cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.4.2.8 par Nicolas Coolman, Update du 03/04/2013
Run by pat at 03/04/2013 23:26:36
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.19401
MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut)
GCIE: Google Chrome v25.0.1364.172
OBIE: Safari v5.34.57.2

---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_SLP channel
Windows ID Activation : OK
~ Windows Partial Key : 49XWD
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 16 Model 6 Stepping 2, AuthenticAMD
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 2046 MB (29% free)
System Restore: Activ� (Enable)
System drive C: has 5 GB (12%) free of 39 GB

---\\ Logged in mode
~ Computer Name: PC-DE-PAT
~ User Name: pat
~ All Users Names: UpdatusUser, pat, Administrateur,
~ Unselected Option: None
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\pat\AppData\Roaming\
~ %Desktop% : C:\Users\pat\Desktop\
~ %Favorites% : C:\Users\pat\Favorites\
~ %LocalAppData% : C:\Users\pat\AppData\Local\
~ %StartMenu% : C:\Users\pat\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
A:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 39 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 10 Go of 110 Go)
E:\ CD-ROM drive (Not Inserted)
F:\ CD-ROM drive (Not Inserted)
G:\ CD-ROM drive (Free 0 Go of 1 Go)
H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.8E2EBCD935EA8D60E4CBCE07F20824E4] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 10:18:13.) -- C:\Windows\System32\wininet.dll [916480]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.8A79FDF04A73428597E2CAF9D0D67850] - (.Microsoft Corporation - Pilote de port parall�le.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/199
~ Mes musiques (My Musics) : 1/34
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/133
~ Mes Documents (My Documents) : 1/1398
~ Mon Bureau (My Desktop) : 3/89
~ Menu demarrer (Programs) : 0/24
~ Hidden Files: Scanned in 00mn 02s



---\\ Processus lanc�s
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.2560]
[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.436]
[MD5.4744F20097036C3AD6640C6FFC076D89] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6703648] [PID.3196]
[MD5.5300552AC15F1A877C4B6BB6512AD1FD] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe [1387288] [PID.3484]
[MD5.5DBC85C723E421198FD35C3355EBA996] - (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [310280] [PID.3736]
[MD5.083649EF692A066880C9326020915AFE] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [4297136] [PID.3032]
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- D:\Program Files\iTunes\iTunesHelper.exe [152544] [PID.3040]
[MD5.90072C7635CCB909B1A997C1359FFF77] - (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe [2011205] [PID.3928]
[MD5.D610CDEDF1F702EB0A86B0FBD9BB49E5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1820520] [PID.3876]
[MD5.C7391769FCD6E04196EE8CA831E2C7E8] - (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59872] [PID.3984]
[MD5.19384B2D2976C16971DA567653D5DF95] - (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59872] [PID.3844]
[MD5.5ED88C99410A8262112F7550402151DF] - (.Apple Inc. - BookmarkDAV_client.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe [59872] [PID.3760]
[MD5.775DC2AE72F972935703ADA4FFDF3749] - (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe [888480] [PID.3752]
[MD5.8E7AF6DD4E43C14D957C0AD7CA0A7B89] - (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe [1476104] [PID.2252]
[MD5.334206173B1DF9D68817E5F07789E955] - (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560] [PID.2284]
[MD5.E20433DAC42F0351F237F87D8ADC4E8A] - (.Samsung - KiesPDLR.) -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844296] [PID.4032]
[MD5.EAA666E9DD8DCDA6E075087091CB85EE] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [275072] [PID.3612]
[MD5.61F5A23510D46FE7C02931604AFC8407] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe [149784] [PID.2476]
[MD5.4DB8C3E9A5D6EB99F21B199C28EDE8D1] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [173696] [PID.4988]
[MD5.C26B09276755E0698B31CF0BAE0BF182] - (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280] [PID.5148]
[MD5.469533CC7F16566BE9D3436860E12013] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [563840] [PID.6068]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.5628]
[MD5.66BB5B07696219FA334452D6F51FD648] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [366720] [PID.5472]
[MD5.95FB55B85D0AFC0962443808383C5588] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6396416] [PID.4176]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4356]
[MD5.8B75BA256BCADA2B73FFA5BD77AA9E6C] - (.Emsisoft GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files\Emsisoft Anti-Malware\a2service.exe [3069752] [PID.976]
[MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32\nvvsvc.exe [645992] [PID.1100]
[MD5.F0359F7CE712D69ACEF0886BDB4792ED] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [382824] [PID.1116]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1504]
[MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [864616] [PID.1700]
[MD5.8FA553E9AE69808D99C164733A0F9590] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44808] [PID.1960]
[MD5.BC0E07A768A0A14C48E3CE1875F2C377] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe [133912] [PID.1996]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1836]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.820]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.2052]
[MD5.794D4B48DFB6E999537C7C3947863463] - (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) -- C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368] [PID.2740]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.4016]
[MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.4084]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe [553440] [PID.212]
[MD5.C559672F31ABE6BA7277DD73C4502238] - (.Microsoft Corporation - Installateur Windows�.) -- C:\Windows\system32\msiexec.exe [73216] [PID.5944]
[MD5.0629259E3AF6BB0534FCECA208973404] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [1258856] [PID.5996]
~ Processes Running: Scanned in 00mn 02s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\pat\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\pat\AppData\Roaming\Mozilla\Firefox\Profiles\qtpashw3.default\prefs.js
M3 - MFPP: Plugins - [pat] -- C:\Users\pat\AppData\Roaming\Mozilla\Firefox\Profiles\qtpashw3.default\searchplugins\orange.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [pat] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [pat - qtpashw3.default] http://www.google.fr
M2 - MFEP: prefs.js [pat - qtpashw3.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)
M2 - MFEP: prefs.js [pat - qtpashw3.default\{4D9AE42B-F4C0-40e6-AEDB-4EC6E42B77AF}] [] Plugin Orange Installeur v1.2.4.5 (.Orange.)
M2 - MFEP: prefs.js [pat - qtpashw3.default\{87934c42-161d-45bc-8cef-ef18abe2a30c}] [] Ad-Aware Security Toolbar v0.9 (.Visicom Media Inc..)
M2 - MFEP: prefs.js [pat - qtpashw3.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130402 (.WOT Services Oy.)
M2 - MFEP: prefs.js [pat - qtpashw3.default\{ab91efd4-6975-4081-8552-1b3922ed79e2}] [] HP Detect v1.0.5.1 (.Hewlett-Packard.)
M2 - MFEP: prefs.js [pat - qtpashw3.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.14 (.Michel Gutierrez.)
P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll
P2 - FPN:Firefox Plugin Navigator . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll
P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Oracle Corporation - Next Generation Java Plug-in 10.0.0 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3555.0308] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@veetle.com/veetleCorePlugin,version=0.9.18] - (.Veetle Inc - Version 0.9.18, Copyright 2006-2009 Veetle Inc
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
P2 - FPN: [HKCU] [@Skype Limited.com/Facebook Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\pat\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
~ Firefox Browser: Scanned in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
~ IE Browser: Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 03s
~ Nombre de lignes (Lines number): 15217



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
~ BHO: 12 Legitimates Scanned in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: Google Toolbar - [HKLM]{2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
~ Toolbar: Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [EvtMgr6] . (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPointP\SetPoint.exe
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [KiesTrayAgent] . (.Samsung Electronics Co., Ltd. - Kies TrayAgent Application.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\avastUI.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- D:\Program Files\iTunes\iTunesHelper.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKCU\..\Run: [Software Informer] . (.Informer Technologies, Inc. - Software Informer.) -- C:\Program Files\Software Informer\softinfo.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [iCloudServices] . (.Apple Inc. - iCloud.) -- C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] . (.Apple Inc. - ApplePhotoStreams.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [com.apple.dav.bookmarks.daemon] . (.Apple Inc. - BookmarkDAV_client.exe.) -- C:\Program Files\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
O4 - HKCU\..\Run: [MailNotifier] . (.Orange - MailNotifier.) -- C:\Program Files\Orange\MailNotifier\MailNotifier.exe
O4 - HKCU\..\Run: [KiesPreload] . (.Samsung - Kies.) -- C:\Program Files\Samsung\Kies\Kies.exe
O4 - HKCU\..\Run: [KiesAirMessage] . (.Samsung Electronics - Pas de description.) -- C:\Program Files\Samsung\Kies\KiesAirMessage.exe
O4 - HKCU\..\Run: [WMPNSCFG] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] . (.Microsoft Corporation - Outil de Registre de la console.) -- C:\Windows\System32\reg.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [adaware_XP] . (.Microsoft Corporation - Outil de Registre de la console.) -- C:\Windows\System32\reg.exe
O4 - HKUS\S-1-5-21-3341325825-3350216248-476127905-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-3341325825-3350216248-476127905-1001\..\Run: [WindowsWelcomeCenter] oobefldr.dll
~ Application: Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: AD-R.lnk . (...) -- C:\Program Files\Ad-Remover\main.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Apple Safari.lnk . (...) -- C:\Windows\Installer\{FA4C2D53-205F-4245-9717-F3761154824D}\SafariIco.exe
O4 - GS\QuickLaunch: Centre de solutions HP.lnk . (.Hewlett-Packard Company - hpqdirec.exe.) -- C:\Program Files\HP\Digital Imaging\bin\Hpqdirec.exe
O4 - GS\QuickLaunch: Easy Audio Cutter.lnk . (.Koyote Soft - Pas de description.) -- C:\Program Files\Free mp3 Wma Converter\Easy Audio Cutter\AudioCutter.exe
O4 - GS\QuickLaunch: Emsisoft Anti-Malware.lnk . (.Emsisoft GmbH - Security Center.) -- C:\Program Files\Emsisoft Anti-Malware\a2start.exe
O4 - Global Startup: C:\Users\pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ev�nements.URL . (.Emsisoft GmbH - Security Center.) -- C:\Users\pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ev�nements.URL
O4 - GS\QuickLaunch: FinalMediaPlayer.lnk . (.Bitberry Software - Final Media Player.) -- C:\Program Files\FinalMediaPlayer\FinalMediaPlayer.exe
O4 - GS\QuickLaunch: Free CD Ripper.lnk . (.Koyote Soft - FreeCDRipper.) -- C:\Program Files\Free mp3 Wma Converter\Free CD Ripper\FreeCDRipper.exe
O4 - GS\QuickLaunch: Free M4a to MP3 Converter.lnk . (.ManiacTools - Pas de description.) -- C:\Program Files\Free M4a to MP3 Converter\m4a_converter.exe
O4 - GS\QuickLaunch: Free Mp3 Wma Converter.lnk . (.Koyote Soft - Free Audio Converter.) -- C:\Program Files\Free mp3 Wma Converter\FreeConverter\FreeConverter.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: log - Raccourci (2).lnk . (...) -- D:\nicola\FreeAudioCDToMP3Converter\log.txt
O4 - GS\QuickLaunch: log - Raccourci.lnk . (...) -- D:\nicola\FreeAudioCDToMP3Converter\log.txt
O4 - Global Startup: C:\Users\pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\LoisirsVIP.com.URL . (...) -- C:\Users\pat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\LoisirsVIP.com.URL
O4 - GS\QuickLaunch: Microsoft Office Excel 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
O4 - GS\QuickLaunch: Microsoft Office Outlook.lnk . (.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe
O4 - GS\QuickLaunch: Microsoft Office PowerPoint 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
O4 - GS\QuickLaunch: Microsoft Office Word 2007.lnk . (...) -- C:\Windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
O4 - GS\QuickLaunch: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\QuickLaunch: Samsung Kies.lnk . (...) -- C:\Program Files\Samsung\Kies\KiesAgent.exe
O4 - GS\QuickLaunch: thierry devis0001 - Raccourci.lnk . (...) -- D:\bureau\2012-07 (juil.)\thierry devis0001.pdf
O4 - GS\QuickLaunch: Winamp.lnk . (.Nullsoft - Winamp.) -- C:\Program Files\Winamp\winamp.exe
O4 - GS\QuickLaunch: Windows Media Player (2).lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: �Torrent.lnk . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: bureau - Raccourci.lnk . (...) -- D:\bureau
O4 - Global Startup: C:\Users\pat\Desktop\Contr�le parental.url . (...) -- C:\Users\pat\Desktop\Contr�le parental.url
O4 - GS\Desktop: Farming Simulator 2011 .lnk . (.GIANTS Software GmbH - GIANTS Launcher.) -- C:\Program Files\Farming Simulator 2011\FarmingSimulator2011.exe
O4 - GS\Desktop: Notepad.lnk . (.Microsoft Corporation - Bloc-notes.) -- C:\Windows\System32\notepad.exe
O4 - GS\Desktop: Samsung Kies (Lite).lnk . (...) -- C:\Program Files\Samsung\Kies\KiesAgent.exe
O4 - GS\Desktop: torrent - Raccourci.lnk . (...) -- D:\torrent
~ Global Startup: Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 7 Legitimates Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{A01A390D-22B0-41E6-AC36-542DD63AA0B9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A01A390D-22B0-41E6-AC36-542DD63AA0B9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A01A390D-22B0-41E6-AC36-542DD63AA0B9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{A01A390D-22B0-41E6-AC36-542DD63AA0B9}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
~ Domain: Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
~ Services: 15 Legitimates Scanned in 00mn 15s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\Wallpaper\img24.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\Wallpaper\img24.jpg
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (lsdelete) - File not found
~ BEX: 2 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
[MD5.98070A7FCE5B4AFB24A142C6F4C25CC1] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [1744312]
[MD5.6E571CD299C38EF9DCC5DA779E3B8AFA] [APT] [Apple Diagnostics] (.Apple Inc..) -- C:\Program Files\Common Files\Apple\Internet Services\EReporter.exe [145888]
[MD5.3BC7607E66647710C10ECCA03E0D6F00] [APT] [{3CEEB170-7D42-4D8D-9EA5-E9FF95772F01}] (...) -- C:\Users\pat\Downloads\PMUPokerSetup.exe [540544]
~ Scheduled Task: 25 Legitimates Scanned in 00mn 04s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 14 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (a2injectiondriver) . (.Emsisoft GmbH - Emsisoft Anti-Malware Behavior Blocker.) - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
O41 - Driver: (a2util) . (.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys
~ Drivers: 96 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: Ad-Aware - (.Lavasoft Limited.) [HKLM] -- {97BD5533-8B5B-42FA-ADAE-A6F8DB997D7C}
O42 - Logiciel: Ad-Aware Security Toolbar - (.Lavasoft.) [HKLM] -- adawaretb
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.6) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: AnyDVD - (.SlySoft.) [HKLM] -- AnyDVD
O42 - Logiciel: Java(TM) 6 Update 26 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}
O42 - Logiciel: Java(TM) 7 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217000FF}
O42 - Logiciel: MediaFeed - (.MediaFeed.me.) [HKLM] -- MediaFeed
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: ToolbarFR - (.Orange.) [HKLM] -- {A047FE02-C91C-41CB-898C-4ED21B86025A}
O42 - Logiciel: USB Scanner - (...) [HKLM] -- USB Scanner
O42 - Logiciel: avast! Internet Security v7.0.1474.0 - (.AVAST Software.) [HKLM] -- avast
O42 - Logiciel: �Torrent - (...) [HKLM] -- uTorrent
~ Logic: 129 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\adaware]
[HKCU\Software\AppDataLow\Software\adawaretb]
[HKCU\Software\AppDataLow\Software\mediabarim]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bitberry]
[HKCU\Software\Hemera Technologies Inc.]
[HKCU\Software\MediaFeed.me]
[HKCU\Software\PMU]
[HKCU\Software\TVANTS]
[HKCU\Software\uTorrent]
[HKLM\Software\Toolbar Cleaner]
~ Key Software: 210 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 03/06/2011 - 17:45:00 - [15,772] ----D C:\Program Files\FinalMediaPlayer
O43 - CFD: 05/07/2011 - 15:50:39 - [15,755] ----D C:\Program Files\MediaFeed
O43 - CFD: 08/01/2012 - 12:30:24 - [63,011] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 20/12/2011 - 13:27:55 - [0,651] ----D C:\Program Files\Toolbar Cleaner
O43 - CFD: 29/08/2011 - 09:48:42 - [0,682] ----D C:\Program Files\uTorrent
O43 - CFD: 12/08/2012 - 22:07:41 - [0,584] ----D C:\ProgramData\Ad-Aware Browsing Protection
O43 - CFD: 05/03/2013 - 20:09:19 - [0,128] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 19/03/2011 - 15:17:51 - [15,243] --H-D C:\ProgramData\{8126394B-2C0C-4BB4-BAF9-51D47FAA35C8}
O43 - CFD: 04/06/2011 - 17:48:01 - [0,000] ----D C:\Users\pat\AppData\Roaming\FinalMediaPlayer
O43 - CFD: 30/01/2010 - 14:51:37 - [0,001] ----D C:\Users\pat\AppData\Roaming\Hemera
O43 - CFD: 03/04/2013 - 10:06:39 - [1,205] ----D C:\Users\pat\AppData\Roaming\uTorrent
O43 - CFD: 22/03/2013 - 21:29:17 - [2,468] ----D C:\Users\pat\AppData\Local\22AB56A9-6E4F-4D9D-BA3C-AA3535706F70.aplzod
O43 - CFD: 20/12/2011 - 13:27:59 - [1,785] ----D C:\Users\pat\AppData\Local\adaware
O43 - CFD: 22/08/2011 - 21:53:43 - [0] ----D C:\Users\pat\AppData\Local\uTorrent
O43 - CFD: 05/07/2011 - 15:50:38 - [0] ----D C:\Users\pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaFeed
O43 - CFD: 22/01/2010 - 21:07:49 - [0] ----D C:\Users\pat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\�Torrent
~ 526 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 811 Legitimates Scanned in 00mn 52s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.1CB32419AE1FEF64C261F8093C72DCF7] - 03/04/2013 - 22:19:20 ---A- . (...) -- C:\aaw7boot.log [37247]
O44 - LFC:[MD5.CED15AF293AB72EBD01A0457E76A613D] - 03/04/2013 - 18:34:01 ---A- . (...) -- C:\AdwCleaner[S3].txt [18898]
O44 - LFC:[MD5.E80F56E6BDABC0A9287EA0B99B9E8C83] - 03/04/2013 - 18:20:36 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [7324]
O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 22/03/2013 - 12:32:22 ---A- . (...) -- C:\Windows\System32\rp_rules.dat [44]
O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 22/03/2013 - 12:32:22 ---A- . (...) -- C:\Windows\System32\rp_stats.dat [64]
~ Files: 42 Legitimates Scanned in 00mn 40s



---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.7B78DBBA1F2C267820F9C4FD577D6D82] - 01/04/2013 - 19:05:27 ---A- - C:\Windows\Prefetch\OFFDIAG.EXE-CC6CC441.pf
O45 - LFCP:[MD5.919D9D95714D9446A1122893F8014B16] - 01/04/2013 - 19:05:36 ---A- - C:\Windows\Prefetch\DWWIN.EXE-EBDA23D8.pf
O45 - LFCP:[MD5.24C85E1416CBFC5BE7F88A90C53E91A3] - 02/04/2013 - 08:25:41 ---A- - C:\Windows\Prefetch\HPQDIREC.EXE-0842EF10.pf
O45 - LFCP:[MD5.755241E4D4A95CDD097BEBB86046653A] - 02/04/2013 - 09:17:46 ---A- - C:\Windows\Prefetch\OIS.EXE-4288CF73.pf
O45 - LFCP:[MD5.ACF18D5426FBBC35245FA9A80A39E17E] - 02/04/2013 - 12:33:27 ---A- - C:\Windows\Prefetch\AUTOLAUNCH.EXE-0690D12B.pf
O45 - LFCP:[MD5.FCB23F71137F4542B1848CB9B6A7B516] - 02/04/2013 - 13:08:40 ---A- - C:\Windows\Prefetch\HPSWP_CLIPBOOK.EXE-16E63887.pf
O45 - LFCP:[MD5.D4877A1E82AA167CC6DF74522FC7101F] - 03/04/2013 - 09:07:07 ---A- - C:\Windows\Prefetch\PLUTIL.EXE-15AED9F8.pf
O45 - LFCP:[MD5.2D307B5D1A9BB0C427E392CE114FCFA1] - 03/04/2013 - 14:56:57 ---A- - C:\Windows\Prefetch\OIS.EXE-103FD949.pf
O45 - LFCP:[MD5.824BF53D873C74BAE1C2FB6E01FDA3DF] - 03/04/2013 - 15:01:00 ---A- - C:\Windows\Prefetch\HPQUSGL.EXE-032FE0FC.pf
O45 - LFCP:[MD5.041B0AB6715CB18F37B14D42A51925B8] - 03/04/2013 - 18:17:07 ---A- - C:\Windows\Prefetch\AAWSERVICE.EXE-37729B41.pf
O45 - LFCP:[MD5.497AFC016B690A9AE7E2188F3DBEC351] - 03/04/2013 - 18:18:42 ---A- - C:\Windows\Prefetch\AD-R_2.0.0.2,G.EXE-6BAD8AFE.pf
O45 - LFCP:[MD5.A7C1349CEF62E7E9ED70734235AC6590] - 03/04/2013 - 18:18:52 ---A- - C:\Windows\Prefetch\MAIN.EXE-A8FAB63C.pf
O45 - LFCP:[MD5.A29F6D1C72851224A58F7BB0D6886827] - 03/04/2013 - 18:26:16 ---A- - C:\Windows\Prefetch\OUSOFTWAREMANAGER.EXE-CFF7DAA7.pf
O45 - LFCP:[MD5.7B108A4BB2B676A5196A89AD87EAF6EB] - 03/04/2013 - 22:21:42 ---A- - C:\Windows\Prefetch\KHALMNPR.EXE-B598A5C1.pf
O45 - LFCP:[MD5.1F56E8CEB825F924B23C23DFEEA0F4C8] - 03/04/2013 - 22:26:48 ---A- - C:\Windows\Prefetch\CONIME.EXE-B273009A.pf
O45 - LFCP:[MD5.58B9D2608DA815D8609DAC17E6098FDF] - 22/03/2013 - 12:32:17 ---A- - C:\Windows\Prefetch\AD-AWAREADMIN.EXE-0A79D12E.pf
O45 - LFCP:[MD5.7048984A7006B045F9881F7086E7F264] - 22/03/2013 - 12:32:38 ---A- - C:\Windows\Prefetch\AAWTRAY.EXE-3D459FD4.pf
O45 - LFCP:[MD5.BD0F007245C80314D4626B9964A170DF] - 22/03/2013 - 21:21:24 ---A- - C:\Windows\Prefetch\EREPORTER.EXE-7CEC4340.pf
O45 - LFCP:[MD5.5E721EA5E89CE774B7B0E9495E5EC75C] - 23/03/2013 - 04:57:54 ---A- - C:\Windows\Prefetch\GOOGLEEARTH-WIN-BUNDLE-7.0.3.-6D3688E3.pf
O45 - LFCP:[MD5.938DC78092B82CEC1BBCA614370DEC1B] - 23/03/2013 - 04:58:18 ---A- - C:\Windows\Prefetch\GOOGLEEARTH.EXE-EBC688C5.pf
O45 - LFCP:[MD5.56397CF1B93780DE59D5883DA8E0F054] - 23/03/2013 - 19:51:17 ---A- - C:\Windows\Prefetch\FACEBOOKVIDEOCALLING.EXE-1410C3CF.pf
O45 - LFCP:[MD5.639B146602E2B247844EAAAB1A428D80] - 24/03/2013 - 18:39:36 ---A- - C:\Windows\Prefetch\HPQKYGRP.EXE-EDA025B6.pf
O45 - LFCP:[MD5.23B8C11AE4EADE4E76726166AABCE592] - 24/03/2013 - 18:39:40 ---A- - C:\Windows\Prefetch\HPQDSTCP.EXE-9D27DC03.pf
O45 - LFCP:[MD5.CF7FA0D9BAA5A0B73A44B6B1EEB0CD15] - 24/03/2013 - 18:40:54 ---A- - C:\Windows\Prefetch\HPISCNAPP.EXE-C8B7B25E.pf
O45 - LFCP:[MD5.CEBC86157AD094DC9CCFCDDCD5BE3074] - 26/03/2013 - 20:02:31 ---A- - C:\Windows\Prefetch\FINALMEDIAPLAYER.EXE-E6F6407F.pf
O45 - LFCP:[MD5.02534FF0B53C42242255F549703077A4] - 31/03/2013 - 10:45:08 ---A- - C:\Windows\Prefetch\HPQAPKL2.EXE-56FBA0BF.pf
O45 - LFCP:[MD5.9A1780C344146719308EDB88A10B6CB2] - 31/03/2013 - 16:45:12 ---A- - C:\Windows\Prefetch\FMPCHECKFORUPDATES.EXE-10F1E67A.pf
~ Prefetcher: 137 Legitimates Scanned in 00mn 02s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - OA Shell Helper - {4F07DA45-8170-4859-9B5F-037EF2970034} - Cl� orpheline
~ ShellExecuteHooks: Scanned in 00mn 00s



---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 7 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s



---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{4d1e8346-078e-11df-a5cc-806e6f6e6963}\AutoRun\command. (...) -- G:\cdstart.exe
O51 - MPSK:{9b6b6081-0782-11df-a0aa-806e6f6e6963}\AutoRun\command. (...) -- E:\cdstart.exe (.not file.)
O51 - MPSK:{b4b41a16-e6a8-11df-86dc-00241d6ba11b}\AutoRun\command. (...) -- I:\WD SmartWare.exe (.not file.)
~ Keys: Scanned in 00mn 03s



---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.scg726"="scg726.acm" . (.SHARP Corporation - SHARP G.726 ACM Audio Decoder.) -- C:\Windows\System32\scg726.acm
O52 - TDSD: \Drivers32\"msacm.alf2cd"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\Windows\System32\alf2cd.acm
O52 - TDSD: \Drivers32\"vidc.dvsd"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\System32\mcdvd_32.dll
O52 - TDSD: \drivers.desc\"alf2cd.acm"="alf2cd.acm" . (.NCT Company - NCT ALF2CD Audio CODEC.) -- C:\Windows\System32\alf2cd.acm
O52 - TDSD: \drivers.desc\"mcdvd_32.dll"="mcdvd_32.dll" . (.MainConcept - MainConcept DV Codec.) -- C:\Windows\System32\mcdvd_32.dll
~ TDSD: 15 Legitimates Scanned in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Ad-Aware Browsing Protection [Key] . (.Lavasoft - Ad-Aware Browsing Protection.) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
O53 - SMSR:HKLM\...\startupreg\AnyDVD [Key] . (.SlySoft, Inc. - AnyDVD Application.) -- D:\AnyDVDHD\AnyDVD\AnyDVDtray.exe
O53 - SMSR:HKLM\...\startupreg\emsisoft anti-malware [Key] . (.Emsisoft GmbH - Background Guard.) -- c:\program files\emsisoft anti-malware\a2guard.exe
O53 - SMSR:HKLM\...\startupreg\MobileDocuments [Key] . (...) -- C:\Program Files\Common Files\Apple\Internet Services\ubd.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SpybotSD TeaTimer [Key] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O53 - SMSR:HKLM\...\startupreg\uTorrent [Key] . (.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe
~ SMSR Keys: 14 Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1
~ Keys: Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s



---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 02/04/2013 - 08:26:07 ---A- C:\Users\pat\AppData\Roaming\HP\ScLogs\SolutionCenter.htm [42930]
O61 - LFC: 02/04/2013 - 17:51:13 ---A- C:\Users\pat\AppData\Roaming\Microsoft\Word\ListGal.dat [13678]
O61 - LFC: 03/04/2013 - 09:09:13 ---A- C:\Users\pat\AppData\Roaming\Software Informer\gaotd.xml [665]
O61 - LFC: 03/04/2013 - 09:09:18 ---A- C:\Users\pat\AppData\Roaming\Software Informer\nhistory.xml [9040]
O61 - LFC: 03/04/2013 - 15:05:03 ---A- C:\Users\pat\AppData\Roaming\Microsoft\OIS\Toolbars.dat [780]
O61 - LFC: 03/04/2013 - 18:27:07 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\4000120.ico [25214]
O61 - LFC: 03/04/2013 - 18:28:05 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\1288932.ico [297086]
O61 - LFC: 03/04/2013 - 18:28:05 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\3344236.ico [9662]
O61 - LFC: 03/04/2013 - 19:09:30 ---A- C:\Users\pat\AppData\Roaming\Software Informer\login.xml [1169]
O61 - LFC: 03/04/2013 - 19:09:30 ---A- C:\Users\pat\AppData\Roaming\Software Informer\server.xml [309]
O61 - LFC: 03/04/2013 - 22:20:00 ---A- C:\Users\pat\AppData\Roaming\FinalMediaPlayer\updcheck.cfg [217]
O61 - LFC: 03/04/2013 - 22:21:31 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\3113132.ico [9662]
O61 - LFC: 03/04/2013 - 22:21:31 ---A- C:\Users\pat\Links\Flux de photos.lnk [154]
O61 - LFC: 03/04/2013 - 22:21:42 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\4240796.ico [297086]
O61 - LFC: 03/04/2013 - 22:22:17 ---A- C:\Users\pat\AppData\Roaming\Software Informer\shtree.xml [144071]
O61 - LFC: 03/04/2013 - 22:22:35 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\118215.ico [42810]
O61 - LFC: 03/04/2013 - 22:22:36 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\326430.ico [23558]
O61 - LFC: 03/04/2013 - 22:22:36 ---A- C:\Users\pat\AppData\Roaming\Software Informer\cache\icons\591.ico [23558]
O61 - LFC: 03/04/2013 - 22:22:36 ---A- C:\Users\pat\AppData\Roaming\Software Informer\comments.xml [102]
O61 - LFC: 03/04/2013 - 22:22:36 ---A- C:\Users\pat\AppData\Roaming\Software Informer\softList.xml [167703]
O61 - LFC: 03/04/2013 - 22:22:36 ---A- C:\Users\pat\AppData\Roaming\Software Informer\ukey.xml [109503]
O61 - LFC: 31/03/2013 - 18:24:46 ---A- C:\Users\pat\AppData\Local\Google\Chrome\User Data\Local State [33412]
~ 12 Fichiers temporaires (Temporary files)
~ Files: 69 Legitimates Scanned in 03mn 02s



---\\ Alternate Data Stream File (O62)
O62 - ADS:Alternate Data Stream File - C:\Windows\System32\SpoonUninstall.exe:Zone.Identifier
~ ADS: Scanned in 00mn 03s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
O63 - Logiciel: ZHPFix 1.12 - (.Nicolas Coolman.) [HKLM] -- ZHPFix_is1
O63 - Logiciel: Ad-Remover - (...) [HKCU] -- Ad-Remover
~ ADS: Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 18/06/2012 - C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys (a2acc) .(.Emsisoft GmbH - Emsisoft Anti-Malware File Guard.) - LEGACY_A2ACC
O64 - Services: CurCS - 18/06/2012 - C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys (a2injectiondriver) .(.Emsisoft GmbH - Emsisoft Anti-Malware Behavior Blocker.) - LEGACY_A2INJECTIONDRIVER
O64 - Services: CurCS - 05/05/2010 - C:\Program Files\Emsisoft Anti-Malware\a2util32.sys (a2util) .(.Emsi Software GmbH - a-squared Malware-IDS utility driver.) - LEGACY_A2UTIL
O64 - Services: CurCS - 22/01/2010 - C:\Windows\gdrv.sys (gdrv) .(.Windows (R) 2000 DDK provider - GIGABYTE Tools.) - LEGACY_GDRV
O64 - Services: CurCS - 12/12/2011 - C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys - Lavasoft helper driver (Lavasoft Kernexplorer) .(...) - LEGACY_LAVASOFT_KERNEXPLORER
O64 - Services: CurCS - 12/12/2011 - C:\Windows\System32\DRIVERS\Lbd.sys (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD
O64 - Services: CurCS - 02/11/2011 - c:\windows\system32\drivers\TrueSight.sys - TrueSight (TrueSight) .(...) - LEGACY_TRUESIGHT
~ Legacy: 84 Legitimates Scanned in 00mn 01s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'�v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Apple Inc. - Safari.) -- C:\Program Files\Safari\Safari.exe
~ Keys: Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [pat - qtpashw3.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-1111-472f-A0FF-E1416B8B2EAA} - (Search) - http://www.yaape.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr
~ Keys: Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 31 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.9E75EA302ED91E9749F43DD5885D4136] [SPRF][17/11/2012] (...) -- C:\ProgramData\nvModes.dat [66129]
[MD5.1DA141766BB3FFCF0B4E058D4925AA53] [SPRF][15/03/2012] (...) -- C:\Users\pat\AppData\Local\d3d9caps.dat [1356]
[MD5.154D7EFF15D0936D30333B8DB80E2136] [SPRF][29/12/2012] (.Samsung Electronics Co., Ltd. - Samsung Kies Installer 2.0.) -- C:\Users\pat\Desktop\Kies_2-5-0-12114_1_17.exe [81319552]
[MD5.D41D8CD98F00B204E9800998ECF8427E] [SPRF][05/10/2011] (...) -- C:\Program Files\vlc-1.1.11-win32.exe [0]
~ Files: Scanned in 00mn 01s



---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{72F6C19C-CC42-44A1-8EE7-808FF461D1BA}" | In - None - P17 - TRUE | .(.Bitberry Software - Bitberry Software Update Checker.) -- C:\Program Files\FinalMediaPlayer\FMPCheckForUpdates.exe
O87 - FAEL: "{E34F9785-BE79-432A-9B19-9D8BA132813A}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{CED0B302-8647-42D6-80BE-158DCCA30B60}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - �Torrent.) -- C:\Program Files\uTorrent\uTorrent.exe
O87 - FAEL: "{CB0C4B25-1D39-4DA0-97A5-D5408E252DCE}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\adawaretb\dtUser.exe (.not file.)
O87 - FAEL: "{8C1AA740-CB05-49F6-BB59-65B97CF236B5}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\adawaretb\dtUser.exe (.not file.)
~ Firewall: 198 Legitimates Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11367 - (03/04/2013)
Cl�s trouv�es (Keys found) : 44
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0

[HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A047FE02-C91C-41CB-898C-4ED21B86025A}] =>Toolbar.Orange
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D6533F74-218B-41BE-9D91-5BD471FECFFD}] =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_FR Toolbar] =>Toolbar.Conduit
[HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib] =>Toolbar.Conduit
[HKLM\Software\Classes\Installer\Features\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F479A18A22A86E3429341589FF57D81A] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33DB788C5C4658349BF7115144F7EA1B] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4611B2B2E79800B468580973ECEABEA8] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48A0552292E14244E8F3980FD3D01541] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4DF671E841351D040BEDE6AC96F4FC5E] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\503398D5204CBDD48A5EE476D0CFCFEC] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BDF578D2C71DDC4997692F83B0A5C75] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67909B00FA069BE4E80548738FE558FB] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\698B1BCDAEA97B945AE4001A96F1E755] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D2265F6F19D3B84BB04EAF5347F276A] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E6611210321F8640B41F98B10A8BD0A] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ADFBDCA3E069A47B07ECC2CED1E2B2] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ED6CAB2F119182EB7D8CE7156DC0915] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3D6A80A87E22324A91C14AEBDF78525] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2F30BE10C5A9DD43A593262265CA298] =>PUP.OfferBox
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B34440EB12BB40B3452E5166D9D233BD] =>PUP.OfferBox
[HKCU\Software\AppDataLow\Software\mediabarim] =>PUP.iMesh
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E] =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Classes\Installer\Features\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Classes\Installer\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA20CB7A821113A4CB8FA1E38E303D3B] =>PUP.SweetIM
[HKLM\Software\Classes\Widestream6.Spointer.1] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerCtrl.1] =>Adware.SPointer
[HKLM\Software\Classes\Widestream6.SpointerWebDisp.1] =>Adware.SPointer
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\Arpcache\ToolBand.SkypeIEToolbarToolbar] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094] =>PUP.SweetIM^
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536] =>PUP.SweetIM^
~ Additionnel: Scanned in 00mn 18s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "3355DB79B5B8AF24DAEA6A8FBD99D7C7" . (.Ad-Aware.) -- C:\Windows\Installer\{97BD5533-8B5B-42FA-ADAE-A6F8DB997D7C}\AAWIcon
O90 - PUC: "FA20CB7A821113A4CB8FA1E38E303D3B" . (.SweetIM Toolbar for Internet Explorer 4.2.) -- C:\Windows\Installer\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}\ARPPRODUCTICON.exe =>PUP.SweetIM
~ Update Products: 120 Legitimates Scanned in 00mn 00s



---\\ MyComputer Name Space (O92)
O92 - MNS: Flux de photos - {F0D63F85-37EC-4097-B30D-61B4A8917118}
~ MNS: Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/06/2012 3069752 | (a2AntiMalware) . (.Emsisoft GmbH.) - C:\Program Files\Emsisoft Anti-Malware\a2service.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 11/08/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/10/2012 44808 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
SR - | Auto 30/10/2012 133912 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe
SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Auto 04/02/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 04/02/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 02/09/2012 194032 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Demand 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 12/12/2012 553440 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 25/05/2012 2152720 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
SS - | Demand 27/09/2011 295192 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 08/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 10/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SS - | Auto 18/09/2012 1082016 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files\Orange\OrangeUpdate\Service\OUCore.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/01/2009 1153368 | (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 13/07/2012 160944 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 02/10/2012 382824 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 01s



---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Run by pat at 03/04/2013 23:33:56

device: opened successfully
user: MBR read successfully

Disk trace:
~ MBR: 7 Legitimates Scanned in 00mn 02s



---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by pat at 03/04/2013 23:33:58

********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s



End of the scan (855 lines in 07mn 22s)(0)