Rapport de ZHPDiag v2013.4.6.35 par Nicolas Coolman, Update du 06/04/2013 Run by yves at 07/04/2013 20:35:42 State : Version à jour. High Elevated Privileges : OK UAC : Not Found ---\\ Web Browser MSIE: Internet Explorer v8.0.6001.18702 MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows XP Professional Service Pack 3 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ System Information ~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 3070.4 MB (69% free) System Restore: Activé (Enable) System drive C: has 96 GB (32%) free of 298 GB ---\\ Logged in mode ~ Computer Name: COLLÈGE ~ User Name: yves ~ All Users Names: yves, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Documents and Settings\yves\Application Data\ ~ %Desktop% : C:\Documents and Settings\yves\Bureau\ ~ %Favorites% : C:\Documents and Settings\yves\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\yves\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\yves\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 298 Go) D:\ CD-ROM drive (Not Inserted) E:\ CD-ROM drive (Free 0 Go of 8 Go) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: Scanned in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824] [MD5.FCDD66EE148885E900285ADE8417E40B] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2013 - 20:56:42.) -- C:\WINDOWS\system32\wininet.dll [916480] [MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000] [MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 00:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512] [MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976] [MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144] [MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112] [MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832] [MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264] [MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320] [MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976] [MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/04/2008 - 00:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224] [MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752] [MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/3 ~ Mes musiques (My Musics) : 1/16 ~ Mes Videos (My Videos) : 1/2 ~ Mes Favoris (My Favorites) : 1/110 ~ Mes Documents (My Documents) : 2/1916 ~ Mon Bureau (My Desktop) : 1/1723 ~ Menu demarrer (Programs) : 1/35 ~ Hidden Files: Scanned in 00mn 01s ---\\ Processus lancés [MD5.A8C1E6FF53FB0628A302843EA5FA5AB6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) -- C:\WINDOWS\system32\nvsvc32.exe [156776] [PID.1812] [MD5.8B09FF15D36B1D5108F6F3249EA16F5F] - (.Intel(R) Corporation - Intel(R) Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [905216] [PID.384] [MD5.5E3F0AAEA4642BF184DEEA311C7201DE] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680] [PID.1292] [MD5.BA6063E3375F9BC11A9C8450A7F61E70] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160] [PID.1360] [MD5.11C3EFB4BAC41175D03B1595DB1A4A4F] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1648] [MD5.B86A7B6A99AE9738ABC299BB4E8D26D7] - (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) -- C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [136352] [PID.1916] [MD5.BBD5503999F331278DB39046888D559C] - (.O2Micro International - O2 Flash Memory Service.) -- C:\WINDOWS\system32\DRIVERS\o2flash.exe [71512] [PID.2044] [MD5.A1E779A0CF7A21B42E8FD3E8856D8481] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896] [PID.304] [MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.504] [MD5.7EEEEC28A34516E66137F355DCC15BDB] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.584] [MD5.A0501773C903B469D3B14C1067E80050] - (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) -- C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160] [PID.1208] [MD5.BB1F9614D427716D0D9E9FEFC34CC9A4] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920] [PID.3828] [MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.596] [MD5.F8E9D5FBB2339FB71B770E89B577B360] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16855552] [PID.2200] [MD5.8F48849314EF6AF4E0B925539E52B16F] - (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe [36864] [PID.2776] [MD5.3580208ABD256AA4DC4A578F8EE7304D] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064] [PID.3016] [MD5.FDA92FDAFFEDBDD3741FDDF9D82C69DF] - (.Synaptics Incorporated - Toshiba Custom PlugIn Application.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe [210216] [PID.2716] [MD5.B675CBBCCD273808150F6675C2CC60CF] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [1191936] [PID.2028] [MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.3300] [MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [218032] [PID.568] [MD5.9C492FEC0D62844ADFA1FD910F0AF3B8] - (.Microsoft Corporation - Microsoft Tablet PC Component.) -- C:\WINDOWS\system32\WISPTIS.exe [293376] [PID.3724] [MD5.7A6638028D84C2B87EAB6D0A0F38A095] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6535680] [PID.3788] [MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.312] [MD5.8BA7C024070F2B7FDD98ED8A4BA41789] - (.Microsoft Corporation - PresentationFontCache.exe.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.3516] ~ Processes Running: Scanned in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jhmyb7sh.default\prefs.js P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll ~ Firefox Browser: 30 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.) R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.) ~ IE Browser: Scanned in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) - Software Clé orpheline O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Dell Inc. - BAE.dll.) -- C:\Program Files\Dell\BAE\BAE.dll ~ BHO: 7 Legitimates Scanned in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Clé orpheline O3 - Toolbar: Easy-WebPrint - [HKLM]{327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propriétaire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ~ Toolbar: Scanned in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe O4 - HKLM\..\Run: [OEM13Mon.exe] . (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe O4 - HKLM\..\Run: [IntelWireless] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMCTray.dll O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll O4 - HKLM\..\Run: [NVHotkey] nvHotkey.dll O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (.not file.) O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe ~ Application: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico O4 - GS\Programs: Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O4 - GS\Programs: Windows Live ID.lnk . (.Microsoft Corporation - Sign in Options.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.exe O4 - GS\Programs: Windows Movie Maker.LNK . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe O4 - GS\Programs: Assistance à distance.LNK . (.Microsoft Corporation - Assistance à distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe O4 - GS\Programs: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe O4 - GS\Programs: Outlook Express.LNK . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe ~ Global Startup: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} . (.Kaspersky Lab - Script Monitor Internet Explorer plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) ~ Winsock: 3 Legitimates Scanned in 00mn 00s ---\\ Site dans la Zone de confiance d'Internet Explorer (O15) O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr ~ IE Zone Confiance: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264672929484 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264672916765 O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 351791G.ac-rennes.fr O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - Kaspersky OE plugin loader.) - C:\Program Files\KASPER~1\KASPER~2.0FO\kloehk.dll ~ AppInit DLL: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) ~ SSODL: 5 Legitimates Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe O23 - Service: SupportSoft Sprocket Service (dellsuppor (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (.not file.) O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe ~ Services: 12 Legitimates Scanned in 00mn 04s ---\\ Enumération Active Desktop & MHTML Editor (O24) ~ Desktop Component: 1 Legitimates Scanned in 00mn 00s ---\\ BootExecute (O34) ~ BEX: 1 Legitimates Scanned in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Go for FilesUpdate.job [282] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Office Outlook 2007.job [532] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job [564] O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SystemToolsDailyTest.job [422] [MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Microsoft Office Outlook 2007] (...) -- C:\Documents and Settings\yves\Menu D‚marrer\Programmes\Microsoft Office\Microsoft Office Outlook 2007.lnk (.not file.) [0] [MD5.FF1D19A2F23EF359F2652F013E97B759] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [859976] [MD5.07A86CBFC516544AC199EDC6AFF7D418] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe [1233736] ~ Scheduled Task: 15 Legitimates Scanned in 00mn 00s ---\\ Composants installés (ActiveSetup Installed Components) (O40) ~ Active Setup: 22 Legitimates Scanned in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: (APPDRV) . (.Dell Inc - App Support Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\WINDOWS\system32\Drivers\DLARTL_M.sys O41 - Driver: (LUMDriver) . (.IBM - LUM Runtime.) - C:\WINDOWS\system32\drivers\LUMDriver.sys O41 - Driver: (OMCI) . (. - .) - C:\WINDOWS\sysTEM32\DRIVERS\OMCI.sys (.not file.) ~ Drivers: 78 Legitimates Scanned in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.6) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Advanced Video FX Engine - (...) [HKLM] -- Advanced Video FX Engine O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD O42 - Logiciel: Easy-WebPrint - (...) [HKLM] -- Easy-WebPrint O42 - Logiciel: IGN Rando - (...) [HKLM] -- {3761D0A0-6694-41F1-A735-83074F2D2B37} O42 - Logiciel: IGN Rando - (...) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D} O42 - Logiciel: INDEX EDUCATION - Client PRONOTE 2011 - (.Index Education.) [HKLM] -- {B279DFD9-284C-40D4-8316-B72533B36F93} O42 - Logiciel: INDEX EDUCATION - ProfNOTE 2011 - (.Index Education.) [HKLM] -- {1B9DA148-9BF0-483B-93E1-9FEC245B597F} O42 - Logiciel: Kaspersky Anti-Virus 6.0 for Windows Workstations - (.Kaspersky Lab.) [HKLM] -- {8F023021-A7EB-45D3-9269-D65264C81729} O42 - Logiciel: Le Nouveau Littré - (...) [HKLM] -- Littre O42 - Logiciel: Live! Cam Avatar - (.Creative Technology Ltd..) [HKLM] -- {1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995} O42 - Logiciel: Marées dans le Monde - (...) [HKLM] -- ST6UNST #1 O42 - Logiciel: OmniPage SE 2.0 - (.ScanSoft, Inc..) [HKLM] -- {79D5997E-BF79-48BB-8B41-9BE59C15C2D7} O42 - Logiciel: QuickSet - (.Dell Computer Corporation.) [HKLM] -- {C5074CC4-0E26-4716-A307-960272A90040} O42 - Logiciel: ScanNav 12.0 - (.Marc Lombard.) [HKLM] -- {1B10FA81-531B-443A-87F6-90C69D52E3CB} O42 - Logiciel: Ugrib RC1 - (.GRIB.US.) [HKLM] -- Ugrib_is1 O42 - Logiciel: WXTide32 - (...) [HKLM] -- WXTide32 O42 - Logiciel: µTorrent - (...) [HKLM] -- uTorrent ~ Logic: 179 Legitimates Scanned in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\BillP Studios] [HKCU\Software\BitTorrent] [HKCU\Software\EyePower Games] [HKCU\Software\Fugawi] [HKCU\Software\Geoplace] [HKCU\Software\GoforFiles] [HKCU\Software\Harmony Hollow] [HKCU\Software\Imc] [HKCU\Software\IncrediMail] [HKCU\Software\Index Education] [HKCU\Software\Luidia] [HKCU\Software\Marc Lombard] [HKCU\Software\Paraschool] [HKCU\Software\RdE] [HKCU\Software\SnapShot] [HKCU\Software\Tech'Soft] [HKCU\Software\U.S. Robotics] [HKCU\Software\X-Cleaner] [HKCU\Software\cadwork Backup] [HKCU\Software\cadwork informatik] [HKCU\Software\charlyrobot] [HKCU\Software\da-soft] [HKCU\Software\zyGrib] [HKLM\Software\AM3XXX] [HKLM\Software\BillP Studios] [HKLM\Software\GeoTask AG] [HKLM\Software\GoforFiles] [HKLM\Software\Gradient] [HKLM\Software\IncrediMail] [HKLM\Software\Intel, Inc.] [HKLM\Software\LOXANE] [HKLM\Software\Luidia] [HKLM\Software\Marc Lombard] [HKLM\Software\NewSoft] [HKLM\Software\Vid_0471] ~ Key Software: 303 Legitimates Scanned in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 22/01/2013 - 16:31:28 - [8.978] ----D C:\Program Files\American Conquest Anthology O43 - CFD: 06/02/2009 - 10:38:33 - [0.681] ----D C:\Program Files\Common~1 O43 - CFD: 07/01/2013 - 18:17:32 - [4.445] ----D C:\Program Files\GoforFiles O43 - CFD: 05/08/2009 - 16:43:43 - [1426.058] ----D C:\Program Files\GRIB.US O43 - CFD: 05/09/2012 - 12:17:06 - [1455.538] ----D C:\Program Files\IGN Rando O43 - CFD: 20/11/2008 - 16:19:13 - [0] ----D C:\Program Files\Intel, Inc O43 - CFD: 08/12/2008 - 21:35:40 - [144.140] ----D C:\Program Files\Le Nouveau Littré O43 - CFD: 03/08/2010 - 17:03:33 - [45.503] ----D C:\Program Files\Marc Lombard O43 - CFD: 24/10/2011 - 11:17:08 - [168.763] ----D C:\Program Files\marée dans le monde O43 - CFD: 27/11/2008 - 21:38:22 - [105.246] ----D C:\Program Files\NewSoft O43 - CFD: 10/12/2012 - 19:54:27 - [0.924] ----D C:\Program Files\uTorrent O43 - CFD: 05/08/2009 - 23:58:36 - [3.868] ----D C:\Program Files\WXTide32 O43 - CFD: 08/01/2013 - 13:16:16 - [0] ----D C:\Documents and Settings\yves\Application Data\cadwork O43 - CFD: 07/01/2013 - 13:55:02 - [0.001] ----D C:\Documents and Settings\yves\Application Data\GoforFiles O43 - CFD: 28/09/2011 - 19:01:26 - [0.005] ----D C:\Documents and Settings\yves\Application Data\IndexEducation O43 - CFD: 27/11/2008 - 21:38:15 - [0.527] ----D C:\Documents and Settings\yves\Application Data\NewSoft O43 - CFD: 05/03/2013 - 01:17:14 - [2.983] ----D C:\Documents and Settings\yves\Application Data\uTorrent O43 - CFD: 10/03/2013 - 18:50:49 - [0.001] ----D C:\Documents and Settings\yves\Application Data\WinPatrol O43 - CFD: 07/01/2013 - 20:53:47 - [0.000] ----D C:\Documents and Settings\yves\Local Settings\Application Data\cadwork informatik O43 - CFD: 08/12/2008 - 21:35:40 - [0.003] ----D C:\Documents and Settings\yves\Menu Démarrer\Programmes\Le Nouveau Littré O43 - CFD: 24/10/2011 - 11:17:08 - [0.002] ----D C:\Documents and Settings\yves\Menu Démarrer\Programmes\Marées dans le Monde O43 - CFD: 05/08/2009 - 23:58:31 - [0.001] ----D C:\Documents and Settings\yves\Menu Démarrer\Programmes\WXTide32 ~ Program Folder: 208 Legitimates Scanned in 00mn 02s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 07/04/2013 - 19:03:34 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001 [165341] O44 - LFC:[MD5.2A20BFC17B1C7FC5B6133AB3F1AC6613] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157] O44 - LFC:[MD5.637948D1E1D8B644D2A76C5AA595861C] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.5F4BF4B2DE20AC56BB47C581AE4F2EF6] - 06/04/2013 - 12:38:12 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [3276] O44 - LFC:[MD5.A031E8D281B93E98FC01E91DBEA8567A] - 06/04/2013 - 12:14:45 ---A- . (...) -- C:\AdwCleaner[S1].txt [9330] O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 21/03/2013 - 20:17:47 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [165341] O44 - LFC:[MD5.4A00D4DAE2B686F0F83F1EAE0A01334F] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [49270] O44 - LFC:[MD5.F4AD6A2209FC32BE6FE3A9021DA2A625] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3400] O44 - LFC:[MD5.C5F7F989E8B6EAEBB6B9DA070EA2CFAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\comsetup.log [16339] O44 - LFC:[MD5.3D9F3881FA3DAD4BB02AD81DCBA3FBDE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\iis6.log [52896] O44 - LFC:[MD5.297FD5D01E3B29EF182AB28CCD3A7203] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.1D49F43AF25B540AD4B526E18E2F2CAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2472] O44 - LFC:[MD5.769295B393488255324C9DB2ED71907E] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\netfxocm.log [8664] O44 - LFC:[MD5.F65EBB280BC986ADFA51356C0727B0EF] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [9886] O44 - LFC:[MD5.5A6B236219193645FF631B0B08F0C072] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocgen.log [23648] O44 - LFC:[MD5.E0CB067FF315CAF976AA6AF7110BAB38] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocmsn.log [2736] O44 - LFC:[MD5.B430C61E8DE73636AB521357E29248DE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2488] O44 - LFC:[MD5.F7137D63BE8C1F4D7D738365FA7DE29A] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tsoc.log [22568] O44 - LFC:[MD5.3DEE575C65F87C331EA0813199C284B0] - 14/03/2013 - 20:01:00 ---A- . (...) -- C:\WINDOWS\msmqinst.log [15056] O44 - LFC:[MD5.6B34A54A2B49B8A59768FDDFD30E9390] - 13/03/2013 - 20:03:04 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374] O44 - LFC:[MD5.B001B3C4B36E96F33D6D63A2C09F5B2E] - 13/03/2013 - 20:02:42 ---A- . (...) -- C:\WINDOWS\updspapi.log [6337] ~ Files: 38 Legitimates Scanned in 00mn 01s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Talk\googletalk.exe" [Enabled] .(...) -- C:\Program Files\Google\Google Talk\googletalk.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" [Enabled] .(...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(...) -- C:\Program Files\Orange\Connectivity\ConnectivityManager.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\dmwu.exe O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ARFC\wrtc.exe" [Enabled] .(.Pas de propriétaire.) -- C:\WINDOWS\system32\ARFC\wrtc.exe O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\goforfilesdl.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\GoforFiles.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.) ~ Keys Export: 18 Legitimates Scanned in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) ~ LSA: 6 Legitimates Scanned in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) ~ CBS: 23 Legitimates Scanned in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{9d27a998-0368-11e0-b099-002170ca8bb2}\AutoRun\command. (...) -- F:\usbConfig\DoNotDelete.exe (.not file.) O51 - MPSK:{a2127418-1964-11e0-b0c1-002170ca8bb2}\AutoRun\command. (...) -- C:\WINDOWS\system32\E:\m.exe (.not file.) O51 - MPSK:{edbb8433-b310-11de-9342-002170ca8bb2}\AutoRun\command. (...) -- F:\Setupx.exe (.not file.) O51 - MPSK:{f4a8e645-cb44-11dd-b483-002170ca8bb2}\AutoRun\command - Clé orpheline O51 - MPSK:{fbfb1abd-03af-11e0-b09a-002170ca8bb2}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) ~ TDSD: 19 Legitimates Scanned in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\CloneCDTray [Key] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (...) -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe ~ SMSR Keys: 7 Legitimates Scanned in 00mn 00s ---\\ Microsoft Control Security Providers (O54) ~ MSCP: 6 Legitimates Scanned in 00mn 00s ---\\ Microsoft Windows Policies System (O55) ~ MWPS: 5 Legitimates Scanned in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) ~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 18/08/2001 - 10:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\Drivers\aliide.sys [5248] O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] ~ Drivers: Scanned in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ ADS: Scanned in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 12/03/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe® Flash® Player Update Service 11.6 r6.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG O64 - Services: CurCS - 12/08/2005 - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys (APPDRV) .(.Dell Inc - App Support Driver.) - LEGACY_APPDRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\arp1394.sys (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V4.0.30319_32 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABMFSM.sys (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABOIOM.sys (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLADResM.sys (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAIFS_M.sys (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAOPIOM.sys (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAPoolM.sys (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLARTL_M.sys (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDFAM.sys (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDF_M.sys (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DRVNDDM.sys (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\fxssvc.exe (Fax) .(.Microsoft Corporation - Service de télécopie.) - LEGACY_FAX O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\fltMgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0 O64 - Services: CurCS - 28/04/2010 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR O64 - Services: CurCS - 15/01/2009 - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (GoToAssist) .(.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) - LEGACY_GOTOASSIST O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP O64 - Services: CurCS - 29/07/2008 - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\imapi.exe (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC O64 - Services: CurCS - 07/01/2013 - C:\WINDOWS\system32\drivers\LUMDriver.sys (LUMDriver) .(.IBM - LUM Runtime.) - LEGACY_LUMDRIVER O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys (mdf16) .(.Pas de propriétaire - Driver for SecretZone.) - LEGACY_MDF16 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC O64 - Services: CurCS - 19/05/2008 - C:\WINDOWS\system32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows® installer.) - LEGACY_MSISERVER O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys (mvd23) .(.Pas de propriétaire - Virtual Disk Driver for SecretZone.) - LEGACY_MVD23 O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (Netlogon) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NETLOGON O64 - Services: CurCS - 27/08/2008 - C:\WINDOWS\system32\DRIVERS\o2flash.exe (O2FLASH) .(.O2Micro International - O2 Flash Memory Service.) - LEGACY_O2FLASH O64 - Services: CurCS - 20/07/2011 - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.exe (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) - LEGACY_ODSERV O64 - Services: CurCS - 31/03/2011 - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (PassThru Service) .(.Pas de propriétaire - PassThruSvr Application.) - LEGACY_PASSTHRU_SERVICE O64 - Services: CurCS - 27/10/2010 - C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys (PcdrNdisuio) .(.Windows (R) Codename Longhorn DDK provider - PCDR NDIS User mode I/O Driver.) - LEGACY_PCDRNDISUIO O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de système de fichiers pou.) - LEGACY_SR O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\smlogsvc.exe (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP O64 - Services: CurCS - 27/03/2008 - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - WDF Dynamic.) - LEGACY_WDF01000 O64 - Services: CurCS - 20/08/2008 - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe (WLANKEEPER) .(.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - LEGACY_WLANKEEPER O64 - Services: CurCS - 30/03/2009 - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.exe (wlidsvc) .(.Microsoft Corporation - Microsoft® Windows Live ID Service.) - LEGACY_WLIDSVC O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) .(.Microsoft Corporation - wpffontcache_v0400.exe.) - LEGACY_WPFFONTCACHE_V0400 O64 - Services: CurCS - 26/05/2008 - C:\WINDOWS\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH ~ Legacy: 206 Legitimates Scanned in 00mn 00s ---\\ File Associations Shell Spawning (O67) ~ FASS Keys: 17 Legitimates Scanned in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.) ~ Keys: Scanned in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com ~ Keys: Scanned in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) ~ Services: 40 Legitimates Scanned in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.10FD0AF90A08AF6A389C4B81DED0032B] [SPRF][26/11/2008] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat [127] [MD5.21B4E224826F7613E6F8FA2C06F9483F] [SPRF][10/11/2011] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\AccaData.dat [14974] [MD5.B066B4B2910C670530B63D5E924E8A2B] [SPRF][10/11/2011] (.Pas de propriétaire - Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys [18288] [MD5.624197EC77BFBDF65CB21DD775E982DA] [SPRF][10/11/2011] (.Pas de propriétaire - Virtual Disk Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys [90944] [MD5.474A6C09B66C9439D7C8B66E9BE59232] [SPRF][25/05/2011] (.Clarus, Inc. - Samsung Portable SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\Portable SecretZone.exe [1404536] [MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [29616] [MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [201648] [MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440] [MD5.CF23C30CDFA3AAF1297801F4CED42876] [SPRF][07/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropENU.dll [116136] [MD5.EAE8A6A34084A2372EAE3D484DAF754C] [SPRF][21/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropFRA.dll [111728] [MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [484272] [MD5.2FD994827193B68DD301F80BDF744231] [SPRF][03/04/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll [354608] ~ Files: Scanned in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : v2.11473 - (06/04/2013) Clés trouvées (Keys found) : 3 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] =>Toolbar.PDFCreator ~ Additionnel: Scanned in 00mn 53s ---\\ Product Upgrade Codes (O90) O90 - PUC: "695032265E7381643A92D0125F928AF6" . (.Browser Address Error Redirector.) -- C:\WINDOWS\Installer\{62230596-37E5-4618-A329-0D21F529A86F}\ARPPRODUCTICON.exe O90 - PUC: "E7995D9797FBBB84B814B95EC9512C7D" . (.OmniPage SE.) -- C:\WINDOWS\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\Op.exe ~ Update Products: 95 Legitimates Scanned in 00mn 00s ---\\ MyComputer Name Space (O92) ~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 12/03/2010 311680 | (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SR - | Auto 20/08/2008 860160 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe SS - | Demand 07/01/2013 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe SS - | Demand 15/01/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe SS - | Auto 21/06/2009 133104 | (gupdate1c9f2aef8ff9320) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SS - | Demand 21/06/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe SR - | Auto 16/05/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe SR - | Auto 10/03/2010 136352 | (klnagent) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe SS - | Demand 11/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SR - | Auto 07/01/2011 156776 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SR - | Auto 27/08/2008 71512 | (O2FLASH) . (.O2Micro International.) - C:\WINDOWS\system32\DRIVERS\o2flash.exe SR - | Auto 80896 | (PassThru Service) . (...) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe SR - | Auto 29/09/2004 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe SR - | Auto 20/08/2008 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe SR - | Auto 20/08/2008 905216 | (S24EventMonitor) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe SS - | Auto 0 | (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe SR - | Auto 20/08/2008 348160 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe ~ Services: Scanned in 00mn 00s ~ 1171 Legitimates filtered by white list End of the scan (726 lines in 01mn 12s)(0)