exe   [49008] [PID.2808]
[MD5.B793DDE01D181ED91F333BF10FE2FC50] - (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe   [449168] [PID.896]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\RUNDLL32.exe   [0] [PID.4020]
[MD5.D63797E8E7781EE1500A810CB6194FA6] - (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe   [253816] [PID.2996]
[MD5.669308536EDB89E6AE90A9871793293E] - (.Intel Corporation - Intel 802.1x Server.) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe   [659456] [PID.1700]
[MD5.57AF9F47253E53E94D22C790FA5D6024] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe   [840768] [PID.2904]
[MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe   [218032] [PID.2972]
[MD5.5DDD3DB40E10C6CC8195D9471CAEB24E] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe   [1564016] [PID.4072]
[MD5.E8DD777F7AA93648894574CC418B0624] - (.TOSHIBA CORPORATION. - TosBtMng.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe   [2150400] [PID.2788]
[MD5.101495E2863382E534EFC0C5D6251B0F] - (.TOSHIBA CORPORATION. - TosA2dp.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe   [278528] [PID.2396]
[MD5.2C92B17E820094F37037B6CE114BEB69] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe   [69632] [PID.3240]
[MD5.8C35DB52F07A78E8DF230D76F141FD29] - (.TOSHIBA CORPORATION. - TosBtHSP.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe   [270336] [PID.868]
[MD5.9213D1C5F877272231F6763F143D554C] - (.Symantec Corporation - Symantec AntiVirus.) -- C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe   [181616] [PID.1992]
[MD5.68825D489DE0DC71FF3A62D6452684BA] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [7860224] [PID.2420]
[MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe   [100352] [PID.476]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe   [44544] [PID.2176]
~ Processes Running:  Scanned in 00mn 02s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
P2 - FPN: [HKCU] [@talk.google.com/GoogleTalkPlugin] - (...) -- C:\Documents and Settings\cladiere\Application Data\Mozilla\plugins\npgoogletalk.dll (.not file.)
P2 - FPN: [HKCU] [@talk.google.com/O1DPlugin] - (...) -- C:\Documents and Settings\cladiere\Application Data\Mozilla\plugins\npo1d.dll (.not file.)
~ Firefox Browser: 16 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys:  Scanned in 00mn 00s



---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 01s
~ Nombre de lignes (Lines number): 15513



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Adobe PDF - [HKLM]{47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{47833539-D0C5-4125-9FA8-0819E2EAAC93} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{4064EA35-578D-4073-A834-C96D82CBCF40} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel Corporation - ZeroCfgSvc MFC Application.) -- C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe 
O4 - HKLM\..\Run: [IntelWireless] . (.Intel Corporation - Intel Framework MFC Application.) -- C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe 
O4 - HKLM\..\Run: [ccApp] . (.Symantec Corporation - Symantec User Session.) -- C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe 
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe 
O4 - HKLM\..\Run: [SigmatelSysTrayApp] . (.SigmaTel, Inc. - Sigmatel Audio system tray application.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe 
O4 - HKLM\..\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe 
O4 - HKLM\..\Run: [Cobian Backup 10 Interface] . (.Luis Cobian, CobianSoft - Cobian Backup 10 Boletus.) -- C:\Program Files\Cobian\cbInterface.exe 
O4 - HKLM\..\Run: [Synchronization Manager] . (.Microsoft Corporation - Gestionnaire de synchronisation Microsoft.) -- C:\WINDOWS\system32\mobsync.exe 
O4 - HKLM\..\Run: [Openwares LiveUpdate] . (.Openwares - Openwares' LiveUpdate.) -- C:\Program Files\LiveUpdate\LiveUpdate.exe 
O4 - HKLM\..\Run: [Aqua Dock] . (...) -- C:\Program Files\Aqua Dock\Aqua Dock.exe 
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Run: [Freecorder FLV Service] C:\Program Files\Freecorder\FLVSrvc.exe (.not file.)  =>Riskware.Movly
O4 - HKLM\..\Run: [IJNetworkScannerSelectorEX] . (.CANON INC. - Canon IJ Network Scanner Selector EX.) -- C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll 
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll 
O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Program Files\NVIDIA Corporation\nview\nwiz.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Oracle Corporation - Java(TM) Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe 
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] . (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe 
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe 
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe 
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\cladiere\Local Settings\Application Data\Google\Update\GoogleUpdate.exe 
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe 
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe 
O4 - HKUS\S-1-5-21-789336058-1177238915-1801674531-1003\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe 
O4 - HKUS\S-1-5-21-789336058-1177238915-1801674531-1003\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe 
O4 - HKUS\S-1-5-21-789336058-1177238915-1801674531-1003\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\cladiere\Local Settings\Application Data\Google\Update\GoogleUpdate.exe 
O4 - HKUS\S-1-5-21-789336058-1177238915-1801674531-1003\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Acrobat Distiller X.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Distiller.ico 
O4 - GS\Programs: Adobe Acrobat X Pro.lnk . (...)  -- C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-000000000005}\_SC_Acrobat.ico 
O4 - GS\Programs: Adobe Digital Editions.lnk . (.Adobe Systems, Inc. - Adobe Digital Editions.)  -- C:\Program Files\Adobe\Adobe Digital Editions\digitaleditions.exe 
O4 - GS\Programs: Adobe Download Assistant.lnk . (...)  -- C:\Program Files\Adobe Download Assistant\Adobe Download Assistant.exe
O4 - GS\Programs: Adobe Photoshop CS4.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop CS4.)  -- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe 
O4 - GS\Programs: Apple Software Update.lnk . (...)  -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.)  -- C:\Program Files\Mozilla Firefox\firefox.exe 
O4 - GS\Programs: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.)  -- C:\Program Files\Thunderbird\thunderbird.exe 
O4 - GS\Programs: Objectif Tarot.lnk . (...)  -- C:\Program Files\Objectif Tarot\Objectif Tarot.exe
O4 - GS\Programs: PyMOL.lnk . (...)  -- C:\Program Files\PyMOL\PyMOLWin.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.)  -- C:\Program Files\Internet Explorer\iexplore.exe 
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.)  -- C:\Program Files\Windows Media Player\wmplayer.exe 
O4 - GS\Programs: Assistance à distance.lnk . (.Microsoft Corporation - Assistance à distance Microsoft.)  -- C:\WINDOWS\system32\rcimlby.exe 
~ Global Startup:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1342594337031
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{C425BC76-0DBF-4472-A1B1-5DD5F7132E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{C425BC76-0DBF-4472-A1B1-5DD5F7132E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{C425BC76-0DBF-4472-A1B1-5DD5F7132E5B}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain:  Scanned in 00mn 00s



---\\ Titr_HJT34=Protocole additionnel (O18)
O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Google - Google Desktop.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll
~ AppInit DLL:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Intel(R) PROSet/Wireless Registry Servic (RegSrvc) . (.Intel Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel Corporation - WLANKEEPER.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services: 20 Legitimates Filtered in 00mn 04s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\cladiere\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\cladiere\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
~ Desktop Component: 4 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Apollo Genome Annotation Curation Tool 1.10.0 - (.Berkeley Bioinformatics and Ontologies Project.) [HKLM] -- Apollo Genome Annotation Curation Tool 1.10.0
O42 - Logiciel: Aqua Dock - (...) [HKLM] -- Aqua Dock
O42 - Logiciel: ClustalX2 - (.University College Dublin.) [HKLM] -- {A856929A-3F15-482D-98F0-96DF9E3F5B39}
O42 - Logiciel: DNAMAN version 6 - (...) [HKLM] -- DNAMAN_is1
O42 - Logiciel: Glop - Demandes et Validations - (.CNRS/DSI IN2P3/LAPP IN2P3/LAPP.) [HKCU] -- Glop - Demandes et Validations
O42 - Logiciel: Jalview - (.The Barton Group.) [HKLM] -- Jalview
O42 - Logiciel: MEGA5.1 - (.Arizona State University.) [HKLM] -- {81AC80BE-4FEC-4CCF-A2A9-367F46679CDD}_is1
O42 - Logiciel: PyMOL - (...) [HKLM] -- PyMOL
O42 - Logiciel: UNICORN 4.11 - (...) [HKLM] -- UNICORN 4.11
O42 - Logiciel: iMosflm - (.MRC-LMB.) [HKLM] -- 365091D3-6342-4B57-A940-035A63ADFBAB
~ Logic: 234 Legitimates Filtered in 00mn 01s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\IwantSoft]
[HKCU\Software\Lynnon BioSoft]
[HKCU\Software\Pfpyvul]
[HKLM\Software\AP Biotech]
[HKLM\Software\DeLano Scientific]
[HKLM\Software\Lynnon BioSoft]
[HKLM\Software\OpenSoft]
[HKLM\Software\Pfpyvul]
~ Key Software: 281 Legitimates Filtered in 00mn 01s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 02/02/2012 - 11:47:59 - [25,134] ----D C:\Program Files\Apollo
O43 - CFD: 02/02/2012 - 11:48:12 - [0,141] ----D C:\Program Files\Apollo post-installation
O43 - CFD: 26/04/2011 - 11:17:40 - [1,024] ----D C:\Program Files\Aqua Dock
O43 - CFD: 04/03/2011 - 10:53:46 - [13,197] ----D C:\Program Files\ClustalX2
O43 - CFD: 08/04/2011 - 15:14:33 - [6,601] ----D C:\Program Files\DNAMAN
O43 - CFD: 06/03/2012 - 14:27:40 - [28,603] ----D C:\Program Files\iMosflm
O43 - CFD: 06/05/2013 - 11:31:17 - [109,036] ----D C:\Program Files\Jalview
O43 - CFD: 14/09/2011 - 15:06:40 - [7,811] ----D C:\Program Files\LeTarot
O43 - CFD: 12/04/2013 - 15:31:57 - [113,630] ----D C:\Program Files\MEGA5.1
O43 - CFD: 24/02/2011 - 16:44:45 - [30,282] ----D C:\Program Files\PyMOL
O43 - CFD: 23/02/2011 - 22:25:59 - [65,227] ----D C:\Program Files\Spybot
O43 - CFD: 24/01/2012 - 23:40:55 - [0] ----D C:\Program Files\vgif
O43 - CFD: 24/02/2012 - 10:50:46 - [730,987] ----D C:\Program Files\WinCoot
O43 - CFD: 23/02/2011 - 21:18:58 - [0] ----D C:\Documents and Settings\All Users\Application Data\nView_Profiles
O43 - CFD: 12/04/2013 - 15:32:07 - [0,908] ----D C:\Documents and Settings\cladiere\Application Data\MEGA5_5121019
O43 - CFD: 26/04/2011 - 11:17:40 - [0,001] ----D C:\Documents and Settings\cladiere\Menu Démarrer\Programmes\Aqua Dock
O43 - CFD: 02/04/2013 - 13:37:11 - [0,002] ----D C:\Documents and Settings\cladiere\Menu Démarrer\Programmes\G.LO.P
O43 - CFD: 01/03/2011 - 12:14:41 - [0,001] ----D C:\Documents and Settings\cladiere\Menu Démarrer\Programmes\iMosflm
O43 - CFD: 06/05/2013 - 11:31:02 - [0,001] ----D C:\Documents and Settings\cladiere\Menu Démarrer\Programmes\Jalview
~ Program Folder: 227 Legitimates Filtered in 01mn 29s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.A534B185C274C6554E3D5E0E8722A998] - 02/09/2013 - 16:11:32 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001   [458785]
O44 - LFC:[MD5.DBF7E81C09127BA56CF3CB5DB417BF80] - 02/09/2013 - 16:10:54 ---A- . (...) -- C:\WINDOWS\wiaservc.log   [50]
O44 - LFC:[MD5.EA5B645CE2DDF35D111C7492450BBBDF] - 02/09/2013 - 16:10:53 ---A- . (...) -- C:\WINDOWS\wiadebug.log   [159]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/09/2013 - 15:56:33 ---A- . (...) -- C:\WINDOWS\Sti_Trace.log   [0]
O44 - LFC:[MD5.A534B185C274C6554E3D5E0E8722A998] - 02/09/2013 - 15:44:38 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat   [458785]
O44 - LFC:[MD5.C9DD76D0EF94637C77FF8CA5E0FB0684] - 02/09/2013 - 14:45:27 ---A- . (...) -- C:\WINDOWS\system.ini   [227]
O44 - LFC:[MD5.B0262F1D027E7BEB0B7FFA8B13924D12] - 02/09/2013 - 14:45:27 ---A- . (...) -- C:\WINDOWS\win.ini   [656]
O44 - LFC:[MD5.2BDB4729AEEEDC8C399948A94364EF79] - 02/09/2013 - 08:34:46 ---A- . (...) -- C:\WINDOWS\system32\d3d9caps.dat   [1324]
O44 - LFC:[MD5.E41638F5C16007789F5EF86B9A28F0D6] - 18/08/2013 - 20:23:09 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log   [32558]
~ Files: 26 Legitimates Filtered in 00mn 02s



---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
~ ShellExecuteHooks:  Scanned in 00mn 00s



---\\ Export de clé d'application autorisée (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Xi\NetXfer\NetTransport.exe" [Enabled] .(...) -- C:\Program Files\Xi\NetXfer\NetTransport.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Xi\NetXfer\FTPTransport.exe" [Enabled] .(...) -- C:\Program Files\Xi\NetXfer\FTPTransport.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\cladiere\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" [Enabled] .(.Google.) -- C:\Documents and Settings\cladiere\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe
~ Keys Export: 18 Legitimates Filtered in 00mn 00s



---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO:  Scanned in 00mn 00s



---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{2cd85fe3-ff09-11e0-82eb-001c234dac42}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Keys:  Scanned in 00mn 00s



---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\Freecorder FLV Service  [Key] . (...) -- C:\Program Files\Freecorder\FLVSrvc.exe (.not file.)  =>Riskware.Movly
O53 - SMSR:HKLM\...\startupreg\ROUTE66Sync  [Key] . (...) -- C:\Program Files\ROUTE 66\ROUTE 66 Sync\Sync9Loader.exe (.not file.)
~ SMSR Keys: 17 Legitimates Filtered in 00mn 00s



---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "DisableStatusMessages"=0
~ MWPS: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 14/04/2008 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys   [262528]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys   [9037]
~ Drivers: 8 Legitimates Filtered in 00mn 00s



---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 23/09/2010 - C:\Program Files\Cobian\cbService.exe (CobianBackup10)  .(.Luis Cobian, CobianSoft - Cobian Backup Boletus Service.) - LEGACY_COBIANBACKUP10
~ Legacy: 173 Legitimates Filtered in 00mn 00s



---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {215954E1-16A8-45A0-9ADC-D4E645650208} [DefaultScope] - (Google) - http://www.google.fr
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.C0FE8344F1F8804A0C55EB4F59EF77E8] [SPRF][02/09/2013] (...) -- C:\Documents and Settings\cladiere\Bureau\AdwCleaner-3.001.exe   [1037134]
[MD5.E27ED050CDACA9CA973D8D2A9DC431B5] [SPRF][25/07/2013] (.Audacity Team - Audacity Setup.) -- C:\Documents and Settings\cladiere\Bureau\audacity-win-2.0.3.exe   [21281052]
[MD5.67ED08424392DDDFBCF49A4F32D85882] [SPRF][10/07/2013] (.Thermo Fisher Scientific - Thermo Fisher Scientific Web Installer.) -- C:\Documents and Settings\cladiere\Bureau\ND2000_1.4.2.exe   [38685304]
~ Files: 7 Legitimates Filtered in 00mn 01s



---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "E051083DE2471BD4A97FC854EAD516D0" . (.CCP4 6.3.0.) -- C:\WINDOWS\Installer\{D380150E-742E-4DB1-9AF7-8C45AE5D610D}\ccp4.ico
O90 - PUC: "F98B2CDE27F3AE846BE389B55C61224E" . (.OZ776 SCR Driver V1.1.4.202.) -- C:\WINDOWS\Installer\{EDC2B89F-3F72-48EA-B63E-985BC51622E4}\ARPPRODUCTICON.exe
~ Update Products: 118 Legitimates Filtered in 00mn 00s



---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.1AA14A139EFEB3BC04D6FB809B5F57BA] [WIS][04/03/2011] (.University College Dublin - ClustalX2.) -- C:\Windows\Installer\40390d.msi   [235008]
[MD5.18A57998E24EE6DFDA0B4FEAB0245ECE] [WIS][17/07/2012] (.CCP4 - CCP4 Installer.) -- C:\Windows\Installer\98fff1.msi   [5197824]
~ WIS: 121 Legitimates Filtered in 00mn 13s



---\\ Etat général des services not Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 21/08/2013 257416 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 23/09/2010 67584 |  (cbVSCService) . (.CobianSoft, Luis Cobian.) - C:\Program Files\Cobian\cbVSCService.exe
SR - | Auto 08/07/2009 108392 |  (ccEvtMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
SR - | Auto 08/07/2009 108392 |  (ccSetMgr) . (.Symantec Corporation.) - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
SR - | Auto 23/09/2010 1125376 |  (CobianBackup10) . (.Luis Cobian, CobianSoft.) - C:\Program Files\Cobian\cbService.exe
SS - | Demand 14/04/2008 225280 |  (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 08/10/2007 794624 |  (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
SS - | Demand 23/02/2011 655624 |  (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SR - | Auto 05/02/2013 233472 |  (FsUsbExService) . (.Teruten.) - C:\WINDOWS\system32\FsUsbExService.exe
SS - | Demand 23/02/2011 30192 |  (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
SS - | Auto 18/08/2011 136176 |  (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 18/08/2011 136176 |  (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/04/2005 69632 |  (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
SS - | Demand 15/05/2013 553288 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 23/06/2013 182184 |  (JavaQuickStarterService) . (.Oracle Corporation.) - C:\Program Files\Java\jre7\bin\jqs.exe
SS - | Demand 18/08/2009 3093880 | C:\Program Files\Symantec\LIVEUP~1\LUCOMS~1.exe (LiveUpdate) . (.Symantec Corporation.) - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.exe
SR - | Auto 04/04/2013 418376 |  (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SS - | Auto 04/04/2013 701512 |  (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 00\00\0000 0 |  (MozillaMaintenance) . (...) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 14/04/2008 14336 | C:\WINDOWS\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\WINDOWS\system32\svchost.exe
SR - | Auto 03/01/2013 156600 |  (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 27/10/2009 69632 |  (OCS INVENTORY) . (.http://www.ocsinventory-ng.org.) - C:\Program Files\OCS Inventory Agent\ocsservice.exe
SS - | Demand 04/06/2002 60416 |  (OpcEnum) . (...) - C:\WINDOWS\system32\OPCEnum.exe
SR - | Auto 14/04/2008 14336 | C:\WINDOWS\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\WINDOWS\system32\svchost.exe
SR - | Auto 08/10/2007 483328 |  (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
SR - | Auto 08/10/2007 1183744 |  (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
SR - | Auto 17/09/2009 1864888 |  (SmcService) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
SS - | Disabled 17/09/2009 341320 |  (SNAC) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.exe
SR - | Auto 10/05/2007 94208 |  (STacSV) . (.SigmaTel, Inc..) - C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\StacSV.exe
SS - | Demand 11/07/2007 69632 |  (stllssvr) . (.MicroVision Development, Inc..) - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe
SR - | Auto 17/09/2009 2477304 |  (Symantec AntiVirus) . (.Symantec Corporation.) - C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
SS - | Disabled 23/01/2012 92592 |  (TomTomHOMEService) . (.TomTom.) - C:\Program Files\TomTom\TomTomHOMEService.exe
SR - | Auto 08/10/2007 356352 |  (WLANKEEPER) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
~ Services:  Scanned in 00mn 13s



---\\ Scan Additionnel (O88)
Database Version : v2.12874 - (01/09/2013)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 0
Fichiers trouvés  (Files found) : 0

[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Freecorder FLV Service]   =>Riskware.Movly^
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:Freecorder FLV Service   =>Riskware.Movly^
~ Additionnel Scan: 512552 Items scanned in 00mn 22s



---\\ Récapitulatif des détections trouvées sur votre station
~ http://nicolascoolman.webs.com/apps/blog/show/28801930-riskware-movly   =>Riskware.Movly
~ MSI: 1 link(s) detected in 00mn 22s



~ 1207 Legitimates filtered by white list
End of the scan (535 lines in 02mn 50s)(0)