~ Rapport de ZHPDiag v2014.5.4.54 - Nicolas Coolman (04/05/2014) ~ Lancé par pascale (05/05/2014 11:16:51) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Not Found ---\\ Navigateurs Internet MSIE: Internet Explorer v6.0.2900.2180 MFIE: Mozilla Firefox 28.0 (Defaut) ---\\ Informations sur les produits Windows ~ Langage: Français Microsoft Windows XP, 32-bit Service Pack 2 (Build 2600) Windows Automatic Updates : OK Windows Genuine Advantage : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2018 Malwarebytes Anti-Malware version 1.70.0.1100 ---\\ Logiciels d'optimisation du système CCleaner v4.10 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 11 Plugin ---\\ Informations sur le système ~ Processor: x86 Family 15 Model 47 Stepping 2, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1022 MB (36% free) System Restore: Activé (Enable) System drive C: has 11 GB (11%) free of 90 GB ---\\ Mode de connexion au système ~ Computer Name: ACER-9DEB84EBB9 ~ User Name: pascale ~ All Users Names: SUPPORT_388945a0, roxane, pascale, niels, maelle, HelpAssistant, eric, ASPNET, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Documents and Settings\pascale\Application Data\ZHP\ ~ %AppData% : C:\Documents and Settings\pascale\Application Data\ ~ %Desktop% : C:\Documents and Settings\pascale\Bureau\ ~ %Favorites% : C:\Documents and Settings\pascale\Favoris\ ~ %LocalAppData% : C:\Documents and Settings\pascale\Local Settings\Application Data\ ~ %StartMenu% : C:\Documents and Settings\pascale\Menu Démarrer\ ~ %Windir% : C:\WINDOWS\ ~ %System% : C:\WINDOWS\system32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 11 Go of 90 Go) D: Hard drive, Flash drive, Thumb drive (Free 82 Go of 91 Go) E: CD-ROM drive (Not Inserted) F: CD-ROM drive (Not Inserted) I: Floppy drive, Flash card reader, USB Key (Not Inserted) J: Floppy drive, Flash card reader, USB Key (Not Inserted) K: Floppy drive, Flash card reader, USB Key (Not Inserted) M: Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date ~ Security Center: 42 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.4C33E5B9A6197B6ED215F6CFBA0A2DAA] - (.Microsoft Corporation - Explorateur Windows.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1036288] [MD5.58FE94EF42E074F4CAD8BF02E70E6478] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\wininet.dll [660480] [MD5.D2DE785AEAB0BB8CA4C14A8A199DBE4E] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [506368] [MD5.5AC495F4CB807B2B98AD2AD591E6D92E] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496] [MD5.CDFE4411A69C224BD1D11B2DA92DAC51] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\atapi.sys [95360] [MD5.CD7D5152DF32B47F4E36F710B35AAE02] - (.Microsoft Corporation - CD-ROM File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744] [MD5.AF9C19B3100FE010496B1A27181FBF72] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [49536] [MD5.8B121FF880683607AB2AEF0340721718] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [35072] [MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.13/04/2008 - 08:36:06.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384] [MD5.D1EFCBD693B5BA21314D06368C471070] - (.Microsoft Corporation - Pilote de port i8042.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54400] [MD5.F8AA320C6A0409C0380E5D8A99D76EC6] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [41856] [MD5.B5A8E215AC29D24D60B4D1250EF05ACE] - (.Microsoft Corporation - IP Network Address Translator.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [134912] [MD5.64537AA5C003A6AFEEE1DF819062D0D1] - (.Microsoft Corporation - IPSec Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [74752] [MD5.1FD607FC67F7F7C633C3DA65BFC53D18] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [451456] [MD5.0C80E410CD2F47134407EE7DD19CC86B] - (.Microsoft Corporation - MBT Transport driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816] [MD5.B78BE402C3F63DD55521F73876951CDD] - (.Microsoft Corporation - NT File System Driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574592] [MD5.318696359AC7DF48D1E51974EC527DD2] - (.Microsoft Corporation - Pilote de port parallèle.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384] [MD5.98FAEB4A4DCF812BA1C6FCA4AA3E115C] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328] [MD5.A2CAE2C60BC37E0751EF9DDA7CEAF4AD] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.03/08/2004 - 22:01:16.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196864] [MD5.2CC30B68DD62B73D444A41322CD7FC4C] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.03/08/2004 - 23:39:44.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58496] [MD5.313B1A0D5DB26DFE1C34A6C13B2CE0A7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.05/08/2004 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 3/8 ~ Mes musiques (My Musics) : 1/128 ~ Mes Videos (My Videos) : 0/0 ~ Mes Favoris (My Favorites) : 1/11 ~ Mes Documents (My Documents) : 1/1081 ~ Mon Bureau (My Desktop) : 0/9721 ~ Menu demarrer (Programs) : 1/39 ~ Hidden Files: Scanned in 00mn 48s ---\\ Processus lancés [MD5.60D2D92BD2390C50BCE4106113F8B83B] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [376832] [PID.928] [MD5.37D17AE2936867F88EB3C4CBCBC6B8A1] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1580] [MD5.B33CF4DE909A5B30F526D82053A63C8E] - (.ABBYY - ABBYY network license server.) -- C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048] [PID.252] [MD5.F401929EE0CC92BFE7F15161CA535383] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55184] [PID.272] [MD5.DB5BEA73EDAF19AC68B2C0FAD0F92B1A] - (.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [390504] [PID.288] [MD5.E58DCCD13D39C0606DE43FACCAEA03C8] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe [270336] [PID.996] [MD5.751961E128DBCC7A32304339C4BDEFF0] - (.Microsoft Corporation - SQL Server Windows NT.) -- C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe [9150464] [PID.1168] [MD5.8AA5505E7043298E1FF047F212E4B7AD] - (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\slserv.exe [73796] [PID.1524] [MD5.AB0A7CA90D9E3D6A193905DC1715DED0] - (.Microsoft Corporation - Windows User Mode Driver Manager.) -- C:\WINDOWS\system32\wdfmgr.exe [38912] [PID.1684] [MD5.7E8499178C6BA1700DE8CF24F6B27CF3] - (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe [110592] [PID.3604] [MD5.4A2462FF36EF6A5BCE9611A41A2987DE] - (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe [88365] [PID.3668] [MD5.1568FF282E268082C67CF0C3EBCC9179] - (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976320] [PID.3964] [MD5.3E364978E4C74D3BCEA29FB41743CB5A] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3873704] [PID.2196] [MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.2336] [MD5.70FFBFC9FE44FFDB39DFE741AF485474] - (.Stag - Pas de description.) -- C:\Program Files\Compteur TFS\Compteur.exe [946176] [PID.2480] [MD5.CBA61CED5861EB1C023002F20B275B9E] - (.Microsoft Corporation - NTVDM.EXE.) -- C:\WINDOWS\system32\ntvdm.exe [420864] [PID.3900] [MD5.31776E2F4809B2369ED901A45CDA5B8A] - (.Microsoft Corporation - Windows User-Mode Driver Framework.) -- C:\WINDOWS\system32\uWDF.exe [47104] [PID.2124] [MD5.76DAC52F7A6D3AD3C8307D012ACF46CE] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe [7424000] [PID.1300] [MD5.EEBF2F715C02C8A6CE6DBE844DD1B4E3] - (.OpenOffice.org - OpenOffice.org 3.0.) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin [7418368] [PID.4080] [MD5.8E556A72D54F7E3B7844AB9217F02DD7] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [275568] [PID.2092] [MD5.700803AC9B451FB67DF35EF0E05382E7] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [7869952] [PID.2428] ~ Processes Running: Scanned in 00mn 09s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: prefs.js [pascale - lhj5jyzz.default\{CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7}] [] Adobe DLM (powered by getPlus(R)) v1.5.2.35 (..) P2 - FPN:Firefox Plugin Navigator . (...) -- C:\Program Files\Mozilla Firefox\Plugins\libvlc.dll ~ Firefox Browser: 14 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\Userinit.exe, F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl" ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 20 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} . (.Orbiscom Ltd. All rights reserved. - e-Carte Bleue.) -- C:\WINDOWS\system32\BhoECart.dll ~ BHO: 6 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Easy Photo Print - [HKLM]{9421DD08-935F-4701-A9CA-22DF90AC4EA6} . (.SEIKO EPSON CORPORATION / CyCom Technology - Epson Easy Photo Print (TBL).) -- C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{01E04581-4EEE-11D0-BFE9-00AA005B4383} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{0E5CBF21-D15F-11D0-8301-00AA005B4383} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [EPSON Stylus CX3600 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BE.exe =>.Epson Seiko Corporation O4 - HKLM\..\Run: [AspireService] . (.Acer Inc. - Win32 Service for Control Board and Remote.) -- C:\Program Files\Acer\Acer eMode Management\AspireService.exe O4 - HKLM\..\Run: [AGRSMMSG] . (.Agere Systems - SoftModem Messaging Applet.) -- C:\WINDOWS\AGRSMMSG.exe O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll =>.NVIDIA Corporation O4 - HKLM\..\Run: [nwiz] . (...) -- C:\WINDOWS\system32\nwiz.exe O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll O4 - HKLM\..\Run: [EEventManager] . (.SEIKO EPSON CORPORATION - EEventManager Application.) -- C:\Program Files\Epson Software\Event Manager\EEventManager.exe O4 - HKLM\..\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKCU\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.exe =>.Epson Seiko Corporation O4 - HKUS\S-1-5-21-4122831445-2763146006-512747609-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe O4 - HKUS\S-1-5-21-4122831445-2763146006-512747609-1006\..\Run: [EPSON SX218 Series (Copie 1)] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIGDE.exe =>.Epson Seiko Corporation ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Download Video on This Page - {11F19C45-9675-488A-A8E0-8E8234DC245D} . (.Tomato - YouTube Video Downloader Internet Explorer Extension.) -- C:\Program Files\Tomato\FLV Player\MDIEEx.dll O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Clé orpheline O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS1\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS2\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CS3\Services\Tcpip\..\{7930BCB2-897E-4707-A8C1-B977EF98C145}: DhcpNameServer = 212.27.40.241 212.27.40.240 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.27.40.241 212.27.40.240 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Desktop General: BackupWallPaper - .(...) - C:\Documents and Settings\pascale\Bureau\photos\Photo 011.bmp O24 - Desktop General: WallPaper - .(...) - C:\Documents and Settings\pascale\Bureau\photos\Photo 011.bmp ~ Desktop Component: 4 Legitimates Filtered in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 3000 recettes ELLE - (...) [HKLM] -- 3000 recettes ELLE O42 - Logiciel: A-Ray Scanner 2.0.2.3 - (.A-Ray Software.) [HKLM] -- A-Ray Scanner O42 - Logiciel: EXPStudio Audio Editor FREE 3.98 - (.EXPStudio.com.) [HKLM] -- EXPStudio Audio Editor FREE 3.98 O42 - Logiciel: The Complete MP3 Manager - (...) [HKLM] -- {A9B169F5-5011-4806-BF25-0FFFEBC467ED} O42 - Logiciel: Tiger Woods PGA TOUR 2003 - (...) [HKLM] -- {492E1D84-D7BF-4FA2-A26A-30AFC89EF547} ~ Logic: 28 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\ChristmasTree] [HKCU\Software\Dufek Ladislav] [HKCU\Software\EXPStudio] [HKCU\Software\Inverse] [HKCU\Software\Ryder] [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\YahooPartnerToolbar] [HKLM\Software\10d6] [HKLM\Software\54c] [HKLM\Software\ASPI32] [HKLM\Software\Compteur TFS] [HKLM\Software\EXPStudio.com] [HKLM\Software\L.C. Enterprises] [HKLM\Software\VideoMarker] [HKLM\Software\index+] ~ Key Software: 327 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 27/11/2006 - 18:26:04 - [] ----D C:\Program Files\A-Ray Scanner O43 - CFD: 17/05/2009 - 18:23:12 - [] ----D C:\Program Files\AliveMedia O43 - CFD: 16/09/2008 - 19:17:48 - [] ----D C:\Program Files\Ameri-Imager O43 - CFD: 16/07/2008 - 19:10:48 - [] ----D C:\Program Files\Audio Capture ActiveX Control O43 - CFD: 07/07/2012 - 16:01:56 - [] ----D C:\Program Files\Compteur TFS O43 - CFD: 17/11/2007 - 17:20:12 - [] ----D C:\Program Files\Copystar O43 - CFD: 10/02/2009 - 18:25:02 - [] ----D C:\Program Files\eXact O43 - CFD: 20/01/2010 - 13:41:30 - [] ----D C:\Program Files\L.C. Enterprises O43 - CFD: 14/05/2009 - 15:16:26 - [] ----D C:\Program Files\Program Files O43 - CFD: 05/02/2009 - 18:55:02 - [] ----D C:\Program Files\quickmov O43 - CFD: 18/08/2008 - 11:03:48 - [] ----D C:\Program Files\The Complete MP3 Manager O43 - CFD: 24/05/2006 - 21:08:26 - [0] ----D C:\Documents and Settings\All Users\Application Data\eConsole O43 - CFD: 20/01/2010 - 13:41:30 - [] ----D C:\Documents and Settings\pascale\Menu Démarrer\Programmes\L.C. Enterprises ~ Program Folder: 205 Legitimates Filtered in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.4D6C6E0505A8E5A0656DCB223497D37C] - 01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] O44 - LFC:[MD5.2687BC91DC9F6A635C7A3D8800418508] - 01/05/2014 - 14:34:20 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50] O44 - LFC:[MD5.2E628302E0D14D25597369FDCCA37810] - 01/05/2014 - 14:34:39 ---A- . (...) -- C:\WINDOWS\ModemLog_Smart Link 56K Voice Modem #2.txt [4156] O44 - LFC:[MD5.7F2E433EBD604FDEF853798E2D949F63] - 02/05/2014 - 17:20:27 ---A- . (...) -- C:\WINDOWS\QUICKEN.INI [1656] O44 - LFC:[MD5.6681976A39265F6A31D2C51B85531B9E] - 04/05/2014 - 10:28:46 ---A- . (...) -- C:\WINDOWS\Twunk001.MTX [156] O44 - LFC:[MD5.1B19BCF7BF39C131F4EEB0A7C27BE6EC] - 04/05/2014 - 10:29:09 ---A- . (...) -- C:\WINDOWS\TWAIN.LOG [217] O44 - LFC:[MD5.861DA67E5FD5CE85C238DA3AF4B078BF] - 04/05/2014 - 10:29:12 ---A- . (...) -- C:\WINDOWS\Twain001.Mtx [4] O44 - LFC:[MD5.F297892DB5A253040CB8CD1AEFAFCC82] - 05/05/2014 - 10:07:40 ---A- . (...) -- C:\WINDOWS\wiadebug.log [367] O44 - LFC:[MD5.063B3712C0B95E1A0C62919A5EC99F31] - 22/04/2014 - 17:45:03 ---A- . (...) -- C:\WINDOWS\medctroc.Log [2889] O44 - LFC:[MD5.D26E26EA516450AF9D072635C60387F4] - 22/04/2014 - 17:46:16 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [27440] O44 - LFC:[MD5.8737F6F4C8EC1E2A9EA5516F1B3AE1AD] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\003213_.tmp [19569] O44 - LFC:[MD5.51F49BCA3BC5EB19575AFC9522003F24] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [30798] O44 - LFC:[MD5.A791595ADB04D10C945FDF16E2E8C699] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\msgsocm.log [1545] O44 - LFC:[MD5.A78766FA81FC3627A5F0B8CAF6B7D093] - 22/04/2014 - 17:52:38 ---A- . (...) -- C:\WINDOWS\ocgen.log [14580] O44 - LFC:[MD5.E04D872804A010782B066B3B7B422AD1] - 22/04/2014 - 17:55:08 ---A- . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\SETE44.tmp [86016] O44 - LFC:[MD5.364EE23E8597B8532076555C5D0F36AC] - 22/04/2014 - 18:01:24 ---A- . (...) -- C:\WINDOWS\DtcInstall.log [610] O44 - LFC:[MD5.D2D75B85DEE6A7814039C4538B9FE30D] - 22/04/2014 - 18:01:24 ---A- . (...) -- C:\WINDOWS\cmsetacl.log [1170] O44 - LFC:[MD5.85BC259AB0093C929D6C9B0B3A548DB3] - 22/04/2014 - 18:05:15 ---A- . (...) -- C:\WINDOWS\updspapi.log [1105005] O44 - LFC:[MD5.E6EE29152D46FE655268C25C24E0B92C] - 22/04/2014 - 18:05:52 ---A- . (...) -- C:\WINDOWS\system32\spdwnwxp.log [160] O44 - LFC:[MD5.EDB44BC4870CCDC886A7F0D5CB9C266B] - 22/04/2014 - 18:07:05 ---A- . (...) -- C:\WINDOWS\spuninst.log [2439396] O44 - LFC:[MD5.4C5227FE4A96C898F403B4C14EFFDD5F] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\comsetup.log [10169] O44 - LFC:[MD5.FF860DB152A9F0C7462CBF0C37E3BC38] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\iis6.log [4838] O44 - LFC:[MD5.C8CBA7830FBF15B66AC09440C97CD105] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\imsins.log [1374] O44 - LFC:[MD5.E68594D97345BEA2F9564E7A66A78D5F] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [6199] O44 - LFC:[MD5.FEF1806839A681E762925F390A6C5086] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\ocmsn.log [1710] O44 - LFC:[MD5.AD93EAFBF116BC857EEA9B2C5AC6DCB4] - 22/04/2014 - 18:08:09 ---A- . (...) -- C:\WINDOWS\tsoc.log [11795] O44 - LFC:[MD5.18DE3BD9A05ED34F75FA399BBB4AE886] - 22/04/2014 - 18:08:13 ---A- . (...) -- C:\WINDOWS\svcpack.log [1740057] O44 - LFC:[MD5.49EF2A7CA6C66E399F08328DA8B79E07] - 22/04/2014 - 18:12:34 ---A- . (...) -- C:\WINDOWS\spupdsvc.log.1.log [847] O44 - LFC:[MD5.6D6F4B1886E91EB37ABCCAD19C561EE0] - 22/04/2014 - 18:13:12 ---A- . (...) -- C:\WINDOWS\system32\amcompat.tlb [16832] O44 - LFC:[MD5.A32B14BE5EDAE794FCE1A9E970827509] - 22/04/2014 - 18:13:12 ---A- . (...) -- C:\WINDOWS\system32\nscompat.tlb [23392] O44 - LFC:[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - 22/04/2014 - 18:13:22 ---A- . (...) -- C:\WINDOWS\WMSysPr9.prx [316640] O44 - LFC:[MD5.6A00399B0D5E425855A0915890DEC949] - 22/04/2014 - 18:13:26 ---A- . (...) -- C:\WINDOWS\wmsetup.log [2284] O44 - LFC:[MD5.7FDFA52287D0C9848F59D32C2FDF734B] - 22/04/2014 - 18:13:27 ---A- . (...) -- C:\WINDOWS\spupdsvc.log [172381] ~ Files: 527 Legitimates Filtered in 02mn 53s ---\\ Opérations et fonctions au démarrage de Windows Explorer (O46) O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll ~ ShellExecuteHooks: Scanned in 00mn 00s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaSync.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\MediaSync.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\eConsole.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\eConsole.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Acer\Acer eConsole\MediaServerService.exe" [Enabled] .(...) -- C:\Program Files\Acer\Acer eConsole\MediaServerService.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\TEMP\NavBrowser.exe" [Enabled] .(...) -- C:\WINDOWS\TEMP\NavBrowser.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.EXE" [Disabled] .(...) -- C:\Program Files\Codemasters\Worms 4 Mayhem\WORMS 4 MAYHEM.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Warcraft III\Warcraft III.exe" [Disabled] .(...) -- C:\Program Files\Warcraft III\Warcraft III.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Bluebyte\GC3\GNM.exe" [Enabled] .(...) -- C:\Bluebyte\GC3\GNM.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\Atari\TopSpin\TopSpin.exe" [Disabled] .(...) -- C:\Program Files\Atari\TopSpin\TopSpin.exe (.not file.) O47 - AAKE:Key Export SP - "C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe" [Disabled] .(...) -- C:\Program Files\LucasArts\Star Wars Battlefront II\GameData\BattlefrontII.exe (.not file.) O47 - AAKE:Key Export SP - "D:\Warcraft III\Warcraft III.exe" [Disabled] .(...) -- D:\Warcraft III\Warcraft III.exe (.not file.) O47 - AAKE:Key Export SP - "D:\Warcraft III\ftinst.tmp\Warcraft III.exe" [Enabled] .(...) -- D:\Warcraft III\ftinst.tmp\Warcraft III.exe (.not file.) O47 - AAKE:Key Export SP - "C:\WINDOWS\System32\muzapp.exe" [Enabled] .(...) -- C:\WINDOWS\System32\muzapp.exe (.not file.) ~ Keys Export: 30 Legitimates Filtered in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Notification Packages . (...) -- :\WINDOWS\system32\srrstr.dll O48 - LSA:Local Security Authority Notification Packages . (...) -- C:\WINDOWS\system32\cli.dll ~ LSA: 21 Legitimates Filtered in 00mn 00s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d ~ IFEO: Scanned in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:16/09/2004 - 12:26:40 ---A- . (...) -- C:\WINDOWS\system32\Drivers\ADFUUD.SYS [12634] O58 - SDL:01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswHwid.sys [24184] =>.ALWIL Software O58 - SDL:01/05/2014 - 14:30:04 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944] =>.ALWIL Software O58 - SDL:01/05/2014 - 14:30:05 ---A- . (...) -- C:\WINDOWS\system32\Drivers\aswVmm.sys [180632] =>.ALWIL Software O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\Drivers\cinemst2.sys [262528] O58 - SDL:09/08/2006 - 09:10:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\WINDOWS\system32\Drivers\emBDA.sys [291200] O58 - SDL:09/08/2006 - 09:10:12 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\WINDOWS\system32\Drivers\emOEM.sys [28160] O58 - SDL:13/04/2008 - 08:36:06 ----- . (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\Drivers\hdaudbus.sys [144384] O58 - SDL:13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlmnt5.sys [126686] O58 - SDL:13/04/2008 - 10:23:40 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\mtlstrm.sys [1309184] O58 - SDL:13/04/2008 - 08:34:28 ----- . (.Matrox Graphics Inc. - Matrox Parhelia Miniport Driver.) -- C:\WINDOWS\system32\Drivers\mtxparhm.sys [452736] O58 - SDL:13/04/2008 - 10:23:42 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\ntmtlfax.sys [180360] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\Drivers\ptilink.sys [17792] O58 - SDL:13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\recagent.sys [13776] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\Drivers\secdrv.sys [27440] O58 - SDL:04/04/2005 - 10:43:24 ---A- . (.Protection Technology - StarForce Protection Environment Driver.) -- C:\WINDOWS\system32\Drivers\sfdrv01.sys [48640] O58 - SDL:23/02/2005 - 15:59:56 ---A- . (.Protection Technology - StarForce Protection Helper Driver.) -- C:\WINDOWS\system32\Drivers\sfhlp02.sys [6656] O58 - SDL:14/04/2005 - 12:12:34 ---A- . (.Protection Technology - StarForce Protection Synchronization Driver.) -- C:\WINDOWS\system32\Drivers\sfsync02.sys [19968] O58 - SDL:13/04/2008 - 10:23:44 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnt7554.sys [129535] O58 - SDL:13/04/2008 - 10:23:46 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slntamr.sys [404990] O58 - SDL:13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slnthal.sys [95424] O58 - SDL:13/04/2008 - 10:23:48 ----- . (.Smart Link - Pas de description.) -- C:\WINDOWS\system32\Drivers\slwdmsup.sys [13240] O58 - SDL:25/04/2012 - 11:11:36 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\WINDOWS\system32\Drivers\usbaapl.sys [43520] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\Drivers\vdmindvd.sys [58112] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097] O58 - SDL:03/01/2013 - 18:42:03 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424] O58 - SDL:05/08/2004 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560] O58 - SDL:24/06/2006 - 12:13:44 ---A- . (.AntiCracking - SVKP driver for NT.) -- C:\WINDOWS\system32\STEC3.sys [2368] ~ Drivers: 104 Legitimates Filtered in 00mn 02s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: Usbfix By C_XX & El Desaparecido - (.C_XX & El Desaparecido.) [HKLM] -- Usbfix O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 01/05/2014 - C:\WINDOWS\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 24/06/2006 - C:\WINDOWS\system32\STEC3.sys (STEC3) .(.AntiCracking - SVKP driver for NT.) - LEGACY_STEC3 ~ Legacy: 151 Legitimates Filtered in 00mn 01s ---\\ Associations Shell Spawning (O67) O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.) O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.) ~ FASS Keys: 12 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - () - http://search.live.com ~ Keys: Scanned in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 05/08/2004 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe SS - | Demand 03/03/2009 33176 | (getPlus(R) Helper) . (.NOS Microsystems Ltd..) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe SS - | Demand 07/06/2012 821648 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Demand 18/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 11/11/2005 131139 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe SR - | Auto 14/05/2009 759048 | (ABBYY.Licensing.FineReader.Sprint.9.0) . (.ABBYY.) - C:\Program Files\Fichiers communs\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe SR - | Auto 24/05/2012 55184 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 30/08/2005 376832 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe SR - | Auto 01/05/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 30/08/2011 390504 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 05/08/2004 73796 | (SLService) . (.Smart Link.) - C:\WINDOWS\system32\slserv.exe ~ Services: Scanned in 00mn 09s ---\\ Scan Additionnel (O88) Database Version : 13045 - (04/05/2014) Clés trouvées (Keys found) : 12 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 0 Fichiers trouvés (Files found) : 0 [HKLM\Software\Classes\Interface\{2bef239c-752e-4001-8048-f256e0d8cd93}] =>Adware.RecordNRip [HKLM\Software\Classes\CLSID\{35b8892d-c3fb-4d88-990d-31db2ebd72bd}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{3f607e46-0d3c-4442-b1de-de7fa4768f5c}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{49c00a51-6e59-41fe-b3fa-2d2157fad67b}] =>Adware.RecordNRip [HKLM\Software\Classes\CLSID\{5eb0259d-ab79-4ae6-a6e6-24ffe21c3da4}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{6dff5dba-ae3a-46db-b301-ecffc6db2982}] =>Adware.RecordNRip [HKLM\Software\Classes\TypeLib\{93e3d79c-0786-48ff-9329-93bc9f6dc2b3}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{de34cd67-f1c8-4001-9a23-b8a68f63f377}] =>Adware.RecordNRip [HKLM\Software\Classes\Interface\{fe0273d1-99df-4ac0-87d5-1371c6271785}] =>Adware.RecordNRip [HKCU\Software\Softonic] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo [HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}] =>Toolbar.Yahoo ~ Additionnel Scan: 287907 Items scanned in 01mn 01s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.byethost7.com/wordpress/toolbar-conduit/ =>Toolbar.Conduit http://nicolascoolman.webs.com/apps/blog/show/27350807-adware-recordnrip =>Adware.RecordNRip ~ MSI: 2 link(s) detected in 00mn 00s ~ 1518 Legitimates filtered by white list End of the scan (505 lines in 05mn 39s)(0)