Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.6.35 par Nicolas Coolman, Update du 06/04/2013
Run by yves at 07/04/2013 20:35:42
State : Version � jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070.4 MB (69% free)
System Restore: Activ� (Enable)
System drive C: has 96 GB (32%) free of 298 GB
---\\ Logged in mode
~ Computer Name: COLL�GE
~ User Name: yves
~ All Users Names: yves, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\yves\Application Data\
~ %Desktop% : C:\Documents and Settings\yves\Bureau\
~ %Favorites% : C:\Documents and Settings\yves\Favoris\
~ %LocalAppData% : C:\Documents and Settings\yves\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\yves\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 298 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Free 0 Go of 8 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.FCDD66EE148885E900285ADE8417E40B] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2013 - 20:56:42.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 00:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/04/2008 - 00:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/3
~ Mes musiques (My Musics) : 1/16
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/110
~ Mes Documents (My Documents) : 2/1916
~ Mon Bureau (My Desktop) : 1/1723
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lanc�s
[MD5.A8C1E6FF53FB0628A302843EA5FA5AB6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) -- C:\WINDOWS\system32\nvsvc32.exe [156776] [PID.1812]
[MD5.8B09FF15D36B1D5108F6F3249EA16F5F] - (.Intel(R) Corporation - Intel(R) Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [905216] [PID.384]
[MD5.5E3F0AAEA4642BF184DEEA311C7201DE] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680] [PID.1292]
[MD5.BA6063E3375F9BC11A9C8450A7F61E70] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160] [PID.1360]
[MD5.11C3EFB4BAC41175D03B1595DB1A4A4F] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1648]
[MD5.B86A7B6A99AE9738ABC299BB4E8D26D7] - (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) -- C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [136352] [PID.1916]
[MD5.BBD5503999F331278DB39046888D559C] - (.O2Micro International - O2 Flash Memory Service.) -- C:\WINDOWS\system32\DRIVERS\o2flash.exe [71512] [PID.2044]
[MD5.A1E779A0CF7A21B42E8FD3E8856D8481] - (.Pas de propri�taire - PassThruSvr Application.) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896] [PID.304]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.504]
[MD5.7EEEEC28A34516E66137F355DCC15BDB] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.584]
[MD5.A0501773C903B469D3B14C1067E80050] - (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) -- C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160] [PID.1208]
[MD5.BB1F9614D427716D0D9E9FEFC34CC9A4] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920] [PID.3828]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.596]
[MD5.F8E9D5FBB2339FB71B770E89B577B360] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16855552] [PID.2200]
[MD5.8F48849314EF6AF4E0B925539E52B16F] - (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe [36864] [PID.2776]
[MD5.3580208ABD256AA4DC4A578F8EE7304D] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064] [PID.3016]
[MD5.FDA92FDAFFEDBDD3741FDDF9D82C69DF] - (.Synaptics Incorporated - Toshiba Custom PlugIn Application.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe [210216] [PID.2716]
[MD5.B675CBBCCD273808150F6675C2CC60CF] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [1191936] [PID.2028]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.3300]
[MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [218032] [PID.568]
[MD5.9C492FEC0D62844ADFA1FD910F0AF3B8] - (.Microsoft Corporation - Microsoft Tablet PC Component.) -- C:\WINDOWS\system32\WISPTIS.exe [293376] [PID.3724]
[MD5.7A6638028D84C2B87EAB6D0A0F38A095] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6535680] [PID.3788]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.312]
[MD5.8BA7C024070F2B7FDD98ED8A4BA41789] - (.Microsoft Corporation - PresentationFontCache.exe.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.3516]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jhmyb7sh.default\prefs.js
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
~ Firefox Browser: 30 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.)
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - Software Cl� orpheline
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Dell Inc. - BAE.dll.) -- C:\Program Files\Dell\BAE\BAE.dll
~ BHO: 7 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Cl� orpheline
O3 - Toolbar: Easy-WebPrint - [HKLM]{327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propri�taire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] . (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMCTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [NVHotkey] nvHotkey.dll
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (.not file.)
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Programs: Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: Windows Live ID.lnk . (.Microsoft Corporation - Sign in Options.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.exe
O4 - GS\Programs: Windows Movie Maker.LNK . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Programs: Assistance � distance.LNK . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O4 - GS\Programs: Outlook Express.LNK . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Statistiques d�Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} . (.Kaspersky Lab - Script Monitor Internet Explorer plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 3 Legitimates Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264672929484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264672916765
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 351791G.ac-rennes.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - Kaspersky OE plugin loader.) - C:\Program Files\KASPER~1\KASPER~2.0FO\kloehk.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
O23 - Service: Intel� PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsuppor (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (.not file.)
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
~ Services: 12 Legitimates Scanned in 00mn 04s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Go for FilesUpdate.job [282]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Office Outlook 2007.job [532]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job [564]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SystemToolsDailyTest.job [422]
[MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Microsoft Office Outlook 2007] (...) -- C:\Documents and Settings\yves\Menu D�marrer\Programmes\Microsoft Office\Microsoft Office Outlook 2007.lnk (.not file.) [0]
[MD5.FF1D19A2F23EF359F2652F013E97B759] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [859976]
[MD5.07A86CBFC516544AC199EDC6AFF7D418] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe [1233736]
~ Scheduled Task: 15 Legitimates Scanned in 00mn 00s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 22 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (APPDRV) . (.Dell Inc - App Support Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys
O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\WINDOWS\system32\Drivers\DLARTL_M.sys
O41 - Driver: (LUMDriver) . (.IBM - LUM Runtime.) - C:\WINDOWS\system32\drivers\LUMDriver.sys
O41 - Driver: (OMCI) . (. - .) - C:\WINDOWS\sysTEM32\DRIVERS\OMCI.sys (.not file.)
~ Drivers: 78 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.6) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advanced Video FX Engine - (...) [HKLM] -- Advanced Video FX Engine
O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD
O42 - Logiciel: Easy-WebPrint - (...) [HKLM] -- Easy-WebPrint
O42 - Logiciel: IGN Rando - (...) [HKLM] -- {3761D0A0-6694-41F1-A735-83074F2D2B37}
O42 - Logiciel: IGN Rando - (...) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D}
O42 - Logiciel: INDEX EDUCATION - Client PRONOTE 2011 - (.Index Education.) [HKLM] -- {B279DFD9-284C-40D4-8316-B72533B36F93}
O42 - Logiciel: INDEX EDUCATION - ProfNOTE 2011 - (.Index Education.) [HKLM] -- {1B9DA148-9BF0-483B-93E1-9FEC245B597F}
O42 - Logiciel: Kaspersky Anti-Virus 6.0 for Windows Workstations - (.Kaspersky Lab.) [HKLM] -- {8F023021-A7EB-45D3-9269-D65264C81729}
O42 - Logiciel: Le Nouveau Littr� - (...) [HKLM] -- Littre
O42 - Logiciel: Live! Cam Avatar - (.Creative Technology Ltd..) [HKLM] -- {1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}
O42 - Logiciel: Mar�es dans le Monde - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: OmniPage SE 2.0 - (.ScanSoft, Inc..) [HKLM] -- {79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
O42 - Logiciel: QuickSet - (.Dell Computer Corporation.) [HKLM] -- {C5074CC4-0E26-4716-A307-960272A90040}
O42 - Logiciel: ScanNav 12.0 - (.Marc Lombard.) [HKLM] -- {1B10FA81-531B-443A-87F6-90C69D52E3CB}
O42 - Logiciel: Ugrib RC1 - (.GRIB.US.) [HKLM] -- Ugrib_is1
O42 - Logiciel: WXTide32 - (...) [HKLM] -- WXTide32
O42 - Logiciel: �Torrent - (...) [HKLM] -- uTorrent
~ Logic: 179 Legitimates Scanned in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BillP Studios]
[HKCU\Software\BitTorrent]
[HKCU\Software\EyePower Games]
[HKCU\Software\Fugawi]
[HKCU\Software\Geoplace]
[HKCU\Software\GoforFiles]
[HKCU\Software\Harmony Hollow]
[HKCU\Software\Imc]
[HKCU\Software\IncrediMail]
[HKCU\Software\Index Education]
[HKCU\Software\Luidia]
[HKCU\Software\Marc Lombard]
[HKCU\Software\Paraschool]
[HKCU\Software\RdE]
[HKCU\Software\SnapShot]
[HKCU\Software\Tech'Soft]
[HKCU\Software\U.S. Robotics]
[HKCU\Software\X-Cleaner]
[HKCU\Software\cadwork Backup]
[HKCU\Software\cadwork informatik]
[HKCU\Software\charlyrobot]
[HKCU\Software\da-soft]
[HKCU\Software\zyGrib]
[HKLM\Software\AM3XXX]
[HKLM\Software\BillP Studios]
[HKLM\Software\GeoTask AG]
[HKLM\Software\GoforFiles]
[HKLM\Software\Gradient]
[HKLM\Software\IncrediMail]
[HKLM\Software\Intel, Inc.]
[HKLM\Software\LOXANE]
[HKLM\Software\Luidia]
[HKLM\Software\Marc Lombard]
[HKLM\Software\NewSoft]
[HKLM\Software\Vid_0471]
~ Key Software: 303 Legitimates Scanned in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/01/2013 - 16:31:28 - [8.978] ----D C:\Program Files\American Conquest Anthology
O43 - CFD: 06/02/2009 - 10:38:33 - [0.681] ----D C:\Program Files\Common~1
O43 - CFD: 07/01/2013 - 18:17:32 - [4.445] ----D C:\Program Files\GoforFiles
O43 - CFD: 05/08/2009 - 16:43:43 - [1426.058] ----D C:\Program Files\GRIB.US
O43 - CFD: 05/09/2012 - 12:17:06 - [1455.538] ----D C:\Program Files\IGN Rando
O43 - CFD: 20/11/2008 - 16:19:13 - [0] ----D C:\Program Files\Intel, Inc
O43 - CFD: 08/12/2008 - 21:35:40 - [144.140] ----D C:\Program Files\Le Nouveau Littr�
O43 - CFD: 03/08/2010 - 17:03:33 - [45.503] ----D C:\Program Files\Marc Lombard
O43 - CFD: 24/10/2011 - 11:17:08 - [168.763] ----D C:\Program Files\mar�e dans le monde
O43 - CFD: 27/11/2008 - 21:38:22 - [105.246] ----D C:\Program Files\NewSoft
O43 - CFD: 10/12/2012 - 19:54:27 - [0.924] ----D C:\Program Files\uTorrent
O43 - CFD: 05/08/2009 - 23:58:36 - [3.868] ----D C:\Program Files\WXTide32
O43 - CFD: 08/01/2013 - 13:16:16 - [0] ----D C:\Documents and Settings\yves\Application Data\cadwork
O43 - CFD: 07/01/2013 - 13:55:02 - [0.001] ----D C:\Documents and Settings\yves\Application Data\GoforFiles
O43 - CFD: 28/09/2011 - 19:01:26 - [0.005] ----D C:\Documents and Settings\yves\Application Data\IndexEducation
O43 - CFD: 27/11/2008 - 21:38:15 - [0.527] ----D C:\Documents and Settings\yves\Application Data\NewSoft
O43 - CFD: 05/03/2013 - 01:17:14 - [2.983] ----D C:\Documents and Settings\yves\Application Data\uTorrent
O43 - CFD: 10/03/2013 - 18:50:49 - [0.001] ----D C:\Documents and Settings\yves\Application Data\WinPatrol
O43 - CFD: 07/01/2013 - 20:53:47 - [0.000] ----D C:\Documents and Settings\yves\Local Settings\Application Data\cadwork informatik
O43 - CFD: 08/12/2008 - 21:35:40 - [0.003] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\Le Nouveau Littr�
O43 - CFD: 24/10/2011 - 11:17:08 - [0.002] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\Mar�es dans le Monde
O43 - CFD: 05/08/2009 - 23:58:31 - [0.001] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\WXTide32
~ Program Folder: 208 Legitimates Scanned in 00mn 02s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 07/04/2013 - 19:03:34 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001 [165341]
O44 - LFC:[MD5.2A20BFC17B1C7FC5B6133AB3F1AC6613] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157]
O44 - LFC:[MD5.637948D1E1D8B644D2A76C5AA595861C] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.5F4BF4B2DE20AC56BB47C581AE4F2EF6] - 06/04/2013 - 12:38:12 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [3276]
O44 - LFC:[MD5.A031E8D281B93E98FC01E91DBEA8567A] - 06/04/2013 - 12:14:45 ---A- . (...) -- C:\AdwCleaner[S1].txt [9330]
O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 21/03/2013 - 20:17:47 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [165341]
O44 - LFC:[MD5.4A00D4DAE2B686F0F83F1EAE0A01334F] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [49270]
O44 - LFC:[MD5.F4AD6A2209FC32BE6FE3A9021DA2A625] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3400]
O44 - LFC:[MD5.C5F7F989E8B6EAEBB6B9DA070EA2CFAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\comsetup.log [16339]
O44 - LFC:[MD5.3D9F3881FA3DAD4BB02AD81DCBA3FBDE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\iis6.log [52896]
O44 - LFC:[MD5.297FD5D01E3B29EF182AB28CCD3A7203] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.1D49F43AF25B540AD4B526E18E2F2CAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2472]
O44 - LFC:[MD5.769295B393488255324C9DB2ED71907E] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\netfxocm.log [8664]
O44 - LFC:[MD5.F65EBB280BC986ADFA51356C0727B0EF] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [9886]
O44 - LFC:[MD5.5A6B236219193645FF631B0B08F0C072] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocgen.log [23648]
O44 - LFC:[MD5.E0CB067FF315CAF976AA6AF7110BAB38] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocmsn.log [2736]
O44 - LFC:[MD5.B430C61E8DE73636AB521357E29248DE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2488]
O44 - LFC:[MD5.F7137D63BE8C1F4D7D738365FA7DE29A] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tsoc.log [22568]
O44 - LFC:[MD5.3DEE575C65F87C331EA0813199C284B0] - 14/03/2013 - 20:01:00 ---A- . (...) -- C:\WINDOWS\msmqinst.log [15056]
O44 - LFC:[MD5.6B34A54A2B49B8A59768FDDFD30E9390] - 13/03/2013 - 20:03:04 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.B001B3C4B36E96F33D6D63A2C09F5B2E] - 13/03/2013 - 20:02:42 ---A- . (...) -- C:\WINDOWS\updspapi.log [6337]
~ Files: 38 Legitimates Scanned in 00mn 01s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Talk\googletalk.exe" [Enabled] .(...) -- C:\Program Files\Google\Google Talk\googletalk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" [Enabled] .(...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(...) -- C:\Program Files\Orange\Connectivity\ConnectivityManager.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\dmwu.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ARFC\wrtc.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\ARFC\wrtc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\goforfilesdl.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\GoforFiles.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
~ Keys Export: 18 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 6 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{9d27a998-0368-11e0-b099-002170ca8bb2}\AutoRun\command. (...) -- F:\usbConfig\DoNotDelete.exe (.not file.)
O51 - MPSK:{a2127418-1964-11e0-b0c1-002170ca8bb2}\AutoRun\command. (...) -- C:\WINDOWS\system32\E:\m.exe (.not file.)
O51 - MPSK:{edbb8433-b310-11de-9342-002170ca8bb2}\AutoRun\command. (...) -- F:\Setupx.exe (.not file.)
O51 - MPSK:{f4a8e645-cb44-11dd-b483-002170ca8bb2}\AutoRun\command - Cl� orpheline
O51 - MPSK:{fbfb1abd-03af-11e0-b09a-002170ca8bb2}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 19 Legitimates Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\CloneCDTray [Key] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (...) -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
~ SMSR Keys: 7 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
~ MWPS: 5 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 18/08/2001 - 10:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\Drivers\aliide.sys [5248]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/03/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe� Flash� Player Update Service 11.6 r6.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC
O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - 12/08/2005 - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys (APPDRV) .(.Dell Inc - App Support Driver.) - LEGACY_APPDRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\arp1394.sys (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V4.0.30319_32
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABMFSM.sys (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABOIOM.sys (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLADResM.sys (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAIFS_M.sys (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAOPIOM.sys (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAPoolM.sys (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLARTL_M.sys (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDFAM.sys (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDF_M.sys (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DRVNDDM.sys (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\fxssvc.exe (Fax) .(.Microsoft Corporation - Service de t�l�copie.) - LEGACY_FAX
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\fltMgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - 28/04/2010 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR
O64 - Services: CurCS - 15/01/2009 - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (GoToAssist) .(.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) - LEGACY_GOTOASSIST
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - 29/07/2008 - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\imapi.exe (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - 07/01/2013 - C:\WINDOWS\system32\drivers\LUMDriver.sys (LUMDriver) .(.IBM - LUM Runtime.) - LEGACY_LUMDRIVER
O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys (mdf16) .(.Pas de propri�taire - Driver for SecretZone.) - LEGACY_MDF16
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - 19/05/2008 - C:\WINDOWS\system32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows� installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys (mvd23) .(.Pas de propri�taire - Virtual Disk Driver for SecretZone.) - LEGACY_MVD23
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (Netlogon) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NETLOGON
O64 - Services: CurCS - 27/08/2008 - C:\WINDOWS\system32\DRIVERS\o2flash.exe (O2FLASH) .(.O2Micro International - O2 Flash Memory Service.) - LEGACY_O2FLASH
O64 - Services: CurCS - 20/07/2011 - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.exe (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) - LEGACY_ODSERV
O64 - Services: CurCS - 31/03/2011 - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (PassThru Service) .(.Pas de propri�taire - PassThruSvr Application.) - LEGACY_PASSTHRU_SERVICE
O64 - Services: CurCS - 27/10/2010 - C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys (PcdrNdisuio) .(.Windows (R) Codename Longhorn DDK provider - PCDR NDIS User mode I/O Driver.) - LEGACY_PCDRNDISUIO
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\smlogsvc.exe (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG
O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - 27/03/2008 - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - WDF Dynamic.) - LEGACY_WDF01000
O64 - Services: CurCS - 20/08/2008 - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe (WLANKEEPER) .(.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - LEGACY_WLANKEEPER
O64 - Services: CurCS - 30/03/2009 - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.exe (wlidsvc) .(.Microsoft Corporation - Microsoft� Windows Live ID Service.) - LEGACY_WLIDSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV
O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) .(.Microsoft Corporation - wpffontcache_v0400.exe.) - LEGACY_WPFFONTCACHE_V0400
O64 - Services: CurCS - 26/05/2008 - C:\WINDOWS\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH
~ Legacy: 206 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
~ FASS Keys: 17 Legitimates Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 40 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.10FD0AF90A08AF6A389C4B81DED0032B] [SPRF][26/11/2008] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat [127]
[MD5.21B4E224826F7613E6F8FA2C06F9483F] [SPRF][10/11/2011] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\AccaData.dat [14974]
[MD5.B066B4B2910C670530B63D5E924E8A2B] [SPRF][10/11/2011] (.Pas de propri�taire - Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys [18288]
[MD5.624197EC77BFBDF65CB21DD775E982DA] [SPRF][10/11/2011] (.Pas de propri�taire - Virtual Disk Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys [90944]
[MD5.474A6C09B66C9439D7C8B66E9BE59232] [SPRF][25/05/2011] (.Clarus, Inc. - Samsung Portable SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\Portable SecretZone.exe [1404536]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [201648]
[MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440]
[MD5.CF23C30CDFA3AAF1297801F4CED42876] [SPRF][07/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropENU.dll [116136]
[MD5.EAE8A6A34084A2372EAE3D484DAF754C] [SPRF][21/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropFRA.dll [111728]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [484272]
[MD5.2FD994827193B68DD301F80BDF744231] [SPRF][03/04/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll [354608]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11473 - (06/04/2013)
Cl�s trouv�es (Keys found) : 3
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] =>Toolbar.PDFCreator
~ Additionnel: Scanned in 00mn 53s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "695032265E7381643A92D0125F928AF6" . (.Browser Address Error Redirector.) -- C:\WINDOWS\Installer\{62230596-37E5-4618-A329-0D21F529A86F}\ARPPRODUCTICON.exe
O90 - PUC: "E7995D9797FBBB84B814B95EC9512C7D" . (.OmniPage SE.) -- C:\WINDOWS\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\Op.exe
~ Update Products: 95 Legitimates Scanned in 00mn 00s
---\\ MyComputer Name Space (O92)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 12/03/2010 311680 | (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 20/08/2008 860160 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 07/01/2013 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 15/01/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 21/06/2009 133104 | (gupdate1c9f2aef8ff9320) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/06/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/05/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 10/03/2010 136352 | (klnagent) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
SS - | Demand 11/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 07/01/2011 156776 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 27/08/2008 71512 | (O2FLASH) . (.O2Micro International.) - C:\WINDOWS\system32\DRIVERS\o2flash.exe
SR - | Auto 80896 | (PassThru Service) . (...) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 29/09/2004 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Auto 20/08/2008 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 20/08/2008 905216 | (S24EventMonitor) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
SS - | Auto 0 | (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 20/08/2008 348160 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
~ Services: Scanned in 00mn 00s
~ 1171 Legitimates filtered by white list
End of the scan (726 lines in 01mn 12s)(0)
Run by yves at 07/04/2013 20:35:42
State : Version � jour.
High Elevated Privileges : OK
UAC : Not Found
---\\ Web Browser
MSIE: Internet Explorer v8.0.6001.18702
MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows XP Professional Service Pack 3 (Build 2600)
Windows Automatic Updates : OK
Windows Genuine Advantage : OK
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3070.4 MB (69% free)
System Restore: Activ� (Enable)
System drive C: has 96 GB (32%) free of 298 GB
---\\ Logged in mode
~ Computer Name: COLL�GE
~ User Name: yves
~ All Users Names: yves, SUPPORT_388945a0, HelpAssistant, ASPNET, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Documents and Settings\yves\Application Data\
~ %Desktop% : C:\Documents and Settings\yves\Bureau\
~ %Favorites% : C:\Documents and Settings\yves\Favoris\
~ %LocalAppData% : C:\Documents and Settings\yves\Local Settings\Application Data\
~ %StartMenu% : C:\Documents and Settings\yves\Menu D�marrer\
~ %Windir% : C:\WINDOWS\
~ %System% : C:\WINDOWS\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 298 Go)
D:\ CD-ROM drive (Not Inserted)
E:\ CD-ROM drive (Free 0 Go of 8 Go)
G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]
[MD5.FCDD66EE148885E900285ADE8417E40B] - (.Microsoft Corporation - Internet Extensions for Win32.) (.05/02/2013 - 20:56:42.) -- C:\WINDOWS\system32\wininet.dll [916480]
[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]
[MD5.1E44BC1E83D8FD2305F8D452DB109CF9] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.17/08/2011 - 14:49:54.) -- C:\WINDOWS\system32\Drivers\AFD.sys [138496]
[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.14/04/2008 - 00:40:32.) -- C:\WINDOWS\system32\Drivers\atapi.sys [96512]
[MD5.C885B02847F5D2FD45A24E219ED93B32] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdfs.sys [63744]
[MD5.1F4260CC5B42272D71F79E570A27A4FE] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Cdrom.sys [62976]
[MD5.31F923EB2170FC172C81ABDA0045D18C] - (.Microsoft Corporation - Pilote de cryptographie FIPS.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Fips.sys [44672]
[MD5.573C7D0A32852B48F3058CFD8026F511] - (.Windows (R) Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\HDAudBus.sys [144384]
[MD5.A09BDC4ED10E3B2E0EC27BB94AF32516] - (.Microsoft Corporation - Pilote de port i8042.) (.13/04/2008 - 19:00:54.) -- C:\WINDOWS\system32\Drivers\i8042prt.sys [54144]
[MD5.083A052659F5310DD8B6A6CB05EDCF8E] - (.Microsoft Corporation - IMAPI Kernel Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Imapi.sys [42112]
[MD5.CC748EA12C6EFFDE940EE98098BF96BB] - (.Microsoft Corporation - IP Network Address Translator.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IpNat.sys [152832]
[MD5.23C74D75E36E7158768DD63D92789A91] - (.Microsoft Corporation - IPSec Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\IPSec.sys [75264]
[MD5.7D304A5EB4344EBEEAB53A2FE3FFB9F0] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.15/07/2011 - 14:29:31.) -- C:\WINDOWS\system32\Drivers\MRxSmb.sys [456320]
[MD5.74B2B2F5BEA5E9A3DC021D685551BD3D] - (.Microsoft Corporation - MBT Transport driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\netBT.sys [162816]
[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\ntfs.sys [574976]
[MD5.8FD0BDBEA875D06CCF6C945CA9ABAF75] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Parport.sys [80384]
[MD5.11B4A627BC9614B885C4969BFA5FF8A6] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\Rasl2tp.sys [51328]
[MD5.15CABD0F7C00C47C70124907916AF3F1] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.14/04/2008 - 00:32:52.) -- C:\WINDOWS\system32\Drivers\rdpdr.sys [196224]
[MD5.D8EB2A7904DB6C916EB5361878DDCBAE] - (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) (.13/04/2008 - 19:57:36.) -- C:\WINDOWS\system32\Drivers\redbook.sys [58752]
[MD5.46DE1126684369BACE4849E4FC8C43CA] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.14/04/2008 - 13:00:00.) -- C:\WINDOWS\system32\Drivers\volsnap.sys [53376]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 2/3
~ Mes musiques (My Musics) : 1/16
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 1/110
~ Mes Documents (My Documents) : 2/1916
~ Mon Bureau (My Desktop) : 1/1723
~ Menu demarrer (Programs) : 1/35
~ Hidden Files: Scanned in 00mn 01s
---\\ Processus lanc�s
[MD5.A8C1E6FF53FB0628A302843EA5FA5AB6] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 266.5.) -- C:\WINDOWS\system32\nvsvc32.exe [156776] [PID.1812]
[MD5.8B09FF15D36B1D5108F6F3249EA16F5F] - (.Intel(R) Corporation - Intel(R) Wireless Management Service.) -- C:\Program Files\Intel\WiFi\bin\S24EvMon.exe [905216] [PID.384]
[MD5.5E3F0AAEA4642BF184DEEA311C7201DE] - (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe [311680] [PID.1292]
[MD5.BA6063E3375F9BC11A9C8450A7F61E70] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Event Log Service.) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160] [PID.1360]
[MD5.11C3EFB4BAC41175D03B1595DB1A4A4F] - (.Sun Microsystems, Inc. - Java(TM) Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.1648]
[MD5.B86A7B6A99AE9738ABC299BB4E8D26D7] - (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) -- C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe [136352] [PID.1916]
[MD5.BBD5503999F331278DB39046888D559C] - (.O2Micro International - O2 Flash Memory Service.) -- C:\WINDOWS\system32\DRIVERS\o2flash.exe [71512] [PID.2044]
[MD5.A1E779A0CF7A21B42E8FD3E8856D8481] - (.Pas de propri�taire - PassThruSvr Application.) -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [80896] [PID.304]
[MD5.9D84376931440F3679BEEF2A414FA493] - (.HP - PML Driver.) -- C:\WINDOWS\system32\HPZipm12.exe [69632] [PID.504]
[MD5.7EEEEC28A34516E66137F355DCC15BDB] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe [466944] [PID.584]
[MD5.A0501773C903B469D3B14C1067E80050] - (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) -- C:\Program Files\Intel\WiFi\bin\WLKeeper.exe [348160] [PID.1208]
[MD5.BB1F9614D427716D0D9E9FEFC34CC9A4] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1434920] [PID.3828]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [917400] [PID.596]
[MD5.F8E9D5FBB2339FB71B770E89B577B360] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe [16855552] [PID.2200]
[MD5.8F48849314EF6AF4E0B925539E52B16F] - (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe [36864] [PID.2776]
[MD5.3580208ABD256AA4DC4A578F8EE7304D] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe [1368064] [PID.3016]
[MD5.FDA92FDAFFEDBDD3741FDDF9D82C69DF] - (.Synaptics Incorporated - Toshiba Custom PlugIn Application.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe [210216] [PID.2716]
[MD5.B675CBBCCD273808150F6675C2CC60CF] - (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe [1191936] [PID.2028]
[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- ystem32\rundll32.exe [0] [PID.3300]
[MD5.43D083268A0919F3527A2837390BAF63] - (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe [218032] [PID.568]
[MD5.9C492FEC0D62844ADFA1FD910F0AF3B8] - (.Microsoft Corporation - Microsoft Tablet PC Component.) -- C:\WINDOWS\system32\WISPTIS.exe [293376] [PID.3724]
[MD5.7A6638028D84C2B87EAB6D0A0F38A095] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6535680] [PID.3788]
[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.312]
[MD5.8BA7C024070F2B7FDD98ED8A4BA41789] - (.Microsoft Corporation - PresentationFontCache.exe.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [46104] [PID.3516]
~ Processes Running: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Documents and Settings\yves\Application Data\Mozilla\Firefox\Profiles\jhmyb7sh.default\prefs.js
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8117.0416] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
~ Firefox Browser: 30 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.6.) (No version) -- (.not file.)
~ IE Browser: Scanned in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\WINDOWS\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: (no name) - Software Cl� orpheline
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} . (.Dell Inc. - BAE.dll.) -- C:\Program Files\Dell\BAE\BAE.dll
~ BHO: 7 Legitimates Scanned in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: (no name) - [HKLM]{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} Cl� orpheline
O3 - Toolbar: Easy-WebPrint - [HKLM]{327C2873-E90D-4c37-AA9D-10AC9BABA46C} . (.Pas de propri�taire - Easy-WebPrint.) -- C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] . (.Creative Technology Ltd. - Live! Cam Console Auto Launcher.) -- C:\WINDOWS\OEM13Mon.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointing-device Driver.) -- C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe
O4 - HKLM\..\Run: [IntelZeroConfig] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Zero Config Servic.) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Framework.) -- C:\Program Files\Fichiers communs\Intel\WirelessCommon\iFrmewrk.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMCTray.dll
O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll
O4 - HKLM\..\Run: [NVHotkey] nvHotkey.dll
O4 - HKLM\..\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files\Fichiers communs\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe (.not file.)
O4 - HKCU\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe
O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [ISUSPM] . (.Macrovision Corporation - Macrovision Software Manager.) -- C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-3574521262-1011636392-1284559431-1005\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Programs: Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico
O4 - GS\Programs: Audacity.lnk . (...) -- C:\Program Files\Audacity\audacity.exe
O4 - GS\Programs: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe
O4 - GS\Programs: Windows Live ID.lnk . (.Microsoft Corporation - Sign in Options.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.exe
O4 - GS\Programs: Windows Movie Maker.LNK . (.Microsoft Corporation - Windows Movie Maker.) -- C:\Program Files\Movie Maker\moviemk.exe
O4 - GS\Programs: Windows Search.lnk . (.Microsoft Corporation - Windows Search System Tray.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O4 - GS\Programs: Assistance � distance.LNK . (.Microsoft Corporation - Assistance � distance Microsoft.) -- C:\WINDOWS\system32\rcimlby.exe
O4 - GS\Programs: Outlook Express.lnk . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer.LNK . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe
O4 - GS\Programs: Outlook Express.LNK . (.Microsoft Corporation - Outlook Express.) -- C:\Program Files\Outlook Express\msimn.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Statistiques d�Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} . (.Kaspersky Lab - Script Monitor Internet Explorer plugin.) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\scieplgn.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} -- Cl� orpheline
O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 3 Legitimates Scanned in 00mn 00s
---\\ Site dans la Zone de confiance d'Internet Explorer (O15)
O15 - Trusted Zone: [HKCU\...\Domains\www] http.orange.fr
~ IE Zone Confiance: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264672929484
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} ((no name)) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1264672916765
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} ((no name)) - http://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{263A9C19-016F-46D1-B36F-776D7031E6D9}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = 351791G.ac-rennes.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll
O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll
O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent r�seau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll
O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\system32\dimsntfy.dll
O20 - Winlogon Notify: GoToAssist . (.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) -- C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O20 - Winlogon Notify: klogon . (.Kaspersky Lab - Logon Visualizer.) -- C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll
O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll
O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
O20 - Winlogon Notify: WgaLogon . (.Microsoft Corporation - Notifications Windows Genuine Advantage.) -- C:\WINDOWS\system32\WgaLogon.dll
O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de r�ception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-cl�s Winlogon Notify (autorun) (O20)
O20 - AppInit_DLLs: . (.Kaspersky Lab ZAO - Kaspersky OE plugin loader.) - C:\Program Files\KASPER~1\KASPER~2.0FO\kloehk.dll
~ AppInit DLL: Scanned in 00mn 00s
---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Kaspersky Lab Network Agent (klnagent) . (.Kaspersky Lab - Kaspersky Administration Kit Network Agent.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
O23 - Service: Intel� PROSet/Wireless Registry Service (RegSrvc) . (.Intel(R) Corporation - Intel(R) PROSet/Wireless Registry Service.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SupportSoft Sprocket Service (dellsuppor (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe (.not file.)
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) . (.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
~ Services: 12 Legitimates Scanned in 00mn 04s
---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s
---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Go for FilesUpdate.job [282]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Microsoft Office Outlook 2007.job [532]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\PCDoctorBackgroundMonitorTask.job [564]
O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\SystemToolsDailyTest.job [422]
[MD5.00000000000000000000000000000000] [APT] [Go for FilesUpdate] (...) -- C:\Program Files\GoforFiles\GFFUpdater.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [Microsoft Office Outlook 2007] (...) -- C:\Documents and Settings\yves\Menu D�marrer\Programmes\Microsoft Office\Microsoft Office Outlook 2007.lnk (.not file.) [0]
[MD5.FF1D19A2F23EF359F2652F013E97B759] [APT] [PCDoctorBackgroundMonitorTask] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\uaclauncher.exe [859976]
[MD5.07A86CBFC516544AC199EDC6AFF7D418] [APT] [SystemToolsDailyTest] (.PC-Doctor, Inc..) -- C:\Program Files\Dell Support Center\pcdrcui.exe [1233736]
~ Scheduled Task: 15 Legitimates Scanned in 00mn 00s
---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 22 Legitimates Scanned in 00mn 00s
---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (APPDRV) . (.Dell Inc - App Support Driver.) - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys
O41 - Driver: (DLARTL_M) . (.Roxio - Shared Driver Component.) - C:\WINDOWS\system32\Drivers\DLARTL_M.sys
O41 - Driver: (LUMDriver) . (.IBM - LUM Runtime.) - C:\WINDOWS\system32\drivers\LUMDriver.sys
O41 - Driver: (OMCI) . (. - .) - C:\WINDOWS\sysTEM32\DRIVERS\OMCI.sys (.not file.)
~ Drivers: 78 Legitimates Scanned in 00mn 00s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader X (10.1.6) - Fran�ais - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Advanced Video FX Engine - (...) [HKLM] -- Advanced Video FX Engine
O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD
O42 - Logiciel: Easy-WebPrint - (...) [HKLM] -- Easy-WebPrint
O42 - Logiciel: IGN Rando - (...) [HKLM] -- {3761D0A0-6694-41F1-A735-83074F2D2B37}
O42 - Logiciel: IGN Rando - (...) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D}
O42 - Logiciel: INDEX EDUCATION - Client PRONOTE 2011 - (.Index Education.) [HKLM] -- {B279DFD9-284C-40D4-8316-B72533B36F93}
O42 - Logiciel: INDEX EDUCATION - ProfNOTE 2011 - (.Index Education.) [HKLM] -- {1B9DA148-9BF0-483B-93E1-9FEC245B597F}
O42 - Logiciel: Kaspersky Anti-Virus 6.0 for Windows Workstations - (.Kaspersky Lab.) [HKLM] -- {8F023021-A7EB-45D3-9269-D65264C81729}
O42 - Logiciel: Le Nouveau Littr� - (...) [HKLM] -- Littre
O42 - Logiciel: Live! Cam Avatar - (.Creative Technology Ltd..) [HKLM] -- {1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}
O42 - Logiciel: Mar�es dans le Monde - (...) [HKLM] -- ST6UNST #1
O42 - Logiciel: OmniPage SE 2.0 - (.ScanSoft, Inc..) [HKLM] -- {79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
O42 - Logiciel: QuickSet - (.Dell Computer Corporation.) [HKLM] -- {C5074CC4-0E26-4716-A307-960272A90040}
O42 - Logiciel: ScanNav 12.0 - (.Marc Lombard.) [HKLM] -- {1B10FA81-531B-443A-87F6-90C69D52E3CB}
O42 - Logiciel: Ugrib RC1 - (.GRIB.US.) [HKLM] -- Ugrib_is1
O42 - Logiciel: WXTide32 - (...) [HKLM] -- WXTide32
O42 - Logiciel: �Torrent - (...) [HKLM] -- uTorrent
~ Logic: 179 Legitimates Scanned in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\BillP Studios]
[HKCU\Software\BitTorrent]
[HKCU\Software\EyePower Games]
[HKCU\Software\Fugawi]
[HKCU\Software\Geoplace]
[HKCU\Software\GoforFiles]
[HKCU\Software\Harmony Hollow]
[HKCU\Software\Imc]
[HKCU\Software\IncrediMail]
[HKCU\Software\Index Education]
[HKCU\Software\Luidia]
[HKCU\Software\Marc Lombard]
[HKCU\Software\Paraschool]
[HKCU\Software\RdE]
[HKCU\Software\SnapShot]
[HKCU\Software\Tech'Soft]
[HKCU\Software\U.S. Robotics]
[HKCU\Software\X-Cleaner]
[HKCU\Software\cadwork Backup]
[HKCU\Software\cadwork informatik]
[HKCU\Software\charlyrobot]
[HKCU\Software\da-soft]
[HKCU\Software\zyGrib]
[HKLM\Software\AM3XXX]
[HKLM\Software\BillP Studios]
[HKLM\Software\GeoTask AG]
[HKLM\Software\GoforFiles]
[HKLM\Software\Gradient]
[HKLM\Software\IncrediMail]
[HKLM\Software\Intel, Inc.]
[HKLM\Software\LOXANE]
[HKLM\Software\Luidia]
[HKLM\Software\Marc Lombard]
[HKLM\Software\NewSoft]
[HKLM\Software\Vid_0471]
~ Key Software: 303 Legitimates Scanned in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 22/01/2013 - 16:31:28 - [8.978] ----D C:\Program Files\American Conquest Anthology
O43 - CFD: 06/02/2009 - 10:38:33 - [0.681] ----D C:\Program Files\Common~1
O43 - CFD: 07/01/2013 - 18:17:32 - [4.445] ----D C:\Program Files\GoforFiles
O43 - CFD: 05/08/2009 - 16:43:43 - [1426.058] ----D C:\Program Files\GRIB.US
O43 - CFD: 05/09/2012 - 12:17:06 - [1455.538] ----D C:\Program Files\IGN Rando
O43 - CFD: 20/11/2008 - 16:19:13 - [0] ----D C:\Program Files\Intel, Inc
O43 - CFD: 08/12/2008 - 21:35:40 - [144.140] ----D C:\Program Files\Le Nouveau Littr�
O43 - CFD: 03/08/2010 - 17:03:33 - [45.503] ----D C:\Program Files\Marc Lombard
O43 - CFD: 24/10/2011 - 11:17:08 - [168.763] ----D C:\Program Files\mar�e dans le monde
O43 - CFD: 27/11/2008 - 21:38:22 - [105.246] ----D C:\Program Files\NewSoft
O43 - CFD: 10/12/2012 - 19:54:27 - [0.924] ----D C:\Program Files\uTorrent
O43 - CFD: 05/08/2009 - 23:58:36 - [3.868] ----D C:\Program Files\WXTide32
O43 - CFD: 08/01/2013 - 13:16:16 - [0] ----D C:\Documents and Settings\yves\Application Data\cadwork
O43 - CFD: 07/01/2013 - 13:55:02 - [0.001] ----D C:\Documents and Settings\yves\Application Data\GoforFiles
O43 - CFD: 28/09/2011 - 19:01:26 - [0.005] ----D C:\Documents and Settings\yves\Application Data\IndexEducation
O43 - CFD: 27/11/2008 - 21:38:15 - [0.527] ----D C:\Documents and Settings\yves\Application Data\NewSoft
O43 - CFD: 05/03/2013 - 01:17:14 - [2.983] ----D C:\Documents and Settings\yves\Application Data\uTorrent
O43 - CFD: 10/03/2013 - 18:50:49 - [0.001] ----D C:\Documents and Settings\yves\Application Data\WinPatrol
O43 - CFD: 07/01/2013 - 20:53:47 - [0.000] ----D C:\Documents and Settings\yves\Local Settings\Application Data\cadwork informatik
O43 - CFD: 08/12/2008 - 21:35:40 - [0.003] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\Le Nouveau Littr�
O43 - CFD: 24/10/2011 - 11:17:08 - [0.002] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\Mar�es dans le Monde
O43 - CFD: 05/08/2009 - 23:58:31 - [0.001] ----D C:\Documents and Settings\yves\Menu D�marrer\Programmes\WXTide32
~ Program Folder: 208 Legitimates Scanned in 00mn 02s
---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 07/04/2013 - 19:03:34 ---A- . (...) -- C:\WINDOWS\system32\nvModes.001 [165341]
O44 - LFC:[MD5.2A20BFC17B1C7FC5B6133AB3F1AC6613] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiadebug.log [157]
O44 - LFC:[MD5.637948D1E1D8B644D2A76C5AA595861C] - 07/04/2013 - 19:00:55 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]
O44 - LFC:[MD5.5F4BF4B2DE20AC56BB47C581AE4F2EF6] - 06/04/2013 - 12:38:12 ---A- . (...) -- C:\Ad-Report-CLEAN[1].txt [3276]
O44 - LFC:[MD5.A031E8D281B93E98FC01E91DBEA8567A] - 06/04/2013 - 12:14:45 ---A- . (...) -- C:\AdwCleaner[S1].txt [9330]
O44 - LFC:[MD5.C0FA5AA89984F19C5202B20404631D81] - 21/03/2013 - 20:17:47 ---A- . (...) -- C:\WINDOWS\system32\nvModes.dat [165341]
O44 - LFC:[MD5.4A00D4DAE2B686F0F83F1EAE0A01334F] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [49270]
O44 - LFC:[MD5.F4AD6A2209FC32BE6FE3A9021DA2A625] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [3400]
O44 - LFC:[MD5.C5F7F989E8B6EAEBB6B9DA070EA2CFAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\comsetup.log [16339]
O44 - LFC:[MD5.3D9F3881FA3DAD4BB02AD81DCBA3FBDE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\iis6.log [52896]
O44 - LFC:[MD5.297FD5D01E3B29EF182AB28CCD3A7203] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]
O44 - LFC:[MD5.1D49F43AF25B540AD4B526E18E2F2CAB] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\msgsocm.log [2472]
O44 - LFC:[MD5.769295B393488255324C9DB2ED71907E] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\netfxocm.log [8664]
O44 - LFC:[MD5.F65EBB280BC986ADFA51356C0727B0EF] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [9886]
O44 - LFC:[MD5.5A6B236219193645FF631B0B08F0C072] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocgen.log [23648]
O44 - LFC:[MD5.E0CB067FF315CAF976AA6AF7110BAB38] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\ocmsn.log [2736]
O44 - LFC:[MD5.B430C61E8DE73636AB521357E29248DE] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tabletoc.log [2488]
O44 - LFC:[MD5.F7137D63BE8C1F4D7D738365FA7DE29A] - 14/03/2013 - 20:01:03 ---A- . (...) -- C:\WINDOWS\tsoc.log [22568]
O44 - LFC:[MD5.3DEE575C65F87C331EA0813199C284B0] - 14/03/2013 - 20:01:00 ---A- . (...) -- C:\WINDOWS\msmqinst.log [15056]
O44 - LFC:[MD5.6B34A54A2B49B8A59768FDDFD30E9390] - 13/03/2013 - 20:03:04 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]
O44 - LFC:[MD5.B001B3C4B36E96F33D6D63A2C09F5B2E] - 13/03/2013 - 20:02:42 ---A- . (...) -- C:\WINDOWS\updspapi.log [6337]
~ Files: 38 Legitimates Scanned in 00mn 01s
---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll
O46 - SEH:ShellExecuteHooks - Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll
~ ShellExecuteHooks: Scanned in 00mn 00s
---\\ Export de cl� d'application autoris�e (O47)
O47 - AAKE:Key Export SP - "C:\Program Files\Google\Google Talk\googletalk.exe" [Enabled] .(...) -- C:\Program Files\Google\Google Talk\googletalk.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" [Enabled] .(...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\Orange\Connectivity\ConnectivityManager.exe" [Enabled] .(...) -- C:\Program Files\Orange\Connectivity\ConnectivityManager.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\uTorrent\uTorrent.exe" [Enabled] .(.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\dmwu.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\dmwu.exe
O47 - AAKE:Key Export SP - "C:\WINDOWS\system32\ARFC\wrtc.exe" [Enabled] .(.Pas de propri�taire.) -- C:\WINDOWS\system32\ARFC\wrtc.exe
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\goforfilesdl.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\goforfilesdl.exe (.not file.)
O47 - AAKE:Key Export SP - "C:\Program Files\GoforFiles\GoforFiles.exe" [Enabled] .(...) -- C:\Program Files\GoforFiles\GoforFiles.exe (.not file.)
~ Keys Export: 18 Legitimates Scanned in 00mn 00s
---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 6 Legitimates Scanned in 00mn 00s
---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 23 Legitimates Scanned in 00mn 00s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d
~ IFEO: Scanned in 00mn 00s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{9d27a998-0368-11e0-b099-002170ca8bb2}\AutoRun\command. (...) -- F:\usbConfig\DoNotDelete.exe (.not file.)
O51 - MPSK:{a2127418-1964-11e0-b0c1-002170ca8bb2}\AutoRun\command. (...) -- C:\WINDOWS\system32\E:\m.exe (.not file.)
O51 - MPSK:{edbb8433-b310-11de-9342-002170ca8bb2}\AutoRun\command. (...) -- F:\Setupx.exe (.not file.)
O51 - MPSK:{f4a8e645-cb44-11dd-b483-002170ca8bb2}\AutoRun\command - Cl� orpheline
O51 - MPSK:{fbfb1abd-03af-11e0-b09a-002170ca8bb2}\AutoRun\command. (...) -- F:\LaunchU3.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 19 Legitimates Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\CloneCDTray [Key] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
O53 - SMSR:HKLM\...\startupreg\HTC Sync Loader [Key] . (...) -- C:\Program Files\HTC\HTC Sync 3.0\htcUPCTLoader.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\SuperCopier2.exe [Key] . (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe
~ SMSR Keys: 7 Legitimates Scanned in 00mn 00s
---\\ Microsoft Control Security Providers (O54)
~ MSCP: 6 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
~ MWPS: 5 Legitimates Scanned in 00mn 00s
---\\ Microsoft Windows Policies Explorer (O56)
~ MWPE Keys: 5 Legitimates Scanned in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 18/08/2001 - 10:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\Drivers\aliide.sys [5248]
O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 14/04/2008 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]
~ Drivers: Scanned in 00mn 00s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 12/03/2013 - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (AdobeFlashPlayerUpdateSvc) .(.Adobe Systems Incorporated - Adobe� Flash� Player Update Service 11.6 r6.) - LEGACY_ADOBEFLASHPLAYERUPDATESVC
O64 - Services: CurCS - 17/08/2011 - C:\WINDOWS\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\alg.exe (ALG) .(.Microsoft Corporation - Application Layer Gateway Service.) - LEGACY_ALG
O64 - Services: CurCS - 12/08/2005 - C:\WINDOWS\sysTEM32\DRIVERS\APPDRV.sys (APPDRV) .(.Dell Inc - App Support Driver.) - LEGACY_APPDRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\arp1394.sys (Arp1394) .(.Microsoft Corporation - IP/1394 Arp Client.) - LEGACY_ARP1394
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Browser) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_BROWSER
O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (clr_optimization_v4.0.30319_32) .(.Microsoft Corporation - .NET Runtime Optimization Service.) - LEGACY_CLR_OPTIMIZATION_V4.0.30319_32
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (CryptSvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_CRYPTSVC
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABMFSM.sys (DLABMFSM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABMFSM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLABOIOM.sys (DLABOIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLABOIOM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLADResM.sys (DLADResM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLADRESM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAIFS_M.sys (DLAIFS_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAIFS_M
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAOPIOM.sys (DLAOPIOM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAOPIOM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAPoolM.sys (DLAPoolM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAPOOLM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLARTL_M.sys (DLARTL_M) .(.Roxio - Shared Driver Component.) - LEGACY_DLARTL_M
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDFAM.sys (DLAUDFAM) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDFAM
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DLAUDF_M.sys (DLAUDF_M) .(.Roxio - Drive Letter Access Component.) - LEGACY_DLAUDF_M
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Dnscache) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_DNSCACHE
O64 - Services: CurCS - 23/07/2007 - C:\WINDOWS\system32\Drivers\DRVNDDM.sys (DRVNDDM) .(.Roxio - Device Driver Manager.) - LEGACY_DRVNDDM
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\fxssvc.exe (Fax) .(.Microsoft Corporation - Service de t�l�copie.) - LEGACY_FAX
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\fltMgr.sys (FltMgr) .(.Microsoft Corporation - Microsoft Filesystem Filter Manager.) - LEGACY_FLTMGR
O64 - Services: CurCS - 29/07/2008 - c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (FontCache3.0.0.0) .(.Microsoft Corporation - PresentationFontCache.exe.) - LEGACY_FONTCACHE3.0.0.0
O64 - Services: CurCS - 28/04/2010 - C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys (fssfltr) .(.Microsoft Corporation - Family Safety Filter Driver (TDI).) - LEGACY_FSSFLTR
O64 - Services: CurCS - 15/01/2009 - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe (GoToAssist) .(.Citrix Online, a division of Citrix Systems - Citrix Online GoToAssist.) - LEGACY_GOTOASSIST
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\msgpc.sys (Gpc) .(.Microsoft Corporation - MS General Packet Classifier.) - LEGACY_GPC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (HidServ) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_HIDSERV
O64 - Services: CurCS - 20/10/2009 - C:\WINDOWS\system32\Drivers\HTTP.sys (HTTP) .(.Microsoft Corporation - HTTP Protocol Stack.) - LEGACY_HTTP
O64 - Services: CurCS - 29/07/2008 - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (idsvc) .(.Microsoft Corporation - Windows CardSpace.) - LEGACY_IDSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\imapi.exe (ImapiService) .(.Microsoft Corporation - API Image Mastering.) - LEGACY_IMAPISERVICE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\ipsec.sys (IPSec) .(.Microsoft Corporation - IPSec Driver.) - LEGACY_IPSEC
O64 - Services: CurCS - 07/01/2013 - C:\WINDOWS\system32\drivers\LUMDriver.sys (LUMDriver) .(.IBM - LUM Runtime.) - LEGACY_LUMDRIVER
O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys (mdf16) .(.Pas de propri�taire - Driver for SecretZone.) - LEGACY_MDF16
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\mrxdav.sys (MRxDAV) .(.Microsoft Corporation - Windows NT WebDav Minirdr.) - LEGACY_MRXDAV
O64 - Services: CurCS - 15/07/2011 - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys (MRxSmb) .(.Microsoft Corporation - Windows NT SMB Minirdr.) - LEGACY_MRXSMB
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\msdtc.exe (MSDTC) .(.Microsoft Corporation - MS DTC console program.) - LEGACY_MSDTC
O64 - Services: CurCS - 19/05/2008 - C:\WINDOWS\system32\msiexec.exe (MSIServer) .(.Microsoft Corporation - Windows� installer.) - LEGACY_MSISERVER
O64 - Services: CurCS - 10/11/2011 - C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys (mvd23) .(.Pas de propri�taire - Virtual Disk Driver for SecretZone.) - LEGACY_MVD23
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\netbios.sys (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (Netlogon) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_NETLOGON
O64 - Services: CurCS - 27/08/2008 - C:\WINDOWS\system32\DRIVERS\o2flash.exe (O2FLASH) .(.O2Micro International - O2 Flash Memory Service.) - LEGACY_O2FLASH
O64 - Services: CurCS - 20/07/2011 - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.exe (odserv) .(.Microsoft Corporation - Microsoft Office Diagnostics.) - LEGACY_ODSERV
O64 - Services: CurCS - 31/03/2011 - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe (PassThru Service) .(.Pas de propri�taire - PassThruSvr Application.) - LEGACY_PASSTHRU_SERVICE
O64 - Services: CurCS - 27/10/2010 - C:\WINDOWS\system32\DRIVERS\pcdrndisuio.sys (PcdrNdisuio) .(.Windows (R) Codename Longhorn DDK provider - PCDR NDIS User mode I/O Driver.) - LEGACY_PCDRNDISUIO
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (PolicyAgent) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_POLICYAGENT
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\lsass.exe (ProtectedStorage) .(.Microsoft Corporation - LSA Shell (Export Version).) - LEGACY_PROTECTEDSTORAGE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rasacd.sys (RasAcd) .(.Microsoft Corporation - RAS Automatic Connection Driver.) - LEGACY_RASACD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\rdbss.sys (Rdbss) .(.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - LEGACY_RDBSS
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (ShellHWDetection) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SHELLHWDETECTION
O64 - Services: CurCS - 17/08/2010 - C:\WINDOWS\system32\spoolsv.exe (Spooler) .(.Microsoft Corporation - Spooler SubSystem App.) - LEGACY_SPOOLER
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\sr.sys (sr) .(.Microsoft Corporation - Pilote de filtre de syst�me de fichiers pou.) - LEGACY_SR
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (srservice) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_SRSERVICE
O64 - Services: CurCS - 17/02/2011 - C:\WINDOWS\system32\DRIVERS\srv.sys (Srv) .(.Microsoft Corporation - Server driver.) - LEGACY_SRV
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (stisvc) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_STISVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\smlogsvc.exe (SysmonLog) .(.Microsoft Corporation - Service des alertes et des journaux de perf.) - LEGACY_SYSMONLOG
O64 - Services: CurCS - 20/06/2008 - C:\WINDOWS\system32\DRIVERS\tcpip.sys (Tcpip) .(.Microsoft Corporation - TCP/IP Protocol Driver.) - LEGACY_TCPIP
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\svchost.exe (Themes) .(.Microsoft Corporation - Generic Host Process for Win32 Services.) - LEGACY_THEMES
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\DRIVERS\wanarp.sys (Wanarp) .(.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - LEGACY_WANARP
O64 - Services: CurCS - 27/03/2008 - C:\WINDOWS\system32\DRIVERS\Wdf01000.sys (Wdf01000) .(.Microsoft Corporation - WDF Dynamic.) - LEGACY_WDF01000
O64 - Services: CurCS - 20/08/2008 - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe (WLANKEEPER) .(.Intel(R) Corporation - Intel(R) WLANKeeper SSO Service.) - LEGACY_WLANKEEPER
O64 - Services: CurCS - 30/03/2009 - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.exe (wlidsvc) .(.Microsoft Corporation - Microsoft� Windows Live ID Service.) - LEGACY_WLIDSVC
O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\wbem\wmiapsrv.exe (WmiApSrv) .(.Microsoft Corporation - Service de la carte de performance WMI.) - LEGACY_WMIAPSRV
O64 - Services: CurCS - 18/03/2010 - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (WPFFontCache_v0400) .(.Microsoft Corporation - wpffontcache_v0400.exe.) - LEGACY_WPFFONTCACHE_V0400
O64 - Services: CurCS - 26/05/2008 - C:\WINDOWS\system32\SearchIndexer.exe (WSearch) .(.Microsoft Corporation - Microsoft Windows Search Indexer.) - LEGACY_WSEARCH
~ Legacy: 206 Legitimates Scanned in 00mn 00s
---\\ File Associations Shell Spawning (O67)
~ FASS Keys: 17 Legitimates Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - http://search.live.com
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 40 Legitimates Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.10FD0AF90A08AF6A389C4B81DED0032B] [SPRF][26/11/2008] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\fusioncache.dat [127]
[MD5.21B4E224826F7613E6F8FA2C06F9483F] [SPRF][10/11/2011] (...) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\AccaData.dat [14974]
[MD5.B066B4B2910C670530B63D5E924E8A2B] [SPRF][10/11/2011] (.Pas de propri�taire - Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mdf16.sys [18288]
[MD5.624197EC77BFBDF65CB21DD775E982DA] [SPRF][10/11/2011] (.Pas de propri�taire - Virtual Disk Driver for SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\mvd23.sys [90944]
[MD5.474A6C09B66C9439D7C8B66E9BE59232] [SPRF][25/05/2011] (.Clarus, Inc. - Samsung Portable SecretZone.) -- C:\Documents and Settings\yves\Local Settings\Application Data\Temp\Portable SecretZone.exe [1404536]
[MD5.8CE7705CB43B03BB7970B04087C7758F] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [29616]
[MD5.01E2ECA759056F23C73A035FDABB2D6D] [SPRF][30/06/2006] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [201648]
[MD5.DE2EB468A14E00F9A99326C6C9C07075] [SPRF][02/02/2009] (.Adobe Systems Incorporated - Adobe� Flash� Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1914440]
[MD5.CF23C30CDFA3AAF1297801F4CED42876] [SPRF][07/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropENU.dll [116136]
[MD5.EAE8A6A34084A2372EAE3D484DAF754C] [SPRF][21/02/2012] (.Autodesk, Inc. - Autodesk i-drop control.) -- C:\WINDOWS\Downloaded Program Files\IDropFRA.dll [111728]
[MD5.0C135B4FEFF52ED92CF08BB3F0A75A90] [SPRF][11/09/2006] (.Macrovision Corporation - Macrovision Software Manager Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [484272]
[MD5.2FD994827193B68DD301F80BDF744231] [SPRF][03/04/2009] (.Husdawg, LLC - System Requirements Lab.) -- C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll [354608]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11473 - (06/04/2013)
Cl�s trouv�es (Keys found) : 3
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 0
Fichiers trouv�s (Files found) : 0
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}] =>Toolbar.PDFCreator
~ Additionnel: Scanned in 00mn 53s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "695032265E7381643A92D0125F928AF6" . (.Browser Address Error Redirector.) -- C:\WINDOWS\Installer\{62230596-37E5-4618-A329-0D21F529A86F}\ARPPRODUCTICON.exe
O90 - PUC: "E7995D9797FBBB84B814B95EC9512C7D" . (.OmniPage SE.) -- C:\WINDOWS\Installer\{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}\Op.exe
~ Update Products: 95 Legitimates Scanned in 00mn 00s
---\\ MyComputer Name Space (O92)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 12/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 12/03/2010 311680 | (AVP) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Workstations MP4\avp.exe
SS - | Demand 14/04/2008 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\system32\dmadmin.exe
SR - | Auto 20/08/2008 860160 | (EvtEng) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
SS - | Demand 07/01/2013 1044816 | (FLEXnet Licensing Service) . (.Flexera Software, Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
SS - | Demand 15/01/2009 16680 | (GoToAssist) . (.Citrix Online, a division of Citrix Systems.) - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
SS - | Auto 21/06/2009 133104 | (gupdate1c9f2aef8ff9320) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 21/06/2009 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SR - | Auto 16/05/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe
SR - | Auto 10/03/2010 136352 | (klnagent) . (.Kaspersky Lab.) - C:\Program Files\Kaspersky Lab\NetworkAgent 8\klnagent.exe
SS - | Demand 11/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 07/01/2011 156776 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe
SR - | Auto 27/08/2008 71512 | (O2FLASH) . (.O2Micro International.) - C:\WINDOWS\system32\DRIVERS\o2flash.exe
SR - | Auto 80896 | (PassThru Service) . (...) - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 29/09/2004 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\system32\HPZipm12.exe
SR - | Auto 20/08/2008 466944 | (RegSrvc) . (.Intel(R) Corporation.) - C:\Program Files\Fichiers communs\Intel\WirelessCommon\RegSrvc.exe
SR - | Auto 20/08/2008 905216 | (S24EventMonitor) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
SS - | Auto 0 | (sprtsvc_dellsupportcenter) . (...) - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
SR - | Auto 20/08/2008 348160 | (WLANKEEPER) . (.Intel(R) Corporation.) - C:\Program Files\Intel\WiFi\bin\WLKeeper.exe
~ Services: Scanned in 00mn 00s
~ 1171 Legitimates filtered by white list
End of the scan (726 lines in 01mn 12s)(0)