Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v1.3.5.92 par Nicolas Coolman, Update du 17/02/2013
Run by Famille at 17/02/2013 19:48:00
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.2 v18.0.2 (Defaut)
GCIE: Google Chrome Frame v24.0.1312.57
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 15 Model 6 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (42% free)
System Restore: D�sactiv� (Disabled)
System drive C: has 114 GB (50%) free of 228 GB
---\\ Logged in mode
~ Computer Name: PC-DE-FAMILLE
~ User Name: Famille
~ All Users Names: UpdatusUser, IUSR_NMPR, Famille, Administrateur,
~ Unselected Option: O45,O61,O62
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Famille\AppData\Roaming\
~ %Desktop% : C:\Users\Famille\Desktop\
~ %Favorites% : C:\Users\Famille\Favorites\
~ %LocalAppData% : C:\Users\Famille\AppData\Local\
~ %StartMenu% : C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 114 Go of 228 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 5 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 22:27:38.) -- C:\WINDOWS\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.18/01/2008 - 22:33:38.) -- C:\WINDOWS\System32\Wininit.exe [96768]
[MD5.02F98B5C0E397AD06124D84428CF8F1A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/02/2012 - 23:38:26.) -- C:\WINDOWS\System32\wininet.dll [1127424]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 22:28:14.) -- C:\WINDOWS\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.10/04/2009 - 22:32:28.) -- C:\WINDOWS\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20:28:04.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 20:39:18.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 20:42:44.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.18/01/2008 - 20:49:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20:56:30.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 20:45:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.10/04/2009 - 22:32:50.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20:56:36.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 20:45:24.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 20:45:58.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.10/04/2009 - 22:32:56.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/309
~ Mes Favoris (My Favorites) : 1/31
~ Mes Documents (My Documents) : 1/2286
~ Mon Bureau (My Desktop) : 1/134
~ Menu demarrer (Programs) : 1/161
~ Scan Hidden Files in 00mn 03s
---\\ Processus lanc�s
[MD5.C83B89C432E5CCC6BD3040EB0A6645A5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [373864] [PID.1720]
[MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.1752]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952] [PID.1792]
[MD5.A2FE5B7894C347FCAE189A01F82E0216] - (.Logiciels13 - Agenda Informatique.) -- C:\Program Files\Pense-bete\pb79g.exe [2192384] [PID.948]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1032]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.1424]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.3924]
[MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe [2388336] [PID.408]
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.5616]
[MD5.58ED0528F2B1BFB3301BC10E0E707C35] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.5076]
[MD5.B45F1D52C0A9519028BD95D34FFAB216] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.5104]
[MD5.F7DB6336DEFE82D7EAE25A6B656ED64A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5685760] [PID.4836]
[MD5.63391020BC1FD82E8F8073024276B0B7] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvvsvc.exe [612456] [PID.820]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1200]
[MD5.D46223F3342085D25C4F890EFEDD3254] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [841832] [PID.1348]
[MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1980]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1376]
[MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.1740]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.936]
[MD5.A0B584C33F55545D56F9E71FB4E203AC] - (.Pas de propri�taire - DQLWinSe Application.) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896] [PID.2068]
[MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.2172]
[MD5.D98350792A7CE82E7459A7C36481BEDA] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [139632] [PID.2216]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.2248]
[MD5.8C91BD35AE9AA8B628EEC5E637BB1D0F] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.2932]
[MD5.71E63293328BCA65B9DBBC6FDCE04B3C] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2218600] [PID.3544]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.1588]
[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.1520]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.3508]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.4004]
~ Scan Processes Running in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Famille\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://home.sweetim.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\prefs.js
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\user.js
M3 - MFPP: Plugins - [Famille] -- C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\searchplugins\cherche.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Famille - r0mby9rt.default] http://www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - CIG Mycamera Plugin Module.) -- C:\Program Files\Mozilla Firefox\Plugins\MyCamera.dll
P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - NPCIG 1.0.0.3.) -- C:\Program Files\Mozilla Firefox\Plugins\NPCIG.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/CCBPL] - (.Canon Inc. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\APU\npCCBPLFirefox.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.1.1.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.69] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.69] - (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.cherche.us
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 06s
~ Nombre de lignes (Lines number): 14812
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} . (.Google Inc. - Chrome Frame renders the Web of the future.) -- C:\Program Files\Google\Chrome Frame\Application\24.0.1312.57\npchrome_frame.dll
~ Scan BHO in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [NWEReboot] Cl� orpheline
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [ehTray.exe] Cl� orpheline
O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [WMPNSCFG] Cl� orpheline
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\Full Pack Codecs.lnk . (...) -- C:\Program Files\Full Pack Codecs\FullPackCodecs_FR.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Famille\Desktop\A la Une - Le Progr�s.URL . (...) -- C:\Users\Famille\Desktop\A la Une - Le Progr�s.URL
O4 - Global Startup: C:\Users\Famille\Desktop\ABC Bourse.URL . (...) -- C:\Users\Famille\Desktop\ABC Bourse.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL . (...) -- C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
O4 - Global Startup: C:\Users\Famille\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Belote en ligne, belote contr�e, belote coinch�e, tarot, coinche, scrabble, sudoku et jeux en ligne gratuits - BFmania.URL . (...) -- C:\Users\Famille\Desktop\Belote en ligne, belote contr�e, belote coinch�e
O4 - Global Startup: C:\Users\Famille\Desktop\Boursier.com.URL . (...) -- C:\Users\Famille\Desktop\Boursier.com.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Cr�dit Agricole Sud Rh�ne Alpes - Cr�dit Agricole Sud Rh�ne Alpes - Accueil - Particuliers.URL . (...) -- C:\Users\Famille\Desktop\Cr�dit Agricole Sud Rh�ne Alpes - Cr�dit Agricole Sud Rh�ne Alpes - Accueil
O4 - Global Startup: C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL . (...) -- C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL
O4 - Global Startup: C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL . (...) -- C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Famille - Raccourci.lnk . (...) -- C:\Users\Famille
O4 - Global Startup: C:\Users\Famille\Desktop\Google.URL . (...) -- C:\Users\Famille\Desktop\Google.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Groupe APRI protection sociale en sant�, pr�voyance et retraite compl�mentaire.URL . (...) -- C:\Users\Famille\Desktop\Groupe APRI protection sociale en sant�, pr�voyance et retraite compl�mentaire.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la plan�te jardin.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la plan�te jardin.URL
O4 - Global Startup: C:\Users\Famille\Desktop\La Banque Postale.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\La Banque Postale.URL
O4 - Global Startup: C:\Users\Famille\Desktop\la coinche du sud.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\la coinche du sud.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Le Dauphin� Lib�r� - L'information en Rh�ne Alpes, Is�re, Haute-Savoie, Savoie, Vaucluse, Dr�me, Ard�che et Hautes-Alpes.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Dauphin� Lib�r� - L'inf
O4 - Global Startup: C:\Users\Famille\Desktop\Le Progr�s de Lyon - Avis de d�c�s.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Progr�s de Lyon - Avis de d�c�s.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Ludi.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\Famille\Desktop\mail Orange.URL . (...) -- C:\Users\Famille\Desktop\mail Orange.URL
O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 12 jours.URL . (...) -- C:\Users\Famille\Desktop\meteo a 12 jours.URL
O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 7 jourd.URL . (...) -- C:\Users\Famille\Desktop\meteo a 7 jourd.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Microsoft Works.LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL . (...) -- C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Trading-sat.URL . (.Safer Networking Limited.) -- C:\Users\Famille\Desktop\Trading-sat.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO PhotoOnWeb.lnk . (.VSO Software.) -- C:\Program Files\VSO\PhotoOnWeb\PhotoOnWeb.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Global Startup in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org
~ Scan IE Zone Confiance in 00mn 03s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Scan Winlogon in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService (DQLWinService) . (.Pas de propri�taire - DQLWinSe Application.) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) . (.Intel(R) Corporation - Intel(R) Factory Mode Service.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) - C:\WINDOWS\System32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Scan Services in 00mn 05s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ Scan Keys in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [IntenetServiceOffers] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.)
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
[MD5.00000000000000000000000000000000] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.)
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
[MD5.0477C2F9171599CA5BC3307FDFBA8D89] [APT] [Spybot - Search & Destroy - Scheduled Task] (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] [APT] [{2D87AB58-6C03-48D3-AFAB-2A47AB0F9C6E}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.ACBE7D5694C1B7BBB8ADF19470EDB59F] [APT] [{AAB8C008-C670-4985-9698-1EDD13C068F0}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 05s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.3 r181.) -- C:\Windows\system32\Macromed\Flash\Flash10q.ocx
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys
O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\WINDOWS\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\WINDOWS\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0
O42 - Logiciel: Adobe Reader X (10.1.5) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AlerteGPS G320 - (.Pas de propri�taire.) [HKCU] -- AlerteGPS G320
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {343666E2-A059-48AC-AD67-230BF74E2DB2}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Boris Graffiti - (.Boris FX, Inc..) [HKLM] -- {262BF2CD-601D-4F43-919C-4B00B1D1F338}
O42 - Logiciel: CANON iMAGE GATEWAY Album Plugin Utility - (.Canon Inc..) [HKLM] -- APU
O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CANON iMAGE GATEWAY Task
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CD-LabelPrint - (.Pas de propri�taire.) [HKLM] -- MediaNavigation.CDLabelPrint
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- Canon Internet Library for ZoomBrowser EX
O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM] -- Canon MOV Decoder
O42 - Logiciel: Canon MP Navigator EX 1.0 - (.Pas de propri�taire.) [HKLM] -- MP Navigator EX 1.0
O42 - Logiciel: Canon MP610 series - (.Pas de propri�taire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series
O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher
O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC
O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propri�taire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propri�taire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera
O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC
O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch
O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propri�taire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX
O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Driver Genius - (.Driver-Soft Inc..) [HKLM] -- Driver Genius_is1
O42 - Logiciel: Enregistrement utilisateur de Canon MP610 series - (.Pas de propri�taire.) [HKLM] -- Enregistrement utilisateur de Canon MP610 series
O42 - Logiciel: Full Pack Codecs - (.Electronic Commerce Factory S.L..) [HKLM] -- Full Pack
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google�Chrome Frame - (.Google Inc..) [HKLM] -- Google Chrome Frame
O42 - Logiciel: Google�Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB}
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Pas de propri�taire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-210328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel Intel� Viiv� - (.Intel Corporation.) [HKLM] -- Intel(R) Configuration Center
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propri�taire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ludi - (.Pas de propri�taire.) [HKLM] -- Ludi
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {05FA1356-EE77-490D-A376-5DBAD53E0FA2}
O42 - Logiciel: Magic Bullet Looks Studio - (.Pas de propri�taire.) [HKLM] -- Magic Bullet Looks Studio
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42}
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mises � jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 18.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OcxSetup - (.Hewlett-Packard Company.) [HKLM] -- {C3DC29BC-A8CF-4578-9DFC-37F049C44771}
O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM] -- {2F90A789-DD1E-41CE-BFCA-BD78213BABC7}
O42 - Logiciel: Outils de diagnostic du mat�riel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: PCI Audio Driver - (.Pas de propri�taire.) [HKLM] -- PCI Audio Driver
O42 - Logiciel: Pense-Bete 79g - (.Pas de propri�taire.) [HKLM] -- Pense-B�te 7.9g_is1
O42 - Logiciel: Pilote vid�o Pinnacle - (.Pinnacle Systems.) [HKLM] -- {5EB90C06-964F-4195-B83E-BD7E55C88415}
O42 - Logiciel: Pinnacle Studio 12 - (.Pinnacle Systems.) [HKLM] -- {D041EB9E-890A-4098-8F94-51DA194AC72A}
O42 - Logiciel: Pinnacle Studio 12 Ultimate Plugins - (.Pinnacle Systems.) [HKLM] -- {D1860E6E-520E-4380-8433-E58E8F88B473}
O42 - Logiciel: Python 2.4.3 - (.Martin v. L�wis.) [HKLM] -- {75E71ADD-042C-4F30-BFAC-A9EC42351313}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82}
O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87}
O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: ScanSoft OmniPage SE 4 - (.Nuance Communications, Inc..) [HKLM] -- {DEE88727-779B-47A9-ACEF-F87CA5F92A65}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skype� 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Solution de clavier multim�dia am�lior� - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: SureThing Express Labeler - (.MicroVision Development, Inc..) [HKLM] -- stax-Pinnacle_is1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: VSO PhotoOnWeb 0.9.1e - (.VSO-Software SARL.) [HKLM] -- VSO PhotoOnWeb_is1
O42 - Logiciel: Vista Codec Package - (..) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
O42 - Logiciel: WinZip 12.1 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
O42 - Logiciel: proDAD Vitascene 1.0 - (.Pas de propri�taire.) [HKLM] -- proDAD-Vitascene-1.0
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3filter]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BitDefender]
[HKCU\Software\CDBurnerXP]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreVorbis]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\EffectMgr]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logicool]
[HKCU\Software\Logitech]
[HKCU\Software\Ludi]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaNavigation]
[HKCU\Software\MicroVision]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Pense-bete]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Red Giant Software]
[HKCU\Software\Roxio]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\ScanSoft]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VOB]
[HKCU\Software\VSO]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\cybelsoft]
[HKCU\Software\lollipop]
[HKCU\Software\madFlac]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\Boris FX, Inc.]
[HKLM\Software\C-Media]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Driver-Soft]
[HKLM\Software\FAST Multimedia]
[HKLM\Software\GIMP_Back_Mode]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lavasoft]
[HKLM\Software\Ligos Corporation]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Oracle]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Pegasus Imaging]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Red Giant Software]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\ScanSoft]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Systweak]
[HKLM\Software\Uniblue]
[HKLM\Software\VSO]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vittalia]
[HKLM\Software\Volatile]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\WwGame]
[HKLM\Software\X-AVCSD]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\proDAD]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/03/2010 - 08:41:04 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 21/05/2012 - 10:17:57 - [253,918] ----D C:\Program Files\Adobe
O43 - CFD: 18/11/2010 - 16:10:20 - [33,049] ----D C:\Program Files\AlerteGPS
O43 - CFD: 03/02/2012 - 00:23:20 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 02/05/2012 - 11:11:44 - [196,892] ----D C:\Program Files\Avira
O43 - CFD: 03/02/2012 - 00:24:09 - [0,602] ----D C:\Program Files\Bonjour
O43 - CFD: 21/02/2010 - 12:21:12 - [295,604] ----D C:\Program Files\Boris FX, Inc
O43 - CFD: 14/02/2013 - 20:23:58 - [486,784] ----D C:\Program Files\Canon
O43 - CFD: 07/08/2009 - 04:51:04 - [24,161] --H-D C:\Program Files\CanonBJ
O43 - CFD: 15/01/2011 - 18:26:22 - [3,351] ----D C:\Program Files\CCleaner
O43 - CFD: 01/08/2009 - 10:29:06 - [6,474] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 25/08/2012 - 09:14:43 - [526,761] ----D C:\Program Files\Common Files
O43 - CFD: 16/09/2010 - 07:48:47 - [6,842] ----D C:\Program Files\DivX
O43 - CFD: 17/02/2013 - 16:55:42 - [25,730] ----D C:\Program Files\Driver-Soft
O43 - CFD: 30/07/2009 - 11:18:10 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 15/10/2009 - 18:51:07 - [0,278] ----D C:\Program Files\Full Pack Codecs
O43 - CFD: 15/11/2011 - 19:18:30 - [422,328] ----D C:\Program Files\Google
O43 - CFD: 17/02/2013 - 10:01:38 - [1,234] ----D C:\Program Files\HD Tune
O43 - CFD: 30/07/2009 - 11:42:53 - [0,692] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 31/07/2009 - 16:30:36 - [3,808] ----D C:\Program Files\HP
O43 - CFD: 09/11/2011 - 18:35:05 - [11,067] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 05/01/2012 - 19:33:57 - [3,965] ----D C:\Program Files\InstantTouch
O43 - CFD: 01/12/2006 - 09:59:47 - [30,096] ----D C:\Program Files\Intel
O43 - CFD: 02/02/2012 - 23:39:44 - [5,111] ----D C:\Program Files\Internet Explorer
O43 - CFD: 14/02/2013 - 11:55:57 - [208,542] ----D C:\Program Files\Java
O43 - CFD: 21/02/2010 - 12:21:35 - [9,120] ----D C:\Program Files\LooksBuilderSE
O43 - CFD: 29/07/2012 - 22:01:31 - [0,728] ----D C:\Program Files\Ludi
O43 - CFD: 17/02/2013 - 16:50:40 - [7,358] ----D C:\Program Files\ma-config.com
O43 - CFD: 15/02/2013 - 06:40:04 - [12,308] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 31/07/2009 - 14:49:22 - [2,541] ----D C:\Program Files\Microsoft
O43 - CFD: 31/07/2009 - 15:18:09 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 21/02/2011 - 11:45:14 - [50,217] ----D C:\Program Files\Microsoft LifeCam
O43 - CFD: 01/08/2009 - 10:35:26 - [33,229] ----D C:\Program Files\Microsoft Office
O43 - CFD: 13/05/2012 - 21:31:33 - [36,641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 09/08/2009 - 07:56:06 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 24/10/2009 - 08:44:21 - [143,405] ----D C:\Program Files\Microsoft Works
O43 - CFD: 09/11/2010 - 05:53:43 - [7,789] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 16/09/2010 - 17:20:27 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 06/02/2013 - 21:14:50 - [46,621] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 07/02/2013 - 03:33:42 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 13:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 01/08/2009 - 10:35:21 - [26,600] ----D C:\Program Files\MSECache
O43 - CFD: 31/07/2009 - 13:29:56 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 09/11/2011 - 18:25:37 - [317,631] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 22/09/2012 - 18:51:47 - [291,676] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 02/06/2012 - 12:44:23 - [33,186] ----D C:\Program Files\Oracle
O43 - CFD: 01/12/2006 - 10:20:52 - [103,184] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 03/11/2009 - 06:01:17 - [5,946] ----D C:\Program Files\Pense-bete
O43 - CFD: 21/02/2010 - 12:18:03 - [1240,926] ----D C:\Program Files\Pinnacle
O43 - CFD: 21/02/2010 - 12:21:37 - [116,969] ----D C:\Program Files\proDAD
O43 - CFD: 09/11/2011 - 18:24:23 - [24,170] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [36,902] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 01/12/2006 - 10:01:53 - [15,440] ----D C:\Program Files\Roxio
O43 - CFD: 14/05/2012 - 10:49:41 - [102,605] ----D C:\Program Files\Safari
O43 - CFD: 06/08/2009 - 07:36:46 - [115,938] ----D C:\Program Files\ScanSoft
O43 - CFD: 31/07/2009 - 12:59:00 - [0,438] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/02/2011 - 13:43:59 - [26,964] R---D C:\Program Files\Skype
O43 - CFD: 17/02/2013 - 14:46:23 - [66,642] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 17/02/2013 - 13:52:06 - [152,202] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 05/03/2010 - 19:44:01 - [13,149] ----D C:\Program Files\SureThing Express Labeler
O43 - CFD: 27/04/2012 - 04:17:40 - [0,386] ----D C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 01/08/2009 - 10:31:53 - [71,017] ----D C:\Program Files\VideoLAN
O43 - CFD: 01/08/2009 - 10:31:11 - [44,628] ----D C:\Program Files\VistaCodecPack
O43 - CFD: 05/12/2009 - 22:29:46 - [28,419] ----D C:\Program Files\VSO
O43 - CFD: 31/07/2009 - 19:14:44 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 31/07/2009 - 19:14:43 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 31/07/2009 - 19:14:42 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 31/07/2009 - 19:14:43 - [6,756] ----D C:\Program Files\Windows Journal
O43 - CFD: 08/08/2011 - 08:58:06 - [148,710] ----D C:\Program Files\Windows Live
O43 - CFD: 02/02/2012 - 23:39:37 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 05/11/2010 - 11:19:22 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 30/07/2009 - 11:18:10 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 31/07/2009 - 19:14:43 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/12/2009 - 04:04:33 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 31/07/2009 - 19:14:43 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 16/06/2010 - 07:47:36 - [3,706] ----D C:\Program Files\WinRAR
O43 - CFD: 16/12/2009 - 19:17:21 - [15,721] ----D C:\Program Files\WinZip
O43 - CFD: 17/02/2013 - 19:48:29 - [15,536] ----D C:\Program Files\ZHPDiag
O43 - CFD: 21/05/2012 - 10:18:10 - [51,639] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 03/02/2012 - 00:23:38 - [60,457] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 05/12/2009 - 20:24:26 - [2,252] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 01/08/2009 - 10:30:09 - [7,653] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 01/12/2006 - 10:18:09 - [9,500] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 01/12/2006 - 09:59:47 - [48,782] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 25/08/2012 - 09:14:43 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 16/09/2010 - 07:49:39 - [1,505] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 01/12/2006 - 10:02:12 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 08/08/2011 - 08:57:40 - [265,394] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 21/02/2010 - 11:52:16 - [3,229] ----D C:\Program Files\Common Files\Pinnacle
O43 - CFD: 01/12/2006 - 10:01:39 - [23,190] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 06/08/2009 - 07:37:08 - [0,201] ----D C:\Program Files\Common Files\ScanSoft Shared
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 17/02/2011 - 13:42:40 - [2,150] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 01/12/2006 - 10:01:42 - [1,031] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/02/2010 - 12:12:40 - [0,696] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 02/02/2012 - 20:02:13 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 31/07/2009 - 13:43:38 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/02/2010 - 11:47:56 - [0,301] ----D C:\Program Files\Common Files\Yahoo!
O43 - CFD: 21/05/2012 - 10:18:02 - [167,478] ----D C:\ProgramData\Adobe
O43 - CFD: 03/02/2012 - 00:23:18 - [26,388] ----D C:\ProgramData\Apple
O43 - CFD: 03/02/2012 - 00:24:23 - [90,984] ----D C:\ProgramData\Apple Computer
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 02/05/2012 - 11:11:44 - [88,833] ----D C:\ProgramData\Avira
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 07/08/2009 - 04:51:44 - [18,027] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 18/09/2010 - 08:16:59 - [0,000] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 21/10/2010 - 10:18:12 - [0,000] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 18/09/2010 - 08:12:10 - [0,000] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 18/09/2010 - 08:12:27 - [0,000] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 17/02/2013 - 16:56:19 - [0,001] ----D C:\ProgramData\DriverGenius
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 23/02/2011 - 12:49:02 - [0] ----D C:\ProgramData\Google
O43 - CFD: 01/12/2006 - 10:27:19 - [0,614] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 01/12/2006 - 10:07:49 - [0,001] ----D C:\ProgramData\InstallShield
O43 - CFD: 01/12/2006 - 09:59:48 - [0,000] ----D C:\ProgramData\Intel
O43 - CFD: 12/09/2010 - 14:39:03 - [0,010] ----D C:\ProgramData\LightScribe
O43 - CFD: 17/02/2013 - 16:50:40 - [1,526] ----D C:\ProgramData\ma-config.com
O43 - CFD: 03/04/2010 - 07:16:27 - [16,418] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 17/02/2013 - 13:52:05 - [420,940] -S--D C:\ProgramData\Microsoft
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 27/04/2012 - 06:03:24 - [0,001] ----D C:\ProgramData\Mozilla
O43 - CFD: 12/09/2010 - 14:22:13 - [0,001] ----D C:\ProgramData\Nero
O43 - CFD: 09/11/2011 - 17:57:04 - [2,303] ----D C:\ProgramData\NVIDIA
O43 - CFD: 09/11/2011 - 10:28:25 - [0,552] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 17/07/2011 - 10:22:01 - [0] ----D C:\ProgramData\PhotoStitch
O43 - CFD: 21/02/2010 - 11:47:56 - [0,438] ----D C:\ProgramData\Pinnacle
O43 - CFD: 21/02/2010 - 11:47:56 - [0] ----D C:\ProgramData\Pinnacle Studio Plus
O43 - CFD: 21/02/2010 - 11:52:01 - [0,035] ----D C:\ProgramData\Pinnacle Studio Ultimate
O43 - CFD: 12/09/2010 - 12:16:28 - [0] ----D C:\ProgramData\Roxio
O43 - CFD: 06/08/2009 - 07:37:11 - [0,128] ----D C:\ProgramData\ScanSoft
O43 - CFD: 17/02/2011 - 13:42:37 - [24,809] ----D C:\ProgramData\Skype
O43 - CFD: 12/09/2010 - 12:16:06 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 17/02/2013 - 16:24:33 - [0,015] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 21/02/2010 - 11:47:56 - [127,878] ----D C:\ProgramData\Studio 12
O43 - CFD: 15/01/2011 - 18:25:41 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 01/08/2009 - 10:31:11 - [18,762] ----D C:\ProgramData\VistaCodecs
O43 - CFD: 28/04/2010 - 16:44:54 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 16/12/2009 - 19:17:46 - [0,000] ----D C:\ProgramData\WinZip
O43 - CFD: 08/11/2009 - 14:31:48 - [0] ----D C:\ProgramData\ZoomBrowser
O43 - CFD: 01/09/2011 - 22:34:06 - [0,010] ----D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
O43 - CFD: 17/07/2011 - 11:56:12 - [13,532] ----D C:\Users\Famille\AppData\Roaming\Adobe
O43 - CFD: 03/02/2012 - 05:41:45 - [4,431] ----D C:\Users\Famille\AppData\Roaming\Apple Computer
O43 - CFD: 06/08/2010 - 19:41:14 - [0] ----D C:\Users\Famille\AppData\Roaming\Ariane Software
O43 - CFD: 02/05/2012 - 11:15:11 - [0] ----D C:\Users\Famille\AppData\Roaming\Avira
O43 - CFD: 01/08/2009 - 10:29:24 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Canneverbe_Limited
O43 - CFD: 17/07/2011 - 10:09:08 - [4,024] ----D C:\Users\Famille\AppData\Roaming\Canon
O43 - CFD: 10/09/2009 - 22:18:53 - [0] ----D C:\Users\Famille\AppData\Roaming\DivX
O43 - CFD: 15/06/2011 - 12:57:12 - [0] ----D C:\Users\Famille\AppData\Roaming\Download Manager
O43 - CFD: 29/01/2013 - 07:06:02 - [0,000] ----D C:\Users\Famille\AppData\Roaming\dvdcss
O43 - CFD: 24/04/2010 - 21:51:03 - [0,000] ----D C:\Users\Famille\AppData\Roaming\gtk-2.0
O43 - CFD: 30/07/2009 - 11:23:29 - [0] ----D C:\Users\Famille\AppData\Roaming\Hewlett-Packard
O43 - CFD: 30/07/2009 - 11:27:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Identities
O43 - CFD: 31/07/2009 - 16:33:42 - [0] ----D C:\Users\Famille\AppData\Roaming\InstallShield
O43 - CFD: 01/08/2009 - 09:37:03 - [0,001] ----D C:\Users\Famille\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2010 - 07:16:39 - [0] ----D C:\Users\Famille\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Famille\AppData\Roaming\Media Center Programs
O43 - CFD: 02/01/2012 - 15:21:50 - [1584,742] -S--D C:\Users\Famille\AppData\Roaming\Microsoft
O43 - CFD: 06/08/2009 - 03:27:04 - [17,966] ----D C:\Users\Famille\AppData\Roaming\Mozilla
O43 - CFD: 12/09/2010 - 14:28:20 - [0,131] ----D C:\Users\Famille\AppData\Roaming\Nero
O43 - CFD: 01/08/2009 - 10:38:05 - [37,592] ----D C:\Users\Famille\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/04/2010 - 23:07:42 - [0,000] ----D C:\Users\Famille\AppData\Roaming\PhotoFiltre
O43 - CFD: 21/02/2010 - 12:21:38 - [0,064] ----D C:\Users\Famille\AppData\Roaming\proDAD
O43 - CFD: 14/11/2010 - 09:00:39 - [0,120] ----D C:\Users\Famille\AppData\Roaming\QuickScan
O43 - CFD: 04/08/2009 - 21:50:15 - [0] ----D C:\Users\Famille\AppData\Roaming\Real
O43 - CFD: 12/09/2010 - 12:16:27 - [0] ----D C:\Users\Famille\AppData\Roaming\Roxio
O43 - CFD: 06/08/2009 - 07:37:13 - [0] ----D C:\Users\Famille\AppData\Roaming\ScanSoft
O43 - CFD: 26/09/2011 - 09:21:37 - [3,990] ----D C:\Users\Famille\AppData\Roaming\Skype
O43 - CFD: 26/09/2011 - 16:46:40 - [0,027] ----D C:\Users\Famille\AppData\Roaming\skypePM
O43 - CFD: 22/09/2012 - 18:46:28 - [0] ----D C:\Users\Famille\AppData\Roaming\Systweak
O43 - CFD: 08/08/2009 - 20:48:16 - [0,028] ----D C:\Users\Famille\AppData\Roaming\Template
O43 - CFD: 01/08/2009 - 10:31:11 - [0,001] ----D C:\Users\Famille\AppData\Roaming\VistaCodecs
O43 - CFD: 17/02/2013 - 06:46:38 - [0,454] ----D C:\Users\Famille\AppData\Roaming\vlc
O43 - CFD: 31/03/2012 - 10:39:22 - [5,048] ----D C:\Users\Famille\AppData\Roaming\VSO
O43 - CFD: 31/07/2009 - 16:17:32 - [0] ----D C:\Users\Famille\AppData\Roaming\WinBatch
O43 - CFD: 09/08/2009 - 09:29:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Windows Live Writer
O43 - CFD: 08/07/2010 - 14:24:41 - [0,000] ----D C:\Users\Famille\AppData\Roaming\WinRAR
O43 - CFD: 08/11/2009 - 14:46:35 - [0] ----D C:\Users\Famille\AppData\Roaming\ZoomBrowser EX
O43 - CFD: 15/01/2011 - 18:09:21 - [15,776] ----D C:\Users\Famille\AppData\Local\Adobe
O43 - CFD: 03/02/2012 - 00:23:22 - [0] ----D C:\Users\Famille\AppData\Local\Apple
O43 - CFD: 03/02/2012 - 00:25:12 - [111,863] ----D C:\Users\Famille\AppData\Local\Apple Computer
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Application Data
O43 - CFD: 14/02/2013 - 21:16:20 - [0,017] ----D C:\Users\Famille\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 21/02/2010 - 11:52:14 - [5,073] ----D C:\Users\Famille\AppData\Local\Downloaded Installations
O43 - CFD: 19/03/2011 - 16:20:41 - [30,909] ----D C:\Users\Famille\AppData\Local\Google
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Historique
O43 - CFD: 14/02/2013 - 09:15:32 - [0] ----D C:\Users\Famille\AppData\Local\Lollipop
O43 - CFD: 18/12/2012 - 21:36:25 - [34,323] ----D C:\Users\Famille\AppData\Local\Ludi
O43 - CFD: 21/02/2011 - 12:09:19 - [672,165] ----D C:\Users\Famille\AppData\Local\Microsoft
O43 - CFD: 17/08/2009 - 14:23:55 - [0,000] ----D C:\Users\Famille\AppData\Local\Microsoft Games
O43 - CFD: 12/09/2010 - 12:35:49 - [0,075] ----D C:\Users\Famille\AppData\Local\MicroVision Applications
O43 - CFD: 06/08/2009 - 03:26:50 - [61,554] ----D C:\Users\Famille\AppData\Local\Mozilla
O43 - CFD: 12/09/2010 - 14:53:38 - [6,877] ----D C:\Users\Famille\AppData\Local\Nero
O43 - CFD: 12/09/2010 - 14:31:06 - [0,002] ----D C:\Users\Famille\AppData\Local\Nero_AG
O43 - CFD: 01/09/2011 - 22:25:42 - [0] ----D C:\Users\Famille\AppData\Local\PackageAware
O43 - CFD: 02/01/2013 - 15:11:32 - [0,019] ----D C:\Users\Famille\AppData\Local\Pense-bete
O43 - CFD: 05/04/2010 - 06:14:37 - [0,161] ----D C:\Users\Famille\AppData\Local\Pinnacle
O43 - CFD: 06/08/2009 - 07:42:00 - [0] ----D C:\Users\Famille\AppData\Local\Scansoft
O43 - CFD: 17/02/2013 - 19:48:30 - [8,989] ----D C:\Users\Famille\AppData\Local\Temp
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Temporary Internet Files
O43 - CFD: 10/01/2010 - 19:34:06 - [0,122] ----D C:\Users\Famille\AppData\Local\VirtualStore
O43 - CFD: 13/07/2012 - 23:32:26 - [0,148] ----D C:\Users\Famille\AppData\Local\Windows Live
O43 - CFD: 09/08/2009 - 09:29:04 - [0,340] ----D C:\Users\Famille\AppData\Local\Windows Live Writer
O43 - CFD: 31/07/2009 - 13:00:49 - [0,010] ----D C:\Users\Famille\AppData\Local\WindowsUpdate
O43 - CFD: 05/11/2011 - 09:48:16 - [0] ----D C:\Users\Famille\AppData\Local\{010A1DC1-C6E3-48EE-944F-89459751AD87}
O43 - CFD: 03/08/2011 - 04:40:12 - [0] ----D C:\Users\Famille\AppData\Local\{03E420CD-F9E3-460C-965E-EBA4540947EA}
O43 - CFD: 08/08/2011 - 08:56:30 - [0] ----D C:\Users\Famille\AppData\Local\{0C507DFD-BEF8-418B-B9E1-45BAF5B7914E}
O43 - CFD: 03/08/2011 - 08:59:42 - [0] ----D C:\Users\Famille\AppData\Local\{20DF2568-F971-484F-87D2-7FCBDFC8113B}
O43 - CFD: 07/08/2011 - 19:31:16 - [0] ----D C:\Users\Famille\AppData\Local\{25D882BA-4A0A-42F6-8025-D61F46A5BD04}
O43 - CFD: 30/07/2011 - 08:47:54 - [0] ----D C:\Users\Famille\AppData\Local\{31CEF206-C21C-44FF-8B1E-F41A891CFB54}
O43 - CFD: 03/08/2011 - 03:50:47 - [0] ----D C:\Users\Famille\AppData\Local\{321AC7A7-B548-4A21-AE53-2CC115F8C735}
O43 - CFD: 31/03/2012 - 17:00:32 - [0] ----D C:\Users\Famille\AppData\Local\{37E2C478-3104-434A-B914-F76B4E45C6C6}
O43 - CFD: 08/08/2011 - 08:55:53 - [0] ----D C:\Users\Famille\AppData\Local\{3C59F4F0-964D-4AF9-A56C-95E49B15ABCF}
O43 - CFD: 31/03/2012 - 17:00:55 - [0] ----D C:\Users\Famille\AppData\Local\{47316EA3-587F-48DB-919A-9F140098DC1B}
O43 - CFD: 28/03/2012 - 08:11:24 - [0] ----D C:\Users\Famille\AppData\Local\{4CBD5A68-4F47-4972-9317-35EB996BC27D}
O43 - CFD: 08/08/2011 - 08:54:08 - [0] ----D C:\Users\Famille\AppData\Local\{52689C81-3CF8-44E5-9AED-5BAE279E86B9}
O43 - CFD: 03/08/2011 - 23:54:05 - [0] ----D C:\Users\Famille\AppData\Local\{57BB0E1B-40D1-40C7-A826-5FF612ACFE7F}
O43 - CFD: 25/09/2011 - 22:58:20 - [0] ----D C:\Users\Famille\AppData\Local\{5883FCD8-3A6C-4707-8A99-7EA63D5AFF13}
O43 - CFD: 31/03/2012 - 14:28:46 - [0] ----D C:\Users\Famille\AppData\Local\{5D9D49E4-3D0E-4C96-8439-C89C0270C256}
O43 - CFD: 25/09/2011 - 22:58:31 - [0] ----D C:\Users\Famille\AppData\Local\{5E0C0E56-1708-48C3-9344-A5DC683B9C5A}
O43 - CFD: 08/08/2011 - 05:31:37 - [0] ----D C:\Users\Famille\AppData\Local\{65B4992C-63D1-4FB5-92F3-C0EA850BBAC9}
O43 - CFD: 02/01/2012 - 15:22:07 - [0] ----D C:\Users\Famille\AppData\Local\{6DDBC834-990E-4B7E-8FFB-B49DDA24FDEE}
O43 - CFD: 08/08/2011 - 09:06:44 - [0] ----D C:\Users\Famille\AppData\Local\{6E08F8F5-A26B-4077-AF1C-5F5127AC91D8}
O43 - CFD: 03/08/2011 - 07:43:08 - [0] ----D C:\Users\Famille\AppData\Local\{6E9347F2-4992-416A-90BF-5FA45615BB30}
O43 - CFD: 03/08/2011 - 07:41:05 - [0] ----D C:\Users\Famille\AppData\Local\{763FCDE7-76A9-47C8-9B46-AEC1C569B199}
O43 - CFD: 01/11/2011 - 11:38:50 - [0] ----D C:\Users\Famille\AppData\Local\{87E5F1C6-681E-4740-8689-0C8C854E27A8}
O43 - CFD: 07/08/2011 - 19:27:00 - [0] ----D C:\Users\Famille\AppData\Local\{8DD0DA1D-1BB4-4126-8FDB-ED153B292EF0}
O43 - CFD: 30/07/2011 - 08:52:29 - [0] ----D C:\Users\Famille\AppData\Local\{90D472A2-1169-4C72-BC72-51A96E8974F8}
O43 - CFD: 30/07/2011 - 10:10:47 - [0] ----D C:\Users\Famille\AppData\Local\{94039877-D2DE-42D3-BFE1-E29411504314}
O43 - CFD: 08/08/2011 - 07:58:28 - [0] ----D C:\Users\Famille\AppData\Local\{9840C69E-0301-4CAD-BC56-D31599F78F13}
O43 - CFD: 03/08/2011 - 04:42:43 - [0] ----D C:\Users\Famille\AppData\Local\{A191B62C-BFDB-4AF9-945F-2A1FC9AB4076}
O43 - CFD: 30/07/2011 - 10:09:57 - [0] ----D C:\Users\Famille\AppData\Local\{B39C7509-B819-4875-B3CB-1221FC6722E9}
O43 - CFD: 22/09/2012 - 17:46:35 - [0] ----D C:\Users\Famille\AppData\Local\{BB8B6C75-FF00-4CAC-B2FC-B5C935613CD1}
O43 - CFD: 30/07/2011 - 10:09:27 - [0] ----D C:\Users\Famille\AppData\Local\{BC0F1272-C486-4CE5-BD4A-8ED5944431C9}
O43 - CFD: 22/01/2013 - 15:53:33 - [0] ----D C:\Users\Famille\AppData\Local\{BDD7E48D-EC3F-4F6A-996D-076F5ED69491}
O43 - CFD: 08/08/2011 - 03:50:12 - [0] ----D C:\Users\Famille\AppData\Local\{C211376A-B60D-47D3-8DA9-172A40757AE8}
O43 - CFD: 26/09/2011 - 11:06:42 - [0] ----D C:\Users\Famille\AppData\Local\{C2E4A770-213D-45F9-8C68-BE733A4A34CD}
O43 - CFD: 26/09/2011 - 11:06:31 - [0] ----D C:\Users\Famille\AppData\Local\{C4BACE68-8757-4BDE-80E3-C1A16591E211}
O43 - CFD: 31/03/2012 - 16:59:51 - [0] ----D C:\Users\Famille\AppData\Local\{C8F0236D-5F58-444A-BFB2-38AA90069483}
O43 - CFD: 08/08/2011 - 09:06:33 - [0] ----D C:\Users\Famille\AppData\Local\{CE67963E-FEA7-4B2C-B5E2-9362F633B94E}
O43 - CFD: 08/08/2011 - 08:05:45 - [0] ----D C:\Users\Famille\AppData\Local\{D5198CFB-E707-4198-ABFA-77524A9C56AE}
O43 - CFD: 08/08/2011 - 03:44:00 - [0] ----D C:\Users\Famille\AppData\Local\{DDAB6B84-9510-464B-8401-AC5F53A86E88}
O43 - CFD: 03/08/2011 - 23:51:20 - [0] ----D C:\Users\Famille\AppData\Local\{E682EAE1-9239-45A6-9B0E-1C5740B48CE5}
O43 - CFD: 13/07/2012 - 23:32:25 - [0] ----D C:\Users\Famille\AppData\Local\{E69BB797-CB7C-4536-A007-23E38BA555F7}
O43 - CFD: 12/01/2012 - 11:07:00 - [0] ----D C:\Users\Famille\AppData\Local\{F9F314EE-AA4B-43BD-ACDA-F2161F9F94DF}
O43 - CFD: 08/08/2011 - 08:07:02 - [0] ----D C:\Users\Famille\AppData\Local\{FECFF51D-BEAD-446F-9F34-249536C395FD}
O43 - CFD: 02/11/2006 - 13:54:36 - [0,015] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/07/2009 - 11:27:07 - [0,000] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/07/2012 - 13:08:56 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AlerteGPS
O43 - CFD: 15/10/2009 - 18:51:06 - [0] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Full Pack Codecs
O43 - CFD: 29/07/2012 - 21:57:08 - [0,003] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ludi
O43 - CFD: 02/11/2006 - 13:50:41 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03/11/2009 - 06:01:17 - [0,005] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pense-B�te
O43 - CFD: 17/02/2013 - 11:32:13 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 16/06/2010 - 07:47:36 - [0,002] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 25s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.3442DC85C73E15769F6A1B96F7CAF8DE] - 17/02/2013 - 16:23:13 ----- . (...) -- C:\WINDOWS\WindowsUpdate.log [1974813]
O44 - LFC:[MD5.BF7DC0927233CFB1781843BC4E67ACD0] - 17/02/2013 - 16:22:38 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584]
O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 17/02/2013 - 13:51:52 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\WINDOWS\System32\sdnclean.exe [15224]
O44 - LFC:[MD5.E828134279A6BB5EF3032F9B88D335F9] - 14/02/2013 - 11:56:04 ---A- . (.Oracle Corporation - Pas de description.) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [94112]
O44 - LFC:[MD5.ABC4230E67C8E68E070A22C1E4A8F673] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [174496]
O44 - LFC:[MD5.FBE59F564DFEEBBFCDBBDFAB54C64501] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [262560]
O44 - LFC:[MD5.4951D2D49B400A1A722BC48FADEBD6F4] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [174496]
O44 - LFC:[MD5.2616B4D6D04F18C579B7861F02B0B592] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\WINDOWS\System32\npDeployJava1.dll [861088]
O44 - LFC:[MD5.BB8996FE972847B5879FDE24F24F034E] - 14/02/2013 - 11:56:00 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [782240]
O44 - LFC:[MD5.56E85735BFAC560F4AFF5B64CFD52959] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.306C968D21746B870D2D8A03162EE516] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [103872]
O44 - LFC:[MD5.CAAF1E9D535F76D79019DFE724DFFE16] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [126420]
O44 - LFC:[MD5.7B8F9BB4C218449CFB9417D508C40D23] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [595798]
O44 - LFC:[MD5.991A328663ACAC478C71AAB512D2D201] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [678804]
O44 - LFC:[MD5.EC82D3908EE04E004D36A20958CF540D] - 07/02/2013 - 18:45:24 ---A- . (...) -- C:\WINDOWS\Bbt97.INI [56]
O44 - LFC:[MD5.D85A08214CDBDEBDCC2D3EB8C4FA32B5] - 07/02/2013 - 16:54:51 ---A- . (...) -- C:\WINDOWS\BELOTEXP.INI [34]
~ Scan Files in 00mn 54s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Scan Keys in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'�diteur de configuration de s�curit� Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\WINDOWS\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll
~ Scan Keys in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak�.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.mjpg"="pvmjpg30.dll" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"pvmjpg30.dll"="PICVideo 3 M-JPEG VfW Codec" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\binternet [Key] . (...) -- C:\Users\Famille\binternet.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe
O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (...) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NBAgent [Key] . (...) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NvSvc [Key] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvsvc.dll
O53 - SMSR:HKLM\...\startupreg\OpwareSE4 [Key] . (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: CurCS - 02/06/2008 - C:\WINDOWS\System32\drivers\iastor.sys (iaStor) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTOR
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\WINDOWS\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKLM\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.js>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
O67 - Shell Spawning: <.html>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\WINDOWS\System32\control.exe
O67 - Shell Spawning: <.cmd>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\WINDOWS\System32\eventvwr.exe
O67 - Shell Spawning: <.exe>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg>[HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\WINDOWS\regedit.exe
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://home.sweetim.com/?crg=3.1010000.10015");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.10015");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BF4AC517-DA6E-4D46-A55D-412A2B1F6E6B} - (Google) - http://www.google.fr
~ Scan Keys in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\WINDOWS\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\WINDOWS\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\WINDOWS\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\WINDOWS\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'acc�s distant.) -- C:\WINDOWS\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\WINDOWS\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\WINDOWS\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance � Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\WINDOWS\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [199168]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\WINDOWS\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\WINDOWS\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\WINDOWS\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\WINDOWS\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\WINDOWS\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\WINDOWS\System32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.5BBD552B3FD39B77F696A00C6D921422] [SPRF][10/01/2012] (...) -- C:\Users\Famille\AppData\Local\d3d9caps.dat [1356]
[MD5.6FC26F584D91A85046AEA121625057E5] [SPRF][25/10/2010] (...) -- C:\Users\Famille\AppData\Roaming\sprkwi.dat [32]
[MD5.0C561D5244170036E15C8DFAC995B796] [SPRF][24/03/2010] (...) -- C:\Users\Famille\AppData\Roaming\wklnhst.dat [116]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.3F4413DCD8D3BBABF08F68F25E6D60E1] [SPRF][16/02/2005] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [401408]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{99AC75B0-01CB-4D7E-806C-182F20C6781F}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{B71F7E93-7A2C-4544-885A-6C9152FF5298}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{0E94A681-33C4-46EF-923F-AE08B9812348}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{989F3F80-CB8F-476E-89A3-5B665F63CED4}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{11985DD7-E12F-4E87-8F91-841E03D717D9}" | In - Public - P6 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{47133D57-4ED0-4B8D-BC12-0A033EB53D6E}" | In - Public - P17 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{4A3C0D44-8FBE-4E98-A4FC-35134B383000}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "{4AD6A076-1D64-4B6F-98DE-C70847F192BE}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "TCP Query User{BBB068EF-2C9A-4D6A-8B42-A6684C48DFD4}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "UDP Query User{30CD1ED5-6E1A-48EE-8ABA-3CD5DBAE0205}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "TCP Query User{FA7F0184-2572-4697-8E18-3F20D795930F}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "UDP Query User{18E93412-5D6A-40CF-9D4F-45BD27E089AC}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "TCP Query User{A30C349B-52C2-41D5-975E-4B43164BC160}C:\program files\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{66C6A395-5E17-4AF0-8495-0D12ACBDE95B}C:\program files\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe
O87 - FAEL: "{3DFB9FC5-5AFF-4AB9-855F-F3BF2F2F218B}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{35C8EC6F-A375-4323-934F-6275F6279795}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{DB637064-90A3-4926-A36A-81E17558C548}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{16204657-EE62-4DC1-B068-ABE2CA343B81}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{C9D6B1ED-18BC-4754-8440-ACE991667147}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{A011EFC4-E17E-4D84-B36D-88F769460FA0}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{54E017D6-819B-4DEE-9545-4F201CFE969D}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{0FF2F983-7CD6-4DBA-985E-2E65E749CB2A}" | In - Domain - P6 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
O87 - FAEL: "TCP Query User{1BB2D705-4E53-4067-A981-8B4C9E356E17}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{EF610CC1-45A1-4AB1-B4FA-96F3969290BC}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{B62842D3-A853-4A39-B0C4-D647074A4FF0}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "UDP Query User{75BB331F-D399-4B04-A38F-8345DD052C64}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "{A37EB95C-B442-4725-AB4D-B942A544B178}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{F6FBAEE7-5FF4-4D62-A751-BBED19A74E83}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{585F6C9B-79BB-4080-B374-8BDFCCF2C135}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{6893B45D-5D64-4C1F-86F2-FC67EB49B2C2}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{B26E2F02-5391-4DAE-B71F-FF121D643D97}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{AB13006E-627E-46E5-86E4-7AB60C4C3C6D}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{A95C317D-2D89-4487-AED1-A591E9F83184}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "TCP Query User{3DEE73F1-F7B0-4911-B75A-C47D56D6E1FE}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.)
O87 - FAEL: "UDP Query User{CFD27752-F192-47E1-8D9E-8A1EF31A6019}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.)
O87 - FAEL: "TCP Query User{CD5A9662-F7EC-4072-9992-33E41030AA4C}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P6 - TRUE | .(.Pas de propri�taire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe
O87 - FAEL: "UDP Query User{14CA58C1-8F61-4916-8F9B-6EBBBA1C343B}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P17 - TRUE | .(.Pas de propri�taire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe
O87 - FAEL: "{B28665AD-CDBD-4EF3-A98C-1C66AF6CECEA}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{E2D8B2ED-93ED-413B-8CAB-6617D0C74581}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{6ED121D2-8577-4AFE-863D-B52444F2B50F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{4043FBD4-03A0-41FA-978A-1B8843AE7490}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
~ Scan Firewall in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.10777 - (17/02/2013)
Cl�s trouv�es (Keys found) : 22
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 1
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\binternet] =>Spyware.BHO
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Classes\Installer\Features\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKLM\Software\Classes\Installer\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow]:*.chat-land.org =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Users\Famille\AppData\Local\lollipop =>Adware.Lollipop
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\SearchPlugins\cherche.xml =>Hijacker.ChercheUS
~ Scan Additionnel in 00mn 22s
---\\ Recherche d�tournement de DNS routeur (O89) (None)
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1271C3A5DE8F0E11A8BF8BCAF6798BE8" . (.Google�Earth.) -- C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2E666343950ACA84DA7632B07FE4D22B" . (.Apple Application Support.) -- C:\Windows\Installer\{343666E2-A059-48AC-AD67-230BF74E2DB2}\WinInstall.ico
O90 - PUC: "393793D005B925c4485D773E4482F978" . (.Roxio Creator Data.) -- c:\Windows\Installer\{0D397393-9B50-4c52-84D5-77E344289F87}\RoxioCentral.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "521D59DC299285843BFEF5F65BF2AB6D" . (.Skype Toolbars.) -- C:\Windows\Installer\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}\IconUninstallIco
O90 - PUC: "61F61FCBE0CAEBA49AFE14C24F48AB15" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}\fssicon.ico
O90 - PUC: "6531AF5077EED0943A67D5AB5DE3F02A" . (.Ma-Config.com.) -- C:\Windows\Installer\{05FA1356-EE77-490D-A376-5DBAD53E0FA2}\maconfico
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.5) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "693D336E8815D9E4F8B6FB8BFB43768E" . (.Skype� 5.1.) -- C:\Windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
O90 - PUC: "72788EEDB9779A74CAFE8FC75A9FA256" . (.ScanSoft OmniPage SE 4.) -- C:\Windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\ARPPRODUCTICON.exe
O90 - PUC: "7CFCFF386C886c14782559A85423C528" . (.Roxio Creator Audio.) -- c:\Windows\Installer\{83FFCFC7-88C6-41c6-8752-958A45325C82}\RoxioCentral.exe
O90 - PUC: "8CDC4930DBAF8de41B4030938367FDFD" . (.Roxio Creator Tools.) -- c:\Windows\Installer\{0394CDC8-FABD-4ed8-B104-03393876DFDF}\RoxioCentral.exe
O90 - PUC: "987A09F2E1DDEC14FBACDB8712B3BA7C" . (.OpenOffice.org 3.4.) -- C:\Windows\Installer\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}\soffice.ico
O90 - PUC: "9B8BD42DC6BB43346991ABC156E0313D" . (.Microsoft Primary Interoperability Assemblies 2005.) -- C:\Windows\Installer\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}\[SystemFolder]msiexec.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "A8DDC9166B411a34BAC6F0E44EC80E84" . (.Roxio Creator Copy.) -- c:\Windows\Installer\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}\RoxioCentral.exe
O90 - PUC: "B0860B8CEADC9084F91983B7D60EF0C7" . (.Roxio Creator Basic v9.) -- c:\Windows\Installer\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}\RoxioCentral.exe
O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico
O90 - PUC: "B4B39F110F84E4A4EA77FD9AA69966B4" . (.Roxio Creator EasyArchive.) -- c:\Windows\Installer\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}\RoxioCentral.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "C5BA7CF5CF16FD249A321593CB1FD024" . (.Microsoft LifeCam.) -- C:\Windows\Installer\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}\LifeCamIcon.ico
O90 - PUC: "CE6FB7E67E3C7A34A830D002E4E30CB1" . (.Logiciel Intel� Viiv�.) -- C:\Windows\Installer\{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- c:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "E6E0681DE025083448335EE8F8884B37" . (.Pinnacle Studio 12 Ultimate Plugins.) -- C:\Windows\Installer\{D1860E6E-520E-4380-8433-E58E8F88B473}\ARPPRODUCTICON.exe
O90 - PUC: "E9BE140DA0988904F84915AD91A47CA2" . (.Pinnacle Studio 12.) -- C:\Windows\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe
O90 - PUC: "EC08DF9F8440F4D4B8DC77CF15C4F399" . (.Vista Codec Package.) -- C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712308267D401" . (.JavaFX 2.1.0.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-210328764D10}\javaIcon.ico
~ Scan Files in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 11/09/2006 188416 | (AlertService) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
SR - | Auto 21/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 21/07/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 208896 | (DQLWinService) . (...) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
SS - | Auto 13/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 02/06/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Auto 10/05/2006 29696 | (IntelDHSvcConf) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
SS - | Demand 11/09/2006 75264 | (ISSM) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
SS - | Demand 26624 | (M1 Server) . (...) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
SS - | Demand 05/02/2013 312704 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 11/09/2006 167936 | (MCLServiceATL) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
SS - | Demand 06/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 07/04/2011 612456 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\nvvsvc.exe
SR - | Auto 08/04/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SS - | Demand 11/09/2006 544256 | (Remote UI Service) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Demand 01/11/2006 78752 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 18/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 18/01/2008 21504 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
~ Scan Services in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Famille at 17/02/2013 19:52:34
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Harddisk0\DR0[0x85E3CAC8]
3 CLASSPNP[0x833AA8B3] -> ntkrnlpa!IofCallDriver[0x82458912] -> [0x8560FC10]
5 acpi[0x805C26BC] -> ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Ide\IdeDeviceP1T0L0-2[0x8560A390]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Famille at 17/02/2013 19:52:37
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s
End of the scan (1441 lines in 04mn 36s)(0)
Run by Famille at 17/02/2013 19:48:00
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.2 v18.0.2 (Defaut)
GCIE: Google Chrome Frame v24.0.1312.57
OBIE: Safari v5.34.57.2
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Information
~ Processor: x86 Family 15 Model 6 Stepping 4, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2045 MB (42% free)
System Restore: D�sactiv� (Disabled)
System drive C: has 114 GB (50%) free of 228 GB
---\\ Logged in mode
~ Computer Name: PC-DE-FAMILLE
~ User Name: Famille
~ All Users Names: UpdatusUser, IUSR_NMPR, Famille, Administrateur,
~ Unselected Option: O45,O61,O62
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Famille\AppData\Roaming\
~ %Desktop% : C:\Users\Famille\Desktop\
~ %Favorites% : C:\Users\Famille\Favorites\
~ %LocalAppData% : C:\Users\Famille\AppData\Local\
~ %StartMenu% : C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 114 Go of 228 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 5 Go)
E:\ CD-ROM drive (Not Inserted)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.10/04/2009 - 22:27:38.) -- C:\WINDOWS\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.18/01/2008 - 22:33:38.) -- C:\WINDOWS\System32\Wininit.exe [96768]
[MD5.02F98B5C0E397AD06124D84428CF8F1A] - (.Microsoft Corporation - Internet Extensions for Win32.) (.02/02/2012 - 23:38:26.) -- C:\WINDOWS\System32\wininet.dll [1127424]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.10/04/2009 - 22:28:14.) -- C:\WINDOWS\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\WINDOWS\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.10/04/2009 - 22:32:28.) -- C:\WINDOWS\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.18/01/2008 - 20:28:04.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.10/04/2009 - 20:39:18.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\WINDOWS\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.10/04/2009 - 20:42:44.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.18/01/2008 - 20:49:20.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.18/01/2008 - 20:56:30.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.10/04/2009 - 20:45:38.) -- C:\WINDOWS\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.10/04/2009 - 22:32:50.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\WINDOWS\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.18/01/2008 - 20:56:36.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [76288]
[MD5.E8BD98D46F2ED77132BA927FCCB47D8B] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.02/11/2006 - 10:03:00.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [242688]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.10/04/2009 - 20:45:24.) -- C:\WINDOWS\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.10/04/2009 - 20:45:58.) -- C:\WINDOWS\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.10/04/2009 - 22:32:56.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes musiques (My Musics) : 1/3
~ Mes Videos (My Videos) : 1/309
~ Mes Favoris (My Favorites) : 1/31
~ Mes Documents (My Documents) : 1/2286
~ Mon Bureau (My Desktop) : 1/134
~ Menu demarrer (Programs) : 1/161
~ Scan Hidden Files in 00mn 03s
---\\ Processus lanc�s
[MD5.C83B89C432E5CCC6BD3040EB0A6645A5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [373864] [PID.1720]
[MD5.C983E62B6FB74457D173BA93F66F6068] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.1752]
[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [125952] [PID.1792]
[MD5.A2FE5B7894C347FCAE189A01F82E0216] - (.Logiciels13 - Agenda Informatique.) -- C:\Program Files\Pense-bete\pb79g.exe [2192384] [PID.948]
[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.1032]
[MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.1424]
[MD5.B5A4EBA9487F08BECC843A87422B8052] - (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3825176] [PID.3924]
[MD5.1A113EB5F555F55A031BFACF6A57DC6E] - (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe [2388336] [PID.408]
[MD5.2D322383B45CF3726675FC887A657160] - (.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Safari\Apple Application Support\WebKit2WebProcess.exe [14184] [PID.5616]
[MD5.58ED0528F2B1BFB3301BC10E0E707C35] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.5076]
[MD5.B45F1D52C0A9519028BD95D34FFAB216] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [17304] [PID.5104]
[MD5.F7DB6336DEFE82D7EAE25A6B656ED64A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [5685760] [PID.4836]
[MD5.63391020BC1FD82E8F8073024276B0B7] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvvsvc.exe [612456] [PID.820]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1200]
[MD5.D46223F3342085D25C4F890EFEDD3254] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe [841832] [PID.1348]
[MD5.B4837FE56D76B2E9EA90E5365CF6A2BE] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe [136360] [PID.1980]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1376]
[MD5.DF5A3016052755C910A206058B4A1729] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe [269480] [PID.1740]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.936]
[MD5.A0B584C33F55545D56F9E71FB4E203AC] - (.Pas de propri�taire - DQLWinSe Application.) -- C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896] [PID.2068]
[MD5.11A220EB53F1D42B8AF0AD1210B8241D] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.2172]
[MD5.D98350792A7CE82E7459A7C36481BEDA] - (.Microsoft Corporation - MsCamSvc.exe.) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe [139632] [PID.2216]
[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096] [PID.2248]
[MD5.8C91BD35AE9AA8B628EEC5E637BB1D0F] - (.Avira GmbH - AntiVir shadow copy service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe [76968] [PID.2932]
[MD5.71E63293328BCA65B9DBBC6FDCE04B3C] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2218600] [PID.3544]
[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.1588]
[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.1520]
[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.3508]
[MD5.452DB84283EB2F043827AC95D62CE19C] - (.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [3487240] [PID.4004]
~ Scan Processes Running in 00mn 02s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Famille\AppData\Local\Google\Chrome\User Data\Default\Preferences
G0 - GCSP: Preference [User Data\Default][HomePage] http://home.sweetim.com
~ Scan Google Browser in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\prefs.js
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\user.js
M3 - MFPP: Plugins - [Famille] -- C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\searchplugins\cherche.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Famille] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Famille - r0mby9rt.default] http://www.google.fr
P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - CIG Mycamera Plugin Module.) -- C:\Program Files\Mozilla Firefox\Plugins\MyCamera.dll
P2 - FPN:Firefox Plugin Navigator . (.CANON INC. - NPCIG 1.0.0.3.) -- C:\Program Files\Mozilla Firefox\Plugins\NPCIG.dll
P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll
P2 - FPN: [HKLM] [@canon.com/CCBPL] - (.Canon Inc. - CANON iMAGE GATEWAY Album Plugin Utility Module.) -- C:\Program Files\Canon\APU\npCCBPLFirefox.dll
P2 - FPN: [HKLM] [@divx.com/DivX Browser Plugin,version=1.0.0] - (.DivX,Inc. - DivX Web Player version 1.5.0.52.) -- C:\Program Files\DivX\DivX Web Player\npdivx32.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.1.1.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10329.0.) -- c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@real.com/nppl3260;version=6.0.12.69] - (.RealNetworks, Inc. - RealPlayer(tm) LiveConnect-Enabled Plug-In.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
P2 - FPN: [HKLM] [@real.com/nprpjplug;version=6.0.12.69] - (.RealNetworks, Inc. - 6.0.12.69.) -- C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.cherche.us
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.5.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 06s
~ Nombre de lignes (Lines number): 14812
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} . (.Google Inc. - Chrome Frame renders the Web of the future.) -- C:\Program Files\Google\Chrome Frame\Application\24.0.1312.57\npchrome_frame.dll
~ Scan BHO in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [NWEReboot] Cl� orpheline
O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
O4 - HKLM\..\Run: [SDTray] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] . (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [ehTray.exe] Cl� orpheline
O4 - HKUS\S-1-5-21-923411743-1717868303-3432851698-1002-923411743-1717868303-3432851698-1001\..\Run: [WMPNSCFG] Cl� orpheline
~ Scan Application in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\UpdatusUser\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\Full Pack Codecs.lnk . (...) -- C:\Program Files\Full Pack Codecs\FullPackCodecs_FR.exe
O4 - Global Startup: C:\Users\IUSR_NMPR\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chat-Land site de chat et de
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Famille\Desktop\A la Une - Le Progr�s.URL . (...) -- C:\Users\Famille\Desktop\A la Une - Le Progr�s.URL
O4 - Global Startup: C:\Users\Famille\Desktop\ABC Bourse.URL . (...) -- C:\Users\Famille\Desktop\ABC Bourse.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL . (...) -- C:\Users\Famille\Desktop\Accueil - Cortal Consors.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Adobe Photoshop 7.0.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
O4 - Global Startup: C:\Users\Famille\Desktop\AlerteGPS G320.lnk . (...) -- C:\Program Files\AlerteGPS\G320\Launcher.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Belote en ligne, belote contr�e, belote coinch�e, tarot, coinche, scrabble, sudoku et jeux en ligne gratuits - BFmania.URL . (...) -- C:\Users\Famille\Desktop\Belote en ligne, belote contr�e, belote coinch�e
O4 - Global Startup: C:\Users\Famille\Desktop\Boursier.com.URL . (...) -- C:\Users\Famille\Desktop\Boursier.com.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\Desktop\Chat-Land site de chat et de rencontre gratuit.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Cr�dit Agricole Sud Rh�ne Alpes - Cr�dit Agricole Sud Rh�ne Alpes - Accueil - Particuliers.URL . (...) -- C:\Users\Famille\Desktop\Cr�dit Agricole Sud Rh�ne Alpes - Cr�dit Agricole Sud Rh�ne Alpes - Accueil
O4 - Global Startup: C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL . (...) -- C:\Users\Famille\Desktop\Defycards Coinche, Belote et Tarot en ligne.URL
O4 - Global Startup: C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL . (...) -- C:\Users\Famille\Desktop\EDF - Particuliers - EDF et moi au quotidien - option EJP.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Famille - Raccourci.lnk . (...) -- C:\Users\Famille
O4 - Global Startup: C:\Users\Famille\Desktop\Google.URL . (...) -- C:\Users\Famille\Desktop\Google.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Groupe APRI protection sociale en sant�, pr�voyance et retraite compl�mentaire.URL . (...) -- C:\Users\Famille\Desktop\Groupe APRI protection sociale en sant�, pr�voyance et retraite compl�mentaire.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la plan�te jardin.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Jardiner avec la Lune - Rustica, le site de la plan�te jardin.URL
O4 - Global Startup: C:\Users\Famille\Desktop\La Banque Postale.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\La Banque Postale.URL
O4 - Global Startup: C:\Users\Famille\Desktop\la coinche du sud.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\la coinche du sud.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Le Dauphin� Lib�r� - L'information en Rh�ne Alpes, Is�re, Haute-Savoie, Savoie, Vaucluse, Dr�me, Ard�che et Hautes-Alpes.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Dauphin� Lib�r� - L'inf
O4 - Global Startup: C:\Users\Famille\Desktop\Le Progr�s de Lyon - Avis de d�c�s.URL . (.Microsoft Corporation.) -- C:\Users\Famille\Desktop\Le Progr�s de Lyon - Avis de d�c�s.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Ludi.lnk - Cl� orpheline
O4 - Global Startup: C:\Users\Famille\Desktop\mail Orange.URL . (...) -- C:\Users\Famille\Desktop\mail Orange.URL
O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 12 jours.URL . (...) -- C:\Users\Famille\Desktop\meteo a 12 jours.URL
O4 - Global Startup: C:\Users\Famille\Desktop\meteo a 7 jourd.URL . (...) -- C:\Users\Famille\Desktop\meteo a 7 jourd.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Microsoft Works.LNK . (.Microsoft� Corporation.) -- C:\Program Files\Microsoft Works\MSWorks.exe
O4 - Global Startup: C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL . (...) -- C:\Users\Famille\Desktop\PlayOK - Dame de pique - Jouez gratuitement en ligne!.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Trading-sat.URL . (.Safer Networking Limited.) -- C:\Users\Famille\Desktop\Trading-sat.URL
O4 - Global Startup: C:\Users\Famille\Desktop\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - Global Startup: C:\Users\Famille\Desktop\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Apple Safari.lnk . (...) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\SafariIco.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat et de rencontre gratuit.URL . (...) -- C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Chat-Land site de chat
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO PhotoOnWeb.lnk . (.VSO Software.) -- C:\Program Files\VSO\PhotoOnWeb\PhotoOnWeb.exe
O4 - Global Startup: C:\Users\Famille\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Live Messenger .lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Scan Global Startup in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
~ Scan IE Extra Buttons in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d�espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.chat-land.org
~ Scan IE Zone Confiance in 00mn 03s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{882A2772-A37C-4F49-89E9-240C9F0113E4}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: SDWinLogon . (...) -- SDWinLogon.dll
~ Scan Winlogon in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\WINDOWS\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DQLWinService (DQLWinService) . (.Pas de propri�taire - DQLWinSe Application.) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Intel DH Service (IntelDHSvcConf) . (.Intel(R) Corporation - Intel(R) Factory Mode Service.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) - C:\WINDOWS\System32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
~ Scan Services in 00mn 05s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (sdnclean.exe) - File not found
~ Scan Keys in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Refresh immunization (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Scan the system (Spybot - Search & Destroy).job
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Spybot - Search & Destroy - Scheduled Task.job
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 1)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 2)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 3)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Daily 4)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Ad-Aware Update (Weekly)] (...) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe (.not file.)
[MD5.452DB84283EB2F043827AC95D62CE19C] [APT] [Check for updates (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] [APT] [IntenetServiceOffers] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.)
[MD5.36A82C214B46787385F3B0CD02ECAA88] [APT] [Refresh immunization (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
[MD5.00000000000000000000000000000000] [APT] [Registration] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe (.not file.)
[MD5.E4A0900CF535888DDD85B10040CA3E34] [APT] [Scan the system (Spybot - Search & Destroy)] (.Safer-Networking Ltd..) -- C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
[MD5.0477C2F9171599CA5BC3307FDFBA8D89] [APT] [Spybot - Search & Destroy - Scheduled Task] (.Safer Networking Limited.) -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
[MD5.61CFEDAF9C527A1463F34F71240F9BB5] [APT] [{2D87AB58-6C03-48D3-AFAB-2A47AB0F9C6E}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe
[MD5.ACBE7D5694C1B7BBB8ADF19470EDB59F] [APT] [{AAB8C008-C670-4985-9698-1EDD13C068F0}] (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\uninstall\helper.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 05s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - IEAK branding.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\WINDOWS\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\WINDOWS\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\WINDOWS\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - IE Per-User Initialization Utility.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.3 r181.) -- C:\Windows\system32\Macromed\Flash\Flash10q.ocx
~ Scan Active Setup in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys
O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\WINDOWS\System32\DRIVERS\avipbb.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\WINDOWS\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\WINDOWS\System32\Drivers\dfsc.sys
O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys
O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys
O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys
O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys
O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\WINDOWS\System32\drivers\nsiproxy.sys
O41 - Driver: C:\WINDOWS\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\WINDOWS\System32\DRIVERS\pacer.sys
O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys
O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys
O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\drivers\rdpencdd.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\WINDOWS\System32\DRIVERS\smb.sys
O41 - Driver: (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\WINDOWS\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\WINDOWS\System32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys
O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\WINDOWS\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Photoshop 7.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Photoshop 7.0
O42 - Logiciel: Adobe Reader X (10.1.5) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player
O42 - Logiciel: AlerteGPS G320 - (.Pas de propri�taire.) [HKCU] -- AlerteGPS G320
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {343666E2-A059-48AC-AD67-230BF74E2DB2}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: Boris Graffiti - (.Boris FX, Inc..) [HKLM] -- {262BF2CD-601D-4F43-919C-4B00B1D1F338}
O42 - Logiciel: CANON iMAGE GATEWAY Album Plugin Utility - (.Canon Inc..) [HKLM] -- APU
O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CANON iMAGE GATEWAY Task
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CD-LabelPrint - (.Pas de propri�taire.) [HKLM] -- MediaNavigation.CDLabelPrint
O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1
O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- Canon Internet Library for ZoomBrowser EX
O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM] -- Canon MOV Decoder
O42 - Logiciel: Canon MP Navigator EX 1.0 - (.Pas de propri�taire.) [HKLM] -- MP Navigator EX 1.0
O42 - Logiciel: Canon MP610 series - (.Pas de propri�taire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series
O42 - Logiciel: Canon Utilities CameraWindow - (.Canon Inc..) [HKLM] -- CameraWindowLauncher
O42 - Logiciel: Canon Utilities CameraWindow DC - (.Canon Inc..) [HKLM] -- CameraWindowDC
O42 - Logiciel: Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- CameraWindowDVC6
O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propri�taire.) [HKLM] -- Easy-PhotoPrint EX
O42 - Logiciel: Canon Utilities My Printer - (.Pas de propri�taire.) [HKLM] -- CanonMyPrinter
O42 - Logiciel: Canon Utilities MyCamera - (.Canon Inc..) [HKLM] -- MyCamera
O42 - Logiciel: Canon Utilities MyCamera DC - (.Canon Inc..) [HKLM] -- MyCameraDC
O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM] -- PhotoStitch
O42 - Logiciel: Canon Utilities RemoteCapture Task for ZoomBrowser EX - (.Canon Inc..) [HKLM] -- RemoteCaptureTask
O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propri�taire.) [HKLM] -- CanonSolutionMenu
O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM] -- ZoomBrowser EX
O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM] -- ZoomBrowser EX Memory Card Utility
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM] -- DivX Plus DirectShow Filters
O42 - Logiciel: DivX Web Player - (.DivX,Inc..) [HKLM] -- {B7050CBDB2504B34BC2A9CA0A692CC29}
O42 - Logiciel: Driver Genius - (.Driver-Soft Inc..) [HKLM] -- Driver Genius_is1
O42 - Logiciel: Enregistrement utilisateur de Canon MP610 series - (.Pas de propri�taire.) [HKLM] -- Enregistrement utilisateur de Canon MP610 series
O42 - Logiciel: Full Pack Codecs - (.Electronic Commerce Factory S.L..) [HKLM] -- Full Pack
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: Google�Chrome Frame - (.Google Inc..) [HKLM] -- Google Chrome Frame
O42 - Logiciel: Google�Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}
O42 - Logiciel: HD Tune 2.55 - (.EFD Software.) [HKLM] -- HD Tune_is1
O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}
O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {FE57DE70-95DE-4B64-9266-84DA811053DB}
O42 - Logiciel: Intel(R) Matrix Storage Manager - (.Pas de propri�taire.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF}
O42 - Logiciel: Java(TM) 6 Update 23 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216023FF}
O42 - Logiciel: JavaFX 2.1.0 - (.Oracle Corporation.) [HKLM] -- {1111706F-666A-4037-7777-210328764D10}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: Logiciel Intel� Viiv� - (.Intel Corporation.) [HKLM] -- Intel(R) Configuration Center
O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propri�taire.) [HKLM] -- WinRAR archiver
O42 - Logiciel: Ludi - (.Pas de propri�taire.) [HKLM] -- Ludi
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {05FA1356-EE77-490D-A376-5DBAD53E0FA2}
O42 - Logiciel: Magic Bullet Looks Studio - (.Pas de propri�taire.) [HKLM] -- Magic Bullet Looks Studio
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}
O42 - Logiciel: Microsoft LifeCam - (.Microsoft Corporation.) [HKLM] -- {5FC7AB5C-61FC-42DF-A923-5139BCF10D42}
O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}
O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {CFF8B8E8-E086-4DE0-935F-FE22CAB54F80}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}
O42 - Logiciel: Mises � jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 18.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}
O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: OcxSetup - (.Hewlett-Packard Company.) [HKLM] -- {C3DC29BC-A8CF-4578-9DFC-37F049C44771}
O42 - Logiciel: OpenOffice.org 3.4 - (.OpenOffice.org.) [HKLM] -- {2F90A789-DD1E-41CE-BFCA-BD78213BABC7}
O42 - Logiciel: Outils de diagnostic du mat�riel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows
O42 - Logiciel: PCI Audio Driver - (.Pas de propri�taire.) [HKLM] -- PCI Audio Driver
O42 - Logiciel: Pense-Bete 79g - (.Pas de propri�taire.) [HKLM] -- Pense-B�te 7.9g_is1
O42 - Logiciel: Pilote vid�o Pinnacle - (.Pinnacle Systems.) [HKLM] -- {5EB90C06-964F-4195-B83E-BD7E55C88415}
O42 - Logiciel: Pinnacle Studio 12 - (.Pinnacle Systems.) [HKLM] -- {D041EB9E-890A-4098-8F94-51DA194AC72A}
O42 - Logiciel: Pinnacle Studio 12 Ultimate Plugins - (.Pinnacle Systems.) [HKLM] -- {D1860E6E-520E-4380-8433-E58E8F88B473}
O42 - Logiciel: Python 2.4.3 - (.Martin v. L�wis.) [HKLM] -- {75E71ADD-042C-4F30-BFAC-A9EC42351313}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Roxio Creator Audio - (.Roxio.) [HKLM] -- {83FFCFC7-88C6-41c6-8752-958A45325C82}
O42 - Logiciel: Roxio Creator Basic v9 - (.Roxio.) [HKLM] -- {C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
O42 - Logiciel: Roxio Creator Copy - (.Roxio.) [HKLM] -- {619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
O42 - Logiciel: Roxio Creator Data - (.Roxio.) [HKLM] -- {0D397393-9B50-4c52-84D5-77E344289F87}
O42 - Logiciel: Roxio Creator EasyArchive - (.Roxio.) [HKLM] -- {11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
O42 - Logiciel: Roxio Creator Tools - (.Roxio.) [HKLM] -- {0394CDC8-FABD-4ed8-B104-03393876DFDF}
O42 - Logiciel: Roxio Express Labeler 3 - (.Roxio.) [HKLM] -- {6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
O42 - Logiciel: Safari - (.Apple Inc..) [HKLM] -- {C779648B-410E-4BBA-B75B-5815BCEFE71D}
O42 - Logiciel: ScanSoft OmniPage SE 4 - (.Nuance Communications, Inc..) [HKLM] -- {DEE88727-779B-47A9-ACEF-F87CA5F92A65}
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906
O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}
O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
O42 - Logiciel: Skype� 5.1 - (.Skype Technologies S.A..) [HKLM] -- {E633D396-5188-4E9D-8F6B-BFB8BF3467E8}
O42 - Logiciel: Solution de clavier multim�dia am�lior� - (.Hewlett-Packard.) [HKLM] -- KBD
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1
O42 - Logiciel: SureThing Express Labeler - (.MicroVision Development, Inc..) [HKLM] -- stax-Pinnacle_is1
O42 - Logiciel: VC80CRTRedist - 8.0.50727.762 - (.DivX, Inc.) [HKLM] -- {767CC44C-9BBC-438D-BAD3-FD4595DD148B}
O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player
O42 - Logiciel: VSO PhotoOnWeb 0.9.1e - (.VSO-Software SARL.) [HKLM] -- VSO PhotoOnWeb_is1
O42 - Logiciel: Vista Codec Package - (..) [HKLM] -- {F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}
O42 - Logiciel: WinZip 12.1 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240B8}
O42 - Logiciel: proDAD Vitascene 1.0 - (.Pas de propri�taire.) [HKLM] -- proDAD-Vitascene-1.0
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AC3filter]
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Macromedia]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BitDefender]
[HKCU\Software\CDBurnerXP]
[HKCU\Software\CanonBJ]
[HKCU\Software\Canon]
[HKCU\Software\Canon_Inc_IC]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CoreVorbis]
[HKCU\Software\DivXNetworks]
[HKCU\Software\EasyBits]
[HKCU\Software\EffectMgr]
[HKCU\Software\GNU]
[HKCU\Software\Gabest]
[HKCU\Software\Google]
[HKCU\Software\Haali]
[HKCU\Software\Hewlett-Packard]
[HKCU\Software\IM Providers]
[HKCU\Software\JEDI-VCL]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lavasoft]
[HKCU\Software\Licenses]
[HKCU\Software\LightScribe]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Logicool]
[HKCU\Software\Logitech]
[HKCU\Software\Ludi]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaNavigation]
[HKCU\Software\MicroVision]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Nero]
[HKCU\Software\Netscape]
[HKCU\Software\Nico Mak Computing]
[HKCU\Software\OpenOffice.org]
[HKCU\Software\Pense-bete]
[HKCU\Software\Pinnacle Systems]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\RealNetworks]
[HKCU\Software\Red Giant Software]
[HKCU\Software\Roxio]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\ScanSoft]
[HKCU\Software\Skype]
[HKCU\Software\Sonic]
[HKCU\Software\Trolltech]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\VOB]
[HKCU\Software\VSO]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\WinZip Computing]
[HKCU\Software\Windows Live Writer]
[HKCU\Software\Wow6432Node]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\cybelsoft]
[HKCU\Software\lollipop]
[HKCU\Software\madFlac]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Ahead]
[HKLM\Software\AppDataLow]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\Boris FX, Inc.]
[HKLM\Software\C-Media]
[HKLM\Software\Canon]
[HKLM\Software\Canon_Inc_IC]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\DivXNetworks]
[HKLM\Software\DivX]
[HKLM\Software\Driver-Soft]
[HKLM\Software\FAST Multimedia]
[HKLM\Software\GIMP_Back_Mode]
[HKLM\Software\GNU]
[HKLM\Software\Google]
[HKLM\Software\HaaliMkx]
[HKLM\Software\Hewlett-Packard]
[HKLM\Software\InstallShield]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Lavasoft]
[HKLM\Software\Ligos Corporation]
[HKLM\Software\Logitech]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MicroVision]
[HKLM\Software\MimarSinan]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\Nero]
[HKLM\Software\Nico Mak Computing]
[HKLM\Software\ODBC]
[HKLM\Software\OpenOffice.org]
[HKLM\Software\Oracle]
[HKLM\Software\PC-Doctor]
[HKLM\Software\Pegasus Imaging]
[HKLM\Software\PegasusImaging]
[HKLM\Software\Pinnacle Systems]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RealNetworks]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\Red Giant Software]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Roxio]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\ScanSoft]
[HKLM\Software\Skype]
[HKLM\Software\Sonic]
[HKLM\Software\SymNRT]
[HKLM\Software\Symantec]
[HKLM\Software\Systweak]
[HKLM\Software\Uniblue]
[HKLM\Software\VSO]
[HKLM\Software\VideoLAN]
[HKLM\Software\Vittalia]
[HKLM\Software\Volatile]
[HKLM\Software\Wilson WindowWare]
[HKLM\Software\WinRAR]
[HKLM\Software\Windows]
[HKLM\Software\Wow6432Node]
[HKLM\Software\WwGame]
[HKLM\Software\X-AVCSD]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
[HKLM\Software\proDAD]
~ Scan Softwares in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 25/03/2010 - 08:41:04 - [0] ----D C:\Program Files\7-Zip
O43 - CFD: 21/05/2012 - 10:17:57 - [253,918] ----D C:\Program Files\Adobe
O43 - CFD: 18/11/2010 - 16:10:20 - [33,049] ----D C:\Program Files\AlerteGPS
O43 - CFD: 03/02/2012 - 00:23:20 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 02/05/2012 - 11:11:44 - [196,892] ----D C:\Program Files\Avira
O43 - CFD: 03/02/2012 - 00:24:09 - [0,602] ----D C:\Program Files\Bonjour
O43 - CFD: 21/02/2010 - 12:21:12 - [295,604] ----D C:\Program Files\Boris FX, Inc
O43 - CFD: 14/02/2013 - 20:23:58 - [486,784] ----D C:\Program Files\Canon
O43 - CFD: 07/08/2009 - 04:51:04 - [24,161] --H-D C:\Program Files\CanonBJ
O43 - CFD: 15/01/2011 - 18:26:22 - [3,351] ----D C:\Program Files\CCleaner
O43 - CFD: 01/08/2009 - 10:29:06 - [6,474] ----D C:\Program Files\CDBurnerXP
O43 - CFD: 25/08/2012 - 09:14:43 - [526,761] ----D C:\Program Files\Common Files
O43 - CFD: 16/09/2010 - 07:48:47 - [6,842] ----D C:\Program Files\DivX
O43 - CFD: 17/02/2013 - 16:55:42 - [25,730] ----D C:\Program Files\Driver-Soft
O43 - CFD: 30/07/2009 - 11:18:10 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 15/10/2009 - 18:51:07 - [0,278] ----D C:\Program Files\Full Pack Codecs
O43 - CFD: 15/11/2011 - 19:18:30 - [422,328] ----D C:\Program Files\Google
O43 - CFD: 17/02/2013 - 10:01:38 - [1,234] ----D C:\Program Files\HD Tune
O43 - CFD: 30/07/2009 - 11:42:53 - [0,692] ----D C:\Program Files\Hewlett-Packard
O43 - CFD: 31/07/2009 - 16:30:36 - [3,808] ----D C:\Program Files\HP
O43 - CFD: 09/11/2011 - 18:35:05 - [11,067] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 05/01/2012 - 19:33:57 - [3,965] ----D C:\Program Files\InstantTouch
O43 - CFD: 01/12/2006 - 09:59:47 - [30,096] ----D C:\Program Files\Intel
O43 - CFD: 02/02/2012 - 23:39:44 - [5,111] ----D C:\Program Files\Internet Explorer
O43 - CFD: 14/02/2013 - 11:55:57 - [208,542] ----D C:\Program Files\Java
O43 - CFD: 21/02/2010 - 12:21:35 - [9,120] ----D C:\Program Files\LooksBuilderSE
O43 - CFD: 29/07/2012 - 22:01:31 - [0,728] ----D C:\Program Files\Ludi
O43 - CFD: 17/02/2013 - 16:50:40 - [7,358] ----D C:\Program Files\ma-config.com
O43 - CFD: 15/02/2013 - 06:40:04 - [12,308] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 31/07/2009 - 14:49:22 - [2,541] ----D C:\Program Files\Microsoft
O43 - CFD: 31/07/2009 - 15:18:09 - [0,764] ----D C:\Program Files\Microsoft CAPICOM 2.1.0.2
O43 - CFD: 02/11/2006 - 13:37:34 - [89,117] ----D C:\Program Files\Microsoft Games
O43 - CFD: 21/02/2011 - 11:45:14 - [50,217] ----D C:\Program Files\Microsoft LifeCam
O43 - CFD: 01/08/2009 - 10:35:26 - [33,229] ----D C:\Program Files\Microsoft Office
O43 - CFD: 13/05/2012 - 21:31:33 - [36,641] ----D C:\Program Files\Microsoft Silverlight
O43 - CFD: 09/08/2009 - 07:56:06 - [1,745] ----D C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 24/10/2009 - 08:44:21 - [143,405] ----D C:\Program Files\Microsoft Works
O43 - CFD: 09/11/2010 - 05:53:43 - [7,789] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 16/09/2010 - 17:20:27 - [94,740] ----D C:\Program Files\Movie Maker
O43 - CFD: 06/02/2013 - 21:14:50 - [46,621] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 07/02/2013 - 03:33:42 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 13:37:34 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 01/08/2009 - 10:35:21 - [26,600] ----D C:\Program Files\MSECache
O43 - CFD: 31/07/2009 - 13:29:56 - [0] ----D C:\Program Files\MSXML 4.0
O43 - CFD: 09/11/2011 - 18:25:37 - [317,631] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 22/09/2012 - 18:51:47 - [291,676] ----D C:\Program Files\OpenOffice.org 3
O43 - CFD: 02/06/2012 - 12:44:23 - [33,186] ----D C:\Program Files\Oracle
O43 - CFD: 01/12/2006 - 10:20:52 - [103,184] ----D C:\Program Files\PC-Doctor 5 for Windows
O43 - CFD: 03/11/2009 - 06:01:17 - [5,946] ----D C:\Program Files\Pense-bete
O43 - CFD: 21/02/2010 - 12:18:03 - [1240,926] ----D C:\Program Files\Pinnacle
O43 - CFD: 21/02/2010 - 12:21:37 - [116,969] ----D C:\Program Files\proDAD
O43 - CFD: 09/11/2011 - 18:24:23 - [24,170] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:37:34 - [36,902] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 01/12/2006 - 10:01:53 - [15,440] ----D C:\Program Files\Roxio
O43 - CFD: 14/05/2012 - 10:49:41 - [102,605] ----D C:\Program Files\Safari
O43 - CFD: 06/08/2009 - 07:36:46 - [115,938] ----D C:\Program Files\ScanSoft
O43 - CFD: 31/07/2009 - 12:59:00 - [0,438] ----D C:\Program Files\Services en ligne
O43 - CFD: 17/02/2011 - 13:43:59 - [26,964] R---D C:\Program Files\Skype
O43 - CFD: 17/02/2013 - 14:46:23 - [66,642] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 17/02/2013 - 13:52:06 - [152,202] ----D C:\Program Files\Spybot - Search & Destroy 2
O43 - CFD: 05/03/2010 - 19:44:01 - [13,149] ----D C:\Program Files\SureThing Express Labeler
O43 - CFD: 27/04/2012 - 04:17:40 - [0,386] ----D C:\Program Files\Trend Micro
O43 - CFD: 02/11/2006 - 14:01:55 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 01/08/2009 - 10:31:53 - [71,017] ----D C:\Program Files\VideoLAN
O43 - CFD: 01/08/2009 - 10:31:11 - [44,628] ----D C:\Program Files\VistaCodecPack
O43 - CFD: 05/12/2009 - 22:29:46 - [28,419] ----D C:\Program Files\VSO
O43 - CFD: 31/07/2009 - 19:14:44 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 31/07/2009 - 19:14:43 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 31/07/2009 - 19:14:42 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 31/07/2009 - 19:14:43 - [6,756] ----D C:\Program Files\Windows Journal
O43 - CFD: 08/08/2011 - 08:58:06 - [148,710] ----D C:\Program Files\Windows Live
O43 - CFD: 02/02/2012 - 23:39:37 - [8,694] ----D C:\Program Files\Windows Mail
O43 - CFD: 05/11/2010 - 11:19:22 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 30/07/2009 - 11:18:10 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 31/07/2009 - 19:14:43 - [12,902] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 04/12/2009 - 04:04:33 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 31/07/2009 - 19:14:43 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 16/06/2010 - 07:47:36 - [3,706] ----D C:\Program Files\WinRAR
O43 - CFD: 16/12/2009 - 19:17:21 - [15,721] ----D C:\Program Files\WinZip
O43 - CFD: 17/02/2013 - 19:48:29 - [15,536] ----D C:\Program Files\ZHPDiag
O43 - CFD: 21/05/2012 - 10:18:10 - [51,639] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 03/02/2012 - 00:23:38 - [60,457] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 05/12/2009 - 20:24:26 - [2,252] ----D C:\Program Files\Common Files\CANON
O43 - CFD: 01/08/2009 - 10:30:09 - [7,653] ----D C:\Program Files\Common Files\DivX Shared
O43 - CFD: 01/12/2006 - 10:18:09 - [9,500] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 01/12/2006 - 09:59:47 - [48,782] ----D C:\Program Files\Common Files\Intel
O43 - CFD: 25/08/2012 - 09:14:43 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 16/09/2010 - 07:49:39 - [1,505] ---AD C:\Program Files\Common Files\LightScribe
O43 - CFD: 01/12/2006 - 10:02:12 - [0,066] ---AD C:\Program Files\Common Files\LS Getting Started
O43 - CFD: 08/08/2011 - 08:57:40 - [265,394] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 21/02/2010 - 11:52:16 - [3,229] ----D C:\Program Files\Common Files\Pinnacle
O43 - CFD: 01/12/2006 - 10:01:39 - [23,190] ----D C:\Program Files\Common Files\Roxio Shared
O43 - CFD: 06/08/2009 - 07:37:08 - [0,201] ----D C:\Program Files\Common Files\ScanSoft Shared
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 17/02/2011 - 13:42:40 - [2,150] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 01/12/2006 - 10:01:42 - [1,031] ----D C:\Program Files\Common Files\Sonic Shared
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 21/02/2010 - 12:12:40 - [0,696] ----D C:\Program Files\Common Files\SureThing Shared
O43 - CFD: 02/02/2012 - 20:02:13 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 31/07/2009 - 13:43:38 - [0] ----D C:\Program Files\Common Files\Windows Live
O43 - CFD: 21/02/2010 - 11:47:56 - [0,301] ----D C:\Program Files\Common Files\Yahoo!
O43 - CFD: 21/05/2012 - 10:18:02 - [167,478] ----D C:\ProgramData\Adobe
O43 - CFD: 03/02/2012 - 00:23:18 - [26,388] ----D C:\ProgramData\Apple
O43 - CFD: 03/02/2012 - 00:24:23 - [90,984] ----D C:\ProgramData\Apple Computer
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 02/05/2012 - 11:11:44 - [88,833] ----D C:\ProgramData\Avira
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 07/08/2009 - 04:51:44 - [18,027] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 18/09/2010 - 08:16:59 - [0,000] --H-D C:\ProgramData\CanonIJEGV
O43 - CFD: 21/10/2010 - 10:18:12 - [0,000] --H-D C:\ProgramData\CanonIJEPPEX
O43 - CFD: 18/09/2010 - 08:12:10 - [0,000] --H-D C:\ProgramData\CanonIJMyPrinter
O43 - CFD: 18/09/2010 - 08:12:27 - [0,000] --H-D C:\ProgramData\CanonIJSolutionMenu
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 17/02/2013 - 16:56:19 - [0,001] ----D C:\ProgramData\DriverGenius
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 23/02/2011 - 12:49:02 - [0] ----D C:\ProgramData\Google
O43 - CFD: 01/12/2006 - 10:27:19 - [0,614] ----D C:\ProgramData\Hewlett-Packard
O43 - CFD: 01/12/2006 - 10:07:49 - [0,001] ----D C:\ProgramData\InstallShield
O43 - CFD: 01/12/2006 - 09:59:48 - [0,000] ----D C:\ProgramData\Intel
O43 - CFD: 12/09/2010 - 14:39:03 - [0,010] ----D C:\ProgramData\LightScribe
O43 - CFD: 17/02/2013 - 16:50:40 - [1,526] ----D C:\ProgramData\ma-config.com
O43 - CFD: 03/04/2010 - 07:16:27 - [16,418] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Menu D�marrer
O43 - CFD: 17/02/2013 - 13:52:05 - [420,940] -S--D C:\ProgramData\Microsoft
O43 - CFD: 30/07/2009 - 11:18:10 - [0] --H-D C:\ProgramData\Mod�les
O43 - CFD: 27/04/2012 - 06:03:24 - [0,001] ----D C:\ProgramData\Mozilla
O43 - CFD: 12/09/2010 - 14:22:13 - [0,001] ----D C:\ProgramData\Nero
O43 - CFD: 09/11/2011 - 17:57:04 - [2,303] ----D C:\ProgramData\NVIDIA
O43 - CFD: 09/11/2011 - 10:28:25 - [0,552] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 17/07/2011 - 10:22:01 - [0] ----D C:\ProgramData\PhotoStitch
O43 - CFD: 21/02/2010 - 11:47:56 - [0,438] ----D C:\ProgramData\Pinnacle
O43 - CFD: 21/02/2010 - 11:47:56 - [0] ----D C:\ProgramData\Pinnacle Studio Plus
O43 - CFD: 21/02/2010 - 11:52:01 - [0,035] ----D C:\ProgramData\Pinnacle Studio Ultimate
O43 - CFD: 12/09/2010 - 12:16:28 - [0] ----D C:\ProgramData\Roxio
O43 - CFD: 06/08/2009 - 07:37:11 - [0,128] ----D C:\ProgramData\ScanSoft
O43 - CFD: 17/02/2011 - 13:42:37 - [24,809] ----D C:\ProgramData\Skype
O43 - CFD: 12/09/2010 - 12:16:06 - [0,001] ----D C:\ProgramData\Sonic
O43 - CFD: 17/02/2013 - 16:24:33 - [0,015] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 21/02/2010 - 11:47:56 - [127,878] ----D C:\ProgramData\Studio 12
O43 - CFD: 15/01/2011 - 18:25:41 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 01/08/2009 - 10:31:11 - [18,762] ----D C:\ProgramData\VistaCodecs
O43 - CFD: 28/04/2010 - 16:44:54 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 16/12/2009 - 19:17:46 - [0,000] ----D C:\ProgramData\WinZip
O43 - CFD: 08/11/2009 - 14:31:48 - [0] ----D C:\ProgramData\ZoomBrowser
O43 - CFD: 01/09/2011 - 22:34:06 - [0,010] ----D C:\ProgramData\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}
O43 - CFD: 17/07/2011 - 11:56:12 - [13,532] ----D C:\Users\Famille\AppData\Roaming\Adobe
O43 - CFD: 03/02/2012 - 05:41:45 - [4,431] ----D C:\Users\Famille\AppData\Roaming\Apple Computer
O43 - CFD: 06/08/2010 - 19:41:14 - [0] ----D C:\Users\Famille\AppData\Roaming\Ariane Software
O43 - CFD: 02/05/2012 - 11:15:11 - [0] ----D C:\Users\Famille\AppData\Roaming\Avira
O43 - CFD: 01/08/2009 - 10:29:24 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Canneverbe_Limited
O43 - CFD: 17/07/2011 - 10:09:08 - [4,024] ----D C:\Users\Famille\AppData\Roaming\Canon
O43 - CFD: 10/09/2009 - 22:18:53 - [0] ----D C:\Users\Famille\AppData\Roaming\DivX
O43 - CFD: 15/06/2011 - 12:57:12 - [0] ----D C:\Users\Famille\AppData\Roaming\Download Manager
O43 - CFD: 29/01/2013 - 07:06:02 - [0,000] ----D C:\Users\Famille\AppData\Roaming\dvdcss
O43 - CFD: 24/04/2010 - 21:51:03 - [0,000] ----D C:\Users\Famille\AppData\Roaming\gtk-2.0
O43 - CFD: 30/07/2009 - 11:23:29 - [0] ----D C:\Users\Famille\AppData\Roaming\Hewlett-Packard
O43 - CFD: 30/07/2009 - 11:27:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Identities
O43 - CFD: 31/07/2009 - 16:33:42 - [0] ----D C:\Users\Famille\AppData\Roaming\InstallShield
O43 - CFD: 01/08/2009 - 09:37:03 - [0,001] ----D C:\Users\Famille\AppData\Roaming\Macromedia
O43 - CFD: 03/04/2010 - 07:16:39 - [0] ----D C:\Users\Famille\AppData\Roaming\Malwarebytes
O43 - CFD: 02/11/2006 - 13:37:34 - [0] ----D C:\Users\Famille\AppData\Roaming\Media Center Programs
O43 - CFD: 02/01/2012 - 15:21:50 - [1584,742] -S--D C:\Users\Famille\AppData\Roaming\Microsoft
O43 - CFD: 06/08/2009 - 03:27:04 - [17,966] ----D C:\Users\Famille\AppData\Roaming\Mozilla
O43 - CFD: 12/09/2010 - 14:28:20 - [0,131] ----D C:\Users\Famille\AppData\Roaming\Nero
O43 - CFD: 01/08/2009 - 10:38:05 - [37,592] ----D C:\Users\Famille\AppData\Roaming\OpenOffice.org
O43 - CFD: 24/04/2010 - 23:07:42 - [0,000] ----D C:\Users\Famille\AppData\Roaming\PhotoFiltre
O43 - CFD: 21/02/2010 - 12:21:38 - [0,064] ----D C:\Users\Famille\AppData\Roaming\proDAD
O43 - CFD: 14/11/2010 - 09:00:39 - [0,120] ----D C:\Users\Famille\AppData\Roaming\QuickScan
O43 - CFD: 04/08/2009 - 21:50:15 - [0] ----D C:\Users\Famille\AppData\Roaming\Real
O43 - CFD: 12/09/2010 - 12:16:27 - [0] ----D C:\Users\Famille\AppData\Roaming\Roxio
O43 - CFD: 06/08/2009 - 07:37:13 - [0] ----D C:\Users\Famille\AppData\Roaming\ScanSoft
O43 - CFD: 26/09/2011 - 09:21:37 - [3,990] ----D C:\Users\Famille\AppData\Roaming\Skype
O43 - CFD: 26/09/2011 - 16:46:40 - [0,027] ----D C:\Users\Famille\AppData\Roaming\skypePM
O43 - CFD: 22/09/2012 - 18:46:28 - [0] ----D C:\Users\Famille\AppData\Roaming\Systweak
O43 - CFD: 08/08/2009 - 20:48:16 - [0,028] ----D C:\Users\Famille\AppData\Roaming\Template
O43 - CFD: 01/08/2009 - 10:31:11 - [0,001] ----D C:\Users\Famille\AppData\Roaming\VistaCodecs
O43 - CFD: 17/02/2013 - 06:46:38 - [0,454] ----D C:\Users\Famille\AppData\Roaming\vlc
O43 - CFD: 31/03/2012 - 10:39:22 - [5,048] ----D C:\Users\Famille\AppData\Roaming\VSO
O43 - CFD: 31/07/2009 - 16:17:32 - [0] ----D C:\Users\Famille\AppData\Roaming\WinBatch
O43 - CFD: 09/08/2009 - 09:29:00 - [0] ----D C:\Users\Famille\AppData\Roaming\Windows Live Writer
O43 - CFD: 08/07/2010 - 14:24:41 - [0,000] ----D C:\Users\Famille\AppData\Roaming\WinRAR
O43 - CFD: 08/11/2009 - 14:46:35 - [0] ----D C:\Users\Famille\AppData\Roaming\ZoomBrowser EX
O43 - CFD: 15/01/2011 - 18:09:21 - [15,776] ----D C:\Users\Famille\AppData\Local\Adobe
O43 - CFD: 03/02/2012 - 00:23:22 - [0] ----D C:\Users\Famille\AppData\Local\Apple
O43 - CFD: 03/02/2012 - 00:25:12 - [111,863] ----D C:\Users\Famille\AppData\Local\Apple Computer
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Application Data
O43 - CFD: 14/02/2013 - 21:16:20 - [0,017] ----D C:\Users\Famille\AppData\Local\Canon Easy-PhotoPrint EX
O43 - CFD: 21/02/2010 - 11:52:14 - [5,073] ----D C:\Users\Famille\AppData\Local\Downloaded Installations
O43 - CFD: 19/03/2011 - 16:20:41 - [30,909] ----D C:\Users\Famille\AppData\Local\Google
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Historique
O43 - CFD: 14/02/2013 - 09:15:32 - [0] ----D C:\Users\Famille\AppData\Local\Lollipop
O43 - CFD: 18/12/2012 - 21:36:25 - [34,323] ----D C:\Users\Famille\AppData\Local\Ludi
O43 - CFD: 21/02/2011 - 12:09:19 - [672,165] ----D C:\Users\Famille\AppData\Local\Microsoft
O43 - CFD: 17/08/2009 - 14:23:55 - [0,000] ----D C:\Users\Famille\AppData\Local\Microsoft Games
O43 - CFD: 12/09/2010 - 12:35:49 - [0,075] ----D C:\Users\Famille\AppData\Local\MicroVision Applications
O43 - CFD: 06/08/2009 - 03:26:50 - [61,554] ----D C:\Users\Famille\AppData\Local\Mozilla
O43 - CFD: 12/09/2010 - 14:53:38 - [6,877] ----D C:\Users\Famille\AppData\Local\Nero
O43 - CFD: 12/09/2010 - 14:31:06 - [0,002] ----D C:\Users\Famille\AppData\Local\Nero_AG
O43 - CFD: 01/09/2011 - 22:25:42 - [0] ----D C:\Users\Famille\AppData\Local\PackageAware
O43 - CFD: 02/01/2013 - 15:11:32 - [0,019] ----D C:\Users\Famille\AppData\Local\Pense-bete
O43 - CFD: 05/04/2010 - 06:14:37 - [0,161] ----D C:\Users\Famille\AppData\Local\Pinnacle
O43 - CFD: 06/08/2009 - 07:42:00 - [0] ----D C:\Users\Famille\AppData\Local\Scansoft
O43 - CFD: 17/02/2013 - 19:48:30 - [8,989] ----D C:\Users\Famille\AppData\Local\Temp
O43 - CFD: 30/07/2009 - 11:21:23 - [0] ----D C:\Users\Famille\AppData\Local\Temporary Internet Files
O43 - CFD: 10/01/2010 - 19:34:06 - [0,122] ----D C:\Users\Famille\AppData\Local\VirtualStore
O43 - CFD: 13/07/2012 - 23:32:26 - [0,148] ----D C:\Users\Famille\AppData\Local\Windows Live
O43 - CFD: 09/08/2009 - 09:29:04 - [0,340] ----D C:\Users\Famille\AppData\Local\Windows Live Writer
O43 - CFD: 31/07/2009 - 13:00:49 - [0,010] ----D C:\Users\Famille\AppData\Local\WindowsUpdate
O43 - CFD: 05/11/2011 - 09:48:16 - [0] ----D C:\Users\Famille\AppData\Local\{010A1DC1-C6E3-48EE-944F-89459751AD87}
O43 - CFD: 03/08/2011 - 04:40:12 - [0] ----D C:\Users\Famille\AppData\Local\{03E420CD-F9E3-460C-965E-EBA4540947EA}
O43 - CFD: 08/08/2011 - 08:56:30 - [0] ----D C:\Users\Famille\AppData\Local\{0C507DFD-BEF8-418B-B9E1-45BAF5B7914E}
O43 - CFD: 03/08/2011 - 08:59:42 - [0] ----D C:\Users\Famille\AppData\Local\{20DF2568-F971-484F-87D2-7FCBDFC8113B}
O43 - CFD: 07/08/2011 - 19:31:16 - [0] ----D C:\Users\Famille\AppData\Local\{25D882BA-4A0A-42F6-8025-D61F46A5BD04}
O43 - CFD: 30/07/2011 - 08:47:54 - [0] ----D C:\Users\Famille\AppData\Local\{31CEF206-C21C-44FF-8B1E-F41A891CFB54}
O43 - CFD: 03/08/2011 - 03:50:47 - [0] ----D C:\Users\Famille\AppData\Local\{321AC7A7-B548-4A21-AE53-2CC115F8C735}
O43 - CFD: 31/03/2012 - 17:00:32 - [0] ----D C:\Users\Famille\AppData\Local\{37E2C478-3104-434A-B914-F76B4E45C6C6}
O43 - CFD: 08/08/2011 - 08:55:53 - [0] ----D C:\Users\Famille\AppData\Local\{3C59F4F0-964D-4AF9-A56C-95E49B15ABCF}
O43 - CFD: 31/03/2012 - 17:00:55 - [0] ----D C:\Users\Famille\AppData\Local\{47316EA3-587F-48DB-919A-9F140098DC1B}
O43 - CFD: 28/03/2012 - 08:11:24 - [0] ----D C:\Users\Famille\AppData\Local\{4CBD5A68-4F47-4972-9317-35EB996BC27D}
O43 - CFD: 08/08/2011 - 08:54:08 - [0] ----D C:\Users\Famille\AppData\Local\{52689C81-3CF8-44E5-9AED-5BAE279E86B9}
O43 - CFD: 03/08/2011 - 23:54:05 - [0] ----D C:\Users\Famille\AppData\Local\{57BB0E1B-40D1-40C7-A826-5FF612ACFE7F}
O43 - CFD: 25/09/2011 - 22:58:20 - [0] ----D C:\Users\Famille\AppData\Local\{5883FCD8-3A6C-4707-8A99-7EA63D5AFF13}
O43 - CFD: 31/03/2012 - 14:28:46 - [0] ----D C:\Users\Famille\AppData\Local\{5D9D49E4-3D0E-4C96-8439-C89C0270C256}
O43 - CFD: 25/09/2011 - 22:58:31 - [0] ----D C:\Users\Famille\AppData\Local\{5E0C0E56-1708-48C3-9344-A5DC683B9C5A}
O43 - CFD: 08/08/2011 - 05:31:37 - [0] ----D C:\Users\Famille\AppData\Local\{65B4992C-63D1-4FB5-92F3-C0EA850BBAC9}
O43 - CFD: 02/01/2012 - 15:22:07 - [0] ----D C:\Users\Famille\AppData\Local\{6DDBC834-990E-4B7E-8FFB-B49DDA24FDEE}
O43 - CFD: 08/08/2011 - 09:06:44 - [0] ----D C:\Users\Famille\AppData\Local\{6E08F8F5-A26B-4077-AF1C-5F5127AC91D8}
O43 - CFD: 03/08/2011 - 07:43:08 - [0] ----D C:\Users\Famille\AppData\Local\{6E9347F2-4992-416A-90BF-5FA45615BB30}
O43 - CFD: 03/08/2011 - 07:41:05 - [0] ----D C:\Users\Famille\AppData\Local\{763FCDE7-76A9-47C8-9B46-AEC1C569B199}
O43 - CFD: 01/11/2011 - 11:38:50 - [0] ----D C:\Users\Famille\AppData\Local\{87E5F1C6-681E-4740-8689-0C8C854E27A8}
O43 - CFD: 07/08/2011 - 19:27:00 - [0] ----D C:\Users\Famille\AppData\Local\{8DD0DA1D-1BB4-4126-8FDB-ED153B292EF0}
O43 - CFD: 30/07/2011 - 08:52:29 - [0] ----D C:\Users\Famille\AppData\Local\{90D472A2-1169-4C72-BC72-51A96E8974F8}
O43 - CFD: 30/07/2011 - 10:10:47 - [0] ----D C:\Users\Famille\AppData\Local\{94039877-D2DE-42D3-BFE1-E29411504314}
O43 - CFD: 08/08/2011 - 07:58:28 - [0] ----D C:\Users\Famille\AppData\Local\{9840C69E-0301-4CAD-BC56-D31599F78F13}
O43 - CFD: 03/08/2011 - 04:42:43 - [0] ----D C:\Users\Famille\AppData\Local\{A191B62C-BFDB-4AF9-945F-2A1FC9AB4076}
O43 - CFD: 30/07/2011 - 10:09:57 - [0] ----D C:\Users\Famille\AppData\Local\{B39C7509-B819-4875-B3CB-1221FC6722E9}
O43 - CFD: 22/09/2012 - 17:46:35 - [0] ----D C:\Users\Famille\AppData\Local\{BB8B6C75-FF00-4CAC-B2FC-B5C935613CD1}
O43 - CFD: 30/07/2011 - 10:09:27 - [0] ----D C:\Users\Famille\AppData\Local\{BC0F1272-C486-4CE5-BD4A-8ED5944431C9}
O43 - CFD: 22/01/2013 - 15:53:33 - [0] ----D C:\Users\Famille\AppData\Local\{BDD7E48D-EC3F-4F6A-996D-076F5ED69491}
O43 - CFD: 08/08/2011 - 03:50:12 - [0] ----D C:\Users\Famille\AppData\Local\{C211376A-B60D-47D3-8DA9-172A40757AE8}
O43 - CFD: 26/09/2011 - 11:06:42 - [0] ----D C:\Users\Famille\AppData\Local\{C2E4A770-213D-45F9-8C68-BE733A4A34CD}
O43 - CFD: 26/09/2011 - 11:06:31 - [0] ----D C:\Users\Famille\AppData\Local\{C4BACE68-8757-4BDE-80E3-C1A16591E211}
O43 - CFD: 31/03/2012 - 16:59:51 - [0] ----D C:\Users\Famille\AppData\Local\{C8F0236D-5F58-444A-BFB2-38AA90069483}
O43 - CFD: 08/08/2011 - 09:06:33 - [0] ----D C:\Users\Famille\AppData\Local\{CE67963E-FEA7-4B2C-B5E2-9362F633B94E}
O43 - CFD: 08/08/2011 - 08:05:45 - [0] ----D C:\Users\Famille\AppData\Local\{D5198CFB-E707-4198-ABFA-77524A9C56AE}
O43 - CFD: 08/08/2011 - 03:44:00 - [0] ----D C:\Users\Famille\AppData\Local\{DDAB6B84-9510-464B-8401-AC5F53A86E88}
O43 - CFD: 03/08/2011 - 23:51:20 - [0] ----D C:\Users\Famille\AppData\Local\{E682EAE1-9239-45A6-9B0E-1C5740B48CE5}
O43 - CFD: 13/07/2012 - 23:32:25 - [0] ----D C:\Users\Famille\AppData\Local\{E69BB797-CB7C-4536-A007-23E38BA555F7}
O43 - CFD: 12/01/2012 - 11:07:00 - [0] ----D C:\Users\Famille\AppData\Local\{F9F314EE-AA4B-43BD-ACDA-F2161F9F94DF}
O43 - CFD: 08/08/2011 - 08:07:02 - [0] ----D C:\Users\Famille\AppData\Local\{FECFF51D-BEAD-446F-9F34-249536C395FD}
O43 - CFD: 02/11/2006 - 13:54:36 - [0,015] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 30/07/2009 - 11:27:07 - [0,000] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/07/2012 - 13:08:56 - [0,004] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AlerteGPS
O43 - CFD: 15/10/2009 - 18:51:06 - [0] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Full Pack Codecs
O43 - CFD: 29/07/2012 - 21:57:08 - [0,003] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ludi
O43 - CFD: 02/11/2006 - 13:50:41 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 03/11/2009 - 06:01:17 - [0,005] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pense-B�te
O43 - CFD: 17/02/2013 - 11:32:13 - [0,001] R---D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 16/06/2010 - 07:47:36 - [0,002] ----D C:\Users\Famille\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 25s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.3442DC85C73E15769F6A1B96F7CAF8DE] - 17/02/2013 - 16:23:13 ----- . (...) -- C:\WINDOWS\WindowsUpdate.log [1974813]
O44 - LFC:[MD5.BF7DC0927233CFB1781843BC4E67ACD0] - 17/02/2013 - 16:22:38 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [67584]
O44 - LFC:[MD5.A9C25C9A8F9DA7F25C14D84C4CE845A3] - 17/02/2013 - 13:51:52 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\WINDOWS\System32\sdnclean.exe [15224]
O44 - LFC:[MD5.E828134279A6BB5EF3032F9B88D335F9] - 14/02/2013 - 11:56:04 ---A- . (.Oracle Corporation - Pas de description.) -- C:\WINDOWS\System32\WindowsAccessBridge.dll [94112]
O44 - LFC:[MD5.ABC4230E67C8E68E070A22C1E4A8F673] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\javaw.exe [174496]
O44 - LFC:[MD5.FBE59F564DFEEBBFCDBBDFAB54C64501] - 14/02/2013 - 11:56:02 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\WINDOWS\System32\javaws.exe [262560]
O44 - LFC:[MD5.4951D2D49B400A1A722BC48FADEBD6F4] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\java.exe [174496]
O44 - LFC:[MD5.2616B4D6D04F18C579B7861F02B0B592] - 14/02/2013 - 11:56:01 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\WINDOWS\System32\npDeployJava1.dll [861088]
O44 - LFC:[MD5.BB8996FE972847B5879FDE24F24F034E] - 14/02/2013 - 11:56:00 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\WINDOWS\System32\deployJava1.dll [782240]
O44 - LFC:[MD5.56E85735BFAC560F4AFF5B64CFD52959] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1495948]
O44 - LFC:[MD5.306C968D21746B870D2D8A03162EE516] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [103872]
O44 - LFC:[MD5.CAAF1E9D535F76D79019DFE724DFFE16] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [126420]
O44 - LFC:[MD5.7B8F9BB4C218449CFB9417D508C40D23] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [595798]
O44 - LFC:[MD5.991A328663ACAC478C71AAB512D2D201] - 10/02/2013 - 20:17:32 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [678804]
O44 - LFC:[MD5.EC82D3908EE04E004D36A20958CF540D] - 07/02/2013 - 18:45:24 ---A- . (...) -- C:\WINDOWS\Bbt97.INI [56]
O44 - LFC:[MD5.D85A08214CDBDEBDCC2D3EB8C4FA32B5] - 07/02/2013 - 16:54:51 ---A- . (...) -- C:\WINDOWS\BELOTEXP.INI [34]
~ Scan Files in 00mn 54s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
O47 - AAKE:Key Export SP - "C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
~ Scan Keys in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'�diteur de configuration de s�curit� Windows.) -- C:\WINDOWS\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de s�curit� Kerberos.) -- C:\WINDOWS\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\WINDOWS\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\WINDOWS\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\WINDOWS\System32\tspkg.dll
~ Scan Keys in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\WINDOWS\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris s�rie.) -- C:\WINDOWS\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\WINDOWS\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\WINDOWS\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak�.) -- C:\WINDOWS\System32\iccvid.dll
O52 - TDSD: \Drivers32\"VIDC.FFDS"="ff_vfw.dll" . (...) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\WINDOWS\System32\xvidvfw.dll
O52 - TDSD: \Drivers32\"vidc.mjpg"="pvmjpg30.dll" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (...) -- C:\WINDOWS\System32\ff_vfw.dll
O52 - TDSD: \drivers.desc\"pvmjpg30.dll"="PICVideo 3 M-JPEG VfW Codec" . (.Pegasus Imaging Corporation - PICVideo M-JPEG 3 codec.) -- C:\WINDOWS\System32\pvmjpg30.dll
~ Scan Keys in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\binternet [Key] . (...) -- C:\Users\Famille\binternet.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenu [Key] . (.CANON INC. - CNSLMAIN.) -- C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe
O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe
O53 - SMSR:HKLM\...\startupreg\hpsysdrv [Key] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe
O53 - SMSR:HKLM\...\startupreg\IAAnotif [Key] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O53 - SMSR:HKLM\...\startupreg\KBD [Key] . (.Hewlett-Packard Company - KBD EXE.) -- C:\HP\KBD\KBD.exe
O53 - SMSR:HKLM\...\startupreg\LightScribe Control Panel [Key] . (...) -- C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NBAgent [Key] . (...) -- C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\NvSvc [Key] . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) -- C:\Windows\system32\nvsvc.dll
O53 - SMSR:HKLM\...\startupreg\OpwareSE4 [Key] . (.Nuance Communications, Inc. - OCR Aware.) -- C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
O53 - SMSR:HKLM\...\startupreg\SDTray [Key] . (.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
O53 - SMSR:HKLM\...\startupreg\Sidebar [Key] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Nuance Communications, Inc. - SSBkgdUpdate.) -- C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe
~ Scan SMSR Keys in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\WINDOWS\System32\credssp.dll
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "DisableTaskMgr"=0
O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0
~ Scan Keys in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoCDBurning"=0
~ Scan Keys in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\WINDOWS\System32\Drivers\adp94xx.sys [420968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\WINDOWS\System32\ANSI.SYS [9029]
~ Scan Drivers in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 21/07/2011 - C:\WINDOWS\System32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2
O64 - Services: CurCS - 02/06/2008 - C:\WINDOWS\System32\drivers\iastor.sys (iaStor) .(.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) - LEGACY_IASTOR
O64 - Services: CurCS - 02/11/2006 - C:\WINDOWS\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 17/06/2010 - C:\WINDOWS\System32\DRIVERS\ssmdrv.sys (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Scan Services in 00mn 00s
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.bat>
O67 - Shell Spawning: <.cpl>
O67 - Shell Spawning: <.cmd>
O67 - Shell Spawning: <.com>
O67 - Shell Spawning: <.evt>
O67 - Shell Spawning: <.exe>
O67 - Shell Spawning: <.html>
O67 - Shell Spawning: <.js>
O67 - Shell Spawning: <.reg>
~ Scan Keys in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Scan Keys in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "SweetIM Search");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://home.sweetim.com/?crg=3.1010000.10015");
O69 - SBI: prefs.js [Famille - r0mby9rt.default] user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com/?crg=3.1010000.10015");
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {BF4AC517-DA6E-4D46-A55D-412A2B1F6E6B} - (Google) - http://www.google.fr
~ Scan Keys in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Exp�rience d�application.) -- C:\WINDOWS\System32\aelupsvc.dll [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux probl�mes.) -- C:\WINDOWS\System32\wercplsupport.dll [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes � puce Microsoft.) -- C:\WINDOWS\System32\certprop.dll [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\WINDOWS\System32\srvsvc.dll [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de strat�gie de groupe.) -- C:\WINDOWS\System32\gpsvc.dll [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\WINDOWS\System32\ikeext.dll [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\WINDOWS\System32\Audiosrv.dll [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de num�rotation automatique d�acc�s distant.) -- C:\WINDOWS\System32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'acc�s distant.) -- C:\WINDOWS\System32\rasmans.dll [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d�interface dynamique.) -- C:\WINDOWS\System32\mprdim.dll [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d��v�nements syst�me (SENS).) -- C:\WINDOWS\System32\sens.dll [47104]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l'application d'assistance � Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [288256]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de t�l�phonie Microsoft� Windows(TM).) -- C:\WINDOWS\System32\tapisrv.dll [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\WINDOWS\System32\termsrv.dll [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise � jour automatique Windows Update.) -- C:\WINDOWS\System32\wuaueng.dll [1933848]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arri�re-plan.) -- C:\WINDOWS\System32\qmgr.dll [758784]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\WINDOWS\System32\shsvcs.dll [247808]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivit� IPv6 sur un r�seau IPv4..) -- C:\WINDOWS\System32\iphlpsvc.dll [199168]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\WINDOWS\system32\seclogon.dll [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d�application.) -- C:\WINDOWS\System32\appinfo.dll [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de d�couverte iSCSI.) -- C:\WINDOWS\System32\iscsiexe.dll [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multim�dias.) -- C:\WINDOWS\System32\mmcss.dll [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\WINDOWS\System32\profsvc.dll [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\WINDOWS\System32\eapsvc.dll [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\System32\wbem\WMIsvc.dll [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de t�ches.) -- C:\WINDOWS\System32\schedsvc.dll [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\WINDOWS\System32\sessenv.dll [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d�ordinateurs.) -- C:\WINDOWS\System32\browser.dll [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des cl�s.) -- C:\WINDOWS\System32\kmsvc.dll [68096]
~ Scan Services in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.5BBD552B3FD39B77F696A00C6D921422] [SPRF][10/01/2012] (...) -- C:\Users\Famille\AppData\Local\d3d9caps.dat [1356]
[MD5.6FC26F584D91A85046AEA121625057E5] [SPRF][25/10/2010] (...) -- C:\Users\Famille\AppData\Roaming\sprkwi.dat [32]
[MD5.0C561D5244170036E15C8DFAC995B796] [SPRF][24/03/2010] (...) -- C:\Users\Famille\AppData\Roaming\wklnhst.dat [116]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [196608]
[MD5.3F4413DCD8D3BBABF08F68F25E6D60E1] [SPRF][16/02/2005] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [401408]
~ Scan Files in 00mn 00s
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{99AC75B0-01CB-4D7E-806C-182F20C6781F}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{B71F7E93-7A2C-4544-885A-6C9152FF5298}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.exe
O87 - FAEL: "{0E94A681-33C4-46EF-923F-AE08B9812348}" | In - Public - P6 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{989F3F80-CB8F-476E-89A3-5B665F63CED4}" | In - Public - P17 - TRUE | .(...) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O87 - FAEL: "{11985DD7-E12F-4E87-8F91-841E03D717D9}" | In - Public - P6 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{47133D57-4ED0-4B8D-BC12-0A033EB53D6E}" | In - Public - P17 - TRUE | .(.Intel(R) Corporation - Intel� Remoting Service.) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O87 - FAEL: "{4A3C0D44-8FBE-4E98-A4FC-35134B383000}" |In - Public - P6 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "{4AD6A076-1D64-4B6F-98DE-C70847F192BE}" |In - Public - P17 - TRUE | .(...) -- C:\Users\Famille\AppData\Local\Temp\7zS57DF.tmp\SymNRT.exe (.not file.)
O87 - FAEL: "TCP Query User{BBB068EF-2C9A-4D6A-8B42-A6684C48DFD4}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "UDP Query User{30CD1ED5-6E1A-48EE-8ABA-3CD5DBAE0205}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Public - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "TCP Query User{FA7F0184-2572-4697-8E18-3F20D795930F}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P6 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "UDP Query User{18E93412-5D6A-40CF-9D4F-45BD27E089AC}C:\program files\instanttouch\bin\cmcenterv2.exe" | In - Private - P17 - TRUE | .(.Winwise - CmCenter Module.) -- C:\program files\instanttouch\bin\cmcenterv2.exe
O87 - FAEL: "TCP Query User{A30C349B-52C2-41D5-975E-4B43164BC160}C:\program files\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe
O87 - FAEL: "UDP Query User{66C6A395-5E17-4AF0-8495-0D12ACBDE95B}C:\program files\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files\videolan\vlc\vlc.exe
O87 - FAEL: "{3DFB9FC5-5AFF-4AB9-855F-F3BF2F2F218B}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{35C8EC6F-A375-4323-934F-6275F6279795}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files\Pinnacle\Studio 12\Programs\RM.exe
O87 - FAEL: "{DB637064-90A3-4926-A36A-81E17558C548}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{16204657-EE62-4DC1-B068-ABE2CA343B81}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files\Pinnacle\Studio 12\Programs\Studio.exe
O87 - FAEL: "{C9D6B1ED-18BC-4754-8440-ACE991667147}" | In - Private - P6 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{A011EFC4-E17E-4D84-B36D-88F769460FA0}" | In - Private - P17 - FALSE | .(.Pinnacle Systems - umi.) -- C:\Program Files\Pinnacle\Studio 12\Programs\umi.exe
O87 - FAEL: "{54E017D6-819B-4DEE-9545-4F201CFE969D}" | In - None - P6 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O87 - FAEL: "{0FF2F983-7CD6-4DBA-985E-2E65E749CB2A}" | In - Domain - P6 - TRUE | .(.Skype Technologies - Skype Extras Manager.) -- C:\Program Files\Skype\Plugin Manager\skypePM.exe
O87 - FAEL: "TCP Query User{1BB2D705-4E53-4067-A981-8B4C9E356E17}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "UDP Query User{EF610CC1-45A1-4AB1-B4FA-96F3969290BC}C:\program files\google\google earth\client\googleearth.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\client\googleearth.exe
O87 - FAEL: "TCP Query User{B62842D3-A853-4A39-B0C4-D647074A4FF0}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P6 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "UDP Query User{75BB331F-D399-4B04-A38F-8345DD052C64}C:\program files\google\google earth\plugin\geplugin.exe" | In - Private - P17 - TRUE | .(.Google - Google Earth.) -- C:\program files\google\google earth\plugin\geplugin.exe
O87 - FAEL: "{A37EB95C-B442-4725-AB4D-B942A544B178}" | In - Public - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{F6FBAEE7-5FF4-4D62-A751-BBED19A74E83}" | In - Public - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O87 - FAEL: "{585F6C9B-79BB-4080-B374-8BDFCCF2C135}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{6893B45D-5D64-4C1F-86F2-FC67EB49B2C2}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{B26E2F02-5391-4DAE-B71F-FF121D643D97}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
O87 - FAEL: "{AB13006E-627E-46E5-86E4-7AB60C4C3C6D}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{A95C317D-2D89-4487-AED1-A591E9F83184}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "TCP Query User{3DEE73F1-F7B0-4911-B75A-C47D56D6E1FE}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.)
O87 - FAEL: "UDP Query User{CFD27752-F192-47E1-8D9E-8A1EF31A6019}C:\users\famille\appdata\local\temp\alertegps.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\famille\appdata\local\temp\alertegps.exe (.not file.)
O87 - FAEL: "TCP Query User{CD5A9662-F7EC-4072-9992-33E41030AA4C}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P6 - TRUE | .(.Pas de propri�taire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe
O87 - FAEL: "UDP Query User{14CA58C1-8F61-4916-8F9B-6EBBBA1C343B}C:\program files\alertegps\g320\updatetool.exe" | In - Private - P17 - TRUE | .(.Pas de propri�taire - UpdateTool.) -- C:\program files\alertegps\g320\updatetool.exe
O87 - FAEL: "{B28665AD-CDBD-4EF3-A98C-1C66AF6CECEA}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{E2D8B2ED-93ED-413B-8CAB-6617D0C74581}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe (.not file.)
O87 - FAEL: "{6ED121D2-8577-4AFE-863D-B52444F2B50F}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
O87 - FAEL: "{4043FBD4-03A0-41FA-978A-1B8843AE7490}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de d�tection mat�riel.) -- C:\Program Files\ma-config.com\maconfservice.exe
~ Scan Firewall in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : v2.10777 - (17/02/2013)
Cl�s trouv�es (Keys found) : 22
Valeurs trouv�es (Values found) : 2
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 1
[HKLM\Software\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}] =>Toolbar.Ask
[HKLM\Software\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}] =>Adware.AskSBAR
[HKLM\Software\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}] =>Toolbar.Ask
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\GenericAskToolbar.DLL] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd] =>Adware.AskSBAR
[HKLM\Software\Classes\GenericAskToolbar.ToolbarWnd.1] =>Adware.AskSBAR
[HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\binternet] =>Spyware.BHO
[HKCU\Software\lollipop] =>Adware.Lollipop
[HKLM\Software\Classes\Installer\Features\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKLM\Software\Classes\Installer\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\521D59DC299285843BFEF5F65BF2AB6D] =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow]:*.chat-land.org =>Hijacker.ChercheUS
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Adware.AskSBAR
C:\Users\Famille\AppData\Local\lollipop =>Adware.Lollipop
C:\Users\Famille\AppData\Roaming\Mozilla\Firefox\Profiles\r0mby9rt.default\SearchPlugins\cherche.xml =>Hijacker.ChercheUS
~ Scan Additionnel in 00mn 22s
---\\ Recherche d�tournement de DNS routeur (O89) (None)
---\\ Product Upgrade Codes (O90)
O90 - PUC: "00002159FA00C0400000000000F01FEC" . (.Microsoft Office PowerPoint Viewer 2007 (French).) -- C:\Windows\Installer\{95120000-00AF-040C-0000-0000000FF1CE}\ppvwicon.exe,0
O90 - PUC: "076CFAAAB965F2A4284B2449E5D03EFE" . (.Windows Live Writer.) -- C:\Windows\Installer\{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}\ApplicationIcon.ico
O90 - PUC: "11F12B5E3396B0E42AC597363E0CD711" . (.Windows Live Messenger.) -- C:\Windows\Installer\{E5B21F11-6933-4E0B-A25C-7963E3C07D11}\MsblIco.Exe
O90 - PUC: "1271C3A5DE8F0E11A8BF8BCAF6798BE8" . (.Google�Earth.) -- C:\Windows\Installer\{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}\ARPPRODUCTICON.exe
O90 - PUC: "1D034B0FAA6BD374B960AAD30DF10D8B" . (.Microsoft SQL Server 2005 Compact Edition [ENU].) -- C:\Windows\Installer\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}\ProductIcon
O90 - PUC: "2E666343950ACA84DA7632B07FE4D22B" . (.Apple Application Support.) -- C:\Windows\Installer\{343666E2-A059-48AC-AD67-230BF74E2DB2}\WinInstall.ico
O90 - PUC: "393793D005B925c4485D773E4482F978" . (.Roxio Creator Data.) -- c:\Windows\Installer\{0D397393-9B50-4c52-84D5-77E344289F87}\RoxioCentral.exe
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "521D59DC299285843BFEF5F65BF2AB6D" . (.Skype Toolbars.) -- C:\Windows\Installer\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}\IconUninstallIco
O90 - PUC: "61F61FCBE0CAEBA49AFE14C24F48AB15" . (.Windows Live Family Safety.) -- C:\Windows\Installer\{BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}\fssicon.ico
O90 - PUC: "6531AF5077EED0943A67D5AB5DE3F02A" . (.Ma-Config.com.) -- C:\Windows\Installer\{05FA1356-EE77-490D-A376-5DBAD53E0FA2}\maconfico
O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.5) - Fran�ais.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O90 - PUC: "693D336E8815D9E4F8B6FB8BFB43768E" . (.Skype� 5.1.) -- C:\Windows\Installer\{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}\SkypeIcon.exe
O90 - PUC: "72788EEDB9779A74CAFE8FC75A9FA256" . (.ScanSoft OmniPage SE 4.) -- C:\Windows\Installer\{DEE88727-779B-47A9-ACEF-F87CA5F92A65}\ARPPRODUCTICON.exe
O90 - PUC: "7CFCFF386C886c14782559A85423C528" . (.Roxio Creator Audio.) -- c:\Windows\Installer\{83FFCFC7-88C6-41c6-8752-958A45325C82}\RoxioCentral.exe
O90 - PUC: "8CDC4930DBAF8de41B4030938367FDFD" . (.Roxio Creator Tools.) -- c:\Windows\Installer\{0394CDC8-FABD-4ed8-B104-03393876DFDF}\RoxioCentral.exe
O90 - PUC: "987A09F2E1DDEC14FBACDB8712B3BA7C" . (.OpenOffice.org 3.4.) -- C:\Windows\Installer\{2F90A789-DD1E-41CE-BFCA-BD78213BABC7}\soffice.ico
O90 - PUC: "9B8BD42DC6BB43346991ABC156E0313D" . (.Microsoft Primary Interoperability Assemblies 2005.) -- C:\Windows\Installer\{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}\[SystemFolder]msiexec.exe
O90 - PUC: "9F2FDFE0D6387BE43AD230B83D1FBFA2" . (.Security Update for CAPICOM (KB931906).) -- C:\Windows\Installer\{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}\folder.ico
O90 - PUC: "A0BC5702F62DAAD44B42059792B634AB" . (.Windows Live FolderShare.) -- C:\Windows\Installer\{2075CB0A-D26F-4DAA-B424-5079296B43BA}\FolderShare48x48.ico
O90 - PUC: "A8DDC9166B411a34BAC6F0E44EC80E84" . (.Roxio Creator Copy.) -- c:\Windows\Installer\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}\RoxioCentral.exe
O90 - PUC: "B0860B8CEADC9084F91983B7D60EF0C7" . (.Roxio Creator Basic v9.) -- c:\Windows\Installer\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}\RoxioCentral.exe
O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico
O90 - PUC: "B4B39F110F84E4A4EA77FD9AA69966B4" . (.Roxio Creator EasyArchive.) -- c:\Windows\Installer\{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}\RoxioCentral.exe
O90 - PUC: "B846977CE014ABB47BB58551CBFE7ED1" . (.Safari.) -- C:\Windows\Installer\{C779648B-410E-4BBA-B75B-5815BCEFE71D}\Installer.ico
O90 - PUC: "C5BA7CF5CF16FD249A321593CB1FD024" . (.Microsoft LifeCam.) -- C:\Windows\Installer\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}\LifeCamIcon.ico
O90 - PUC: "CE6FB7E67E3C7A34A830D002E4E30CB1" . (.Logiciel Intel� Viiv�.) -- C:\Windows\Installer\{6E7BF6EC-C3E7-43A7-8A03-0D204E3EC01B}\ARPPRODUCTICON.exe
O90 - PUC: "D7314F9862C648A4DB8BE2A5B47BE100" . (.Microsoft Silverlight.) -- c:\Windows\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
O90 - PUC: "D83BC1B64E2E03a439D3FEEDAB67DAC9" . (.Microsoft Works.) -- c:\Windows\Installer\{6B1CB38D-E2E4-4a30-933D-EFDEBA76AD9C}\Win2Kico.exe
O90 - PUC: "E6E0681DE025083448335EE8F8884B37" . (.Pinnacle Studio 12 Ultimate Plugins.) -- C:\Windows\Installer\{D1860E6E-520E-4380-8433-E58E8F88B473}\ARPPRODUCTICON.exe
O90 - PUC: "E9BE140DA0988904F84915AD91A47CA2" . (.Pinnacle Studio 12.) -- C:\Windows\Installer\{D041EB9E-890A-4098-8F94-51DA194AC72A}\Studio.exe
O90 - PUC: "EC08DF9F8440F4D4B8DC77CF15C4F399" . (.Vista Codec Package.) -- C:\Windows\Installer\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}\ARPPRODUCTICON.exe
O90 - PUC: "F6071111A6667304777712308267D401" . (.JavaFX 2.1.0.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-210328764D10}\javaIcon.ico
~ Scan Files in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 11/09/2006 188416 | (AlertService) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
SR - | Auto 21/04/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 21/07/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 208896 | (DQLWinService) . (...) - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
SS - | Auto 13/03/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 13/03/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 02/06/2008 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
SS - | Auto 10/05/2006 29696 | (IntelDHSvcConf) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe
SS - | Demand 11/09/2006 75264 | (ISSM) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
SS - | Demand 26624 | (M1 Server) . (...) - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
SS - | Demand 05/02/2013 312704 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 11/09/2006 167936 | (MCLServiceATL) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
SS - | Demand 06/02/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe
SR - | Auto 07/04/2011 612456 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\System32\nvvsvc.exe
SR - | Auto 08/04/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
SS - | Demand 11/09/2006 544256 | (Remote UI Service) . (.Intel(R) Corporation.) - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
SR - | Auto 22/09/2010 249136 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
SS - | Demand 01/11/2006 78752 | (stllssvr) . (.MicroVision Development, Inc..) - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
SR - | Auto 18/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
SR - | Auto 18/01/2008 21504 | C:\WINDOWS\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\WINDOWS\System32\svchost.exe
~ Scan Services in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by Famille at 17/02/2013 19:52:34
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS intelide.sys PCIIDEX.SYS atapi.sys
1 ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Harddisk0\DR0[0x85E3CAC8]
3 CLASSPNP[0x833AA8B3] -> ntkrnlpa!IofCallDriver[0x82458912] -> [0x8560FC10]
5 acpi[0x805C26BC] -> ntkrnlpa!IofCallDriver[0x82458912] -> \Device\Ide\IdeDeviceP1T0L0-2[0x8560A390]
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Famille at 17/02/2013 19:52:37
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s
End of the scan (1441 lines in 04mn 36s)(0)