Publicité
Publicité
Format du document : text/plain
Prévisualisation
~ Rapport de ZHPDiag v2014.4.28.48 - Nicolas Coolman (28/04/2014)
~ Lancé par Utilisateur (30/04/2014 15:34:32)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 29.0 (Defaut)
OPIE: Opera vStable 20.0.1387.82
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Trusteer Sécurité des points d'accès v3.5.1304.48
Malwarebytes Anti-Malware version 1.75.0.1300
Secunia PSI
SUPERAntiSpyware v5.6.1040
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.13
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55
Java 7 Update 55
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8119 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 112 GB (57%) free of 196 GB
---\\ Mode de connexion au système
~ Computer Name: DESKTOP-HOME-AC
~ User Name: Utilisateur
~ All Users Names: Utilisateur, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilisateur\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilisateur\AppData\Roaming\
~ %Desktop% : F:\Mes documents\Mon Bureau (ACER)\
~ %Favorites% : F:\Mes documents\Mes favoris (DD)\
~ %LocalAppData% : C:\Users\Utilisateur\AppData\Local\
~ %StartMenu% : C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 112 Go of 196 Go)
D: Hard drive, Flash drive, Thumb drive (Free 615 Go of 721 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
F: Hard drive, Flash drive, Thumb drive (Free 271 Go of 932 Go)
G: CD-ROM drive (Not Inserted)
L: CD-ROM drive (Not Inserted)
V: Hard drive, Flash drive, Thumb drive (Free 1191 Go of 1863 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1162
~ Mes musiques (My Musics) : 1/20863
~ Mes Videos (My Videos) : 2/549
~ Mes Favoris (My Favorites) : 1/6743
~ Mes Documents (My Documents) : 2/82512
~ Mon Bureau (My Desktop) : 1/127
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 18s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3820]
[MD5.BB9ACD507A735FA9FE524FCE0AEBB493] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2484504] [PID.4440]
[MD5.A0012C1D9B8648C20C00202418B9D02F] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.4732]
[MD5.E32AE4E6FDED29C239978066EC486B87] - (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- c:\program files (x86)\process explorer\procexp.exe [2925760] [PID.4676]
[MD5.AF3DA0C60DE8A312328F247FF2FA6239] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [775968] [PID.716]
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.2132]
[MD5.D9B553C9033A0021498ADF8FB72AEDDF] - (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2860576] [PID.1484]
[MD5.0CF3024CAF4A427967435520C8DD1433] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3744064] [PID.4688]
[MD5.A08A6D194884DFC35C619F8A5E1FFFBD] - (.Pas de propriétaire - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe [1120032] [PID.5580]
[MD5.C5B5552E5C1A0079C1F7313E7CC7707E] - (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [542264] [PID.5616]
[MD5.52F7F2F0B0269FDD71F30044A4749A01] - (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe [908288] [PID.5868]
[MD5.1C5119BE71F29A69EF25AFF9FB6FBBAD] - (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe [546688] [PID.4624]
[MD5.E0E44C3FBE6234CD247FEF427B6937D0] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344] [PID.4984]
[MD5.61D35EEE356FBA70F4E30E6A5B7D8D6C] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [180224] [PID.3176]
[MD5.0550FBCEE76B6B8BD0045C898394E728] - (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe [131072] [PID.3208]
[MD5.7D46CE32283158EB7F1D0C8E02D8DDD1] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568] [PID.6320]
[MD5.9F0ACAA725CF5A391AF7E2067AE45746] - (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192] [PID.6412]
[MD5.63E9C23A386FFFA84B5E03BFF9B628F0] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096] [PID.6924]
[MD5.BD0DD1EDB96290012A093C9C6FFFC4B8] - (.Brother Industries, Ltd. - ControlCenter Main Process.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [508928] [PID.6744]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.6648]
[MD5.37C5D75F2271C4B1ADC262B03FE30697] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe [787984] [PID.6408]
[MD5.118E21B52406222F1BB6EAAB4B6BABF0] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\tmiegsrv.exe [665104] [PID.6708]
[MD5.906B6B6CED0B8BF5B2F730827B687CA3] - (.Brother Industries, Ltd. - ControlCenter UX System.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [1459712] [PID.7112]
[MD5.FBB33D6550559030FE42615572FE9FC3] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe [565464] [PID.4740]
[MD5.38E330A28E034CE632F218AD2AD6452B] - (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872] [PID.2952]
[MD5.3FDBC28DEF3378089C5EE301637970BA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3668]
[MD5.8858F7FE986DD156F88488EDA50CC446] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.8108]
[MD5.C54C8B8DAE3CC59CBAFF15FAC00084D7] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe [1864368] [PID.7172]
[MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7865344] [PID.7656]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.9096]
[MD5.F5456293D2604BCE2BEC07FC6186A341] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440] [PID.616]
[MD5.FC0BF82B3968F1D8CD13B3F721668193] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120] [PID.1132]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1740]
[MD5.E38AC5D38C757EE5B6230A0C56791EE4] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1352]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2080]
[MD5.EEA7B4193CFDD90F106ABA56B09C8AD6] - (.AdRem Software, Inc. - MyNet Toolset Service.) -- C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe [1376680] [PID.2120]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2216]
[MD5.DB109DA005B6FE2A350C5DD7CA768DFD] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240] [PID.2292]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.2420]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2468]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2512]
[MD5.2F139207F618EC2933830227EEFFDDB4] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [305448] [PID.2744]
[MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2780]
[MD5.903A40C958D471F9D30D29FA6D2800A4] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.2848]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2968]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.3012]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.1764]
[MD5.1F35EFEC56CD1BF62435EAF97EABC3B3] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13632] [PID.3244]
[MD5.30F5B5DFF0CA2DE65F7F301AB1369BD3] - (...) -- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952] [PID.7692]
[MD5.398A81D590424441B2F5C5C08073CADB] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528] [PID.1300]
[MD5.8C2D3A80FC90A860F0F24DEB67471481] - (.Secunia - Secunia Update Agent.) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [662232] [PID.1832]
[MD5.45F606823EAA469582318C722C76A29D] - (.Trend Micro Inc. - Trend Micro RUBotted Service.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416] [PID.9024]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google\u00C2 Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.6.0 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Utilisateur - mc0758te.default-1393239399875\adsremoval@adsremoval.net] [] Ads Removal v1.0.0 (..)
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1807
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Soda PDF 3D Reader Helper [64Bits] - {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} . (.LULU Software Limited - Soda PDF 3D Reader Helper.) -- C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll
O2 - BHO: Ads Removal [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: TMBGBAR TOOLBAR - [HKLM]{C8137A8D-415D-450C-A1B1-D0C519D45296} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\X64\tmieg64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Utilisateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - HKCU\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe
O4 - HKCU\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKLM\..\Wow6432Node\Run: [Power ISO PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [IcoSauve] . (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe
O4 - HKLM\..\Wow6432Node\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
O4 - HKLM\..\Wow6432Node\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
O4 - HKLM\..\Wow6432Node\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Secunia PSI Tray] . (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - HKLM\..\Wow6432Node\Run: [JDownloader2] . (.AppWork UG (haftungsbeschränkt) - JDownloader Launcher v3.) -- C:\Program Files (x86)\JDownloader\JDownloader.exe
O4 - HKLM\..\Wow6432Node\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\_FTP téléchargement\Internet Download Manager\IDMan.exe
O4 - HKLM\..\Wow6432Node\Run: [RUBotted] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [JMB36X IDE Setup] . (...) -- C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [Trend Micro Browser Guard] . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Trend Micro RUBotted V2.0 Beta] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\3c7f573b-2ee2-4b76-9b00-64087038eb3d.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} ((no name)) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.5.0.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: EldosMountNotificator-cbfs4-0 - {A14C9A36-5015-4897-B8F8-ECDA8250A917} . (.EldoS Corporation - Mount Notifier.) -- C:\Program Files (x86)\Common Files\CBFS\cbfsMntNtf4.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {A14C9A36-5015-4897-B8F8-ECDA8250A917} - (.not file.)
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
~ Services: 33 Legitimates Filtered in 00mn 27s
---\\ Tâches planifiées en automatique (O39)
[MD5.C4B3CA32C8B04F2C72F76ED96EFD45EF] [APT] [4Team updater] (...) -- C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [179312]
[MD5.95B9750198A0471CA972B91E5B3FD086] [APT] [Launch 20662] (...) -- C:\Program Files (x86)\_Communications\Orange PC synchro\Voxsync.exe [701952]
[MD5.E32AE4E6FDED29C239978066EC486B87] [APT] [Process Explorer skipUAC startup] (.Sysinternals - www.sysinternals.com.) -- c:\program files (x86)\process explorer\procexp.exe [2925760]
[MD5.00000000000000000000000000000000] [APT] [{2564CC20-92F9-4F54-831F-A58FC3D0BE9B}] (...) -- M:\z_Outils\_ OUTILS\bureautique\Adobe\_creer un pdf\expert pdf 2 bluesquad\expertPDF2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3C67F505-7395-413B-80E8-8670D4F94839}] (...) -- D:\Outils\Drivers\ACER\HDMI_R270.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{45AE36EC-C75E-4061-BC57-213E0443789E}] (...) -- C:\Program Files (x86)\_Traitement vid‚o\XviD4PSP5\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{51FAA641-9AE2-4878-8249-00F19F64F2CB}] (...) -- F:\Mes documents\Downloads\WIN_L1WinSetup_v2.4.7.29_WHQL\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7ED9B4DC-1EC1-4557-8B23-B4E509D5BC12}] (...) -- C:\swsetup\SP58915\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{875220FF-E0DA-4E74-A6B3-24F205C679AC}] (...) -- I:\z_Outils\_ OUTILS\Video\_codecs\Codec_Sniper_0.1.0_4331\Codec_Sniper_francais.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{99A58AEA-01EA-4020-A782-84FF8B16D8D5}] (...) -- C:\Users\Utilisateur\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A8B92F55-A2B7-4212-B012-4768E92B6E55}] (...) -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2 - Installation Files\installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AC661EB0-EEFF-48BB-8DF0-AB4A35870BF8}] (...) -- D:\Outils\_ OUTILS\securite\__Virus Trojans Malware Spyware\SOGE RapportSetup-Full.msi" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B29DA93A-A19F-41DD-B274-21E61881D1C6}] (...) -- D:\Outils\_ OUTILS\tv-radio\TVO\framework 2.0 dotnetfx x86 pour TVO.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CBD56113-0103-48ED-A8B1-B9EBB55E9A7A}] (...) -- F:\Mes documents\Downloads\IDM Internet download manager\FFSBR_Mul14_Help_v1.6.exe (.not file.) [0]
[MD5.D878C584F32451D82642C36732C64FFB] [APT] [{D1A635E5-16E0-4EFD-8D1E-5AB72EC56290}] (...) -- C:\Program Files (x86)\Alliance MCA\SafeFax\unins000.exe [710766]
[MD5.00000000000000000000000000000000] [APT] [{D49EC551-788B-41FF-A390-B125854AC8D9}] (...) -- D:\Outils\_ OUTILS\Programmateur de taches\program taches avant extinction totale darc\Lastchance.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize [336]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000Core [1050]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000UA [1102]
~ Scheduled Task: 49 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: RegUtility version 4.1 - (...) [HKLM][64Bits] -- RegUtility_is1
O42 - Logiciel: SafeFax 3.0.999 - (.Alliance MCA.) [HKLM][64Bits] -- SafeFax_is1
O42 - Logiciel: VST Bridge 1.1 - (...) [HKLM][64Bits] -- VST Bridge_is1
O42 - Logiciel: world TVRT Special Edition 7.02 - (.worldtvradio.) [HKLM][64Bits] -- world TVRT Special Edition
~ Logic: 37 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APMT]
[HKCU\Software\EML to PST Converter]
[HKCU\Software\Guy]
[HKCU\Software\Icon Explorer]
[HKCU\Software\OscarK4G4]
[HKCU\Software\ShellExtBridge110]
[HKCU\Software\Viksoe.dk]
[HKCU\Software\Wavelet Labs]
[HKLM\Software\Wow6432Node\ADSRemoval]
[HKLM\Software\Wow6432Node\Guy]
[HKLM\Software\Wow6432Node\ND]
[HKLM\Software\Wow6432Node\Wavelet Labs]
~ Key Software: 849 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/03/2013 - 18:32:52 - [] ----D C:\Program Files (x86)\DnsJumper
O43 - CFD: 19/09/2012 - 11:09:27 - [] ----D C:\Program Files (x86)\EML to PST Converter
O43 - CFD: 14/02/2014 - 13:49:04 - [0] ----D C:\Program Files (x86)\GUM8D29.tmp
O43 - CFD: 23/05/2012 - 15:09:26 - [] ----D C:\Program Files (x86)\Instant File Searcher Professional
O43 - CFD: 12/03/2014 - 20:32:05 - [] ----D C:\Program Files (x86)\loop recorder
O43 - CFD: 10/12/2012 - 16:59:58 - [] ----D C:\Program Files (x86)\MyNetToolset
O43 - CFD: 19/09/2012 - 10:59:17 - [] ----D C:\Program Files (x86)\OscarG7
O43 - CFD: 19/09/2012 - 10:58:50 - [] ----D C:\Program Files (x86)\OSCARK4G4
O43 - CFD: 08/10/2013 - 16:57:29 - [] ----D C:\Program Files (x86)\PirateBrowser
O43 - CFD: 24/03/2014 - 18:40:14 - [] ----D C:\Program Files (x86)\processhacker-2.33-bin
O43 - CFD: 19/09/2012 - 10:53:38 - [] ----D C:\Program Files (x86)\RegDirXP
O43 - CFD: 19/02/2014 - 19:28:24 - [] ----D C:\Program Files (x86)\RegUtility
O43 - CFD: 12/06/2013 - 14:52:07 - [] ----D C:\Program Files (x86)\Should I Remove It
O43 - CFD: 27/04/2013 - 15:37:37 - [] ----D C:\Program Files (x86)\SmartCam
O43 - CFD: 20/01/2014 - 18:37:40 - [] ----D C:\Program Files (x86)\SmartRAM3
O43 - CFD: 17/01/2014 - 14:16:10 - [] ----D C:\Program Files (x86)\stdu-multi viewer-portable_1-6-300_fr_239656
O43 - CFD: 21/11/2013 - 21:20:17 - [] ----D C:\Program Files (x86)\stdu-viewer-portable_1-6-300_fr_239656
O43 - CFD: 08/11/2013 - 18:35:40 - [] ----D C:\Program Files (x86)\Touch99
O43 - CFD: 23/05/2012 - 15:09:41 - [] ----D C:\Program Files (x86)\universal extractractor 161_portable
O43 - CFD: 23/03/2012 - 17:30:31 - [] ----D C:\Program Files (x86)\Wavelet Labs
O43 - CFD: 14/03/2013 - 18:27:57 - [] ----D C:\Program Files (x86)\Windows7DEK
O43 - CFD: 09/06/2012 - 18:03:29 - [] ----D C:\Program Files (x86)\WOEXtract
O43 - CFD: 23/05/2012 - 15:09:45 - [] ----D C:\Program Files (x86)\worldTVRT
O43 - CFD: 08/04/2013 - 16:13:08 - [] R---D C:\Program Files (x86)\_Bureau
O43 - CFD: 19/02/2011 - 11:43:12 - [0] R---D C:\Program Files (x86)\_Bureautique
O43 - CFD: 23/03/2012 - 17:30:26 - [] ----D C:\Program Files (x86)\_Disques
O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Divers
O43 - CFD: 07/07/2012 - 18:28:23 - [] ----D C:\Program Files (x86)\_Décompression
O43 - CFD: 23/03/2012 - 17:30:26 - [] R---D C:\Program Files (x86)\_FAX Internet
O43 - CFD: 10/06/2012 - 19:16:06 - [] R---D C:\Program Files (x86)\_Fichiers
O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Fichiers (dates ou noms)
O43 - CFD: 10/12/2012 - 16:59:42 - [] ----D C:\Program Files (x86)\_FTP téléchargement
O43 - CFD: 25/02/2013 - 15:28:32 - [] R---D C:\Program Files (x86)\_Graveur
O43 - CFD: 01/11/2010 - 17:41:33 - [0] ----D C:\Program Files (x86)\_Imprimantes
O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Internet
O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Multimedia
O43 - CFD: 16/02/2010 - 23:36:16 - [0] ----D C:\Program Files (x86)\_Scanner
O43 - CFD: 25/02/2013 - 15:31:24 - [] ----D C:\Program Files (x86)\_Système (hardware)
O43 - CFD: 01/11/2010 - 17:41:34 - [0] ----D C:\Program Files (x86)\_Sécurité connections ADSL réseau et ports
O43 - CFD: 01/11/2010 - 17:41:33 - [0] R---D C:\Program Files (x86)\_Sécurité sauvegardes et backups
O43 - CFD: 04/03/2014 - 16:17:28 - [] R---D C:\Program Files (x86)\_Sécurité Virus Malwares Spywares
O43 - CFD: 12/06/2013 - 15:45:12 - [] R---D C:\Program Files (x86)\_Traitement Image, Photos et Graphisme
O43 - CFD: 11/03/2014 - 18:21:05 - [] R---D C:\Program Files (x86)\_Traitement Son
O43 - CFD: 23/05/2012 - 15:08:39 - [] ----D C:\Program Files (x86)\_Traitement vidéo
O43 - CFD: 11/06/2012 - 00:11:30 - [] ----D C:\Program Files (x86)\_TV
O43 - CFD: 23/05/2012 - 15:08:40 - [] ----D C:\Program Files (x86)\_video
O43 - CFD: 31/05/2013 - 18:11:58 - [] ----D C:\Program Files (x86)\Common Files\CBFS
O43 - CFD: 07/07/2012 - 19:28:14 - [] ----D C:\ProgramData\clonehdd
O43 - CFD: 23/11/2012 - 17:14:18 - [] ----D C:\ProgramData\complexbackup
O43 - CFD: 23/07/2012 - 15:35:53 - [] ----D C:\ProgramData\deletepart
O43 - CFD: 23/07/2012 - 15:37:48 - [] ----D C:\ProgramData\formatpart
O43 - CFD: 23/03/2012 - 18:31:47 - [] ----D C:\ProgramData\HD Audio Recorder
O43 - CFD: 28/07/2013 - 17:24:57 - [] ----D C:\ProgramData\PCFaxTx
O43 - CFD: 29/04/2014 - 20:23:46 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 23/03/2012 - 18:14:22 - [] ----D C:\ProgramData\RegDirXP
O43 - CFD: 11/03/2014 - 18:42:32 - [] ----D C:\ProgramData\Wavelet Labs
O43 - CFD: 10/12/2012 - 16:59:30 - [0] ----D C:\ProgramData\{2F6A203E-6DF1-45F1-9367-86E189B4C7AC}
O43 - CFD: 09/02/2014 - 14:21:08 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 22/12/2012 - 19:56:29 - [0] -S--D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 27/12/2013 - 16:27:36 - [0] ----D C:\Users\Utilisateur\AppData\Roaming\ARA
O43 - CFD: 19/09/2012 - 10:44:32 - [] ----D C:\Users\Utilisateur\AppData\Roaming\HD Audio Recorder
O43 - CFD: 12/03/2014 - 18:37:42 - [] ----D C:\Users\Utilisateur\AppData\Roaming\ProductData
O43 - CFD: 31/05/2013 - 18:19:01 - [] ----D C:\Users\Utilisateur\AppData\Roaming\RapidDrive
~ Program Folder: 526 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
~ Files: 23 Legitimates Filtered in 00mn 04s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Del_CD_ROM.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InstallWTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InternetEverywhere.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InternetEverywhere_SMSMMS.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - OSU.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - WTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - WTGVistaUtil.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1169d0e8-b2b9-11e0-9e94-90fba64d21e6}\AutoRun\command. (...) -- H:\WD SmartWare.exe (.not file.)
O51 - MPSK:{15e46acc-d737-11e2-a5f4-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{488a421d-7f44-11e2-b45e-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{809bdd4d-8572-11e2-b87a-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{a326de79-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- J:\SFR.exe (.not file.)
O51 - MPSK:{a326de8d-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- I:\SFR.exe (.not file.)
O51 - MPSK:{ac0c17ea-c286-11df-ab43-90fba64d21e6}\AutoRun\command. (...) -- N:\WD SmartWare.exe (.not file.)
O51 - MPSK:{b0b77297-956e-11e3-b34a-90fba64d21e6}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e7532556-3069-11e0-bf36-90fba64d21e6}\AutoRun\command. (...) -- K:\WD SmartWare.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\StartupDelayer [Key] . (.r2 Studios - Startup Launcher.) -- c:\program files\startup delayer\startup launcher.exe
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416]
O58 - SDL:13/02/2013 - 06:48:06 ---A- . (.CSR/PLT - Bluetooth USB Dongle Driver.) -- C:\Windows\System32\Drivers\csrbcx64.sys [33152]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:25/06/2010 - 16:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:26/06/2011 - 18:55:24 ---A- . (.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\i8042HDR.sys [15920]
O58 - SDL:28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480]
O58 - SDL:29/04/2009 - 16:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:06/12/2013 - 15:47:12 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\Drivers\psi_mf_amd64.sys [18456]
O58 - SDL:27/07/2009 - 03:54:30 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [90544]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/08/2009 - 14:17:34 ---A- . (...) -- C:\Windows\System32\Drivers\TurboB.sys [13784]
O58 - SDL:17/01/2010 - 12:10:54 ---A- . (.Windows (R) 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\Drivers\uimx64.sys [48144]
O58 - SDL:14/01/2014 - 15:13:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072]
O58 - SDL:20/03/2011 - 16:31:08 RSH-- . (...) -- C:\Windows\SysWOW64\CEBA27CA42.sys [88]
O58 - SDL:02/03/2014 - 17:44:34 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [3974]
~ Drivers: 112 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 24/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_33.0.1750.154_chrome_updater.exe [8676056]
O61 - LFC: 29/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe [114568]
~ 206 Fichiers temporaires (Temporary files)
~ 421 Fichiers cookies (Cookies files)
~ Files: 89 Legitimates Filtered in 00mn 08s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: SEAF By C_XX - (.C_XX.) [HKLM] -- SEAF
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 30/04/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 17/01/2010 - C:\Windows\System32\DRIVERS\hotcore3.sys (hotcore3) .(.Paragon Software Group - A part of Paragon System Utilities.) - LEGACY_HOTCORE3
~ Legacy: 143 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Utilisateur\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files (x86)\Opera\Launcher.exe
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {73E006BC-DCFE-4CC7-BA5F-3FB1A1E9B98C} - (Yahoo! Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {9411A4FD-FE6A-4E6E-ABD3-CBA7E30403E9} - (Yahoo) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen
D:\Outils\windows guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen
D:\Outils\windows guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen
D:\Outils\Windows XP\windows XP guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen
D:\Outils\Windows XP\windows XP guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Corel PDF Fusion112\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Nitro PDF Pro v6.0.2.6 + Keygen\Nitro PDF Pro v6.0.2.6 + Keygen SETUP.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Communications 3g bluetooth wifi adsl Lan\AIOWifcKr\WiFi Cracker, Stealer AiO .exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\IsoBusterPro2CRACKandKeygen\isobuster_all_lang.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\rar cracker d'archives Rar protégées par MP\Rar_Password_Cracker_4.12.FULL\rpc412_setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\_WINZIP\WinZip.Pro.v16.0.9715..X86.X64.Incl.Keygen-Lz0.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Fichiers (divers)\Konvertor\konvertore 3.46.4 batch\konvertorv3.46.4 batch keygenfff\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\burning studio 7\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Dvd Fab v9.1.2.8 Cracked\DvdFab.v9.1.2.8.Cracked-XenoCoder.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Nero 8.1.1.0 fr + key (charlie)\Keygen\nero8x.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Scanner\VueScan.Pro.v8.5.09.Fr\Cerise\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\Microsoft Private Folder v1.0\Microsoft Private Folder v1.0.pour WIndows Cracked\MSPF10ENU.msi =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__firewall proxy cookies popup\Steganos.Internet.Anonym.2006.v8.0.1.Multilang.Incl.Keygen\Setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\Symantec Norton Ghost 12 Fr.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\SymNorGh12_Fr.rar.torrent =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Titan.Backup.v2.5.0.116\Keygen.and.Patch\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\PaintShopPro11-FR.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\___graphisme optim\Photozoom.Professional.v2.3.2.Multilangages.Incl-Keygen\PhotoZoom Pro 2 Setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\ashampoo_music_studio310_se\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\HD Audio Recorder v1.1.0.5 Win7\Cracked\HDAudioRecorderXP.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\VCS_Diamond55.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV-Voice- Changer- Diamond v6.0.10\KeyGen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\Diamond voice changer 6.0\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\Keygen.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\SuperMP3-Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\_enregistrement direct carte son\loop recorder 1.3 cracké\crack loop recorder a dezipper ds fichier instal looprecorder\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\1f4-avssetup26.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\2f4-avspatch26.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVS4YOUSoftwareNavigator.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioRecorder.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSCoverEditor2.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDiscCreator.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDocumentConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDVDCopy.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSExplorerExtension.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSImageConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSMediaPlayer.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSPhotoEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRegistryCleaner.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRingtoneMaker.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSScreenCapture.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoRecorder.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoReMaker.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Registration.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Uninstall.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\_Convertisseurs\Total video converter\Total Video Converter 3.61 FR ++OK++\Keygen Total Video Converter 3.61 FR\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\PerfectDisk Rx Suite XP- Vista - Fr\Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\crd-Wintools.NET.9.0.0_Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\WinTools-Net-9-Pro-Fr-Colok.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinXP Manager v5.0.3\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\XP Repair Pro 2007 3.5.5\Keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\5star Mobile Video_v1.5.6.223\kg\keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\SlovoED_Dictionaries_+_KeyGen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\Tracker_keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\yewsoft x for UIQ v.1.2.symbian.7.uiq.inc.blzpda.keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Elements Blazar v1.00.UIQ.SymbianOS7.Cracked-SymBoSS.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\legacy v1.05 for UIQ + keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS Silverball v1.6 + Keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS.Karting.with.keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Sky Force V1.2 with keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Tom.Cooper.Tags.v2.00.UIQ.SymbianOS7.Incl.Keygen-BLZPDA.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\advanced english dictionary 1.02 se p800 symbianos7 uiq with keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Best Of a1000 p910 p910I p900 p800 Msn Messenger Jmsn Agile Instantsymbian Im Keygen Cracked.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Digital.Red.3D.MotoRacer.v1.08.UIQ.SymbianOS7.Incl.Keygen.READ.NFO-BLZPDA.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Jmsnpro v1.2.0 With Keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\MobileWays.DesktopMessage.v1.02.010803.UIQ.SymbianOS7.Cracked-Unsekure.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Mobileways.Remote.P900.v1.42.SE.P900.SymbianOS7.Cracked-XiMPDA.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P800] Zipman 1.40.incl.keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P900] Tracker v4.02 + Skins + Fileman + Taskman With Keygen.zip =>.Crack,Keygen
F:\Mes documents\Mes favoris (DD)\Principaux moteurs de recherche\crack appz apps\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen
F:\Mes documents\Mes favoris (DD)\Technique\cracks\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen
~ Files: Scanned in 00mn 34s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.86A1311D51C00B278CB7F27796EA442E] [SPRF][22/11/2013] (.Genry - ISTask for Inno Setup.) -- C:\ProgramData\ISTask.dll [67584]
[MD5.2E6A90A73B6314285C4466977C846AF0] [SPRF][05/05/2012] (...) -- C:\Users\Utilisateur\AppData\Roaming\wklnhst.dat [140]
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{DCA1F7A2-E26E-4581-BB0C-94BDA9C7D6FB}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4DE2BAE5-65D8-4E81-ADC1-C927B20A0D3D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A71F62B5272962A4D99F8151A7AF6CDC" . (.IObit Apps Toolbar v8.1.) -- C:\Windows\Installer\{5B26F17A-9272-4A26-9DF9-18157AFAC6CD}\ARPPRODUCTICON.exe =>PUP.Dealio
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: GMail Drive - {2B3453E4-49DF-11D3-8229-0080BE509050}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.12ADEC58FFC77A75FC60A1B682E64B8D] [WIS][30/10/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\20e345.msi [3920896] =>PUP.Dealio
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\721799f.msi [353280] =>PUP.Babylon
~ WIS: 2 Legitimates Filtered in 00mn 05s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASAPI32 =>PUP.GiganticSavings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASMANCS =>PUP.GiganticSavings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASAPI32 =>Adware.SearchSettings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASMANCS =>Adware.SearchSettings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 848 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SS - | Auto 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 28/02/2011 3186824 | (AVRedirector) . (.AVSoftware, Ltd.) - C:\Program Files (x86)\Hide The IP\data\AVLib.exe
SS - | Demand 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SS - | Demand 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
SS - | Auto 01/07/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/07/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/11/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SS - | Demand 11/03/2011 677512 | (htisvcfwm) . (.AVSoftware.) - C:\Program Files (x86)\Hide The IP\data\htisvc.exe
SS - | Disabled 30/07/2013 204552 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SS - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 30/04/2014 2153792 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 30/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SS - | Demand 02/08/2011 145256 | (PDFProFiltSrvPP) . (.Nuance Communications, Inc..) - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Disabled 10/09/2009 320512 | (SCPDFReadSpool) . (.Solid Documents, LLC.) - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
SS - | Disabled 16/03/2010 14488 | (SFR.DashBoard.Service) . (.SFR.) - C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
SS - | Disabled 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 19/08/2013 1162592 | (Soda PDF 3D Reader Helper Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
SS - | Disabled 19/08/2013 852320 | (Soda PDF 3D Reader Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe
SS - | Disabled 08/02/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Disabled 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Disabled 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Disabled 19/09/2012 2365792 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
SS - | Disabled 06/08/2009 118672 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Disabled 30/09/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Disabled 05/04/2012 255376 | (Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SS - | Disabled 09/12/2009 76320 | (USBS3S4Detection) . (...) - C:\OEM\USBDECTION\USBS3S4Detection.exe
SS - | Disabled 13/11/2009 129536 | (WDDMService) . (.WDC.) - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
SS - | Disabled 16/06/2009 20480 | (WDSmartWareBackgroundService) . (.Memeo.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Disabled 13/11/2009 308688 | (WTGService) . (...) - C:\Program Files (x86)\orange InternetEverywhere\WTGService.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 26/11/2009 1376680 | (AdRemWsServer) . (.AdRem Software, Inc..) - C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe
SR - | Auto 09/12/2013 881440 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 26/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/06/2012 266240 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SR - | Auto 30/05/2012 13632 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 30/09/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/10/2013 2768208 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 14/01/2014 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
SR - | Auto 10/09/2009 305448 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
SR - | Auto 25/08/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 10/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 08/02/2014 923936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 10/02/2014 1444120 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 25/07/2013 443416 | (RUBotSrv) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
SR - | Auto 06/12/2013 1229528 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
SR - | Auto 06/12/2013 662232 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe
SR - | Demand 25/11/2012 821720 | (SystemExplorerHelpService) . (.Mister Group.) - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Utilisateur at 30/04/2014 15:36:54
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Utilisateur at 30/04/2014 15:36:56
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392]
~ Emulateurs: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13045 - (28/04/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 2
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\PDF Suite 2010 =>Toolbar.PDFSuite
C:\Windows\Installer\20e345.msi =>PUP.Dealio^
C:\Windows\Installer\721799f.msi =>PUP.Babylon^
~ Additionnel Scan: 518784 Items scanned in 00mn 31s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/37514218-pup-giganticsavings =>PUP.GiganticSavings
http://nicolascoolman.webs.com/apps/blog/show/27529295-adware-searchsettings =>Adware.SearchSettings
http://nicolascoolman.webs.com/apps/blog/show/33429762-pup-glindorus =>PUP.Glindorus
~ MSI: 6 link(s) detected in 00mn 00s
~ 1738 Legitimates filtered by white list
End of the scan (881 lines in 02mn 57s)(87)
~ Lancé par Utilisateur (30/04/2014 15:34:32)
~ Adresse du Site Web http://nicolascoolman.webs.com
~ Forums gratuits d'Assistance à la désinfection : http://nicolascoolman.webs.com/apps/links/
~ Traduit par Nicolas Coolman
~ Etat de la version :
~ Liste blanche : Activée par le programme
~ Elévation des Privilèges : OK
~ User Account Control (UAC): Deactivate by program
---\\ Navigateurs Internet
MSIE: Internet Explorer v11.0.9600.16521
MFIE: Mozilla Firefox 29.0 (Defaut)
OPIE: Opera vStable 20.0.1387.82
---\\ Informations sur les produits Windows
~ Langage: Français
Windows 7 Home Premium, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows Operating System - Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7QJB7
Windows License : OK
~ Windows Remaining Initializations Number : 3
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ Logiciels de protection du système
avast! Free Antivirus v9.0.2018
Trusteer Sécurité des points d'accès v3.5.1304.48
Malwarebytes Anti-Malware version 1.75.0.1300
Secunia PSI
SUPERAntiSpyware v5.6.1040
Windows Defender W7
---\\ Logiciels d'optimisation du système
CCleaner v4.13
---\\ Logiciels de partage PeerToPeer
---\\ Surveillance de Logiciels
Adobe Flash Player 13 Plugin
Adobe Reader XI
Java 7 Update 55
Java 7 Update 55
---\\ Informations sur le système
~ Processor: Intel64 Family 6 Model 37 Stepping 2, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 8119 MB (57% free)
System Restore: Activé (Enable)
System drive C: has 112 GB (57%) free of 196 GB
---\\ Mode de connexion au système
~ Computer Name: DESKTOP-HOME-AC
~ User Name: Utilisateur
~ All Users Names: Utilisateur, HomeGroupUser$, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Variables d'environnement
~ System Unit : C:\
~ %AppZHP% : C:\Users\Utilisateur\AppData\Roaming\ZHP\
~ %AppData% : C:\Users\Utilisateur\AppData\Roaming\
~ %Desktop% : F:\Mes documents\Mon Bureau (ACER)\
~ %Favorites% : F:\Mes documents\Mes favoris (DD)\
~ %LocalAppData% : C:\Users\Utilisateur\AppData\Local\
~ %StartMenu% : C:\Users\Utilisateur\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ Enumération des unités disques
C: Hard drive, Flash drive, Thumb drive (Free 112 Go of 196 Go)
D: Hard drive, Flash drive, Thumb drive (Free 615 Go of 721 Go)
E: CD-ROM drive (Free 0 Go of 0 Go)
F: Hard drive, Flash drive, Thumb drive (Free 271 Go of 932 Go)
G: CD-ROM drive (Not Inserted)
L: CD-ROM drive (Not Inserted)
V: Hard drive, Flash drive, Thumb drive (Free 1191 Go of 1863 Go)
---\\ Etat du Centre de Sécurité Windows
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
~ Security Center: 49 Legitimates Filtered in 00mn 00s
---\\ Recherche particulière de fichiers génériques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.DF79CE9B950C62677D232154E93A81C7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.01/03/2014 - 04:10:28.) -- C:\Windows\System32\wininet.dll [2334208]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.79059559E89D06E8B80CE2944BE20228] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/09/2013 - 02:09:10.) -- C:\Windows\system32\Drivers\AFD.sys [497152]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.B98F8C6E31CD07B2E6F71F7F648E38C0] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.12/04/2013 - 15:45:08.) -- C:\Windows\system32\Drivers\ntfs.sys [1656680]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes images (My Pictures) : 1/1162
~ Mes musiques (My Musics) : 1/20863
~ Mes Videos (My Videos) : 2/549
~ Mes Favoris (My Favorites) : 1/6743
~ Mes Documents (My Documents) : 2/82512
~ Mon Bureau (My Desktop) : 1/127
~ Menu demarrer (Programs) : 1/5
~ Hidden Files: Scanned in 00mn 18s
---\\ Processus lancés
[MD5.D1D5DAB39DCB4BE0359943738D87409B] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [532040] [PID.3820]
[MD5.BB9ACD507A735FA9FE524FCE0AEBB493] - (.Trusteer Ltd. - RapportService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe [2484504] [PID.4440]
[MD5.A0012C1D9B8648C20C00202418B9D02F] - (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712] [PID.4732]
[MD5.E32AE4E6FDED29C239978066EC486B87] - (.Sysinternals - www.sysinternals.com - Sysinternals Process Explorer.) -- c:\program files (x86)\process explorer\procexp.exe [2925760] [PID.4676]
[MD5.AF3DA0C60DE8A312328F247FF2FA6239] - (.IObit - Advanced SystemCare 7 Monitor.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [775968] [PID.716]
[MD5.5DA1157D851B1CB0AE473EAA2C35AC83] - (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [3448608] [PID.2132]
[MD5.D9B553C9033A0021498ADF8FB72AEDDF] - (.Mister Group - System Explorer.) -- C:\Program Files (x86)\System Explorer\SystemExplorer.exe [2860576] [PID.1484]
[MD5.0CF3024CAF4A427967435520C8DD1433] - (.IObit - Driver Booster.) -- C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [3744064] [PID.4688]
[MD5.A08A6D194884DFC35C619F8A5E1FFFBD] - (.Pas de propriétaire - Real-time Protector.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe [1120032] [PID.5580]
[MD5.C5B5552E5C1A0079C1F7313E7CC7707E] - (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe [542264] [PID.5616]
[MD5.52F7F2F0B0269FDD71F30044A4749A01] - (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe [908288] [PID.5868]
[MD5.1C5119BE71F29A69EF25AFF9FB6FBBAD] - (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe [546688] [PID.4624]
[MD5.E0E44C3FBE6234CD247FEF427B6937D0] - (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344] [PID.4984]
[MD5.61D35EEE356FBA70F4E30E6A5B7D8D6C] - (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe [180224] [PID.3176]
[MD5.0550FBCEE76B6B8BD0045C898394E728] - (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe [131072] [PID.3208]
[MD5.7D46CE32283158EB7F1D0C8E02D8DDD1] - (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568] [PID.6320]
[MD5.9F0ACAA725CF5A391AF7E2067AE45746] - (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe [636192] [PID.6412]
[MD5.63E9C23A386FFFA84B5E03BFF9B628F0] - (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096] [PID.6924]
[MD5.BD0DD1EDB96290012A093C9C6FFFC4B8] - (.Brother Industries, Ltd. - ControlCenter Main Process.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe [508928] [PID.6744]
[MD5.A78AAB0D2D70EF7DD56B7328AC502059] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096] [PID.6648]
[MD5.37C5D75F2271C4B1ADC262B03FE30697] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe [787984] [PID.6408]
[MD5.118E21B52406222F1BB6EAAB4B6BABF0] - (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\tmiegsrv.exe [665104] [PID.6708]
[MD5.906B6B6CED0B8BF5B2F730827B687CA3] - (.Brother Industries, Ltd. - ControlCenter UX System.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe [1459712] [PID.7112]
[MD5.FBB33D6550559030FE42615572FE9FC3] - (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\PSI_TRAY.exe [565464] [PID.4740]
[MD5.38E330A28E034CE632F218AD2AD6452B] - (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe [1102872] [PID.2952]
[MD5.3FDBC28DEF3378089C5EE301637970BA] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [275568] [PID.3668]
[MD5.8858F7FE986DD156F88488EDA50CC446] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [18544] [PID.8108]
[MD5.C54C8B8DAE3CC59CBAFF15FAC00084D7] - (.Adobe Systems, Inc. - Adobe Flash Player 13.0 r0.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe [1864368] [PID.7172]
[MD5.1780A53FCE5975B94604775CD9460F22] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [7865344] [PID.7656]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] - (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe [116648] [PID.9096]
[MD5.F5456293D2604BCE2BEC07FC6186A341] - (.IObit - Advanced SystemCare Service.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440] [PID.616]
[MD5.FC0BF82B3968F1D8CD13B3F721668193] - (.Trusteer Ltd. - RapportMgmtService.) -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1444120] [PID.1132]
[MD5.CC42F104172B4A62793083D380867317] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344] [PID.1740]
[MD5.E38AC5D38C757EE5B6230A0C56791EE4] - (.IObit - IObit Malware Fighter Service.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336] [PID.1352]
[MD5.B362181ED3771DC03B4141927C80F801] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65432] [PID.2080]
[MD5.EEA7B4193CFDD90F106ABA56B09C8AD6] - (.AdRem Software, Inc. - MyNet Toolset Service.) -- C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe [1376680] [PID.2120]
[MD5.30E3850F303EAE5C364782EA78579CC9] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [55624] [PID.2216]
[MD5.DB109DA005B6FE2A350C5DD7CA768DFD] - (.Brother Industries, Ltd. - BrYNCSvc.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240] [PID.2292]
[MD5.A1C148801B4AF64847AEB9F3AD9594EF] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144] [PID.2420]
[MD5.65085456FD9A74D7F1A999520C299ECB] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376] [PID.2468]
[MD5.E0D7732F2D2E24B2DB3F67B6750295B8] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512] [PID.2512]
[MD5.2F139207F618EC2933830227EEFFDDB4] - (.Egis Technology Inc. - MyWinLocker Service.) -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe [305448] [PID.2744]
[MD5.7D2633295EB6FF2B938185874884059D] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.2780]
[MD5.903A40C958D471F9D30D29FA6D2800A4] - (.NVIDIA Corporation - NVIDIA Network Service.) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304] [PID.2848]
[MD5.3CAE2BBC86FCF7F94C9696994AF30386] - (.Pas de propriétaire - PassThruSvr Application.) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424] [PID.2968]
[MD5.20372BE109FEE1C37E2D5216680DB9EB] - (.pdfforge GmbH - PDF Architect Helper Service.) -- C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496] [PID.3012]
[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [189728] [PID.1764]
[MD5.1F35EFEC56CD1BF62435EAF97EABC3B3] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13632] [PID.3244]
[MD5.30F5B5DFF0CA2DE65F7F301AB1369BD3] - (...) -- C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe [70952] [PID.7692]
[MD5.398A81D590424441B2F5C5C08073CADB] - (.Secunia - Secunia PSI Agent.) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528] [PID.1300]
[MD5.8C2D3A80FC90A860F0F24DEB67471481] - (.Secunia - Secunia Update Agent.) -- C:\Program Files (x86)\Secunia\PSI\sua.exe [662232] [PID.1832]
[MD5.45F606823EAA469582318C722C76A29D] - (.Trend Micro Inc. - Trend Micro RUBotted Service.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [443416] [PID.9024]
~ Processes Running: Scanned in 00mn 01s
---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Utilisateur\AppData\Local\Google\Chrome\User Data\Default\Preferences
G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google\u00C2 Drive v.6.3 (Activé)
G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Hangout Services v.1.0 (Activé)
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google\u00C2 Wallet v.0.0.6.0 (Activé)
---\\ Liste des dossiers d'extension Google Chrome
~ Google Lines Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
M2 - MFEP: prefs.js [Utilisateur - mc0758te.default-1393239399875\adsremoval@adsremoval.net] [] Ads Removal v1.0.0 (..)
~ Firefox Browser: 24 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = preserve
~ IE Browser: 17 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Scanned in 00mn 00s
---\\ Hosts file redirection (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 1807
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: Soda PDF 3D Reader Helper [64Bits] - {2FE0F895-6D1D-4c80-A20D-18E42DE9B631} . (.LULU Software Limited - Soda PDF 3D Reader Helper.) -- C:\Program Files (x86)\Soda PDF 3D Reader\PDFIEHelper.dll
O2 - BHO: Ads Removal [64Bits] - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} . (.Adblock - Helps you remove browser ads!.) -- C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
~ BHO: 15 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: TMBGBAR TOOLBAR - [HKLM]{C8137A8D-415D-450C-A1B1-D0C519D45296} . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\X64\tmieg64.dll
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{C55BBCD6-41AD-48AD-9953-3609C48EACC7} Clé orpheline
O3 - Toolbar\WebBrowser: (no name) - [HKCU]{2318C2B1-4965-11D4-9B18-009027A5CD4F} Clé orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\QuickLaunch [Utilisateur]: µTorrent.lnk . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Global Startup: 1 Legitimates Filtered in 00mn 01s
---\\ Applications lancées au démarrage du système (O4)
O4 - HKLM\..\Run: [RTHDVCPL] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [NvBackend] . (.NVIDIA Corporation - NVIDIA GeForce Experience Backend.) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
O4 - HKLM\..\Run: [ShadowPlay] . (.NVIDIA Corporation - NVIDIA Capture Server Proxy.) -- C:\Windows\system32\nvspcap64.dll
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKCU\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - HKCU\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKCU\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKCU\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe
O4 - HKCU\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
O4 - HKCU\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKCU\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKCU\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKLM\..\Wow6432Node\Run: [Power ISO PWRISOVM.EXE] . (.PowerISO Computing, Inc. - PowerISO Virtual Drive Manager.) -- C:\Program Files (x86)\PowerISO\PWRISOVM.exe
O4 - HKLM\..\Wow6432Node\Run: [IcoSauve] . (.Pierre TORRIS - Sauvegarde et restauration du bureau.) -- C:\Program Files (x86)\IcoSauve\IcoSauve.exe
O4 - HKLM\..\Wow6432Node\Run: [IndexSearch] . (.Nuance Communications, Inc. - PaperPort IndexSearch.) -- C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
O4 - HKLM\..\Wow6432Node\Run: [PaperPort PTD] . (.Nuance Communications, Inc. - PaperPort Print to Desktop for NT.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
O4 - HKLM\..\Wow6432Node\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
O4 - HKLM\..\Wow6432Node\Run: [ControlCenter4] . (.Brother Industries, Ltd. - ControlCenter Launcher.) -- C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
O4 - HKLM\..\Wow6432Node\Run: [BrStsMon00] . (.Brother Industries, Ltd. - Status Monitor Application.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [Secunia PSI Tray] . (.Secunia - Secunia PSI Tray.) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
O4 - HKLM\..\Wow6432Node\Run: [JDownloader2] . (.AppWork UG (haftungsbeschränkt) - JDownloader Launcher v3.) -- C:\Program Files (x86)\JDownloader\JDownloader.exe
O4 - HKLM\..\Wow6432Node\Run: [IDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files (x86)\_FTP téléchargement\Internet Download Manager\IDMan.exe
O4 - HKLM\..\Wow6432Node\Run: [RUBotted] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
O4 - HKLM\..\Wow6432Node\Run: [AvastUI.exe] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
O4 - HKLM\..\Wow6432Node\Run: [JMB36X IDE Setup] . (...) -- C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe =>.Adobe Systems Incorporated
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [Trend Micro Browser Guard] . (.Trend Micro Inc. - Pas de description.) -- C:\Program Files (x86)\Trend Micro\Browser Guard\BGUI.exe
O4 - HKLM\..\Wow6432Node\Run: [Trend Micro RUBotted V2.0 Beta] . (.Trend Micro Inc. - Trend Micro RUBotted tool.) -- C:\Program Files (x86)\Trend Micro\RUBotted\RUBottedGUI.exe
O4 - HKLM\..\Wow6432Node\RunOnce: [20131224] . (.AVAST Software - avast! Emergency Update.) -- C:\Program Files\AVAST Software\Avast\setup\emupdate\3c7f573b-2ee2-4b76-9b00-64087038eb3d.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Calendar Sync] . (.Google - Google Calendar Sync.) -- C:\Program Files (x86)\Google\Google Calendar Sync\GoogleCalendarSync.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GO Contact Sync Mod] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [uTorrent] . (.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Utilisateur\AppData\Local\Google\Update\GoogleUpdate.exe =>.Google Inc
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [SmartRAM] . (.IObit - Monitors and Optimizes memory usage to incr.) -- C:\Program Files (x86)\SmartRAM3\SmartRAM.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Smart Defrag 3] . (.IObit - Smart Defrag v3.) -- C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [ISUSPM Startup] . (.InstallShield Software Corporation - InstallShield Update Service Update Manager.) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [Advanced SystemCare 7] . (.IObit - Advanced SystemCare 7.) -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
O4 - HKUS\S-1-5-21-1765133290-3960495512-1056639126-1000\..\Run: [GoogleContactSync] . (.WebGear Ltd, New Zealand + Create Software - GO Contact Sync Mod.) -- C:\Program Files (x86)\GO Contact Sync\GOContactSync.exe
~ Application: Scanned in 00mn 00s
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Free YouTube Download [64Bits] - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} . (...) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\dvdvideosoft.ico
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} ((no name)) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} ((no name)) - http://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {3234EB1E-733E-4E6A-A8AB-EBB6287E5A7E} ((no name)) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel64_4.5.5.0.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{7FE6258B-5DF9-4BA7-BB5C-8332D91C448B}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{A70F4015-36DC-403E-849D-6F1D542AE856}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll =>.Microsoft Corporation
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
~ Winlogon: Scanned in 00mn 00s
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: EldosMountNotificator-cbfs4-0 - {A14C9A36-5015-4897-B8F8-ECDA8250A917} . (.EldoS Corporation - Mount Notifier.) -- C:\Program Files (x86)\Common Files\CBFS\cbfsMntNtf4.dll
~ SSODL: 2 Legitimates Filtered in 00mn 00s
---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: (no name) [64Bits] - {A14C9A36-5015-4897-B8F8-ECDA8250A917} - (.not file.)
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Moborobo Device Service (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
~ Services: 33 Legitimates Filtered in 00mn 27s
---\\ Tâches planifiées en automatique (O39)
[MD5.C4B3CA32C8B04F2C72F76ED96EFD45EF] [APT] [4Team updater] (...) -- C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [179312]
[MD5.95B9750198A0471CA972B91E5B3FD086] [APT] [Launch 20662] (...) -- C:\Program Files (x86)\_Communications\Orange PC synchro\Voxsync.exe [701952]
[MD5.E32AE4E6FDED29C239978066EC486B87] [APT] [Process Explorer skipUAC startup] (.Sysinternals - www.sysinternals.com.) -- c:\program files (x86)\process explorer\procexp.exe [2925760]
[MD5.00000000000000000000000000000000] [APT] [{2564CC20-92F9-4F54-831F-A58FC3D0BE9B}] (...) -- M:\z_Outils\_ OUTILS\bureautique\Adobe\_creer un pdf\expert pdf 2 bluesquad\expertPDF2.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{3C67F505-7395-413B-80E8-8670D4F94839}] (...) -- D:\Outils\Drivers\ACER\HDMI_R270.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{45AE36EC-C75E-4061-BC57-213E0443789E}] (...) -- C:\Program Files (x86)\_Traitement vid‚o\XviD4PSP5\Uninstall.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{51FAA641-9AE2-4878-8249-00F19F64F2CB}] (...) -- F:\Mes documents\Downloads\WIN_L1WinSetup_v2.4.7.29_WHQL\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{7ED9B4DC-1EC1-4557-8B23-B4E509D5BC12}] (...) -- C:\swsetup\SP58915\setup.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{875220FF-E0DA-4E74-A6B3-24F205C679AC}] (...) -- I:\z_Outils\_ OUTILS\Video\_codecs\Codec_Sniper_0.1.0_4331\Codec_Sniper_francais.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{99A58AEA-01EA-4020-A782-84FF8B16D8D5}] (...) -- C:\Users\Utilisateur\AppData\Local\Apple\Apple Software Update\QuickTimeInstallerAdmin.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{A8B92F55-A2B7-4212-B012-4768E92B6E55}] (...) -- C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2 - Installation Files\installer.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{AC661EB0-EEFF-48BB-8DF0-AB4A35870BF8}] (...) -- D:\Outils\_ OUTILS\securite\__Virus Trojans Malware Spyware\SOGE RapportSetup-Full.msi" (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{B29DA93A-A19F-41DD-B274-21E61881D1C6}] (...) -- D:\Outils\_ OUTILS\tv-radio\TVO\framework 2.0 dotnetfx x86 pour TVO.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{CBD56113-0103-48ED-A8B1-B9EBB55E9A7A}] (...) -- F:\Mes documents\Downloads\IDM Internet download manager\FFSBR_Mul14_Help_v1.6.exe (.not file.) [0]
[MD5.D878C584F32451D82642C36732C64FFB] [APT] [{D1A635E5-16E0-4EFD-8D1E-5AB72EC56290}] (...) -- C:\Program Files (x86)\Alliance MCA\SafeFax\unins000.exe [710766]
[MD5.00000000000000000000000000000000] [APT] [{D49EC551-788B-41FF-A390-B125854AC8D9}] (...) -- D:\Outils\_ OUTILS\Programmateur de taches\program taches avant extinction totale darc\Lastchance.exe (.not file.) [0]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\Adobe Flash Player Updater [1002]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GlaryInitialize [336]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1066]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1070]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000Core [1050]
O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1765133290-3960495512-1056639126-1000UA [1102]
~ Scheduled Task: 49 Legitimates Filtered in 00mn 03s
---\\ Logiciels installés (O42)
O42 - Logiciel: RegUtility version 4.1 - (...) [HKLM][64Bits] -- RegUtility_is1
O42 - Logiciel: SafeFax 3.0.999 - (.Alliance MCA.) [HKLM][64Bits] -- SafeFax_is1
O42 - Logiciel: VST Bridge 1.1 - (...) [HKLM][64Bits] -- VST Bridge_is1
O42 - Logiciel: world TVRT Special Edition 7.02 - (.worldtvradio.) [HKLM][64Bits] -- world TVRT Special Edition
~ Logic: 37 Legitimates Filtered in 00mn 01s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\APMT]
[HKCU\Software\EML to PST Converter]
[HKCU\Software\Guy]
[HKCU\Software\Icon Explorer]
[HKCU\Software\OscarK4G4]
[HKCU\Software\ShellExtBridge110]
[HKCU\Software\Viksoe.dk]
[HKCU\Software\Wavelet Labs]
[HKLM\Software\Wow6432Node\ADSRemoval]
[HKLM\Software\Wow6432Node\Guy]
[HKLM\Software\Wow6432Node\ND]
[HKLM\Software\Wow6432Node\Wavelet Labs]
~ Key Software: 849 Legitimates Filtered in 00mn 01s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 16/03/2013 - 18:32:52 - [] ----D C:\Program Files (x86)\DnsJumper
O43 - CFD: 19/09/2012 - 11:09:27 - [] ----D C:\Program Files (x86)\EML to PST Converter
O43 - CFD: 14/02/2014 - 13:49:04 - [0] ----D C:\Program Files (x86)\GUM8D29.tmp
O43 - CFD: 23/05/2012 - 15:09:26 - [] ----D C:\Program Files (x86)\Instant File Searcher Professional
O43 - CFD: 12/03/2014 - 20:32:05 - [] ----D C:\Program Files (x86)\loop recorder
O43 - CFD: 10/12/2012 - 16:59:58 - [] ----D C:\Program Files (x86)\MyNetToolset
O43 - CFD: 19/09/2012 - 10:59:17 - [] ----D C:\Program Files (x86)\OscarG7
O43 - CFD: 19/09/2012 - 10:58:50 - [] ----D C:\Program Files (x86)\OSCARK4G4
O43 - CFD: 08/10/2013 - 16:57:29 - [] ----D C:\Program Files (x86)\PirateBrowser
O43 - CFD: 24/03/2014 - 18:40:14 - [] ----D C:\Program Files (x86)\processhacker-2.33-bin
O43 - CFD: 19/09/2012 - 10:53:38 - [] ----D C:\Program Files (x86)\RegDirXP
O43 - CFD: 19/02/2014 - 19:28:24 - [] ----D C:\Program Files (x86)\RegUtility
O43 - CFD: 12/06/2013 - 14:52:07 - [] ----D C:\Program Files (x86)\Should I Remove It
O43 - CFD: 27/04/2013 - 15:37:37 - [] ----D C:\Program Files (x86)\SmartCam
O43 - CFD: 20/01/2014 - 18:37:40 - [] ----D C:\Program Files (x86)\SmartRAM3
O43 - CFD: 17/01/2014 - 14:16:10 - [] ----D C:\Program Files (x86)\stdu-multi viewer-portable_1-6-300_fr_239656
O43 - CFD: 21/11/2013 - 21:20:17 - [] ----D C:\Program Files (x86)\stdu-viewer-portable_1-6-300_fr_239656
O43 - CFD: 08/11/2013 - 18:35:40 - [] ----D C:\Program Files (x86)\Touch99
O43 - CFD: 23/05/2012 - 15:09:41 - [] ----D C:\Program Files (x86)\universal extractractor 161_portable
O43 - CFD: 23/03/2012 - 17:30:31 - [] ----D C:\Program Files (x86)\Wavelet Labs
O43 - CFD: 14/03/2013 - 18:27:57 - [] ----D C:\Program Files (x86)\Windows7DEK
O43 - CFD: 09/06/2012 - 18:03:29 - [] ----D C:\Program Files (x86)\WOEXtract
O43 - CFD: 23/05/2012 - 15:09:45 - [] ----D C:\Program Files (x86)\worldTVRT
O43 - CFD: 08/04/2013 - 16:13:08 - [] R---D C:\Program Files (x86)\_Bureau
O43 - CFD: 19/02/2011 - 11:43:12 - [0] R---D C:\Program Files (x86)\_Bureautique
O43 - CFD: 23/03/2012 - 17:30:26 - [] ----D C:\Program Files (x86)\_Disques
O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Divers
O43 - CFD: 07/07/2012 - 18:28:23 - [] ----D C:\Program Files (x86)\_Décompression
O43 - CFD: 23/03/2012 - 17:30:26 - [] R---D C:\Program Files (x86)\_FAX Internet
O43 - CFD: 10/06/2012 - 19:16:06 - [] R---D C:\Program Files (x86)\_Fichiers
O43 - CFD: 16/02/2010 - 23:36:18 - [0] ----D C:\Program Files (x86)\_Fichiers (dates ou noms)
O43 - CFD: 10/12/2012 - 16:59:42 - [] ----D C:\Program Files (x86)\_FTP téléchargement
O43 - CFD: 25/02/2013 - 15:28:32 - [] R---D C:\Program Files (x86)\_Graveur
O43 - CFD: 01/11/2010 - 17:41:33 - [0] ----D C:\Program Files (x86)\_Imprimantes
O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Internet
O43 - CFD: 23/05/2012 - 15:08:36 - [] R---D C:\Program Files (x86)\_Multimedia
O43 - CFD: 16/02/2010 - 23:36:16 - [0] ----D C:\Program Files (x86)\_Scanner
O43 - CFD: 25/02/2013 - 15:31:24 - [] ----D C:\Program Files (x86)\_Système (hardware)
O43 - CFD: 01/11/2010 - 17:41:34 - [0] ----D C:\Program Files (x86)\_Sécurité connections ADSL réseau et ports
O43 - CFD: 01/11/2010 - 17:41:33 - [0] R---D C:\Program Files (x86)\_Sécurité sauvegardes et backups
O43 - CFD: 04/03/2014 - 16:17:28 - [] R---D C:\Program Files (x86)\_Sécurité Virus Malwares Spywares
O43 - CFD: 12/06/2013 - 15:45:12 - [] R---D C:\Program Files (x86)\_Traitement Image, Photos et Graphisme
O43 - CFD: 11/03/2014 - 18:21:05 - [] R---D C:\Program Files (x86)\_Traitement Son
O43 - CFD: 23/05/2012 - 15:08:39 - [] ----D C:\Program Files (x86)\_Traitement vidéo
O43 - CFD: 11/06/2012 - 00:11:30 - [] ----D C:\Program Files (x86)\_TV
O43 - CFD: 23/05/2012 - 15:08:40 - [] ----D C:\Program Files (x86)\_video
O43 - CFD: 31/05/2013 - 18:11:58 - [] ----D C:\Program Files (x86)\Common Files\CBFS
O43 - CFD: 07/07/2012 - 19:28:14 - [] ----D C:\ProgramData\clonehdd
O43 - CFD: 23/11/2012 - 17:14:18 - [] ----D C:\ProgramData\complexbackup
O43 - CFD: 23/07/2012 - 15:35:53 - [] ----D C:\ProgramData\deletepart
O43 - CFD: 23/07/2012 - 15:37:48 - [] ----D C:\ProgramData\formatpart
O43 - CFD: 23/03/2012 - 18:31:47 - [] ----D C:\ProgramData\HD Audio Recorder
O43 - CFD: 28/07/2013 - 17:24:57 - [] ----D C:\ProgramData\PCFaxTx
O43 - CFD: 29/04/2014 - 20:23:46 - [] ----D C:\ProgramData\ProductData
O43 - CFD: 23/03/2012 - 18:14:22 - [] ----D C:\ProgramData\RegDirXP
O43 - CFD: 11/03/2014 - 18:42:32 - [] ----D C:\ProgramData\Wavelet Labs
O43 - CFD: 10/12/2012 - 16:59:30 - [0] ----D C:\ProgramData\{2F6A203E-6DF1-45F1-9367-86E189B4C7AC}
O43 - CFD: 09/02/2014 - 14:21:08 - [0] ----D C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
O43 - CFD: 22/12/2012 - 19:56:29 - [0] -S--D C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
O43 - CFD: 27/12/2013 - 16:27:36 - [0] ----D C:\Users\Utilisateur\AppData\Roaming\ARA
O43 - CFD: 19/09/2012 - 10:44:32 - [] ----D C:\Users\Utilisateur\AppData\Roaming\HD Audio Recorder
O43 - CFD: 12/03/2014 - 18:37:42 - [] ----D C:\Users\Utilisateur\AppData\Roaming\ProductData
O43 - CFD: 31/05/2013 - 18:19:01 - [] ----D C:\Users\Utilisateur\AppData\Roaming\RapidDrive
~ Program Folder: 526 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.340B0467E98A8C92697D73034DB4BCB7] - 30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
~ Files: 23 Legitimates Filtered in 00mn 04s
---\\ Image File Execution Options (IFEO) (O50)
O50 - IFEO:Image File Execution Options - Del_CD_ROM.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InstallWTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InternetEverywhere.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - InternetEverywhere_SMSMMS.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - OSU.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - WTGService.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
O50 - IFEO:Image File Execution Options - WTGVistaUtil.exe - C:\Program Files (x86)\IObit\Advanced SystemCare 7\AutoReactivator.exe
~ IFEO: Scanned in 00mn 00s
---\\ Clé de registre Shell MountPoints2 (MPKS) (O51)
O51 - MPSK:{1169d0e8-b2b9-11e0-9e94-90fba64d21e6}\AutoRun\command. (...) -- H:\WD SmartWare.exe (.not file.)
O51 - MPSK:{15e46acc-d737-11e2-a5f4-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{488a421d-7f44-11e2-b45e-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{809bdd4d-8572-11e2-b87a-90fba64d21e6}\AutoRun\command. (...) -- I:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{a326de79-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- J:\SFR.exe (.not file.)
O51 - MPSK:{a326de8d-c72b-11e1-b427-90fba64d21e6}\AutoRun\command. (...) -- I:\SFR.exe (.not file.)
O51 - MPSK:{ac0c17ea-c286-11df-ab43-90fba64d21e6}\AutoRun\command. (...) -- N:\WD SmartWare.exe (.not file.)
O51 - MPSK:{b0b77297-956e-11e3-b34a-90fba64d21e6}\AutoRun\command. (...) -- H:\HTC_Sync_Manager_PC.exe (.not file.)
O51 - MPSK:{e7532556-3069-11e0-bf36-90fba64d21e6}\AutoRun\command. (...) -- K:\WD SmartWare.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ Enumération des clés de registre StartupReg (SMSR) (O53)
O53 - SMSR:HKLM\...\startupreg\StartupDelayer [Key] . (.r2 Studios - Startup Launcher.) -- c:\program files\startup delayer\startup launcher.exe
~ SMSR Keys: 10 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesSystem (MWPS) (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ MWPS: 18 Legitimates Filtered in 00mn 00s
---\\ Enumération des clés de registre PoliciesExplorer (MWPE) (O56)
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1
~ MWPE Keys: 6 Legitimates Filtered in 00mn 00s
---\\ Liste des pilotes du système (SDL) (O58)
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswHwid.sys [29208]
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswRvrt.sys [65776]
O58 - SDL:30/04/2014 - 08:32:13 ---A- . (...) -- C:\Windows\System32\Drivers\aswVmm.sys [208416]
O58 - SDL:13/02/2013 - 06:48:06 ---A- . (.CSR/PLT - Bluetooth USB Dongle Driver.) -- C:\Windows\System32\Drivers\csrbcx64.sys [33152]
O58 - SDL:14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\System32\Drivers\elxstor.sys [530496]
O58 - SDL:10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\System32\Drivers\hcw85cir.sys [31232]
O58 - SDL:25/06/2010 - 16:08:10 ---A- . (.Windows (R) Win 7 DDK provider - RawPacket NDIS Protocol Driver.) -- C:\Windows\System32\Drivers\htcnprot.sys [36928]
O58 - SDL:26/06/2011 - 18:55:24 ---A- . (.Windows (R) Codename Longhorn DDK provider - Example Keyboard Filter Driver.) -- C:\Windows\System32\Drivers\i8042HDR.sys [15920]
O58 - SDL:28/11/2013 - 01:24:18 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\Drivers\idmwfp.sys [175480]
O58 - SDL:29/04/2009 - 16:28:30 ---A- . (.Windows (R) Codename Longhorn DDK provider - KMWDFilter Driver from UASSOFT.COM.) -- C:\Windows\System32\Drivers\KMWDFILTER.sys [30208]
O58 - SDL:01/03/2013 - 02:49:12 ---A- . (.Riverbed Technology, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\System32\Drivers\npf.sys [36600]
O58 - SDL:06/12/2013 - 15:47:12 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\System32\Drivers\psi_mf_amd64.sys [18456]
O58 - SDL:27/07/2009 - 03:54:30 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\System32\Drivers\scdemu.sys [90544]
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392]
O58 - SDL:14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\System32\Drivers\stexstor.sys [24656]
O58 - SDL:06/08/2009 - 14:17:34 ---A- . (...) -- C:\Windows\System32\Drivers\TurboB.sys [13784]
O58 - SDL:17/01/2010 - 12:10:54 ---A- . (.Windows (R) 2000 DDK provider - Image Mounter SCSI Port Driver.) -- C:\Windows\System32\Drivers\uimx64.sys [48144]
O58 - SDL:14/01/2014 - 15:13:28 ---A- . (...) -- C:\Windows\SysWOW64\drivers\MoborobAssDriver64.sys [12072]
O58 - SDL:20/03/2011 - 16:31:08 RSH-- . (...) -- C:\Windows\SysWOW64\CEBA27CA42.sys [88]
O58 - SDL:02/03/2014 - 17:44:34 -SHA- . (...) -- C:\Windows\SysWOW64\KGyGaAvL.sys [3974]
~ Drivers: 112 Legitimates Filtered in 00mn 01s
---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)
O61 - LFC: 24/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_33.0.1750.154_chrome_updater.exe [8676056]
O61 - LFC: 29/04/2014 - 15:35:55 ---A- . (...) -- C:\Users\Utilisateur\AppData\Local\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe [114568]
~ 206 Fichiers temporaires (Temporary files)
~ 421 Fichiers cookies (Cookies files)
~ Files: 89 Legitimates Filtered in 00mn 08s
---\\ Liste des outils de désinfection (LATC) (O63)
O63 - Logiciel: SEAF By C_XX - (.C_XX.) [HKLM] -- SEAF
O63 - Logiciel: ZHPDiag 2014 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 =>.Nicolas Coolman
O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}
~ ADS: Scanned in 00mn 00s
---\\ Liste les services legacy du registre (LALS) (O64)
O64 - Services: CurCS - 30/04/2014 - C:\Windows\system32\drivers\aswHwid.sys (aswHwid) .(...) - LEGACY_ASWHWID
O64 - Services: CurCS - 17/01/2010 - C:\Windows\System32\DRIVERS\hotcore3.sys (hotcore3) .(.Paragon Software Group - A part of Paragon System Utilities.) - LEGACY_HOTCORE3
~ Legacy: 143 Legitimates Filtered in 00mn 00s
---\\ Menu de démarrage Internet (SMI) (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Recherche d'infection sur les navigateurs internet (SBI) (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {73E006BC-DCFE-4CC7-BA5F-3FB1A1E9B98C} - (Yahoo! Search) - http://fr.search.yahoo.com
O69 - SBI: SearchScopes [HKCU] {9411A4FD-FE6A-4E6E-ABD3-CBA7E30403E9} - (Yahoo) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Enumère les fichiers Crack & Keygen (CKF) (O82)
C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\loop recorder\keygen.exe =>.Crack,Keygen
C:\Program Files (x86)\Nuance\PDF Professional 7\bin\Keygen.exe =>.Crack,Keygen
D:\Outils\windows guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen
D:\Outils\windows guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen
D:\Outils\Windows XP\windows XP guenuine avantage\Outil pour avoir windows original\Windows.Genuine.Advantage.Validation.v1.9.0040.0.CRACKED.REPACK-DS9\WgaTray.exe =>.Crack,Keygen
D:\Outils\Windows XP\windows XP guenuine avantage\Tout Pour XP Key et validations\XP Pro SP2 SP3 Keygen\Keygen Windows XP Pro SP2.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Corel PDF Fusion112\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Creer un pdf\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Nuance.PDF.Converter.Professional.7.MULTI.PC\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\bureautique\Nitro PDF Pro v6.0.2.6 + Keygen\Nitro PDF Pro v6.0.2.6 + Keygen SETUP.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Communications 3g bluetooth wifi adsl Lan\AIOWifcKr\WiFi Cracker, Stealer AiO .exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\IsoBusterPro2CRACKandKeygen\isobuster_all_lang.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\rar cracker d'archives Rar protégées par MP\Rar_Password_Cracker_4.12.FULL\rpc412_setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\décompression & extraction\_WINZIP\WinZip.Pro.v16.0.9715..X86.X64.Incl.Keygen-Lz0.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Fichiers (divers)\Konvertor\konvertore 3.46.4 batch\konvertorv3.46.4 batch keygenfff\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\burning studio 7\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Dvd Fab v9.1.2.8 Cracked\DvdFab.v9.1.2.8.Cracked-XenoCoder.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Graveur Extraction gestion CD etc\Nero 8.1.1.0 fr + key (charlie)\Keygen\nero8x.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Scanner\VueScan.Pro.v8.5.09.Fr\Cerise\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\Microsoft Private Folder v1.0\Microsoft Private Folder v1.0.pour WIndows Cracked\MSPF10ENU.msi =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__firewall proxy cookies popup\Steganos.Internet.Anonym.2006.v8.0.1.Multilang.Incl.Keygen\Setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\Symantec Norton Ghost 12 Fr.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Norton Ghost 12 Fr + keygen\SymNorGh12_Fr.rar.torrent =>.Crack,Keygen
D:\Outils\_ OUTILS\securite\__Sauvegardes\Titan.Backup.v2.5.0.116\Keygen.and.Patch\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\Paintshop pro (corel)\Paint Shop Pro XI avec Keygen\PaintShopPro11-FR.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Image, Photos et Graphisme\___graphisme optim\Photozoom.Professional.v2.3.2.Multilangages.Incl-Keygen\PhotoZoom Pro 2 Setup.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\ashampoo_music_studio310_se\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\HD Audio Recorder v1.1.0.5 Win7\Cracked\HDAudioRecorderXP.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV Voice Changer Diamond v5.5.24 + Keygen\AV Voice Changer Diamond v5.5.24 + Keygen\VCS_Diamond55.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\AV-Voice- Changer- Diamond v6.0.10\KeyGen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_modificateur de voix\Diamond voice changer 6.0\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\Keygen.rar =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\super MP3 recorder Pro 6.2\SuperMP3-Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement Sons\_Recorders\_enregistrement direct carte son\loop recorder 1.3 cracké\crack loop recorder a dezipper ds fichier instal looprecorder\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\1f4-avssetup26.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\2f4-avspatch26.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVS4YOUSoftwareNavigator.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSAudioRecorder.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSCoverEditor2.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDiscCreator.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDocumentConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSDVDCopy.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSExplorerExtension.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSImageConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSMediaPlayer.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSPhotoEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRegistryCleaner.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSRingtoneMaker.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSScreenCapture.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoConverter.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoEditor.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoRecorder.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\AVSVideoReMaker.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Registration.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\AVS4YOU.Software.AIO.Installation.Package.v2.6.1.114.Cracked\AVS crack solution 2 remplacer chacun ds les folders\Uninstall.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\Traitement vidéo\_Convertisseurs\Total video converter\Total Video Converter 3.61 FR ++OK++\Keygen Total Video Converter 3.61 FR\Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\PerfectDisk Rx Suite XP- Vista - Fr\Keygen\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\crd-Wintools.NET.9.0.0_Keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinTools.NET.Professional.v9.0.+Keygen\WinTools-Net-9-Pro-Fr-Colok.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\WinXP Manager v5.0.3\keygen.exe =>.Crack,Keygen
D:\Outils\_ OUTILS\tuning benchmarks\XP Repair Pro 2007 3.5.5\Keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\5star Mobile Video_v1.5.6.223\kg\keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\SlovoED_Dictionaries_+_KeyGen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\Tracker_keygen.exe =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\yewsoft x for UIQ v.1.2.symbian.7.uiq.inc.blzpda.keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Elements Blazar v1.00.UIQ.SymbianOS7.Cracked-SymBoSS.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\legacy v1.05 for UIQ + keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS Silverball v1.6 + Keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\MGS.Karting.with.keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Sky Force V1.2 with keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\Soft pour PDA\__Games\Tom.Cooper.Tags.v2.00.UIQ.SymbianOS7.Incl.Keygen-BLZPDA.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\advanced english dictionary 1.02 se p800 symbianos7 uiq with keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Best Of a1000 p910 p910I p900 p800 Msn Messenger Jmsn Agile Instantsymbian Im Keygen Cracked.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Digital.Red.3D.MotoRacer.v1.08.UIQ.SymbianOS7.Incl.Keygen.READ.NFO-BLZPDA.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Jmsnpro v1.2.0 With Keygen.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\MobileWays.DesktopMessage.v1.02.010803.UIQ.SymbianOS7.Cracked-Unsekure.rar =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\Mobileways.Remote.P900.v1.42.SE.P900.SymbianOS7.Cracked-XiMPDA.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P800] Zipman 1.40.incl.keygen.zip =>.Crack,Keygen
D:\Outils\_ Outils telephone mobile tomtom navirad\_ OUTILS SONY\[P900] Tracker v4.02 + Skins + Fileman + Taskman With Keygen.zip =>.Crack,Keygen
F:\Mes documents\Mes favoris (DD)\Principaux moteurs de recherche\crack appz apps\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen
F:\Mes documents\Mes favoris (DD)\Technique\cracks\FindCracks.com - Cracks, serials, keygens, patches, code.url =>.Crack,Keygen
~ Files: Scanned in 00mn 34s
---\\ Recherche particulière à la racine du système (SPRF) (O84)
[MD5.86A1311D51C00B278CB7F27796EA442E] [SPRF][22/11/2013] (.Genry - ISTask for Inno Setup.) -- C:\ProgramData\ISTask.dll [67584]
[MD5.2E6A90A73B6314285C4466977C846AF0] [SPRF][05/05/2012] (...) -- C:\Users\Utilisateur\AppData\Roaming\wklnhst.dat [140]
~ Files: 8 Legitimates Filtered in 00mn 00s
---\\ Liste des exceptions du parefeu (FirewallRules) (O87)
O87 - FAEL: "{DCA1F7A2-E26E-4581-BB0C-94BDA9C7D6FB}" | In - None - P6 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
O87 - FAEL: "{4DE2BAE5-65D8-4E81-ADC1-C927B20A0D3D}" | In - None - P17 - TRUE | .(.BitTorrent Inc. - µTorrent.) -- C:\Users\Utilisateur\AppData\Roaming\uTorrent\uTorrent.exe =>P2P.BitTorrent
~ Firewall: 2 Legitimates Filtered in 00mn 01s
---\\ Enumère les codes produits des logiciels (PUC) (O90)
O90 - PUC: "A71F62B5272962A4D99F8151A7AF6CDC" . (.IObit Apps Toolbar v8.1.) -- C:\Windows\Installer\{5B26F17A-9272-4A26-9DF9-18157AFAC6CD}\ARPPRODUCTICON.exe =>PUP.Dealio
~ Update Products: 1 Legitimates Filtered in 00mn 00s
---\\ Enumère les données de la clé NameSpace (MNS) (O92)
O92 - MNS: GMail Drive - {2B3453E4-49DF-11D3-8229-0080BE509050}
~ MNS: 1 Legitimates Filtered in 00mn 00s
---\\ Recherche des packages WindowsInstaller (WIS) (O93) (NTFS)
[MD5.12ADEC58FFC77A75FC60A1B682E64B8D] [WIS][30/10/2013] (.Spigot, Inc. - Widgi Toolbar.) -- C:\Windows\Installer\20e345.msi [3920896] =>PUP.Dealio
[MD5.22C9E7805145D0A0C4C62DDB591D2DAE] [WIS][27/06/2012] (.Babylon Ltd - BabylonObjectInstaller.) -- C:\Windows\Installer\721799f.msi [353280] =>PUP.Babylon
~ WIS: 2 Legitimates Filtered in 00mn 05s
---\\ Recherche de clés de registre Tracing (O100)
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASAPI32 =>Adware.PredictAd
HKLM\SOFTWARE\Microsoft\Tracing\InstTracker_RASMANCS =>Adware.PredictAd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32 =>Toolbar.Bing
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASAPI32 =>PUP.GiganticSavings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\DNSBench_RASMANCS =>PUP.GiganticSavings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\googletoolbarinstaller_en64_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarInstaller_updater_signed_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarManager_E85CDE7661A53A6A_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASAPI32 =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\GoogleToolbarNotifier_RASMANCS =>Toolbar.Google
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASAPI32 =>Adware.SearchSettings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\SearchSettings_RASMANCS =>Adware.SearchSettings
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32 =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS =>PUP.Glindorus
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASAPI32 =>P2P.µTorrent
HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\utorrent_RASMANCS =>P2P.µTorrent
~ BTK: 848 Legitimates Filtered in 00mn 00s
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 10/10/2013 144152 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe
SS - | Auto 30/04/2014 257712 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SS - | Disabled 28/02/2011 3186824 | (AVRedirector) . (.AVSoftware, Ltd.) - C:\Program Files (x86)\Hide The IP\data\AVLib.exe
SS - | Demand 10/06/2013 1966960 | (Dedicarz Service) . (...) - C:\Program Files (x86)\Orange\Assistance Livebox\dedicarz\DedicarzService.exe
SS - | Demand 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
SS - | Auto 01/07/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 01/07/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 10/11/2013 87368 | (HTCMonitorService) . (.Nero AG.) - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
SS - | Demand 11/03/2011 677512 | (htisvcfwm) . (.AVSoftware.) - C:\Program Files (x86)\Hide The IP\data\htisvc.exe
SS - | Disabled 30/07/2013 204552 | (Intel(R) PROSet Monitoring Service) . (.Intel Corporation.) - C:\Windows\system32\IProsetMonitor.exe
SS - | Demand 02/11/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SS - | Auto 30/04/2014 2153792 | (LiveUpdateSvc) . (.IObit.) - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
SS - | Auto 30/04/2014 119408 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SS - | Auto 29/08/2013 1073160 | (Orange update Core Service) . (.Orange SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe
SS - | Auto 08/04/2013 799280 | (PDF Architect Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\ConversionService.exe
SS - | Demand 02/08/2011 145256 | (PDFProFiltSrvPP) . (.Nuance Communications, Inc..) - C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
SS - | Demand 10/07/1658 0 | (rpcapd) . (...) - C:\Program Files (x86)\WinPcap\rpcapd.exe
SS - | Disabled 10/09/2009 320512 | (SCPDFReadSpool) . (.Solid Documents, LLC.) - C:\Program Files (x86)\SolidDocuments\Solid Converter PDF\SCPDFV6\SolidConverterPDFServicex64.exe
SS - | Disabled 16/03/2010 14488 | (SFR.DashBoard.Service) . (.SFR.) - C:\Program Files (x86)\SFR\Gestionnaire de Connexion\SFR.DashBoard.Service.exe
SS - | Disabled 05/09/2013 171680 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Disabled 19/08/2013 1162592 | (Soda PDF 3D Reader Helper Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\HelperService.exe
SS - | Disabled 19/08/2013 852320 | (Soda PDF 3D Reader Service) . (.LULU Software Limited.) - C:\Program Files (x86)\Soda PDF 3D Reader\ConversionService.exe
SS - | Disabled 08/02/2014 411936 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SS - | Disabled 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
SS - | Disabled 27/08/2013 93072 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
SS - | Disabled 19/09/2012 2365792 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
SS - | Disabled 06/08/2009 118672 | (TurboBoost) . (.Intel(R) Corporation.) - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
SS - | Disabled 30/09/2009 2314240 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SS - | Disabled 05/04/2012 255376 | (Updater Service) . (.Acer Incorporated.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SS - | Disabled 09/12/2009 76320 | (USBS3S4Detection) . (...) - C:\OEM\USBDECTION\USBS3S4Detection.exe
SS - | Disabled 13/11/2009 129536 | (WDDMService) . (.WDC.) - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
SS - | Disabled 16/06/2009 20480 | (WDSmartWareBackgroundService) . (.Memeo.) - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
SS - | Disabled 10/07/1658 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe =>.Microsoft Corporation
SS - | Disabled 13/11/2009 308688 | (WTGService) . (...) - C:\Program Files (x86)\orange InternetEverywhere\WTGService.exe
SR - | Auto 21/12/2013 65432 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SR - | Auto 26/11/2009 1376680 | (AdRemWsServer) . (.AdRem Software, Inc..) - C:\Program Files (x86)\MyNetToolset\1.0\WsServer.exe
SR - | Auto 09/12/2013 881440 | (AdvancedSystemCareService7) . (.IObit.) - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
SR - | Auto 07/09/2013 55624 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 26/01/2014 50344 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Auto 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 05/06/2012 266240 | (BrYNSvc) . (.Brother Industries, Ltd..) - C:\Program Files (x86)\Browny02\BrYNSvc.exe
SR - | Auto 30/05/2012 13632 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 24/01/2014 342336 | (IMFservice) . (.IObit.) - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
SR - | Auto 08/02/2013 359664 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
SR - | Auto 30/09/2009 262144 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 25/10/2013 2768208 | (MaConfigAgent) . (.CybelSoft.) - C:\Program Files\ma-config.com\MaConfigAgent.exe
SR - | Auto 04/04/2013 418376 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 04/04/2013 701512 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SR - | Auto 14/01/2014 70952 | (MoboroboDeviceService) . (...) - C:\Program Files (x86)\Moborobo\MoboroboDeviceService.exe
SR - | Auto 10/09/2009 305448 | (MWLService) . (.Egis Technology Inc..) - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\MWLService.exe
SR - | Auto 25/08/2009 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/12/2013 1494304 | (NvNetworkService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
SR - | Auto 10/12/2013 15129376 | (NvStreamSvc) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
SR - | Auto 08/02/2014 923936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe
SR - | Auto 07/12/2012 167424 | (PassThru Service) . (...) - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
SR - | Auto 08/04/2013 1320496 | (PDF Architect Helper Service) . (.pdfforge GmbH.) - C:\Program Files (x86)\PDF Architect\HelperService.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 10/03/2010 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
SR - | Auto 10/02/2014 1444120 | (RapportMgmtService) . (.Trusteer Ltd..) - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
SR - | Auto 25/07/2013 443416 | (RUBotSrv) . (.Trend Micro Inc..) - C:\Program Files (x86)\Trend Micro\RUBotted\RUBotSrv.exe
SR - | Auto 06/12/2013 1229528 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\PSIA.exe
SR - | Auto 06/12/2013 662232 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files (x86)\Secunia\PSI\sua.exe
SR - | Demand 25/11/2012 821720 | (SystemExplorerHelpService) . (.Mister Group.) - C:\Program Files (x86)\System Explorer\service\SystemExplorerService64.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Demand 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Scanned in 00mn 05s
---\\ Recherche d'infection sur le Master Boot Record (MBR)(O80)
Run by Utilisateur at 30/04/2014 15:36:54
~ OS 64 not supported by MBR tool
~ MBR: 0 Legitimates Filtered in 00mn 00s
---\\ Recherche d'infection sur le Master Boot Record (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Utilisateur at 30/04/2014 15:36:56
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 02s
---\\ Liste des émulateurs de CD/DVD (MBR Hook)
O58 - SDL:02/01/1601 - 23:00:00 ---A- . (...) -- C:\Windows\System32\Drivers\sptd.sys [526392]
~ Emulateurs: Scanned in 00mn 02s
---\\ Scan Additionnel (O88)
Database Version : 13045 - (28/04/2014)
Clés trouvées (Keys found) : 8
Valeurs trouvées (Values found) : 2
Dossiers trouvés (Folders found) : 1
Fichiers trouvés (Files found) : 2
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}] =>Toolbar.TuneUp
[HKLM\Software\Wow6432Node\Microsoft\Tracing\BingBar_RASAPI32] =>Toolbar.Bing
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193] =>PUP.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044] =>PUP.Dealio
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9] =>PUP.Dealio
[HKCU\Software\IObit Apps] =>PUP.Dealio
[HKCU\Software\AppDataLow\Software\IObit Apps] =>PUP.Dealio
[HKLM\Software\Wow6432Node\IObit Apps] =>PUP.Dealio
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]:uTorrent =>P2P.BitTorrent^
C:\Program Files (x86)\PDF Suite 2010 =>Toolbar.PDFSuite
C:\Windows\Installer\20e345.msi =>PUP.Dealio^
C:\Windows\Installer\721799f.msi =>PUP.Babylon^
~ Additionnel Scan: 518784 Items scanned in 00mn 31s
---\\ Récapitulatif des détections trouvées sur votre station
http://nicolascoolman.webs.com/apps/blog/show/27443462-pup-dealio =>PUP.Dealio
http://nicolascoolman.webs.com/apps/blog/show/26627369-toolbar-babylon =>PUP.Babylon
http://nicolascoolman.webs.com/apps/blog/show/27229962-adware-predictad =>Adware.PredictAd
http://nicolascoolman.webs.com/apps/blog/show/37514218-pup-giganticsavings =>PUP.GiganticSavings
http://nicolascoolman.webs.com/apps/blog/show/27529295-adware-searchsettings =>Adware.SearchSettings
http://nicolascoolman.webs.com/apps/blog/show/33429762-pup-glindorus =>PUP.Glindorus
~ MSI: 6 link(s) detected in 00mn 00s
~ 1738 Legitimates filtered by white list
End of the scan (881 lines in 02mn 57s)(87)