Rapport de ZHPDiag v2013.4.21.127 par Nicolas Coolman, Update du 21/04/2013
Run by pierre pele at 22/04/2013 12:58:25
State : Version à jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v10.0.9200.16540

---\\ Windows Product Information
~ Langage: Français
Windows 7 Ultimate Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : YXDVG
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Windows Defender W7

---\\ System Optimizer
CCleaner v3.13

---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader XI
Java 7 Update 21

---\\ System Information
~ Processor: AMD64 Family 16 Model 2 Stepping 3, AuthenticAMD
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 7934 MB (80% free)
System Restore: Activé (Enable)
System drive C: has 386 GB (77%) free of 498 GB

---\\ Logged in mode
~ Computer Name: PIERREPELE-PC
~ User Name: pierre pele
~ All Users Names: pierre pele, HomeGroupUser$, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\pierre pele\AppData\Roaming\
~ %Desktop% : C:\Users\pierre pele\Desktop\
~ %Favorites% : C:\Users\pierre pele\Favorites\
~ %LocalAppData% : C:\Users\pierre pele\AppData\Local\
~ %StartMenu% : C:\Users\pierre pele\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 386 Go of 498 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 223 Go of 433 Go)
E:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime :  OK
~ Security Center:  Scanned in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.753C0848AE7872A3F59663078A517293] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.21/02/2013 - 11:15:07.) -- C:\Windows\System32\wininet.dll [2240512]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B8965FB53551B5455630A4B804D0791F] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.02/03/2013 - 07:04:53.) -- C:\Windows\system32\Drivers\ntfs.sys [1655656]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.1B6163C503398B23FF8B939C67747683] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 12:06:41.) -- C:\Windows\system32\Drivers\rdpdr.sys [165888]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes:  Scanned in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 2/98
~ Mes musiques (My Musics) : 1/105
~ Mes Videos (My Videos) : 2/37
~ Mes Favoris (My Favorites) : 1/46
~ Mes Documents (My Documents) : 2/248
~ Mon Bureau (My Desktop) : 1/119
~ Menu demarrer (Programs) : 1/37
~ Hidden Files:  Scanned in 00mn 00s



---\\ Processus lancés
[MD5.127CD00925C1A2B759765C5B9600DE30] - (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe   [6595928] [PID.3296]
[MD5.70189D91A5347F5E34039D06C7E58419] - (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe   [111856] [PID.3320]
[MD5.DED57EA9A5B3C4EBC1704817BE969F50] - (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe   [393216] [PID.3392]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe   [18642024] [PID.3400]
[MD5.553235E301A6498595720C9E225B9E54] - (.Compaq Computer Corporation - STARTEAK.) -- C:\Program Files (x86)\COMPAQ\Easy Access Button Support\STARTEAK.exe   [32768] [PID.3540]
[MD5.567FFEB698442E71D67B02E0BAD7B0B8] - (.Pas de propriétaire - CpqEAKSystemTray MFC Application.) -- C:\Program Files (x86)\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.exe   [212992] [PID.3684]
[MD5.7C56B7B06378471C5E0981DEE511886B] - (.Compaq Computer Corporation - Easy Access Software Demon.) -- C:\Program Files (x86)\Compaq\Easy Access Button Support\CPQEADM.exe   [438272] [PID.3736]
[MD5.D4D610A410ABFA4A8AFC8E3AC49F5D4C] - (.Compaq Computer Corporation - Compaq Easy Access USB Keyboard Driver.) -- C:\Compaq\EAKDRV\EAUSBKBD.exe   [90112] [PID.3764]
[MD5.3D9233257829B193EECE65AA28C4B25C] - (.Compaq Computer Corporation - Button Server.) -- C:\Program Files (x86)\COMPAQ\Easy Access Button Support\BttnServ.exe   [122880] [PID.3788]
[MD5.81800928E0F713DF31F3393CC26F4013] - (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe   [1263952] [PID.4424]
[MD5.30043A612F93B30CF086824701400BE5] - (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe   [1219248] [PID.4512]  =>Toolbar.AVGSearch
[MD5.B0BF698030DB6561393AE753C6D3F936] - (.Google Inc. - Google Chrome.) -- C:\Users\pierre pele\AppData\Local\Google\Chrome\Application\chrome.exe   [1312720] [PID.6908]
[MD5.2D9A1A43307EC9BB267BE9F90B4AF0D5] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe   [6936576] [PID.2404]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe   [45248] [PID.1312]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe   [65192] [PID.1692]
[MD5.3DEBBECF665DCDDE3A95D9B902010817] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55144] [PID.1864]
[MD5.E42D201B0B53A94BD8E5B032EC83D843] - (.Skype Technologies S.A. - Skype C2C Service.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe   [3289208] [PID.1204]
[MD5.E2CA898E105C3F2B62DB130F28C73322] - (.Pas de propriétaire - ToolbarU Application.) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe   [990896] [PID.2032]  =>Toolbar.AVGSearch
[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe   [602392] [PID.2080]
[MD5.899C7993A7DE3061C74623F5523BC21D] - (.AVAST Software - avast! antivirus Update.) -- C:\Program Files\AVAST Software\Avast\setup\avast.setup   [6533200] [PID.2328]
~ Processes Running:  Scanned in 00mn 00s



---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\pierre pele\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] http://www.google.com
~ Google Browser:  Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\prefs.js
C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\user.js
M3 - MFPP: Plugins - [pierre pele] -- C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\searchplugins\askcom.xml
M3 - MFPP: Plugins - [pierre pele] -- C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\searchplugins\conduit.xml
M2 - MFEP: prefs.js [pierre pele - ct8k1hkg.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.4.6.20120119024823 (..)
M2 - MFEP: prefs.js [pierre pele - ct8k1hkg.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.9.0.3 (..)
M2 - MFEP: prefs.js [pierre pele - ct8k1hkg.default\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}] [] IncrediMail MediaBar 2 Community Toolbar v3.10.0.1 (..)
~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R3 - URLSearchHook: (no name) [64Bits] - {51a86bb3-6602-4c85-92a5-130ee4864f13} . (.Microsoft Corporation - Navigateur Internet.) (No version) -- (.not file.)
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: 14 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management:  Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys:  Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File:  Scanned in 00mn 05s
~ Nombre de lignes (Lines number): 15357



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) [64Bits] - {95B7759C-8C7F-4BF1-B163-73684A933233} Clé orpheline
~ BHO: 4 Legitimates Filtered in 00mn 00s



---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) [64Bits] - [HKLM]{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} Clé orpheline
~ Toolbar:  Scanned in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\pierre pele\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKCU\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe 
O4 - HKCU\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe 
O4 - HKCU\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe 
O4 - HKCU\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Wow6432Node\Run: [CPQEASYACC] . (.Compaq Computer Corporation - STARTEAK.) -- C:\Program Files (x86)\COMPAQ\Easy Access Button Support\StartEAK.exe 
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 
O4 - HKLM\..\Wow6432Node\Run: [YSearchProtection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe 
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe 
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Wow6432Node\Run: [DivXMediaServer] . (.DivX, LLC - DivX DLNA Media Server.) -- C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe 
O4 - HKLM\..\Wow6432Node\Run: [DivXUpdate] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe 
O4 - HKLM\..\Wow6432Node\Run: [vProt] . (.Pas de propriétaire - VProtect Application.) -- C:\Program Files (x86)\AVG Secure Search\vprot.exe   =>Toolbar.AVGSearch
O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe 
O4 - HKUS\S-1-5-21-3250661466-2910416858-3560452995-1001\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\pierre pele\AppData\Local\Google\Update\GoogleUpdate.exe 
O4 - HKUS\S-1-5-21-3250661466-2910416858-3560452995-1001\..\Run: [Messenger (Yahoo!)] . (.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe 
O4 - HKUS\S-1-5-21-3250661466-2910416858-3560452995-1001\..\Run: [Search Protection] . (.Yahoo! Inc - Yahoo! Application.) -- C:\Program Files (x86)\Yahoo!\Search Protection\SearchProtection.exe 
O4 - HKUS\S-1-5-21-3250661466-2910416858-3560452995-1001\..\Run: [HydraVisionDesktopManager] . (.AMD - HydraDM.) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe 
O4 - HKUS\S-1-5-21-3250661466-2910416858-3560452995-1001\..\Run: [Skype] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
~ Application:  Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: Adobe Photoshop Elements 2.0.lnk . (.Adobe Systems, Incorporated - Adobe Photoshop Elements.)  -- C:\Program Files (x86)\Adobe\Photoshop Elements 2\PhotoshopElements.exe 
O4 - GS\TaskBar: avast! Free Antivirus.lnk . (...)  -- C:\Program Files (x86)\AVAST Software\Avast\AvastUI.exe (.not file.)
O4 - GS\TaskBar: CCleaner.lnk . (.Piriform Ltd - CCleaner.)  -- C:\Program Files\CCleaner\CCleaner64.exe 
O4 - GS\TaskBar: EPSON Scan.lnk . (.SEIKO EPSON CORP. - EPSON Scan.)  -- C:\Windows\twain_32\escndv\escndv.exe 
O4 - GS\TaskBar: Google Chrome.lnk . (.Google Inc. - Google Chrome.)  -- C:\Users\pierre pele\AppData\Local\Google\Chrome\Application\chrome.exe 
O4 - GS\TaskBar: Logitech Media Server.lnk . (.Logitech Inc. - Logitech Media Server Tray Icon.)  -- C:\Program Files (x86)\Squeezebox\SqueezeTray.exe 
O4 - GS\TaskBar: OpenOffice.org 3.3.lnk . (.OpenOffice.org - OpenOffice.org 3.3.)  -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe 
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.)  -- C:\Windows\explorer.exe 
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 
O4 - GS\Programs: Windows Install Clean Up.lnk . (...)  -- C:\Users\pierre pele\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe
O4 - GS\QuickLaunch: Quick Media Converter.lnk . (.Cocoon Software - Quick Media Converter  Next Generation HD.)  -- C:\Program Files\QuickMediaConverter\QuickMediaConverter.exe 
O4 - GS\QuickLaunch: Yahoo! Messenger.lnk . (.Yahoo! Inc. - Yahoo! Messenger.)  -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe 
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - Éditeur de caractères privés.)  -- C:\Windows\system32\eudcedit.exe 
O4 - GS\SendTo: AVS Mobile Uploader.lnk . (.Online Media Technologies Ltd. - AVS Mobile Uploader.)  -- C:\Program Files (x86)\Common Files\AVSMedia\MobileUploader\AVSMobileUploader.exe 
O4 - GS\SendTo: AVS Video Burner.lnk . (.Online Media Technologies Ltd. - AVS Video Burner.)  -- C:\Program Files (x86)\Common Files\AVSMedia\BurnerService\AVSVideoBurner.exe 
O4 - GS\SendTo: AVS Video Uploader.lnk . (.Online Media Technologies Ltd. - AVS Video Uploader.)  -- C:\Program Files (x86)\Common Files\AVSMedia\VideoUploader\AVSVideoUploader.exe 
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft  Windows Fax and Scan.)  -- C:\Windows\system32\WFS.exe 
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.)  -- C:\Program Files (x86)\Skype\Phone\Skype.exe 
O4 - GS\Desktop: 006 - Raccourci.lnk . (...)  -- D:\Sauvegarde PC Fixe\Pictures\2011-07-15\006.JPG 
O4 - GS\Desktop: Advanced Uninstaller PRO 11.lnk . (.Innovative Solutions - Advanced Uninstaller.)  -- C:\Program Files (x86)\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe 
O4 - GS\Desktop: AVS Audio Converter.lnk . (.Online Media Technologies Ltd. - AVS Audio Converter.)  -- C:\Program Files (x86)\AVS4YOU\AVSAudioConverter\AVSAudioConverter.exe 
O4 - GS\Desktop: AVS Media Player.lnk . (.Online Media Technologies Ltd. - AVS Media Player.)  -- C:\Program Files (x86)\AVS4YOU\AVSMediaPlayer\AVSMediaPlayer.exe 
O4 - GS\Desktop: AVS Video Converter.lnk . (.Online Media Technologies Ltd. - Video Converter.)  -- C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe 
O4 - GS\Desktop: AVS4YOU Software Navigator.lnk . (.Online Media Technologies Ltd. - Pas de description.)  -- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe 
O4 - GS\Desktop: DivX Movies.lnk . (...)  -- C:\Users\pierre pele\Videos\DivX Movies 
O4 - GS\Desktop: DSC00241 - Raccourci.lnk . (...)  -- D:\101MSDCF\DSC00241.JPG 
O4 - GS\Desktop: DVDVideoSoft Free Studio.lnk . (.DvdVideoSoft Ltd. - FreeStudioManager.)  -- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
O4 - GS\Desktop: FoxTab Music Converter.lnk . (...)  -- C:\Program Files (x86)\FoxTabMusicConverter\AudioConverter.exe
O4 - GS\Desktop: Free AVI Video Converter.lnk . (.DVDVideoSoft Ltd. - Free All Converter.)  -- C:\Program Files (x86)\DVDVideoSoft\Free AVI Video Converter\FreeAVIVideoConverter.exe 
O4 - GS\Desktop: Free DVD Video Converter.lnk . (.DVDVideoSoft Ltd. - Free DVD Video Converter.)  -- C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Converter\FreeDVDVideoConverter.exe 
O4 - GS\Desktop: Logitech Media Server.lnk . (.Logitech Inc. - Logitech Media Server Tray Icon.)  -- C:\Program Files (x86)\Squeezebox\SqueezeTray.exe 
O4 - GS\Desktop: m4ng_v3.lnk . (.w2w Te@m - m4ng.)  -- C:\Program Files (x86)\m4ng_v3\m4ng_v3.exe 
O4 - GS\Desktop: Portforward Setup Static IP Address.lnk . (.Portforward.com - Portforward Static IP Address.)  -- C:\Program Files (x86)\PFStaticIP\PFStaticIP.exe 
O4 - GS\Desktop: sauvegarder et eteindre.lnk . (.Luis Cobian, CobianSoft - Cobian Backup Boletus. Main application.)  -- C:\Program Files (x86)\Cobian Backup 10\Cobian.exe 
O4 - GS\Desktop: SubRip.lnk . (...)  -- C:\Program Files (x86)\SubRip\SubRip.exe
O4 - GS\Desktop: VirtualDubMod - Raccourci.lnk . (...)  -- C:\Users\pierre pele\Downloads\VirtualDubMod.exe
O4 - GS\Desktop: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.)  -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe 
~ Global Startup:  Scanned in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Skype Click to Call [64Bits] - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- c:\program files (x86)\skype\toolbars\internet explorer x64\icon.ico
~ IE Extra Buttons:  Scanned in 00mn 00s



---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
~ Objets ActiveX:  Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{04AAFA9D-EEAD-4E92-A671-513F3D4DF517}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{04AAFA9D-EEAD-4E92-A671-513F3D4DF517}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{04AAFA9D-EEAD-4E92-A671-513F3D4DF517}: DhcpNameServer = 89.2.0.1 89.2.0.2
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 89.2.0.1 89.2.0.2
~ Domain:  Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (...) -- 
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Protocole Additionnel:  Scanned in 00mn 00s



---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: GoToAssist . (...) -- C:\Program Files (x86)\Citrix\GoToAssist\508\G2AWinLogon_x64.dll (.not file.)
~ Winlogon:  Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service:  (vToolbarUpdater15.0.0) . (.Pas de propriétaire - ToolbarU Application.) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
~ Services: 9 Legitimates Filtered in 00mn 07s



---\\ Tâches planifiées en automatique (O39)
[MD5.00000000000000000000000000000000] [APT] [{21E50DD6-66E4-4327-8A17-92117BD245F6}] (...) -- C:\Users\pierre pele\Downloads\epson12688.exe (.not file.)   [0]
[MD5.57B0AAD108C5FA2293C3D4B5B6F3E247] [APT] [{3A7B6CAC-3F08-4759-A7CF-B200FC29E658}] (.Logitech Inc..) -- C:\Program Files (x86)\Squeezebox\SqueezeTray.exe   [3051619]
[MD5.32D178C7963FD4C2E289CEA54C072D7E] [APT] [{3B85E5B0-8674-4D8F-B89F-0DD18503FE93}] (...) -- C:\Program Files (x86)\Neodivx\Neodivx93.exe   [4030464]
[MD5.00000000000000000000000000000000] [APT] [{4E5A5022-9F35-4F5D-A9B4-A6CB66DA1E59}] (...) -- C:\Users\pierre pele\Downloads\ML-1660_Print(1).exe (.not file.)   [0]
[MD5.560D63209A339CC9F0B94DA9C5712047] [APT] [{533C6FD3-E4BF-450E-A6DE-1E8CE5FE9C8F}] (.Apple Inc..) -- C:\Users\pierre pele\Downloads\iTunes64Setup.exe   [70556528]
[MD5.00000000000000000000000000000000] [APT] [{68AECDBB-C0C8-407F-AF3F-78E4B97DA050}] (...) -- D:\ftpdf_inst.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{708E2691-37CE-47B3-A93F-0BFFBBD1D498}] (...) -- C:\Program Files (x86)\BitZipper\BITZIPPER.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{725BFF9C-490E-4A3D-AC73-32BF1D33BC63}] (...) -- C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (.not file.)   [0]
[MD5.560D63209A339CC9F0B94DA9C5712047] [APT] [{81030C7F-EB4A-43FF-B119-39DA7C39B7F8}] (.Apple Inc..) -- C:\Users\pierre pele\Downloads\iTunes64Setup.exe   [70556528]
[MD5.32D178C7963FD4C2E289CEA54C072D7E] [APT] [{81B779B0-EFC9-47ED-98AF-EE732570DBE1}] (...) -- C:\Program Files (x86)\Neodivx\Neodivx93.exe   [4030464]
[MD5.00000000000000000000000000000000] [APT] [{83E0F7BC-A68A-4F40-A8A4-EDB4FDF84F64}] (...) -- C:\ubuntu\uninstall-wubi.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{857997B0-7ADA-4C1C-9723-F8E2C134DC83}] (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (.not file.)   [0]
[MD5.52EE70A0DE4C235E002E56CC6367E0A5] [APT] [{8F5132A2-72EA-4FEB-B15F-B5140977EC7A}] (.AVI ReComp Team.) -- C:\Program Files (x86)\AVI ReComp\Uninstall.exe   [3379221]
[MD5.00000000000000000000000000000000] [APT] [{9973A482-B87F-48E3-AFFC-71CDABAC0339}] (...) -- C:\Users\pierre pele\Downloads\Vuze_Installer(1).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{997E45DC-F9F4-4051-92D4-8053A46B3476}] (...) -- C:\Users\pierre pele\Downloads\VLCSetup(1).exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{9A235121-3ECF-4240-A284-4D9622982E5E}] (...) -- C:\Temp\i560_2KXP_v171\setup.exe (.not file.)   [0]
[MD5.308E0C5F86214591E9BD32F9AD536208] [APT] [{9C532BE1-3851-4F0E-AE95-2CF0BB97AED9}] (.Apple Inc..) -- C:\Users\pierre pele\Downloads\QuickTimeInstaller.exe   [39401336]
[MD5.32D178C7963FD4C2E289CEA54C072D7E] [APT] [{A9ADC870-C535-4A09-BE20-E7936C616480}] (...) -- C:\Program Files (x86)\Neodivx\Neodivx93.exe   [4030464]
[MD5.D1E1383A06C5C50273250A06EF360525] [APT] [{B8154742-FD8B-4361-BB01-08C4BCD29B58}] (.ADLSoftware.) -- C:\Program Files (x86)\ADLSoft UnCompressor\FileUncompresser.exe   [744448]
[MD5.295D5E5A84E07826FA27D5367645157A] [APT] [{BA6FDAC0-40F8-47A2-A45C-2B371E80777D}] (.Mateusz Gola (aka Prozac).) -- C:\Program Files (x86)\AVI ReComp\AVIReComp.exe   [1106432]
[MD5.32D178C7963FD4C2E289CEA54C072D7E] [APT] [{C350C467-11CF-4227-B979-CEB4A1C8D5BD}] (...) -- C:\Program Files (x86)\Neodivx\Neodivx93.exe   [4030464]
[MD5.00000000000000000000000000000000] [APT] [{CE64E4E4-CEE9-41AC-B4A4-040EB3EDA08C}] (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D072F28E-6CD4-4F47-B50C-EE3F045A2E31}] (...) -- C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{D7E0FB7B-C0C5-4227-9FB0-610B36A3BB6A}] (...) -- C:\Users\pierre pele\Downloads\i560_2KXP_v171.exe (.not file.)   [0]
[MD5.2A0DD9961ED969EB10781DBC57EBA9CC] [APT] [{E955BACF-3763-470C-B284-19F281FBF4A4}] (.Apple Inc..) -- C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe   [1234808]
[MD5.295D5E5A84E07826FA27D5367645157A] [APT] [{EEADE6C8-8D64-4396-905D-8ED472BB7F2B}] (.Mateusz Gola (aka Prozac).) -- C:\Program Files (x86)\AVI ReComp\AVIReComp.exe   [1106432]
[MD5.00000000000000000000000000000000] [APT] [{F2D22137-1757-400F-97B7-050A1E259D95}] (...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (.not file.)   [0]
[MD5.00000000000000000000000000000000] [APT] [{F82D7CE3-4F4F-480E-B7AF-A4F2671482FB}] (...) -- C:\Users\pierre pele\Downloads\aomwin110ea24.exe (.not file.)   [0]
~ Scheduled Task: 75 Legitimates Filtered in 00mn 05s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: (EAWDMFD) . (. - .) - C:\Windows\system32\drivers\EAWDMFD.sys (.not file.)
~ Drivers: 72 Legitimates Filtered in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: AC3File 0.6b - (.Alexander Vigovsky.) [HKLM][64Bits] -- AC3File_is1
O42 - Logiciel: Configuration de support bouton Easy Access - (...) [HKLM][64Bits] -- {93539D60-1817-11D1-9504-00805F26A89C}
O42 - Logiciel: Downloader Qobuz - (...) [HKLM][64Bits] -- Downloader Qobuz
O42 - Logiciel: Exact Audio Copy 1.0beta3 - (.Andre Wiethoff.) [HKLM][64Bits] -- Exact Audio Copy
O42 - Logiciel: PERF4990P Guide de référence - (...) [HKLM][64Bits] -- PERF4990P Guide de référence
O42 - Logiciel: Portforward Static IP Address 1.0.47 - (.Portforward.com.) [HKLM][64Bits] -- Portforward Static IP Address
O42 - Logiciel: SubRip 1.17.1 (remove only) - (...) [HKLM][64Bits] -- SubRip
O42 - Logiciel: UnfriendApp - (.UnfriendApp.) [HKLM][64Bits] -- UnfriendApp
~ Logic: 109 Legitimates Filtered in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\AppDataLow\Software\DynConIE]
[HKCU\Software\AppDataLow\Software\toolbar]
[HKCU\Software\BflixInstaller]
[HKCU\Software\CDCoverDownloader]
[HKCU\Software\Downloader Qobuz]
[HKCU\Software\DynConIE]
[HKCU\Software\IM]
[HKCU\Software\ImInstaller]
[HKCU\Software\IncrediMail]
[HKCU\Software\Softonic]
[HKCU\Software\SubRip]
[HKLM\Software\Tarma Installer]  =>Toolbar.Tarma
[HKLM\Software\Wow6432Node\ImInstaller]
~ Key Software: 245 Legitimates Filtered in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/10/2012 - 23:08:29 - [1,028] ----D C:\Program Files (x86)\AC3File
O43 - CFD: 17/04/2013 - 17:45:10 - [0] ----D C:\Program Files (x86)\Amazon
O43 - CFD: 19/04/2013 - 20:47:26 - [0,944] ----D C:\Program Files (x86)\Downloader Qobuz
O43 - CFD: 06/12/2011 - 16:57:07 - [15,821] ----D C:\Program Files (x86)\Exact Audio Copy
O43 - CFD: 09/10/2012 - 17:43:10 - [0] ----D C:\Program Files (x86)\No1 DVD Ripper
O43 - CFD: 17/04/2013 - 17:34:45 - [0,334] ----D C:\Program Files (x86)\PFStaticIP
O43 - CFD: 15/11/2012 - 14:04:36 - [74,323] ----D C:\Program Files (x86)\Squeezebox
O43 - CFD: 23/10/2012 - 16:03:59 - [1,101] ----D C:\Program Files (x86)\SubRip
O43 - CFD: 18/02/2013 - 12:09:31 - [0,844] ----D C:\Program Files (x86)\UnfriendApp
O43 - CFD: 26/03/2011 - 13:25:43 - [0,000] ----D C:\ProgramData\Driver Mender
O43 - CFD: 25/11/2011 - 12:18:50 - [0,000] ----D C:\ProgramData\IM
O43 - CFD: 25/11/2011 - 12:18:12 - [0,012] ----D C:\ProgramData\IncrediMail
O43 - CFD: 10/04/2011 - 19:35:02 - [0,606] ----D C:\ProgramData\InstallMate
O43 - CFD: 10/04/2011 - 19:35:02 - [0] ----D C:\ProgramData\Premium
O43 - CFD: 16/04/2012 - 14:53:40 - [60,430] ----D C:\ProgramData\Squeezebox
O43 - CFD: 02/12/2011 - 13:23:46 - [1,672] ----D C:\ProgramData\Tarma Installer  =>Toolbar.Tarma
O43 - CFD: 18/07/2011 - 16:33:16 - [32,260] ----D C:\Users\pierre pele\AppData\Roaming\Azureus
O43 - CFD: 30/10/2012 - 18:29:53 - [0,027] ----D C:\Users\pierre pele\AppData\Roaming\Gestionnaire de Téléchargements Qobuz
O43 - CFD: 10/04/2012 - 12:48:37 - [0,871] ----D C:\Users\pierre pele\AppData\Roaming\KeySafe
O43 - CFD: 18/04/2013 - 12:04:26 - [0,003] ----D C:\Users\pierre pele\AppData\Roaming\PFStaticIP
O43 - CFD: 25/11/2011 - 12:19:26 - [8,209] ----D C:\Users\pierre pele\AppData\Local\IM
O43 - CFD: 19/10/2011 - 10:57:30 - [0,004] ----D C:\Users\pierre pele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Downloader Qobuz
O43 - CFD: 17/04/2013 - 17:34:45 - [0,002] ----D C:\Users\pierre pele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portforward.com
O43 - CFD: 23/10/2012 - 16:03:59 - [0] ----D C:\Users\pierre pele\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SubRip
~ Program Folder: 237 Legitimates Filtered in 00mn 03s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Assistant DartyBox  [Key] . (...) -- C:\Program Files (x86)\DartyBoxTHD_v1\NetGear\AssistantDB\AssistantDB_Netgear.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\avast  [Key] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O53 - SMSR:HKLM\...\startupreg\eBayToolbar  [Key] . (.eBay Inc. - eBay Toolbar Daemon.) -- C:\Program Files (x86)\eBay\eBay Toolbar2\eBayTBDaemon.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Plugin Install  [Key] . (...) -- C:\Program Files (x86)\QuickTime\Plugins\DeleteMe1.exe
O53 - SMSR:HKLM\...\startupreg\Samsung PanelMgr  [Key] . (...) -- C:\Windows\Samsung\PanelMgr\ssmmgr.exe
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoLowDiskSpaceChecks"=1
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 5 Legitimates Filtered in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [491088]
O58 - SDL:[MD5.0211AB46B73A2623B86C1CFCB30579AB] - 29/07/2009 - 17:55:42 ----- . (.Samsung Electronics - Port Contention Driver.) -- C:\Windows\SysWOW64\drivers\SSPORT.SYS   [11576]
O58 - SDL:[MD5.527B954BEBE8BB486D99EE10F458B160] - 23/10/2012 - 15:52:04 RSH-- . (...) -- C:\Windows\SysWOW64\7371B0FA33.sys   [56]
~ Drivers:  Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS:  Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\pierre pele\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Keys:  Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\searchplugins\askcom.xml
O69 - SBI: C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\searchplugins\conduit.xml
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091..clientLogIsEnabled", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.BrowserCompStateIsOpen_1000515", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.CT2504091", "CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.CurrentServerDate", "27-10-2011");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.DSInstall", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.DialogsAlignMode", "LTR");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.DialogsGetterLastCheckTime", "Thu Oct 27 2011 17:27:30 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.DownloadReferralCookieData", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.EMailNotifierPollDate", "Thu Oct 27 2011 17:27:28 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FeedLastCount129079840422964131", 10);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FeedPollDate128891351169457140", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FeedPollDate129079840422964131", "Thu Oct 27 2011 17:27:30 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FeedTTL128891351169457140", 40);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FirstServerDate", "24-10-2011");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FirstTime", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FirstTimeFF3", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.FixPageNotFoundErrors", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.GroupingServerCheckInterval", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.GroupingServiceUrl", "http://grouping.services.conduit.com/");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.HPInstall", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.HasUserGlobalKeys", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.HomePageProtectorEnabled", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.HomepageBeforeUnload", "http://fr.yahoo.com/");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.Initialize", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.InitializeCommonPrefs", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.InstallationAndCookieDataSentCount", 3);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.InstallationType", "Unknown");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.InstalledDate", "Mon Oct 24 2011 11:37:57 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.InvalidateCache", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsAlertDBUpdated", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsGrouping", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsInitSetupIni", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsMulticommunity", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsOpenThankYouPage", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsOpenUninstallPage", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.IsProtectorsInit", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.LanguagePackLastCheckTime", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.LastLogin_3.7.0.6", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.LatestVersion", "3.7.0.6");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.Locale", "en-us");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.MCDetectTooltipHeight", "83");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.MCDetectTooltipWidth", "295");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.MyStuffEnabledAtInstallation", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.OriginalFirstVersion", "3.7.0.6");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioIsPodcast", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioLastCheckTime", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioLastUpdateIPServer", "3");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioLastUpdateServer", "0");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioMediaID", "9962");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioMediaType", "Media Player");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioMenuSelectedID", "EBRadioMenu_CT25040919962");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioShrinkedFromSetup", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioStationName", "California%20Rock");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.RadioStationURL", "http://feedlive.net/california.asx");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchCaption", "Web Search");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchEngineBeforeUnload", "Web Search");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchFromAddressBarIsInit", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchInNewTabEnabled", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchInNewTabLastCheckTime", "Thu Oct 27 2011 17:27:28 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchProtectorEnabled", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SearchProtectorToolbarDisabled", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SendProtectorDataViaLogin", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ServiceMapLastCheckTime", "Thu Oct 27 2011 17:27:28 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SettingsLastCheckTime", "Thu Oct 27 2011 17:27:28 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.SettingsLastUpdate", "1317936558");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2504091&SearchSource=13");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ThirdPartyComponentsInterval", 504);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Mon Oct 24 2011 11:37:55 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1312887586");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ToolbarShrinkedFromSetup", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.TrusteLinkUrl", "http://trust.conduit.com/CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolb[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.UserID", "UN19227250431477905");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.ValidationData_Toolbar", 2);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.WeatherNetwork", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.WeatherPollDate", "Thu Oct 27 2011 17:27:30 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.WeatherUnit", "C");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.alertChannelId", "897164");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage._gpl_firstrun10100", "31333139343439313739");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.facebook_ctid_connect_send_new", "73656E646564");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.facebook_mode", "32");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.facebook_user_locale", "6672");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_aoi", "31333139343439303831");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_ccid", "50757465617578");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_cdtr2", "31333139343439303937");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_cdtr6", "31333139343439303933");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_cid", "4652");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_ip", "38392E3135382E3233362E313536");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_lcut", "31333139373239323532");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_pid", "31303231");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_rid", "4138");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.for_zoneid", "3130313537");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.backendstorage.http://dl_gameplaylabs_com/items/conduit/temp._gpl_firstrun10100", "31333139343439313739");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.components.1000082", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.components.1000234", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.components.1000515", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;se[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.globalFirstTimeInfoLastCheckTime", "Thu Oct 27 2011 17:27:30 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.homepageProtectorEnableByLogin", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.initDone", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.isAppTrackingManagerOn", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.isFirstRadioInstallation", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.myStuffEnabled", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.myStuffPublihserMinWidth", 400);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&oct[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.myStuffServiceIntervalMM", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.oldAppsList", "129079840421557838,129079840422026594,111,129079849636241789,129079840422182852,12907984042233[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.revertSettingsEnabled", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.searchProtectorDialogDelayInSec", 10);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.searchProtectorEnableByLogin", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.testingCtid", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.toolbarAppMetaDataLastCheckTime", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.toolbarContextMenuLastCheckTime", "Mon Oct 24 2011 11:37:57 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.undefined", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CT2504091.usagesFlag", 2);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ConduitSearchList", "Web Search");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/897164/892962/FR", "\"0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/FR", "\"0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", "\"0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2776682", "\"1306305176\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJ[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "wVmmvqqOMqrv5xct[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "poKjTfHs0NrVUIalKI8j[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZ[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlU[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "Dclc8oo4TTv7+mAk[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "SuMy8xgBA7+FodOxmk9aiQ[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdX[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"0c2e55e22f5cb1:eaa\"")[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"07b2625f8cb1:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.0.6", "\"6a637346d78ccc1:0\"")[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091", "\"634553316085800000\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2776682", "\"634416823708270000\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=CT2504091", "\"1317936558\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2504091/CT2504091", "\"1301829146\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2776682/CT2776682", "\"1306313803\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Mint/equalizer_dead.gif", "\"0594c8b730c81:0\"")[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Mint/minimize.gif", "\"03dd14b630c81:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Mint/play.gif", "\"0e68497830c81:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Mint/stop.gif", "\"086aabd830c81:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Mint/vol.gif", "\"066c1cd630c81:0\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"634410529136300000\"");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"ff4138e54bf78603ea9384b6a8c8c1[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.EngineHiddenByUser", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.EngineOwner", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.EngineOwnerGuid", "{ba14329e-9550-4989-b3f2-9732e92d17cc}");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.EngineOwnerToolbarId", "vuze_remote");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.IsEngineShown", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\pierre pele\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\ct8k1h[...]
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.OriginalEngineOwner", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://fr.search.yahoo.com/search?ei=UTF-8&fr=ytff-tyc&p=");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ToolbarsList", "CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ToolbarsList2", "CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.ToolbarsList4", "CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Sun Apr 10 2011 19:29:47 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Jul 13 2011 11:45:44 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.locale", "en");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Jul 13 2011 11:45:37 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.showTrayIcon", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.alert.userId", "62267cda-a923-4b16-9eae-2375ce8c629e");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.globalUserId", "8660c9ca-e802-4f5b-b8c6-ef20c51e2dbc");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2504091");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.killedEngine", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Oct 24 2011 11:37:58 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.alertEnabled", true);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Thu Oct 27 2011 17:27:37 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.locale", "en");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Oct 27 2011 17:27:29 GMT+0200");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.showTrayIcon", false);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.notifications.userId", "b4c28810-d735-4771-963f-cfc019989379");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.originalHomepage", "http://fr.yahoo.com/");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.originalSearchEngine", "eBay France");
O69 - SBI: prefs.js [pierre pele - ct8k1hkg.default] user_pref("CommunityToolbar.undefined", "");
O69 - SBI: SearchScopes [HKCU] {08DB68ED-C327-4651-8533-5739B4D35488} - (Yahoo!) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {5E5C8547-3A80-4AC9-9F7D-39BE59235FCF} - (Flickr) - http://www.flickr.com
O69 - SBI: SearchScopes [HKCU] {80249FF3-C08D-4794-854F-A54CB424D800} - (Amazon) - http://fr.amazon.smart-search.com
O69 - SBI: SearchScopes [HKCU] {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - (Web Search) - http://search.conduit.com
O69 - SBI: SearchScopes [HKCU] {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {DF95B734-CD2C-47D8-B859-97F04FF0644E} - (Ask Search) - http://websearch.ask.com
~ Keys:  Scanned in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.ACF588A74FF6BA3AE846317263209960] [SPRF][29/03/2011] (...) -- C:\ProgramData\ezsidmv.dat   [56]
[MD5.C0B00B2903746C7747B9DC2EE6971535] [SPRF][23/10/2012] (.ffdshow - ffdshow Setup.) -- C:\Users\pierre pele\Desktop\ffdshow_rev4096_20111129.exe   [4692482]
[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll   [24576]
[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe   [196608]
[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [SPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll   [172032]
~ Files:  Scanned in 00mn 00s



---\\ Scan Additionnel (O88)
Database Version : v2.11631 - (21/04/2013)
Clés trouvées (Keys found) : 51
Valeurs trouvées (Values found) : 1
Dossiers trouvés  (Folders found) : 10
Fichiers trouvés  (Files found) : 1

[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423E-A425-0370799166FB}]   =>PUP.OfferBox
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}]   =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}]   =>Toolbar.Skype
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}]   =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}]   =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]   =>Toolbar.Skype
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}]   =>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}]   =>Toolbar.Conduit
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}]   =>Toolbar.Agent
[HKLM\Software\Classes\AppID\ScriptHelper.EXE]   =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi]   =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1]   =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE]   =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1]   =>Toolbar.Agent
[HKCU\Software\Softonic]   =>Toolbar.Conduit
[HKLM\Software\Tarma Installer]   =>Toolbar.Agent
[HKCU\Software\AppDataLow\Software\Toolbar]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]   =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion]   =>Toolbar.Yahoo
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASAPI32]   =>Toolbar.Conduit
[HKLM\Software\Wow6432Node\Microsoft\Tracing\ConduitInstaller_RASMANCS]   =>Toolbar.Conduit
[HKLM\Software\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE]   =>PUP.SweetIM
[HKLM\Software\Wow6432Node\Classes\Toolbar3.SWEETIE.1]   =>PUP.SweetIM
[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440}   =>Adware.AskSBAR
C:\Program Files (x86)\AVG Secure Search   =>Toolbar.AVGSearch
C:\Program Files (x86)\Common Files\AVG Secure Search   =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search   =>Toolbar.AVGSearch
C:\ProgramData\InstallMate   =>Toolbar.Agent
C:\Users\pierre pele\AppData\Local\AVG Secure Search   =>Toolbar.AVGSearch
C:\Users\pierre pele\AppData\Local\Conduit   =>Toolbar.Conduit
C:\Users\pierre pele\AppData\LocalLow\AVG Secure Search   =>Toolbar.AVGSearch
C:\Users\pierre pele\AppData\LocalLow\BrotherSoft_Extreme   =>Toolbar.Conduit
C:\Users\pierre pele\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\Conduit   =>Toolbar.Conduit
C:\Users\pierre pele\AppData\Roaming\Mozilla\Firefox\Profiles\ct8k1hkg.default\SearchPlugins\conduit.xml   =>Toolbar.Conduit
~ Additionnel Scan: 184321 Items scanned in 00mn 23s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "9CB9852F5E9106644A40F7E73C4EC1BB" . (.Neodivx.) -- C:\Windows\Installer\{F2589BC9-19E5-4660-A404-7F7EC3E41CBB}\ARPPRODUCTICON.exe
~ Update Products: 84 Legitimates Filtered in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/12/2012 65192 |  (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 18/04/2013 256904 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 27/06/2011 204288 |  (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe
SR - | Auto 11/06/2012 361984 |  (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
SR - | Auto 24/10/2011 55144 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 06/03/2013 45248 |  (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 19/03/2013 3289208 |  (Skype C2C Service) . (.Skype Technologies S.A..) - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
SS - | Auto 28/02/2013 161384 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SR - | Auto  990896 |  (vToolbarUpdater15.0.0) . (...) - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe  =>Toolbar.AVGSearch
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto  0 |  (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 09/11/2008 602392 |  (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
~ Services:  Scanned in 00mn 00s



~ 1256 Legitimates filtered by white list
End of the scan (801 lines in 01mn 04s)(0)