~ Rapport de ZHPDiag v2014.4.28.48 - Nicolas Coolman (28/04/2014) ~ Lancé par Utilisateur (30/04/2014 15:34:32) ~ Adresse du Site Web http://nicolascoolman.webs.com ~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/ ~ Traduit par Nicolas Coolman ~ Etat de la version : ~ Liste blanche : Activée par le programme ~ Elévation des Privilèges : OK ~ User Account Control (UAC): Deactivate by program ---\\ Navigateurs Internet MSIE: Internet Explorer v11.0.9600.16521 MFIE: Mozilla Firefox 29.0 (Defaut) OPIE: Opera vStable 20.0.1387.82 ---\\ Informations sur les produits Windows ~ Langage: Français Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows Operating System - Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7QJB7 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ Logiciels de protection du système avast! Free Antivirus v9.0.2018 Trusteer Sécurité des points d'accès v3.5.1304.48 Malwarebytes Anti-Malware version 1.75.0.1300 Secunia PSI SUPERAntiSpyware v5.6.1040 Windows Defender W7 ---\\ Logiciels d'optimisation du système CCleaner v4.13 ---\\ Logiciels de partage PeerToPeer ---\\ Surveillance de Logiciels Adobe Flash Player 13 Plugin Adobe Reader XI Java 7 Update 55 Java 7 Update 55 ---\\ Informations sur le système ~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8119 MB (57% free) System Restore: Activé (Enable) System drive C: has 112 GB (57%) free of 196 GB ---\\ Mode de connexion au système ~ Computer Name: DESKTOP-HOME-AC ~ User Name: Utilisateur ~ All Users Names: Utilisateur, HomeGroupUser$, Administrateur, ~ Unselected Option: None Logged in as Administrator ---\\ Variables d'environnement ~ System Unit : C:\ ~ %AppZHP% : C:\Users\Utilisateur\AppData\Roaming\ZHP\ ~ %AppData% : C:\Users\Utilisateur\AppData\Roaming\ ~ %Desktop% : F:\Mes documents\Mon Bureau (ACER)\ ~ %Favorites% : F:\Mes documents\Mes favoris (DD)\ ~ %LocalAppData% : C:\Users\Utilisateur\AppData\Local\ ~ %StartMenu% : C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ Enumération des unités disques C: Hard drive, Flash drive, Thumb drive (Free 112 Go of 196 Go) D: Hard drive, Flash drive, Thumb drive (Free 615 Go of 721 Go) E: CD-ROM drive (Free 0 Go of 0 Go) F: Hard drive, Flash drive, Thumb drive (Free 271 Go of 932 Go) G: CD-ROM drive (Not Inserted) L: CD-ROM drive (Not Inserted) V: Hard drive, Flash drive, Thumb drive (Free 1191 Go of 1863 Go) ---\\ Etat du Centre de Sécurité Windows [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 49 Legitimates Filtered in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Generic Processes: Scanned in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 1/1162 ~ Mes musiques (My Musics) : 1/20863 ~ Mes Videos (My Videos) : 2/549 ~ Mes Favoris (My Favorites) : 1/6743 ~ Mes Documents (My Documents) : 2/82512 ~ Mon Bureau (My Desktop) : 1/127 ~ Menu demarrer (Programs) : 1/5 ~ Hidden Files: Scanned in 00mn 18s ---\\ Processus lancés [MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3820] [MD5.BB9ACD507A735FA9FE524FCE0AEBB493] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2484504] [PID.4440] [MD5.A0012C1D9B8648C20C00202418B9D02F] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.4732] [MD5.E32AE4E6FDED29C239978066EC486B87] - (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- c:\program files (x86)\process explorer\procexp.exe [2925760] [PID.4676] [MD5.AF3DA0C60DE8A312328F247FF2FA6239] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [775968] [PID.716] [MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.2132] [MD5.D9B553C9033A0021498ADF8FB72AEDDF] - (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2860576] [PID.1484] [MD5.0CF3024CAF4A427967435520C8DD1433] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3744064] [PID.4688] [MD5.A08A6D194884DFC35C619F8A5E1FFFBD] - (.Pas de propriétaire - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe [1120032] [PID.5580] [MD5.C5B5552E5C1A0079C1F7313E7CC7707E] - (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [542264] [PID.5616] [MD5.52F7F2F0B0269FDD71F30044A4749A01] - (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe [908288] [PID.5868] [MD5.1C5119BE71F29A69EF25AFF9FB6FBBAD] - (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe [546688] [PID.4624] [MD5.E0E44C3FBE6234CD247FEF427B6937D0] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344] [PID.4984] [MD5.61D35EEE356FBA70F4E30E6A5B7D8D6C] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [180224] [PID.3176] [MD5.0550FBCEE76B6B8BD0045C898394E728] - (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe [131072] [PID.3208] [MD5.7D46CE32283158EB7F1D0C8E02D8DDD1] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568] [PID.6320] [MD5.9F0ACAA725CF5A391AF7E2067AE45746] - (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192] [PID.6412] [MD5.63E9C23A386FFFA84B5E03BFF9B628F0] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096] [PID.6924] [MD5.BD0DD1EDB96290012A093C9C6FFFC4B8] - (.Brother Industries, Ltd. - ControlCenter Main Process.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [508928] [PID.6744] [MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.6648] [MD5.37C5D75F2271C4B1ADC262B03FE30697] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe [787984] [PID.6408] [MD5.118E21B52406222F1BB6EAAB4B6BABF0] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\tmiegsrv.exe [665104] [PID.6708] [MD5.906B6B6CED0B8BF5B2F730827B687CA3] - (.Brother Industries, Ltd. - ControlCenter UX System.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [1459712] [PID.7112] [MD5.FBB33D6550559030FE42615572FE9FC3] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe [565464] [PID.4740] [MD5.38E330A28E034CE632F218AD2AD6452B] - (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872] [PID.2952] [MD5.3FDBC28DEF3378089C5EE301637970BA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3668] [MD5.8858F7FE986DD156F88488EDA50CC446] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.8108] [MD5.C54C8B8DAE3CC59CBAFF15FAC00084D7] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe [1864368] [PID.7172] [MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7865344] [PID.7656] [MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.9096] [MD5.F5456293D2604BCE2BEC07FC6186A341] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440] [PID.616] [MD5.FC0BF82B3968F1D8CD13B3F721668193] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120] [PID.1132] [MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1740] [MD5.E38AC5D38C757EE5B6230A0C56791EE4] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1352] [MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2080] [MD5.EEA7B4193CFDD90F106ABA56B09C8AD6] - (.AdRem Software, Inc. - MyNet Toolset Service.) -- C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe [1376680] [PID.2120] [MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2216] [MD5.DB109DA005B6FE2A350C5DD7CA768DFD] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240] [PID.2292] [MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.2420] [MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2468] [MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2512] [MD5.2F139207F618EC2933830227EEFFDDB4] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [305448] [PID.2744] [MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2780] [MD5.903A40C958D471F9D30D29FA6D2800A4] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.2848] [MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2968] [MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.3012] [MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.1764] [MD5.1F35EFEC56CD1BF62435EAF97EABC3B3] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13632] [PID.3244] [MD5.30F5B5DFF0CA2DE65F7F301AB1369BD3] - (...) -- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952] [PID.7692] [MD5.398A81D590424441B2F5C5C08073CADB] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528] [PID.1300] [MD5.8C2D3A80FC90A860F0F24DEB67471481] - (.Secunia - Secunia Update Agent.) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [662232] [PID.1832] [MD5.45F606823EAA469582318C722C76A29D] - (.Trend Micro Inc. - Trend Micro RUBotted Service.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416] [PID.9024] ~ Processes Running: Scanned in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google\u00C2 Drive v.6.3 (Activé) G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.6.0 (Activé) ---\\ Liste des dossiers d'extension Google Chrome ~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) M2 - MFEP: prefs.js [Utilisateur - mc0758te.default-1393239399875\adsremoval@adsremoval.net] [] Ads Removal v1.0.0 (..) ~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve ~ IE Browser: 17 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s ---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s ---\\ Hosts file redirection (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Hosts File: Scanned in 00mn 00s ~ Nombre de lignes (Lines number): 1807 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Soda PDF 3D Reader Helper [64Bits] - {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} . (.LULU Software Limited - Soda PDF 3D Reader Helper.) -- C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll O2 - BHO: Ads Removal [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll ~ BHO: 15 Legitimates Filtered in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: TMBGBAR TOOLBAR - [HKLM]{C8137A8D-415D-450C-A1B1-D0C519D45296} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\X64\tmieg64.dll O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Clé orpheline O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline ~ Toolbar: Scanned in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - GS\QuickLaunch [Utilisateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Global Startup: 1 Legitimates Filtered in 00mn 01s ---\\ Applications lancées au démarrage du système (O4) O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKCU\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - HKCU\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKCU\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe O4 - HKCU\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe O4 - HKCU\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe O4 - HKLM\..\Wow6432Node\Run: [Power ISO PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe O4 - HKLM\..\Wow6432Node\Run: [IcoSauve] . (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe O4 - HKLM\..\Wow6432Node\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe O4 - HKLM\..\Wow6432Node\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe O4 - HKLM\..\Wow6432Node\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [Secunia PSI Tray] . (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe O4 - HKLM\..\Wow6432Node\Run: [JDownloader2] . (.AppWork UG (haftungsbeschränkt) - JDownloader Launcher v3.) -- C:\Program Files (x86)\JDownloader\JDownloader.exe O4 - HKLM\..\Wow6432Node\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\_FTP téléchargement\Internet Download Manager\IDMan.exe O4 - HKLM\..\Wow6432Node\Run: [RUBotted] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe O4 - HKLM\..\Wow6432Node\Run: [JMB36X IDE Setup] . (...) -- C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe O4 - HKLM\..\Wow6432Node\Run: [Trend Micro Browser Guard] . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe O4 - HKLM\..\Wow6432Node\Run: [Trend Micro RUBotted V2.0 Beta] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe O4 - HKLM\..\Wow6432Node\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\3c7f573b-2ee2-4b76-9b00-64087038eb3d.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe ~ Application: Scanned in 00mn 00s ---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9) O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico ~ IE Extra Buttons: Scanned in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} ((no name)) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.5.0.cab ~ Objets ActiveX: Scanned in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1 ~ Domain: Scanned in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation ~ Protocole Additionnel: Scanned in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll ~ Winlogon: Scanned in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: EldosMountNotificator-cbfs4-0 - {A14C9A36-5015-4897-B8F8-ECDA8250A917} . (.EldoS Corporation - Mount Notifier.) -- C:\Program Files (x86)\Common Files\CBFS\cbfsMntNtf4.dll ~ SSODL: 2 Legitimates Filtered in 00mn 00s ---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22) O22 - SharedTaskScheduler: (no name) [64Bits] - {A14C9A36-5015-4897-B8F8-ECDA8250A917} - (.not file.) ~ STS/SSO: Scanned in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe ~ Services: 33 Legitimates Filtered in 00mn 27s ---\\ Tâches planifiées en automatique (O39) [MD5.C4B3CA32C8B04F2C72F76ED96EFD45EF] [APT] [4Team updater] (...) -- C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [179312] [MD5.95B9750198A0471CA972B91E5B3FD086] [APT] [Launch 20662] (...) -- C:\Program Files (x86)\_Communications\Orange PC synchro\Voxsync.exe [701952] [MD5.E32AE4E6FDED29C239978066EC486B87] [APT] [Process Explorer skipUAC startup] (.Sysinternals - www.sysinternals.com.) -- c:\program files (x86)\process explorer\procexp.exe [2925760] [MD5.00000000000000000000000000000000] [APT] [{2564CC20-92F9-4F54-831F-A58FC3D0BE9B}] (...) -- M:\z_Outils\_ OUTILS\bureautique\Adobe\_creer un pdf\expert pdf 2 bluesquad\expertPDF2.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{3C67F505-7395-413B-80E8-8670D4F94839}] (...) -- D:\Outils\Drivers\ACER\HDMI_R270.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{45AE36EC-C75E-4061-BC57-213E0443789E}] (...) -- C:\Program Files (x86)\_Traitement vid‚o\XviD4PSP5\Uninstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{51FAA641-9AE2-4878-8249-00F19F64F2CB}] (...) -- F:\Mes documents\Downloads\WIN_L1WinSetup_v2.4.7.29_WHQL\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{7ED9B4DC-1EC1-4557-8B23-B4E509D5BC12}] (...) -- C:\swsetup\SP58915\setup.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{875220FF-E0DA-4E74-A6B3-24F205C679AC}] (...) -- I:\z_Outils\_ OUTILS\Video\_codecs\Codec_Sniper_0.1.0_4331\Codec_Sniper_francais.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{99A58AEA-01EA-4020-A782-84FF8B16D8D5}] (...) -- C:\Users\Utilisateur\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{A8B92F55-A2B7-4212-B012-4768E92B6E55}] (...) -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2 - Installation Files\installer.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{AC661EB0-EEFF-48BB-8DF0-AB4A35870BF8}] (...) -- D:\Outils\_ OUTILS\securite\__Virus Trojans Malware Spyware\SOGE RapportSetup-Full.msi" (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{B29DA93A-A19F-41DD-B274-21E61881D1C6}] (...) -- D:\Outils\_ OUTILS\tv-radio\TVO\framework 2.0 dotnetfx x86 pour TVO.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{CBD56113-0103-48ED-A8B1-B9EBB55E9A7A}] (...) -- F:\Mes documents\Downloads\IDM Internet download manager\FFSBR_Mul14_Help_v1.6.exe (.not file.) [0] [MD5.D878C584F32451D82642C36732C64FFB] [APT] [{D1A635E5-16E0-4EFD-8D1E-5AB72EC56290}] (...) -- C:\Program Files (x86)\Alliance MCA\SafeFax\unins000.exe [710766] [MD5.00000000000000000000000000000000] [APT] [{D49EC551-788B-41FF-A390-B125854AC8D9}] (...) -- D:\Outils\_ OUTILS\Programmateur de taches\program taches avant extinction totale darc\Lastchance.exe (.not file.) [0] O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize [336] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000Core [1050] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000UA [1102] ~ Scheduled Task: 49 Legitimates Filtered in 00mn 03s ---\\ Logiciels installés (O42) O42 - Logiciel: RegUtility version 4.1 - (...) [HKLM][64Bits] -- RegUtility_is1 O42 - Logiciel: SafeFax 3.0.999 - (.Alliance MCA.) [HKLM][64Bits] -- SafeFax_is1 O42 - Logiciel: VST Bridge 1.1 - (...) [HKLM][64Bits] -- VST Bridge_is1 O42 - Logiciel: world TVRT Special Edition 7.02 - (.worldtvradio.) [HKLM][64Bits] -- world TVRT Special Edition ~ Logic: 37 Legitimates Filtered in 00mn 01s ---\\ HKCU & HKLM Software Keys [HKCU\Software\APMT] [HKCU\Software\EML to PST Converter] [HKCU\Software\Guy] [HKCU\Software\Icon Explorer] [HKCU\Software\OscarK4G4] [HKCU\Software\ShellExtBridge110] [HKCU\Software\Viksoe.dk] [HKCU\Software\Wavelet Labs] [HKLM\Software\Wow6432Node\ADSRemoval] [HKLM\Software\Wow6432Node\Guy] [HKLM\Software\Wow6432Node\ND] [HKLM\Software\Wow6432Node\Wavelet Labs] ~ Key Software: 849 Legitimates Filtered in 00mn 01s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 16/03/2013 - 18:32:52 - [] ----D C:\Program Files (x86)\DnsJumper O43 - CFD: 19/09/2012 - 11:09:27 - [] ----D C:\Program Files (x86)\EML to PST Converter O43 - CFD: 14/02/2014 - 13:49:04 - [0] ----D C:\Program Files (x86)\GUM8D29.tmp O43 - CFD: 23/05/2012 - 15:09:26 - [] ----D C:\Program Files (x86)\Instant File Searcher Professional O43 - CFD: 12/03/2014 - 20:32:05 - [] ----D C:\Program Files (x86)\loop recorder O43 - CFD: 10/12/2012 - 16:59:58 - [] ----D C:\Program Files (x86)\MyNetToolset O43 - CFD: 19/09/2012 - 10:59:17 - [] ----D C:\Program Files (x86)\OscarG7 O43 - CFD: 19/09/2012 - 10:58:50 - [] ----D C:\Program Files (x86)\OSCARK4G4 O43 - CFD: 08/10/2013 - 16:57:29 - [] ----D C:\Program Files (x86)\PirateBrowser O43 - CFD: 24/03/2014 - 18:40:14 - [] ----D C:\Program Files (x86)\processhacker-2.33-bin O43 - CFD: 19/09/2012 - 10:53:38 - [] ----D C:\Program Files (x86)\RegDirXP O43 - CFD: 19/02/2014 - 19:28:24 - [] ----D C:\Program Files (x86)\RegUtility O43 - CFD: 12/06/2013 - 14:52:07 - [] ----D C:\Program Files (x86)\Should I Remove It O43 - CFD: 27/04/2013 - 15:37:37 - [] ----D C:\Program Files (x86)\SmartCam O43 - CFD: 20/01/2014 - 18:37:40 - [] ----D C:\Program Files (x86)\SmartRAM3 O43 - CFD: 17/01/2014 - 14:16:10 - [] ----D C:\Program Files (x86)\stdu-multi viewer-portable_1-6-300_fr_239656 O43 - CFD: 21/11/2013 - 21:20:17 - [] ----D C:\Program Files (x86)\stdu-viewer-portable_1-6-300_fr_239656 O43 - CFD: 08/11/2013 - 18:35:40 - [] ----D C:\Program Files (x86)\Touch99 O43 - CFD: 23/05/2012 - 15:09:41 - [] ----D C:\Program Files (x86)\universal extractractor 161_portable O43 - CFD: 23/03/2012 - 17:30:31 - [] ----D C:\Program Files (x86)\Wavelet Labs O43 - CFD: 14/03/2013 - 18:27:57 - [] ----D C:\Program Files (x86)\Windows7DEK O43 - CFD: 09/06/2012 - 18:03:29 - [] ----D C:\Program Files (x86)\WOEXtract O43 - CFD: 23/05/2012 - 15:09:45 - [] ----D C:\Program Files (x86)\worldTVRT O43 - CFD: 08/04/2013 - 16:13:08 - [] R---D C:\Program Files (x86)\_Bureau O43 - CFD: 19/02/2011 - 11:43:12 - [0] R---D C:\Program Files (x86)\_Bureautique O43 - CFD: 23/03/2012 - 17:30:26 - [] ----D C:\Program Files (x86)\_Disques O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Divers O43 - CFD: 07/07/2012 - 18:28:23 - [] ----D C:\Program Files (x86)\_Décompression O43 - CFD: 23/03/2012 - 17:30:26 - [] R---D C:\Program Files (x86)\_FAX Internet O43 - CFD: 10/06/2012 - 19:16:06 - [] R---D C:\Program Files (x86)\_Fichiers O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Fichiers (dates ou noms) O43 - CFD: 10/12/2012 - 16:59:42 - [] ----D C:\Program Files (x86)\_FTP téléchargement O43 - CFD: 25/02/2013 - 15:28:32 - [] R---D C:\Program Files (x86)\_Graveur O43 - CFD: 01/11/2010 - 17:41:33 - [0] ----D C:\Program Files (x86)\_Imprimantes O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Internet O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Multimedia O43 - CFD: 16/02/2010 - 23:36:16 - [0] ----D C:\Program Files (x86)\_Scanner O43 - CFD: 25/02/2013 - 15:31:24 - [] ----D C:\Program Files (x86)\_Système (hardware) O43 - CFD: 01/11/2010 - 17:41:34 - [0] ----D C:\Program Files (x86)\_Sécurité connections ADSL réseau et ports O43 - CFD: 01/11/2010 - 17:41:33 - [0] R---D C:\Program Files (x86)\_Sécurité sauvegardes et backups O43 - CFD: 04/03/2014 - 16:17:28 - [] R---D C:\Program Files (x86)\_Sécurité Virus Malwares Spywares O43 - CFD: 12/06/2013 - 15:45:12 - [] R---D C:\Program Files (x86)\_Traitement Image, Photos et Graphisme O43 - CFD: 11/03/2014 - 18:21:05 - [] R---D C:\Program Files (x86)\_Traitement Son O43 - CFD: 23/05/2012 - 15:08:39 - [] ----D C:\Program Files (x86)\_Traitement vidéo O43 - CFD: 11/06/2012 - 00:11:30 - [] ----D C:\Program Files (x86)\_TV O43 - CFD: 23/05/2012 - 15:08:40 - [] ----D C:\Program Files (x86)\_video O43 - CFD: 31/05/2013 - 18:11:58 - [] ----D C:\Program Files (x86)\Common Files\CBFS O43 - CFD: 07/07/2012 - 19:28:14 - [] ----D C:\ProgramData\clonehdd O43 - CFD: 23/11/2012 - 17:14:18 - [] ----D C:\ProgramData\complexbackup O43 - CFD: 23/07/2012 - 15:35:53 - [] ----D C:\ProgramData\deletepart O43 - CFD: 23/07/2012 - 15:37:48 - [] ----D C:\ProgramData\formatpart O43 - CFD: 23/03/2012 - 18:31:47 - [] ----D C:\ProgramData\HD Audio Recorder O43 - CFD: 28/07/2013 - 17:24:57 - [] ----D C:\ProgramData\PCFaxTx O43 - CFD: 29/04/2014 - 20:23:46 - [] ----D C:\ProgramData\ProductData O43 - CFD: 23/03/2012 - 18:14:22 - [] ----D C:\ProgramData\RegDirXP O43 - CFD: 11/03/2014 - 18:42:32 - [] ----D C:\ProgramData\Wavelet Labs O43 - CFD: 10/12/2012 - 16:59:30 - [0] ----D C:\ProgramData\{2F6A203E-6DF1-45F1-9367-86E189B4C7AC} O43 - CFD: 09/02/2014 - 14:21:08 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} O43 - CFD: 22/12/2012 - 19:56:29 - [0] -S--D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} O43 - CFD: 27/12/2013 - 16:27:36 - [0] ----D C:\Users\Utilisateur\AppData\Roaming\ARA O43 - CFD: 19/09/2012 - 10:44:32 - [] ----D C:\Users\Utilisateur\AppData\Roaming\HD Audio Recorder O43 - CFD: 12/03/2014 - 18:37:42 - [] ----D C:\Users\Utilisateur\AppData\Roaming\ProductData O43 - CFD: 31/05/2013 - 18:19:01 - [] ----D C:\Users\Utilisateur\AppData\Roaming\RapidDrive ~ Program Folder: 526 Legitimates Filtered in 00mn 01s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] ~ Files: 23 Legitimates Filtered in 00mn 04s ---\\ Image File Execution Options (IFEO) (O50) O50 - IFEO:Image File Execution Options - Del_CD_ROM.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - InstallWTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - InternetEverywhere.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - InternetEverywhere_SMSMMS.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - OSU.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - WTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe O50 - IFEO:Image File Execution Options - WTGVistaUtil.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe ~ IFEO: Scanned in 00mn 00s ---\\ Clé de registre Shell MountPoints2 (MPKS) (O51) O51 - MPSK:{1169d0e8-b2b9-11e0-9e94-90fba64d21e6}\AutoRun\command. (...) -- H:\WD SmartWare.exe (.not file.) O51 - MPSK:{15e46acc-d737-11e2-a5f4-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.) O51 - MPSK:{488a421d-7f44-11e2-b45e-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.) O51 - MPSK:{809bdd4d-8572-11e2-b87a-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.) O51 - MPSK:{a326de79-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- J:\SFR.exe (.not file.) O51 - MPSK:{a326de8d-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- I:\SFR.exe (.not file.) O51 - MPSK:{ac0c17ea-c286-11df-ab43-90fba64d21e6}\AutoRun\command. (...) -- N:\WD SmartWare.exe (.not file.) O51 - MPSK:{b0b77297-956e-11e3-b34a-90fba64d21e6}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.) O51 - MPSK:{e7532556-3069-11e0-bf36-90fba64d21e6}\AutoRun\command. (...) -- K:\WD SmartWare.exe (.not file.) ~ Keys: Scanned in 00mn 00s ---\\ Enumération des clés de registre StartupReg (SMSR) (O53) O53 - SMSR:HKLM\...\startupreg\StartupDelayer [Key] . (.r2 Studios - Startup Launcher.) -- c:\program files\startup delayer\startup launcher.exe ~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55) O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ MWPS: 18 Legitimates Filtered in 00mn 00s ---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 ~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s ---\\ Liste des pilotes du système (SDL) (O58) O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208] O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776] O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416] O58 - SDL:13/02/2013 - 06:48:06 ---A- . (.CSR/PLT - Bluetooth USB Dongle Driver.) -- C:\Windows\System32\Drivers\csrbcx64.sys [33152] O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496] O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232] O58 - SDL:25/06/2010 - 16:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928] O58 - SDL:26/06/2011 - 18:55:24 ---A- . (.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\i8042HDR.sys [15920] O58 - SDL:28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480] O58 - SDL:29/04/2009 - 16:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208] O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600] O58 - SDL:06/12/2013 - 15:47:12 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\Drivers\psi_mf_amd64.sys [18456] O58 - SDL:27/07/2009 - 03:54:30 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [90544] O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392] O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656] O58 - SDL:06/08/2009 - 14:17:34 ---A- . (...) -- C:\Windows\System32\Drivers\TurboB.sys [13784] O58 - SDL:17/01/2010 - 12:10:54 ---A- . (.Windows (R) 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\Drivers\uimx64.sys [48144] O58 - SDL:14/01/2014 - 15:13:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072] O58 - SDL:20/03/2011 - 16:31:08 RSH-- . (...) -- C:\Windows\SysWOW64\CEBA27CA42.sys [88] O58 - SDL:02/03/2014 - 17:44:34 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [3974] ~ Drivers: 112 Legitimates Filtered in 00mn 01s ---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61) O61 - LFC: 24/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_33.0.1750.154_chrome_updater.exe [8676056] O61 - LFC: 29/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe [114568] ~ 206 Fichiers temporaires (Temporary files) ~ 421 Fichiers cookies (Cookies files) ~ Files: 89 Legitimates Filtered in 00mn 08s ---\\ Liste des outils de désinfection (LATC) (O63) O63 - Logiciel: SEAF By C_XX - (.C_XX.) [HKLM] -- SEAF O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7} ~ ADS: Scanned in 00mn 00s ---\\ Liste les services legacy du registre (LALS) (O64) O64 - Services: CurCS - 30/04/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID O64 - Services: CurCS - 17/01/2010 - C:\Windows\System32\DRIVERS\hotcore3.sys (hotcore3) .(.Paragon Software Group - A part of Paragon System Utilities.) - LEGACY_HOTCORE3 ~ Legacy: 143 Legitimates Filtered in 00mn 00s ---\\ Menu de démarrage Internet (SMI) (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe ~ Keys: Scanned in 00mn 00s ---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {73E006BC-DCFE-4CC7-BA5F-3FB1A1E9B98C} - (Yahoo! Search) - http://fr.search.yahoo.com O69 - SBI: SearchScopes [HKCU] {9411A4FD-FE6A-4E6E-ABD3-CBA7E30403E9} - (Yahoo) - http://fr.search.yahoo.com ~ Keys: Scanned in 00mn 00s ---\\ Enumère les fichiers Crack & Keygen (CKF) (O82) C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen D:\Outils\windows guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen D:\Outils\windows guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen D:\Outils\Windows XP\windows XP guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen D:\Outils\Windows XP\windows XP guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen D:\Outils\_ OUTILS\bureautique\Creer un pdf\Corel PDF Fusion112\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\bureautique\Nitro PDF Pro v6.0.2.6 + Keygen\Nitro PDF Pro v6.0.2.6 + Keygen SETUP.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Communications 3g bluetooth wifi adsl Lan\AIOWifcKr\WiFi Cracker, Stealer AiO .exe =>.Crack,Keygen D:\Outils\_ OUTILS\décompression & extraction\IsoBusterPro2CRACKandKeygen\isobuster_all_lang.exe =>.Crack,Keygen D:\Outils\_ OUTILS\décompression & extraction\rar cracker d'archives Rar protégées par MP\Rar_Password_Cracker_4.12.FULL\rpc412_setup.exe =>.Crack,Keygen D:\Outils\_ OUTILS\décompression & extraction\_WINZIP\WinZip.Pro.v16.0.9715..X86.X64.Incl.Keygen-Lz0.rar =>.Crack,Keygen D:\Outils\_ OUTILS\Fichiers (divers)\Konvertor\konvertore 3.46.4 batch\konvertorv3.46.4 batch keygenfff\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\burning studio 7\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Dvd Fab v9.1.2.8 Cracked\DvdFab.v9.1.2.8.Cracked-XenoCoder.rar =>.Crack,Keygen D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Nero 8.1.1.0 fr + key (charlie)\Keygen\nero8x.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Scanner\VueScan.Pro.v8.5.09.Fr\Cerise\Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\securite\Microsoft Private Folder v1.0\Microsoft Private Folder v1.0.pour WIndows Cracked\MSPF10ENU.msi =>.Crack,Keygen D:\Outils\_ OUTILS\securite\__firewall proxy cookies popup\Steganos.Internet.Anonym.2006.v8.0.1.Multilang.Incl.Keygen\Setup.exe =>.Crack,Keygen D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\Symantec Norton Ghost 12 Fr.exe =>.Crack,Keygen D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\SymNorGh12_Fr.rar.torrent =>.Crack,Keygen D:\Outils\_ OUTILS\securite\__Sauvegardes\Titan.Backup.v2.5.0.116\Keygen.and.Patch\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\PaintShopPro11-FR.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\___graphisme optim\Photozoom.Professional.v2.3.2.Multilangages.Incl-Keygen\PhotoZoom Pro 2 Setup.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\ashampoo_music_studio310_se\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\HD Audio Recorder v1.1.0.5 Win7\Cracked\HDAudioRecorderXP.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\VCS_Diamond55.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV-Voice- Changer- Diamond v6.0.10\KeyGen\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\Diamond voice changer 6.0\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\Keygen.rar =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\SuperMP3-Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement Sons\_Recorders\_enregistrement direct carte son\loop recorder 1.3 cracké\crack loop recorder a dezipper ds fichier instal looprecorder\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\1f4-avssetup26.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\2f4-avspatch26.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVS4YOUSoftwareNavigator.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioConverter.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioEditor.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioRecorder.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSCoverEditor2.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDiscCreator.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDocumentConverter.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDVDCopy.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSExplorerExtension.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSImageConverter.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSMediaPlayer.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSPhotoEditor.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRegistryCleaner.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRingtoneMaker.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSScreenCapture.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoConverter.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoEditor.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoRecorder.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoReMaker.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Registration.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Uninstall.exe =>.Crack,Keygen D:\Outils\_ OUTILS\Traitement vidéo\_Convertisseurs\Total video converter\Total Video Converter 3.61 FR ++OK++\Keygen Total Video Converter 3.61 FR\Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\tuning benchmarks\PerfectDisk Rx Suite XP- Vista - Fr\Keygen\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\crd-Wintools.NET.9.0.0_Keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\WinTools-Net-9-Pro-Fr-Colok.exe =>.Crack,Keygen D:\Outils\_ OUTILS\tuning benchmarks\WinXP Manager v5.0.3\keygen.exe =>.Crack,Keygen D:\Outils\_ OUTILS\tuning benchmarks\XP Repair Pro 2007 3.5.5\Keygen.exe =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\5star Mobile Video_v1.5.6.223\kg\keygen.exe =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\SlovoED_Dictionaries_+_KeyGen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\Tracker_keygen.exe =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\yewsoft x for UIQ v.1.2.symbian.7.uiq.inc.blzpda.keygen.zip =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Elements Blazar v1.00.UIQ.SymbianOS7.Cracked-SymBoSS.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\legacy v1.05 for UIQ + keygen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS Silverball v1.6 + Keygen.zip =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS.Karting.with.keygen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Sky Force V1.2 with keygen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Tom.Cooper.Tags.v2.00.UIQ.SymbianOS7.Incl.Keygen-BLZPDA.zip =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\advanced english dictionary 1.02 se p800 symbianos7 uiq with keygen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Best Of a1000 p910 p910I p900 p800 Msn Messenger Jmsn Agile Instantsymbian Im Keygen Cracked.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Digital.Red.3D.MotoRacer.v1.08.UIQ.SymbianOS7.Incl.Keygen.READ.NFO-BLZPDA.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Jmsnpro v1.2.0 With Keygen.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\MobileWays.DesktopMessage.v1.02.010803.UIQ.SymbianOS7.Cracked-Unsekure.rar =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Mobileways.Remote.P900.v1.42.SE.P900.SymbianOS7.Cracked-XiMPDA.zip =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P800] Zipman 1.40.incl.keygen.zip =>.Crack,Keygen D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P900] Tracker v4.02 + Skins + Fileman + Taskman With Keygen.zip =>.Crack,Keygen F:\Mes documents\Mes favoris (DD)\Principaux moteurs de recherche\crack appz apps\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen F:\Mes documents\Mes favoris (DD)\Technique\cracks\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen ~ Files: Scanned in 00mn 34s ---\\ Recherche particulière à la racine du système (SPRF) (O84) [MD5.86A1311D51C00B278CB7F27796EA442E] [SPRF][22/11/2013] (.Genry - ISTask for Inno Setup.) -- C:\ProgramData\ISTask.dll [67584] [MD5.2E6A90A73B6314285C4466977C846AF0] [SPRF][05/05/2012] (...) -- C:\Users\Utilisateur\AppData\Roaming\wklnhst.dat [140] ~ Files: 8 Legitimates Filtered in 00mn 00s ---\\ Liste des exceptions du parefeu (FirewallRules) (O87) O87 - FAEL: "{DCA1F7A2-E26E-4581-BB0C-94BDA9C7D6FB}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent O87 - FAEL: "{4DE2BAE5-65D8-4E81-ADC1-C927B20A0D3D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent ~ Firewall: 2 Legitimates Filtered in 00mn 01s ---\\ Enumère les codes produits des logiciels (PUC) (O90) O90 - PUC: "A71F62B5272962A4D99F8151A7AF6CDC" . (.IObit Apps Toolbar v8.1.) -- C:\Windows\Installer\{5B26F17A-9272-4A26-9DF9-18157AFAC6CD}\ARPPRODUCTICON.exe =>PUP.Dealio ~ Update Products: 1 Legitimates Filtered in 00mn 00s ---\\ Enumère les données de la clé NameSpace (MNS) (O92) O92 - MNS: GMail Drive - {2B3453E4-49DF-11D3-8229-0080BE509050} ~ MNS: 1 Legitimates Filtered in 00mn 00s ---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS) [MD5.12ADEC58FFC77A75FC60A1B682E64B8D] [WIS][30/10/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\20e345.msi [3920896] =>PUP.Dealio [MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\721799f.msi [353280] =>PUP.Babylon ~ WIS: 2 Legitimates Filtered in 00mn 05s ---\\ Recherche de clés de registre Tracing (O100) HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASAPI32 =>PUP.GiganticSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASMANCS =>PUP.GiganticSavings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASAPI32 =>Adware.SearchSettings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASMANCS =>Adware.SearchSettings HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent ~ BTK: 848 Legitimates Filtered in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe SS - | Auto 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SS - | Disabled 28/02/2011 3186824 | (AVRedirector) . (.AVSoftware, Ltd.) - C:\Program Files (x86)\Hide The IP\data\AVLib.exe SS - | Demand 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe SS - | Demand 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe SS - | Auto 01/07/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 01/07/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 10/11/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe SS - | Demand 11/03/2011 677512 | (htisvcfwm) . (.AVSoftware.) - C:\Program Files (x86)\Hide The IP\data\htisvc.exe SS - | Disabled 30/07/2013 204552 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe SS - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto 30/04/2014 2153792 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe SS - | Auto 30/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SS - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe SS - | Demand 02/08/2011 145256 | (PDFProFiltSrvPP) . (.Nuance Communications, Inc..) - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe SS - | Disabled 10/09/2009 320512 | (SCPDFReadSpool) . (.Solid Documents, LLC.) - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe SS - | Disabled 16/03/2010 14488 | (SFR.DashBoard.Service) . (.SFR.) - C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe SS - | Disabled 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe SS - | Disabled 19/08/2013 1162592 | (Soda PDF 3D Reader Helper Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe SS - | Disabled 19/08/2013 852320 | (Soda PDF 3D Reader Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe SS - | Disabled 08/02/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SS - | Disabled 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SS - | Disabled 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SS - | Disabled 19/09/2012 2365792 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe SS - | Disabled 06/08/2009 118672 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe SS - | Disabled 30/09/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe SS - | Disabled 05/04/2012 255376 | (Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe SS - | Disabled 09/12/2009 76320 | (USBS3S4Detection) . (...) - C:\OEM\USBDECTION\USBS3S4Detection.exe SS - | Disabled 13/11/2009 129536 | (WDDMService) . (.WDC.) - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe SS - | Disabled 16/06/2009 20480 | (WDSmartWareBackgroundService) . (.Memeo.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation SS - | Disabled 13/11/2009 308688 | (WTGService) . (...) - C:\Program Files (x86)\orange InternetEverywhere\WTGService.exe SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 26/11/2009 1376680 | (AdRemWsServer) . (.AdRem Software, Inc..) - C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe SR - | Auto 09/12/2013 881440 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SR - | Auto 26/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 05/06/2012 266240 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe SR - | Auto 30/05/2012 13632 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe SR - | Auto 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe SR - | Auto 30/09/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe SR - | Auto 25/10/2013 2768208 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe SR - | Auto 14/01/2014 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe SR - | Auto 10/09/2009 305448 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe SR - | Auto 25/08/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 10/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe SR - | Auto 10/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe SR - | Auto 08/02/2014 923936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe SR - | Auto 10/02/2014 1444120 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe SR - | Auto 25/07/2013 443416 | (RUBotSrv) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe SR - | Auto 06/12/2013 1229528 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe SR - | Auto 06/12/2013 662232 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe SR - | Demand 25/11/2012 821720 | (SystemExplorerHelpService) . (.Mister Group.) - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Demand 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Services: Scanned in 00mn 05s ---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80) Run by Utilisateur at 30/04/2014 15:36:54 ~ OS 64 not supported by MBR tool ~ MBR: 0 Legitimates Filtered in 00mn 00s ---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Utilisateur at 30/04/2014 15:36:56 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ MBR: Scanned in 00mn 02s ---\\ Liste des émulateurs de CD/DVD (MBR Hook) O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392] ~ Emulateurs: Scanned in 00mn 02s ---\\ Scan Additionnel (O88) Database Version : 13045 - (28/04/2014) Clés trouvées (Keys found) : 8 Valeurs trouvées (Values found) : 2 Dossiers trouvés (Folders found) : 1 Fichiers trouvés (Files found) : 2 [HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp [HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio [HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio [HKCU\Software\IObit Apps] =>PUP.Dealio [HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio [HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^ C:\Program Files (x86)\PDF Suite 2010 =>Toolbar.PDFSuite C:\Windows\Installer\20e345.msi =>PUP.Dealio^ C:\Windows\Installer\721799f.msi =>PUP.Babylon^ ~ Additionnel Scan: 518784 Items scanned in 00mn 31s ---\\ Récapitulatif des détections trouvées sur votre station http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd http://nicolascoolman.webs.com/apps/blog/show/37514218-pup-giganticsavings =>PUP.GiganticSavings http://nicolascoolman.webs.com/apps/blog/show/27529295-adware-searchsettings =>Adware.SearchSettings http://nicolascoolman.webs.com/apps/blog/show/33429762-pup-glindorus =>PUP.Glindorus ~ MSI: 6 link(s) detected in 00mn 00s ~ 1738 Legitimates filtered by white list End of the scan (881 lines in 02mn 57s)(87)