Rapport de ZHPDiag v1.3.5.60 par Nicolas Coolman, Update du 12/02/2013
Run by Gael at 13/02/2013 11:18:38
State : 
UAC : Deactivate by user


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 18.0.2 v18.0.2 (Defaut)

---\\ Windows Product Information
~ Langage: Français
Windows Vista Home Basic Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_COA_NSLP channel
Windows ID Activation : OK
~ Windows Partial Key : PPTX6
Windows License : OK
Windows Automatic Updates : OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070 MB (65% free)
System Restore: Activé (Enable)
System drive C: has 264 GB (56%) free of 466 GB

---\\ Logged in mode
~ Computer Name: PC-DE-GAEL
~ User Name: Gael
~ All Users Names: UpdatusUser, Gael, Administrateur, 
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Gael\AppData\Roaming\
~ %Desktop% : C:\Users\Gael\Desktop\
~ %Favorites% : C:\Users\Gael\Favorites\
~ %LocalAppData% : C:\Users\Gael\AppData\Local\
~ %StartMenu% : C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 264 Go of 466 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
~ Scan Security Center in 00mn 00s



---\\ Recherche particulière de fichiers génériques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:33:13.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.5553611E2F9EA6F613079177F1233068] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.15/10/2012 - 23:53:20.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:33:23.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:32:45.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:34:06.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:34:44.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:32:22.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.147281C01FCB1DF9252DE2A10D5E7093] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/04/2009 - 07:32:55.) -- C:\Windows\system32\Drivers\volsnap.sys [226280]
~ Scan Generic Processes in 00mn 00s



---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/5
~ Mes musiques (My Musics) : 1/23
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/1645
~ Mon Bureau (My Desktop) : 1/1470
~ Menu demarrer (Programs) : 1/27
~ Scan Hidden Files in 00mn 02s



---\\ Processus lancés
[MD5.46BAB9B8225F4E90F6BEADA249E36AAA] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe   [1822136] [PID.3036]
[MD5.E3F058D8721EA53BEAB9079A8FB53FD7] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe   [7600672] [PID.3332]
[MD5.9F0BE235A0136EA9E94CF9BD037C30EC] - (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe   [348664] [PID.3340]
[MD5.E4401CF27225C1D6E664E86195978562] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe   [152544] [PID.3380]
[MD5.12916E0642E92561C98B18A2A2D01B14] - (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe   [252848] [PID.3388]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe   [69120] [PID.2256]
[MD5.3708CCEE4878EB0B9E7B92355A631853] - (.Microsoft Corporation - Aide et support Microsoft®.) -- C:\Windows\helppane.exe   [498176] [PID.3884]
[MD5.58ED0528F2B1BFB3301BC10E0E707C35] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe   [917400] [PID.1556]
[MD5.B45F1D52C0A9519028BD95D34FFAB216] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe   [17304] [PID.2552]
[MD5.476FD5F12C0FF32CDF0A179320FCB726] - (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe   [1808240] [PID.2956]
[MD5.8906FFADDF99ACCB5C751E75E879481F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe   [5676032] [PID.2464]
[MD5.B785320CBCF5021DE9945C803696C511] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 310.9.) -- C:\Windows\system32\nvvsvc.exe   [639928] [PID.928]
[MD5.00FCEC4DA4198F5F2B9BBD9225842568] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe   [383416] [PID.944]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe   [3408896] [PID.1196]
[MD5.B458A95F12D36F55F98A42FD66BAEBFA] - (.Avira Operations GmbH & Co. KG - Avira Scheduler.) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe   [86224] [PID.1580]
[MD5.D8B5EACD4AF25E92FF9CE3C4980C0D73] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe   [873400] [PID.1668]
[MD5.CC3110EEF77AA0810CAA03741168BA8F] - (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe   [110032] [PID.1948]
[MD5.A5299D04ED225D64CF07A568A3E1BF8C] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe   [55184] [PID.2028]
[MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe   [390504] [PID.124]
[MD5.205E1B699FD3F2F9B036EEA2EC30C620] - (...) -- C:\Windows\system32\PnkBstrA.exe   [76888] [PID.1792]
[MD5.9F3E7CABE86BBDECA009DE291DB6D9E2] - (.TeamViewer GmbH - TeamViewer 8.) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe   [3467768] [PID.2200]
[MD5.E869E31D3FD7B6314EEFEA4304C413CA] - (.Avira Operations GmbH & Co. KG - Avira Shadow Copy Service.) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe   [80336] [PID.2872]
[MD5.E8A39D41474BE42FD8830CED32932D6C] - (.Apple Inc. - iPodService Module (32-bit).) -- C:\Program Files\iPod\bin\iPodService.exe   [553440] [PID.3624]
[MD5.D2B064796C369F82E96397F721C4A29D] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe   [1260472] [PID.2208]
~ Scan Processes Running in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions  (P2,M0,M1,M2,M3)
C:\Users\Gael\AppData\Roaming\Mozilla\Firefox\Profiles\2m6d1cv2.default\prefs.js
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Gael] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml
M0 - MFSP: prefs.js [Gael - 2m6d1cv2.default] www.google.fr
M2 - MFEP: prefs.js [Gael - 2m6d1cv2.default\battlefieldplay4free@ea.com] [] Battlefield Play4Free v1.0.80.2 (.EA Digital Illusions CE AB.)
P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.13.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.13.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.13.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.5.0.3.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll
P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVision] - (.NVIDIA Corporation - NVIDIA 3D Vision plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
P2 - FPN: [HKLM] [@nvidia.com/3DVisionStreaming] - (.NVIDIA Corporation - NVIDIA 3D Vision Streaming plugin for Mozilla browsers.) -- C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.3] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s



---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
R3 - URLSearchHook: (no name) - {05eeb91a-aef7-4f8a-978f-fb83e7b03f8e} . (.Pando Networks - Pando Web Plugin.) (No version) -- (.not file.)
~ Scan IE Browser in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Scan Keys in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 02s
~ Nombre de lignes (Lines number): 15316



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files\Java\jre7\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s



---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe 
O4 - HKLM\..\Run: [avgnt] . (.Avira Operations GmbH & Co. KG - Avira System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe 
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe 
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe 
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe 
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe 
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe 
O4 - HKCU\..\Run: [SpybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe 
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter]  oobefldr.dll 
O4 - HKUS\S-1-5-21-288328080-671806232-4008104332-1001-288328080-671806232-4008104332-1000\..\Run: [SpybotSD TeaTimer] Clé orpheline 
~ Scan Application in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2 PSG.lnk . (.Sony Online Entertainment.)  -- C:\Users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\LaunchPad.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Mail\WinMail.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Gael\Desktop\EasyCleaner.lnk . (.ToniArts.)  -- C:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
O4 - Global Startup: C:\Users\Gael\Desktop\NAS.url . (...)  -- C:\Users\Gael\Desktop\NAS.url
O4 - Global Startup: C:\Users\Gael\Desktop\SpeedMaxPc.lnk . (.SpeedMaxPc.)  -- C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
O4 - Global Startup: C:\Users\Gael\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.)  -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Gael\Desktop\SpywareBlaster.lnk . (...)  -- C:\Program Files\SpywareBlaster\spywareblaster.exe
O4 - Global Startup: C:\Users\Gael\Desktop\TERA.lnk . (.Solid State Networks.)  -- C:\Program Files\TERA\TERA-Launcher.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.)  -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Run.lnk - Clé orpheline
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.)  -- C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.)  -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - Global Startup: C:\Users\Gael\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..)  -- C:\Program Files\uTorrent\uTorrent.exe
~ Scan Global Startup in 00mn 00s



---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Clé orpheline
~ Scan IE Extra Buttons in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -- mswsock.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
~ Scan Winsock in 00mn 00s



---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains] *.clonewarsadventures.com
O15 - Trusted Zone: [HKCU\...\Domains] *.freerealms.com
O15 - Trusted Zone: [HKCU\...\Domains] *.soe.com
O15 - Trusted Zone: [HKCU\...\Domains] *.sony.com
~ Scan IE Zone Confiance in 00mn 01s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{F4EBF036-CCA1-4DA0-A749-DF01EA41D3A0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{F4EBF036-CCA1-4DA0-A749-DF01EA41D3A0}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{F4EBF036-CCA1-4DA0-A749-DF01EA41D3A0}: DhcpNameServer = 192.168.1.254
~ Scan Domain in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\system32\mshtml.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
~ Scan Protocole Additionnel in 00mn 00s



---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll
~ Scan SSODL in 00mn 00s



---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ Scan STS/SSO in 00mn 00s



---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Avira Planificateur (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG - Avira Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Protection temps réel (AntiVirService) . (.Avira Operations GmbH & Co. KG - Avira On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 310.9.) - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) . (.Safer Networking Ltd. - Spybot-S&D Security Center integration.) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Skype Updater (SkypeUpdate) . (.Skype Technologies - Skype Updater Service.) - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TeamViewer 8 (TeamViewer8) . (.TeamViewer GmbH - TeamViewer 8.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
~ Scan Services in 00mn 02s



---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) -  (.not file.)
O24 - Desktop General: BackupWallPaper - .(...) - C:\Windows\web\Wallpaper\img23.jpg
O24 - Desktop General: WallPaper - .(...) - C:\Windows\web\Wallpaper\img23.jpg
~ Scan Desktop Component in 00mn 00s



---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s



---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\Adobe Flash Player Updater.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SpeedMaxPc Registration3.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SpeedMaxPc Update3.job
O39 - APT:Automatic Planified Task  - C:\Windows\Tasks\SpeedMaxPc.job
[MD5.EC807244904FA170C299AB06D87FBDBE] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
[MD5.9CE3B11704038F711481ACD6BD9A9A5A] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe
[MD5.4EE51F2AAC8DB7B1973C9D7F5B8DCB81] [APT] [SpeedMaxPc] (.SpeedMaxPc.) -- C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe
[MD5.35DD2A44BA05F0D447520BB265E91810] [APT] [SpeedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files\Common Files\SpeedMaxPc\UUS3\Update3.exe
[MD5.00000000000000000000000000000000] [APT] [{9C6FCDB3-9DD3-4C7B-A870-A4376DA24D7F}] (...) -- C:\Users\Gael\Sony Online Entertainment\Installed Games\PlanetSide 2 PSG\Uninstaller.exe (.not file.)
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 01s



---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\system32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\system32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 11.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll
O40 - ASIC: Microsoft Windows Mail 7 - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll
O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
~ Scan Active Setup in 00mn 00s



---\\ Pilotes lancés au démarrage (O41)
O41 - Driver:  (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys
O41 - Driver:  (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\System32\DRIVERS\avipbb.sys
O41 - Driver:  (avkmgr) . (.Avira GmbH - Avira Manager Driver.) - C:\Windows\System32\DRIVERS\avkmgr.sys
O41 - Driver:  (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys
O41 - Driver:  (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\System32\DRIVERS\i8042prt.sys
O41 - Driver:  (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\System32\DRIVERS\kbdclass.sys
O41 - Driver:  (kbdhid) . (.Microsoft Corporation - Pilote de filtre clavier HID.) - C:\Windows\System32\DRIVERS\kbdhid.sys
O41 - Driver:  (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\System32\DRIVERS\mouclass.sys
O41 - Driver:  (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys
O41 - Driver:  (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys
O41 - Driver:  (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\System32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys
O41 - Driver:  (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\System32\DRIVERS\rasacd.sys
O41 - Driver:  (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\System32\DRIVERS\rdbss.sys
O41 - Driver:  (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys
O41 - Driver:  (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys
O41 - Driver:  (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\System32\DRIVERS\serial.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\System32\DRIVERS\smb.sys
O41 - Driver:  (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\System32\DRIVERS\ssmdrv.sys
O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys
O41 - Driver:  (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver:  (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys
~ Scan Drivers in 00mn 00s



---\\ Logiciels installés (O42)
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.2 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1033-7B44-A92000000001}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {CCE825DB-347A-4004-A186-5F4A6FDD8547}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {459699C3-9430-4381-964B-4248D87B49F9}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}
O42 - Logiciel: Avira Free Antivirus - (.Avira.) [HKLM] -- Avira AntiVir Desktop
O42 - Logiciel: Battlefield Play4Free - (.EA Digital illusions.) [HKLM] -- {87686C21-8A15-4b4d-A3F1-11141D9BE094}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {79155F2B-9895-49D7-8612-D92580E0DE5B}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: Canon MP270 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP270_series
O42 - Logiciel: EasyCleaner - (.ToniArts.) [HKLM] -- {F5346614-B7C4-4E94-826A-E2363155233D}
O42 - Logiciel: Java 7 Update 13 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83217013FF}
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {92606477-9366-4D3B-8AE3-6BE4B29727AB}
O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {4CAF09A9-9F84-4ED4-81E8-E9039ABA7D90}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Mises à jour NVIDIA 1.11.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update
O42 - Logiciel: Mozilla Firefox 18.0.2 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 18.0.2 (x86 fr)
O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM] -- MozillaMaintenanceService
O42 - Logiciel: Mumble 1.2.3 - (.Thorvald Natvig.) [HKLM] -- {E1019541-10A2-464F-A23E-A4F23DA65160}
O42 - Logiciel: NVIDIA Logiciel système PhysX 9.12.1031 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX
O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {8B922CF8-8A6C-41CE-A858-F1755D7F5D29}
O42 - Logiciel: NVIDIA Pilote 3D Vision 310.90 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision
O42 - Logiciel: NVIDIA Pilote audio HD : 1.3.18.0 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver
O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 310.90 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB
O42 - Logiciel: NVIDIA Pilote graphique 310.90 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver
O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: PunkBuster Services - (.Even Balance, Inc..) [HKLM] -- PunkBusterSvc
O42 - Logiciel: Realtek 8136 8168 8169 Ethernet Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Skype™ 5.10 - (.Skype Technologies S.A..) [HKLM] -- {EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}
O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46}
O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1
O42 - Logiciel: SpywareBlaster 4.6 - (.Javacool Software LLC.) [HKLM] -- SpywareBlaster_is1
O42 - Logiciel: TERA - (.Gameforge Productions GmbH.) [HKLM] -- {A2S166A0-F031-4E27-A057-C69733219434}_is1
O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client
O42 - Logiciel: TeamViewer 8 - (.TeamViewer.) [HKLM] -- TeamViewer 8
O42 - Logiciel: VLC media player 2.0.3 - (.VideoLAN.) [HKLM] -- VLC media player
O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver
O42 - Logiciel: applicationupdater - (.Sony Online Entertainment.) [HKCU] -- SOE-C:/Users/Gael/AppData/Local/Sony Online Entertainment/ApplicationUpdater
O42 - Logiciel: gamelauncher-ps2-psg - (.Sony Online Entertainment.) [HKCU] -- SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 PSG
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {B0261E53-B6F1-474A-864B-E7C3CBF468E0}
O42 - Logiciel: µTorrent - (.BitTorrent Inc..) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\JavaSoft]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Smartbar]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Avira]
[HKCU\Software\BitTorrent]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\Google]
[HKCU\Software\JavaSoft]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\MediaChance]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Mozilla]
[HKCU\Software\Mumble]
[HKCU\Software\NVIDIA Corporation]
[HKCU\Software\Netscape]
[HKCU\Software\Pando Networks]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Safer Networking Limited]
[HKCU\Software\Skype]
[HKCU\Software\SpeedMaxPc]
[HKCU\Software\TeamViewer]
[HKCU\Software\Trolltech]
[HKCU\Software\Wargaming.net]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\cybelsoft]
[HKLM\Software\AGEIA Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Avira]
[HKLM\Software\Bunndle]
[HKLM\Software\Canon]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Electronic Arts]
[HKLM\Software\EnigmaSoftwareGroup]
[HKLM\Software\Even Balance]
[HKLM\Software\GEAR Software]
[HKLM\Software\Gameforge Productions]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Khronos]
[HKLM\Software\Licenses]
[HKLM\Software\MSI]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NVIDIA Corporation]
[HKLM\Software\ODBC]
[HKLM\Software\Pando Networks]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\RTLSetup]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Riot Games]
[HKLM\Software\SRS Labs]
[HKLM\Software\Safer Networking Limited]
[HKLM\Software\Skype]
[HKLM\Software\SpeedMaxPc]
[HKLM\Software\SpywareBlaster]
[HKLM\Software\TeamViewer]
[HKLM\Software\ToniArts]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\WOW6432Node]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\X-AVCSD]
[HKLM\Software\cybelsoft]
[HKLM\Software\mozilla.org]
~ Scan Softwares in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 27/11/2012 - 23:46:44 - [136,500] ----D C:\Program Files\Adobe
O43 - CFD: 06/01/2013 - 18:33:07 - [0] ----D C:\Program Files\AGEIA Technologies
O43 - CFD: 13/10/2012 - 17:57:40 - [2,316] ----D C:\Program Files\Apple Software Update
O43 - CFD: 27/09/2012 - 09:27:07 - [209,303] ----D C:\Program Files\Avira
O43 - CFD: 13/10/2012 - 17:55:35 - [0,602] ----D C:\Program Files\Bonjour
O43 - CFD: 31/12/2012 - 14:07:27 - [14,861] --H-D C:\Program Files\CanonBJ
O43 - CFD: 05/02/2013 - 20:34:49 - [5,070] ----D C:\Program Files\CCleaner
O43 - CFD: 05/02/2013 - 20:46:29 - [239,838] ----D C:\Program Files\Common Files
O43 - CFD: 13/11/2012 - 13:56:19 - [1997,178] ----D C:\Program Files\EA Games
O43 - CFD: 17/12/2012 - 18:31:52 - [0] ----D C:\Program Files\Electronic Arts
O43 - CFD: 05/11/2012 - 22:47:29 - [1,088] ----D C:\Program Files\Enigma Software Group
O43 - CFD: 27/09/2012 - 09:05:30 - [0] R---D C:\Program Files\Fichiers communs
O43 - CFD: 18/10/2012 - 20:23:23 - [19,306] --H-D C:\Program Files\InstallShield Installation Information
O43 - CFD: 27/09/2012 - 09:13:24 - [0,062] ----D C:\Program Files\Intel
O43 - CFD: 16/10/2012 - 12:20:56 - [5,316] ----D C:\Program Files\Internet Explorer
O43 - CFD: 31/01/2013 - 22:49:17 - [1,770] ----D C:\Program Files\iPod
O43 - CFD: 31/01/2013 - 22:49:56 - [154,495] ----D C:\Program Files\iTunes
O43 - CFD: 07/02/2013 - 17:22:37 - [121,959] ----D C:\Program Files\Java
O43 - CFD: 07/11/2012 - 00:19:21 - [7,342] ----D C:\Program Files\ma-config.com
O43 - CFD: 30/12/2012 - 14:17:36 - [12,181] ----D C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 19/12/2012 - 12:06:16 - [44,772] ----D C:\Program Files\Microsoft Games
O43 - CFD: 01/10/2012 - 18:40:24 - [8,929] ----D C:\Program Files\Microsoft Games for Windows - LIVE
O43 - CFD: 29/09/2012 - 09:35:16 - [0,015] ----D C:\Program Files\Microsoft.NET
O43 - CFD: 14/10/2012 - 11:39:24 - [19,522] ----D C:\Program Files\Movie Maker
O43 - CFD: 08/02/2013 - 00:38:29 - [44,743] ----D C:\Program Files\Mozilla Firefox
O43 - CFD: 12/02/2013 - 13:29:22 - [0,212] ----D C:\Program Files\Mozilla Maintenance Service
O43 - CFD: 02/11/2006 - 13:35:51 - [0,025] ----D C:\Program Files\MSBuild
O43 - CFD: 11/01/2013 - 11:48:45 - [31,168] ----D C:\Program Files\Mumble
O43 - CFD: 06/01/2013 - 18:33:24 - [767,617] ----D C:\Program Files\NVIDIA Corporation
O43 - CFD: 27/09/2012 - 18:09:38 - [7,186] ----D C:\Program Files\Pando Networks
O43 - CFD: 27/09/2012 - 09:16:06 - [15,319] ----D C:\Program Files\Realtek
O43 - CFD: 02/11/2006 - 13:35:51 - [36,906] ----D C:\Program Files\Reference Assemblies
O43 - CFD: 27/09/2012 - 20:27:32 - [16,855] R---D C:\Program Files\Skype
O43 - CFD: 05/02/2013 - 20:46:28 - [11,678] ----D C:\Program Files\SpeedMaxPc
O43 - CFD: 18/10/2012 - 20:25:02 - [70,233] ----D C:\Program Files\Spybot - Search & Destroy
O43 - CFD: 19/12/2012 - 12:16:57 - [5,458] ----D C:\Program Files\SpywareBlaster
O43 - CFD: 14/12/2012 - 00:00:21 - [55,435] ----D C:\Program Files\TeamSpeak 3 Client
O43 - CFD: 05/02/2013 - 19:36:56 - [30,532] ----D C:\Program Files\TeamViewer
O43 - CFD: 27/09/2012 - 09:16:46 - [0] --H-D C:\Program Files\Temp
O43 - CFD: 04/02/2013 - 20:12:51 - [-682,974] ----D C:\Program Files\TERA
O43 - CFD: 18/10/2012 - 20:23:24 - [3,379] ----D C:\Program Files\ToniArts
O43 - CFD: 02/11/2006 - 13:58:18 - [0] --H-D C:\Program Files\Uninstall Information
O43 - CFD: 13/01/2013 - 18:51:07 - [0,924] ----D C:\Program Files\uTorrent
O43 - CFD: 27/09/2012 - 21:39:38 - [92,145] ----D C:\Program Files\VideoLAN
O43 - CFD: 14/10/2012 - 11:39:25 - [0,970] ----D C:\Program Files\Windows Calendar
O43 - CFD: 14/10/2012 - 11:39:23 - [2,610] ----D C:\Program Files\Windows Collaboration
O43 - CFD: 14/10/2012 - 11:39:15 - [4,283] ----D C:\Program Files\Windows Defender
O43 - CFD: 16/10/2012 - 12:20:36 - [8,522] ----D C:\Program Files\Windows Mail
O43 - CFD: 14/10/2012 - 11:39:23 - [4,290] ----D C:\Program Files\Windows Media Player
O43 - CFD: 27/09/2012 - 09:05:30 - [7,589] ----D C:\Program Files\Windows NT
O43 - CFD: 14/10/2012 - 11:39:23 - [7,847] ----D C:\Program Files\Windows Photo Gallery
O43 - CFD: 16/10/2012 - 12:21:12 - [0,128] ----D C:\Program Files\Windows Portable Devices
O43 - CFD: 14/10/2012 - 11:39:24 - [6,225] ----D C:\Program Files\Windows Sidebar
O43 - CFD: 27/09/2012 - 09:26:16 - [3,898] ----D C:\Program Files\WinRAR
O43 - CFD: 13/02/2013 - 11:18:47 - [11,889] ----D C:\Program Files\ZHPDiag
O43 - CFD: 27/11/2012 - 23:46:47 - [5,217] ----D C:\Program Files\Common Files\Adobe
O43 - CFD: 27/09/2012 - 09:19:28 - [24,260] ----D C:\Program Files\Common Files\Adobe AIR
O43 - CFD: 31/01/2013 - 22:49:16 - [112,419] ----D C:\Program Files\Common Files\Apple
O43 - CFD: 28/12/2012 - 19:53:24 - [0,295] ----D C:\Program Files\Common Files\BioWare
O43 - CFD: 27/09/2012 - 09:16:02 - [3,587] ----D C:\Program Files\Common Files\InstallShield
O43 - CFD: 26/11/2012 - 22:28:08 - [1,184] ----D C:\Program Files\Common Files\Java
O43 - CFD: 01/10/2012 - 18:40:08 - [11,638] ----D C:\Program Files\Common Files\microsoft shared
O43 - CFD: 02/11/2006 - 12:18:33 - [0,003] ----D C:\Program Files\Common Files\Services
O43 - CFD: 27/09/2012 - 20:27:32 - [2,056] ----D C:\Program Files\Common Files\Skype
O43 - CFD: 02/11/2006 - 12:18:33 - [39,198] ----D C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 05/02/2013 - 20:46:29 - [1,600] ----D C:\Program Files\Common Files\SpeedMaxPc
O43 - CFD: 16/10/2012 - 12:20:32 - [8,333] ----D C:\Program Files\Common Files\System
O43 - CFD: 05/11/2012 - 22:46:44 - [30,047] ----D C:\Program Files\Common Files\Wise Installation Wizard
O43 - CFD: 31/01/2013 - 22:49:57 - [2,446] ----D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
O43 - CFD: 28/11/2012 - 10:31:41 - [0,001] ----D C:\ProgramData\Adobe
O43 - CFD: 13/10/2012 - 17:57:29 - [64,536] ----D C:\ProgramData\Apple
O43 - CFD: 31/01/2013 - 22:49:10 - [56,575] ----D C:\ProgramData\Apple Computer
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Application Data
O43 - CFD: 27/09/2012 - 09:27:07 - [88,814] ----D C:\ProgramData\Avira
O43 - CFD: 27/09/2012 - 09:05:30 - [0] --H-D C:\ProgramData\Bureau
O43 - CFD: 31/12/2012 - 14:09:10 - [20,475] --H-D C:\ProgramData\CanonBJ
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Desktop
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Documents
O43 - CFD: 27/09/2012 - 09:05:30 - [0] --H-D C:\ProgramData\Favoris
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Favorites
O43 - CFD: 07/11/2012 - 00:19:21 - [1,265] ----D C:\ProgramData\ma-config.com
O43 - CFD: 18/10/2012 - 20:58:42 - [15,974] ----D C:\ProgramData\Malwarebytes
O43 - CFD: 27/09/2012 - 09:05:30 - [0] --H-D C:\ProgramData\Menu Démarrer
O43 - CFD: 23/10/2012 - 17:51:01 - [209,836] -S--D C:\ProgramData\Microsoft
O43 - CFD: 27/09/2012 - 09:05:30 - [0] --H-D C:\ProgramData\Modèles
O43 - CFD: 27/09/2012 - 09:21:16 - [0,007] ----D C:\ProgramData\Mozilla
O43 - CFD: 13/02/2013 - 11:04:51 - [2,451] ----D C:\ProgramData\NVIDIA
O43 - CFD: 27/09/2012 - 17:54:06 - [2,429] ----D C:\ProgramData\NVIDIA Corporation
O43 - CFD: 13/02/2013 - 10:12:10 - [0,009] ----D C:\ProgramData\PMB Files
O43 - CFD: 27/09/2012 - 20:27:39 - [18,914] ----D C:\ProgramData\Skype
O43 - CFD: 05/02/2013 - 20:46:29 - [0,019] ----D C:\ProgramData\SpeedMaxPc
O43 - CFD: 12/02/2013 - 18:50:28 - [0,111] ----D C:\ProgramData\Spybot - Search & Destroy
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Start Menu
O43 - CFD: 26/11/2012 - 22:28:09 - [0,000] ----D C:\ProgramData\Sun
O43 - CFD: 19/12/2012 - 12:17:03 - [0] ---AD C:\ProgramData\TEMP
O43 - CFD: 02/11/2006 - 13:59:44 - [0] --H-D C:\ProgramData\Templates
O43 - CFD: 18/12/2012 - 17:42:52 - [1,984] ----D C:\ProgramData\TERA
O43 - CFD: 05/11/2012 - 23:10:13 - [0] ----D C:\ProgramData\WindowsSearch
O43 - CFD: 18/10/2012 - 20:05:57 - [0,163] ----D C:\ProgramData\zcupjcqyhjgecnj
O43 - CFD: 27/09/2012 - 18:03:02 - [4,137] ----D C:\Users\Gael\AppData\Roaming\Adobe
O43 - CFD: 13/10/2012 - 18:31:05 - [535,514] ----D C:\Users\Gael\AppData\Roaming\Apple Computer
O43 - CFD: 14/10/2012 - 11:50:37 - [0] ----D C:\Users\Gael\AppData\Roaming\Avira
O43 - CFD: 05/02/2013 - 20:46:36 - [0,000] ----D C:\Users\Gael\AppData\Roaming\DriverCure
O43 - CFD: 27/09/2012 - 09:07:17 - [0] ----D C:\Users\Gael\AppData\Roaming\Identities
O43 - CFD: 27/09/2012 - 20:25:25 - [0] ----D C:\Users\Gael\AppData\Roaming\LolClient
O43 - CFD: 27/09/2012 - 09:19:12 - [0,035] ----D C:\Users\Gael\AppData\Roaming\Macromedia
O43 - CFD: 18/10/2012 - 20:58:53 - [1,183] ----D C:\Users\Gael\AppData\Roaming\Malwarebytes
O43 - CFD: 05/02/2013 - 20:10:15 - [0,541] -S--D C:\Users\Gael\AppData\Roaming\Microsoft
O43 - CFD: 27/09/2012 - 09:21:26 - [21,088] ----D C:\Users\Gael\AppData\Roaming\Mozilla
O43 - CFD: 13/02/2013 - 09:51:55 - [0,310] ----D C:\Users\Gael\AppData\Roaming\Mumble
O43 - CFD: 15/01/2013 - 18:09:15 - [0,001] ----D C:\Users\Gael\AppData\Roaming\NVIDIA
O43 - CFD: 13/02/2013 - 10:11:59 - [5,955] ----D C:\Users\Gael\AppData\Roaming\Skype
O43 - CFD: 05/02/2013 - 20:46:35 - [0] ----D C:\Users\Gael\AppData\Roaming\SpeedMaxPc
O43 - CFD: 12/02/2013 - 18:50:28 - [0,072] ----D C:\Users\Gael\AppData\Roaming\TS3Client
O43 - CFD: 12/02/2013 - 21:43:03 - [2,436] ----D C:\Users\Gael\AppData\Roaming\uTorrent
O43 - CFD: 04/02/2013 - 22:39:16 - [0,077] ----D C:\Users\Gael\AppData\Roaming\vlc
O43 - CFD: 04/12/2012 - 21:06:00 - [0,016] ----D C:\Users\Gael\AppData\Roaming\Wargaming.net
O43 - CFD: 03/10/2012 - 18:22:57 - [0,000] ----D C:\Users\Gael\AppData\Roaming\WinRAR
O43 - CFD: 09/11/2012 - 17:14:03 - [0,384] ----D C:\Users\Gael\AppData\Local\Adobe
O43 - CFD: 13/10/2012 - 17:57:51 - [0] ----D C:\Users\Gael\AppData\Local\Apple
O43 - CFD: 13/10/2012 - 18:33:15 - [26,499] ----D C:\Users\Gael\AppData\Local\Apple Computer
O43 - CFD: 27/09/2012 - 09:07:09 - [0] ----D C:\Users\Gael\AppData\Local\Application Data
O43 - CFD: 18/10/2012 - 20:19:36 - [0] ----D C:\Users\Gael\AppData\Local\Conduit
O43 - CFD: 27/09/2012 - 21:57:43 - [0] ----D C:\Users\Gael\AppData\Local\Google
O43 - CFD: 27/09/2012 - 09:07:09 - [0] ----D C:\Users\Gael\AppData\Local\Historique
O43 - CFD: 27/09/2012 - 18:12:59 - [0] ----D C:\Users\Gael\AppData\Local\Macromedia
O43 - CFD: 12/11/2012 - 21:57:57 - [1323,689] ----D C:\Users\Gael\AppData\Local\Microsoft
O43 - CFD: 27/09/2012 - 09:21:22 - [66,590] ----D C:\Users\Gael\AppData\Local\Mozilla
O43 - CFD: 13/02/2013 - 10:12:11 - [0,207] ----D C:\Users\Gael\AppData\Local\PMB Files
O43 - CFD: 13/11/2012 - 15:30:17 - [4,716] ----D C:\Users\Gael\AppData\Local\PunkBuster
O43 - CFD: 10/12/2012 - 21:10:50 - [0] ----D C:\Users\Gael\AppData\Local\SCE
O43 - CFD: 10/12/2012 - 21:10:46 - [1,637] ----D C:\Users\Gael\AppData\Local\Sony Online Entertainment
O43 - CFD: 13/02/2013 - 11:15:57 - [19,973] ----D C:\Users\Gael\AppData\Local\Temp
O43 - CFD: 27/09/2012 - 09:07:09 - [0] ----D C:\Users\Gael\AppData\Local\Temporary Internet Files
O43 - CFD: 07/11/2012 - 11:26:02 - [0,000] ----D C:\Users\Gael\AppData\Local\VirtualStore
O43 - CFD: 21/01/2008 - 03:56:27 - [0,015] R---D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 27/09/2012 - 09:07:26 - [0,000] R---D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 21/01/2008 - 03:56:27 - [0,001] R---D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 05/02/2013 - 20:46:32 - [0,001] ----D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc
O43 - CFD: 06/11/2012 - 22:25:18 - [0,000] R---D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 27/09/2012 - 09:26:16 - [0,002] ----D C:\Users\Gael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
~ Scan Program Folder in 00mn 06s



---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.6DEFD9D4B4B1A6CBA9B59E92399FEA91] - 13/02/2013 - 11:16:24 ---A- . (...) -- C:\Windows\WindowsUpdate.log   [1833354]
O44 - LFC:[MD5.24517F11B62770C3A70895584893D671] - 13/02/2013 - 11:04:50 -S-A- . (...) -- C:\Windows\bootstat.dat   [67584]
O44 - LFC:[MD5.63F543C6FA2CBF5357AD7FFB1354D87A] - 13/02/2013 - 10:39:17 ---A- . (...) -- C:\Windows\BitsRepairTool.log   [844]
O44 - LFC:[MD5.6280A479148CAEAD59E17A0CC3789161] - 12/02/2013 - 15:20:10 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerApp.exe   [697712]
O44 - LFC:[MD5.3E5633C0E3B4FE04E6EBFFA597227617] - 12/02/2013 - 15:20:10 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\System32\FlashPlayerCPLApp.cpl   [74096]
O44 - LFC:[MD5.E828134279A6BB5EF3032F9B88D335F9] - 07/02/2013 - 17:22:49 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge.dll   [94112]
O44 - LFC:[MD5.4951D2D49B400A1A722BC48FADEBD6F4] - 07/02/2013 - 17:22:45 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe   [174496]
O44 - LFC:[MD5.ABC4230E67C8E68E070A22C1E4A8F673] - 07/02/2013 - 17:22:45 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe   [174496]
O44 - LFC:[MD5.FBE59F564DFEEBBFCDBBDFAB54C64501] - 07/02/2013 - 17:22:45 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe   [262560]
O44 - LFC:[MD5.BB8996FE972847B5879FDE24F24F034E] - 07/02/2013 - 17:22:44 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll   [782240]
O44 - LFC:[MD5.2616B4D6D04F18C579B7861F02B0B592] - 07/02/2013 - 17:22:44 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll   [861088]
O44 - LFC:[MD5.3D2023AF0D821013367088F446CB8037] - 05/02/2013 - 21:08:57 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT   [229680]
O44 - LFC:[MD5.4440C67E98EC09C92529A46F95AE78EB] - 01/02/2013 - 09:49:19 ---A- . (...) -- C:\Windows\System32\jupdate-1.7.0_11-b21.log   [4509]
O44 - LFC:[MD5.D121700EA6DA0B7B707C625F015DE337] - 22/01/2013 - 19:39:10 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI   [1495774]
O44 - LFC:[MD5.1F308BD920865303D1D57C5F56593458] - 22/01/2013 - 19:39:10 ---A- . (...) -- C:\Windows\System32\perfc009.dat   [103872]
O44 - LFC:[MD5.833058D32C1DAD40992D97AF0E3504E2] - 22/01/2013 - 19:39:10 ---A- . (...) -- C:\Windows\System32\perfc00C.dat   [126420]
O44 - LFC:[MD5.6E33BABB34683A7D474FE445BAF8FE34] - 22/01/2013 - 19:39:10 ---A- . (...) -- C:\Windows\System32\perfh009.dat   [595798]
O44 - LFC:[MD5.B1C211F07741B56057A922A29D65ADE0] - 22/01/2013 - 19:39:10 ---A- . (...) -- C:\Windows\System32\perfh00C.dat   [678804]
~ Scan Files in 00mn 01s



---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll
~ Scan Keys in 00mn 00s



---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\System32\Drivers\volmgrx.sys
~ Scan CSB in 00mn 00s



---\\ MountPoints2 Shell Key (O51) (None)

---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s



---\\ ShareTools MSconfig StartupReg (O53) (None)

---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\System32\credssp.dll
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ Scan Keys in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0
~ Scan Keys in 00mn 00s



---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:32:46 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys   [422968]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS   [9029]
~ Scan Drivers in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.3.5 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 28/09/2012 - C:\Windows\System32\DRIVERS\avgntflt.sys (avgntflt)  .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT
O64 - Services: CurCS - 28/09/2012 - C:\Windows\System32\DRIVERS\avipbb.sys (avipbb)  .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB
O64 - Services: CurCS - 01/12/2011 - C:\Windows\System32\DRIVERS\avkmgr.sys (avkmgr)  .(.Avira GmbH - Avira Manager Driver.) - LEGACY_AVKMGR
O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv)  .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 17/06/2010 - C:\Windows\System32\DRIVERS\ssmdrv.sys (ssmdrv)  .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV
~ Scan Services in 00mn 00s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft (R) Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
~ Scan Keys in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.1000234.TWC_TMP_city", "PARIS");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.1000234.TWC_TMP_country", "FR");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.FirstTime", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.FirstTimeFF3", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.UserID", "UN67539795236403640");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.addressBarTakeOverEnabledInHidden", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.autoDisableScopes", -1);
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.cbcountry_001", "FR");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.cbfirsttime", "Thu Sep 27 2012 22:58:12 GMT+0200");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.defaultSearch", "FALSE");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.embeddedsData", "[{\"appId\":\"129351529700743801\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFra[...]
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.enableAlerts", "always");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.enableSearchFromAddressBar", "FALSE");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.firstTimeDialogOpened", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.fixPageNotFoundError", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.fixPageNotFoundErrorInHidden", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.fixUrls", true);
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.installId", "fftE67C.tmp.exe");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.installType", "XPE");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.isNewTabEnabled", true);
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.isPerformedSmartBarTransition", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"http%3A%2F%2Futorrentbarfr.ourtoolb[...]
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.openThankYouPage", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.openUninstallPage", "FALSE");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.scriptSource", "http://127.0.0.1:10000/gui/");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.search.searchAppId", "129351529700743801");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.search.searchCount", "0");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.searchInNewTabEnabledInHidden", "true");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851639\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrent[...]
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_FR\[...]
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"1\"}");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1348779488808");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_appsMetadata_lastUpdate", "1348779488731");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1348779489096");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_login_10.10.27.6_lastUpdate", "1348779490827");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1348779489242");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_searchAPI_lastUpdate", "1348779487530");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_serviceMap_lastUpdate", "1348779487264");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_toolbarContextMenu_lastUpdate", "1348779489209");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_toolbarSettings_lastUpdate", "1348779487568");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.serviceLayer_services_translation_lastUpdate", "1348779488689");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.settingsINI", true);
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.shouldFirstTimeDialog", "false");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.smartbar.CTID", "CT2851639");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.smartbar.Uninstall", "0");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.smartbar.toolbarName", "uTorrentBar_FR ");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.toolbarBornServerTime", "27-9-2012");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.toolbarCurrentServerTime", "27-9-2012");
O69 - SBI: prefs.js [Gael - 2m6d1cv2.default] user_pref("CT2851639.url_history0001", "http://www.cpasbien.com/jeux-pc/fps/:::clickhandler:::1348779545785,,,http://www.cpasbien.[...]
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (uTorrentBar_FR Customized Web Search) - http://search.conduit.com
~ Scan Keys in 00mn 00s



---\\ Internet Feature Controls (O81)
O81 - IFC: Internet Feature Controls [HKUS\.DEFAULT] [FEATURE_BROWSER_EMULATION] -- svchost.exe
O81 - IFC: Internet Feature Controls [HKUS\S-1-5-18] [FEATURE_BROWSER_EMULATION] -- svchost.exe
~ Scan Keys in 00mn 00s



---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll   [24576]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll   [62976]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll   [40448]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll   [125952]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll   [576512]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll   [438784]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll   [315392]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll   [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d'accès distant.) -- C:\Windows\System32\rasmans.dll   [262144]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll   [68608]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll   [47104]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll   [242688]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes Terminal Server.) -- C:\Windows\System32\termsrv.dll   [449024]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll   [1933848]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll   [247808]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d'ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll   [19968]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll   [33280]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll   [111616]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll   [45056]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll   [153088]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll   [57344]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll   [162304]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll   [601600]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service de configuration des services Terminal Server.) -- C:\Windows\System32\sessenv.dll   [84992]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll   [81920]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll   [68096]
~ Scan Services in 00mn 00s



---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.EA9611D8D3713126241373BF776EEC24] [SPRF][27/09/2012] (...) -- C:\Users\Gael\AppData\Local\d3d9caps.dat   [1356]
[MD5.07356626437A164BB31285D2303DFEFB] [SPRF][13/02/2013] (.Skype Technologies S.A. - Skype.) -- C:\Users\Gael\AppData\Local\Temp\SkypeSetup.exe   [20903528]
[MD5.73709547A3B136DE4FCFDE3EF78C1B8F] [SPRF][13/11/2012] (...) -- C:\Users\Gael\AppData\Roaming\PnkBstrK.sys   [138056]
[MD5.0A2155AACB4CB3C681B3256769EA0403] [SPRF][06/11/2012] (...) -- C:\Users\Gael\Desktop\RogueKiller.exe   [430592]
~ Scan Files in 00mn 02s



---\\ Scan Additionnel (O88)
Database Version : v2.10682 - (12/02/2013)
Clés trouvées (Keys found) : 9
Valeurs trouvées (Values found) : 0
Dossiers trouvés  (Folders found) : 7
Fichiers trouvés  (Files found) : 0

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}]   =>Toolbar.Conduit
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}]   =>Toolbar.Conduit
[HKLM\Software\Google\Chrome\Extensions\paoponfhfdfnjgddpnpjkambkcgdaaib]   =>Toolbar.Conduit
[HKCU\Software\SpeedMaxPc]   =>PUP.SpeedMaxPc
[HKLM\Software\SpeedMaxPc]   =>PUP.SpeedMaxPc
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}]   =>PUP.SpeedMaxPc
[HKLM\Software\Classes\Toolbar.CT2851639]   =>Toolbar.Conduit
C:\Program Files\SpeedMaxPc   =>PUP.SpeedMaxPc
C:\Program Files\Common Files\SpeedMaxPc   =>PUP.SpeedMaxPc
C:\ProgramData\SpeedMaxPc   =>PUP.SpeedMaxPc
C:\Users\Gael\AppData\Roaming\SpeedMaxPc   =>PUP.SpeedMaxPc
C:\Users\Gael\AppData\Local\Conduit   =>Toolbar.Conduit
C:\Users\Gael\AppData\LocalLow\Conduit   =>Toolbar.Conduit
C:\Users\Gael\AppData\Roaming\Mozilla\Firefox\Profiles\2m6d1cv2.default\Smartbar   =>Toolbar.Agent
~ Scan Additionnel in 00mn 05s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "0ED9D238CFA898648991D4BBEDDBE3F4" . (.Microsoft Games for Windows - LIVE Redistributable.) -- C:\Windows\Installer\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}\GameForWindowsLiveRedist.exe
O90 - PUC: "1459101E2A01F4642AE34A2FD36A1506" . (.Mumble 1.2.3.) -- C:\Windows\Installer\{E1019541-10A2-464F-A23E-A4F23DA65160}\mumble.ico
O90 - PUC: "2A7527EE2A93F2D4D9CA9F2FB5A81E8D" . (.Skype™ 5.10.) -- C:\Windows\Installer\{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}\SkypeIcon.exe
O90 - PUC: "35E1620B1F6BA47468B47E3CBC4F860E" . (.iTunes.) -- C:\Windows\Installer\{B0261E53-B6F1-474A-864B-E7C3CBF468E0}\Installer.ico
O90 - PUC: "3C9969540349183469B424848DB7949F" . (.Apple Mobile Device Support.) -- C:\Windows\Installer\{459699C3-9430-4381-964B-4248D87B49F9}\Installer.ico
O90 - PUC: "46B5A9879DD95AB419A50FCFA0B1B7EF" . (.Apple Software Update.) -- C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\Installer.ico
O90 - PUC: "68AB67CA7DA73301B7449A0200000010" . (.Adobe Reader 9.2.) -- C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A92000000001}\SC_Reader.ico
O90 - PUC: "6D4B04801DD7781458326ECF0070FE7B" . (.Windows Live ID Sign-in Assistant.) -- C:\Windows\Installer\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}\prodicon.ico
O90 - PUC: "8FC229B8C6A8EC148A851F57D5F7D592" . (.NVIDIA PhysX.) -- C:\Windows\Installer\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}\icon.ico
O90 - PUC: "B2F5519759897D9468219D52080EEDB5" . (.Bonjour.) -- C:\Windows\Installer\{79155F2B-9895-49D7-8612-D92580E0DE5B}\Bonjour.ico
O90 - PUC: "BD528ECCA74340041A68F5A4F6DD5874" . (.Apple Application Support.) -- C:\Windows\Installer\{CCE825DB-347A-4004-A186-5F4A6FDD8547}\WinInstall.ico
O90 - PUC: "C7030BC4E565144468EBD02F4EBF28C8" . (.Microsoft Games for Windows Marketplace.) -- C:\Windows\Installer\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}\GameForWindowsLiveDash.exe
~ Scan Files in 00mn 00s



---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/02/2013 251248 |  (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 28/09/2012 86224 |  (AntiVirSchedulerService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe
SR - | Auto 28/09/2012 110032 |  (AntiVirService) . (.Avira Operations GmbH & Co. KG.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
SR - | Auto 11/08/2012 55184 |  (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 30/08/2011 390504 |  (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Demand 12/12/2012 553440 |  (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Demand 28/10/2012 312264 |  (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe
SS - | Demand 08/02/2013 115608 |  (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 29/12/2012 639928 |  (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 29/12/2012 1260472 |  (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto  76888 |  (PnkBstrA) . (...) - C:\Windows\system32\PnkBstrA.exe
SS - | Auto 26/01/2009 1153368 |  (SBSDWSCService) . (.Safer Networking Ltd..) - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
SS - | Auto 13/07/2012 160944 |  (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 29/12/2012 383416 |  (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 14/12/2012 3467768 |  (TeamViewer8) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 00s



End of the scan (1010 lines in 00mn 37s)(0)