cjoint

Publicité


Publicité

Format du document : text/plain

Prévisualisation

Rapport de ZHPDiag v2013.3.22.75 par Nicolas Coolman, Update du 23/03/2013
Run by Arnaud at 23/03/2013 16:21:01
State : Version � jour.
High Elevated Privileges : OK
UAC : Deactivate by program


---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
MFIE: Mozilla Firefox 19.0.2 v19.0.2 (Defaut)
GCIE: Google Chrome v25.0.1364.172

---\\ Windows Product Information
~ Langage: Fran�ais
Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : CGKHQ
Windows License : OK
~ Windows Remaining Initializations Number : 2
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK

---\\ System Information
~ Processor: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64 Bits
Boot mode: Normal (Normal boot)
Total RAM: 4077 MB (49% free)
System Restore: Activ� (Enable)
System drive C: has 452 GB (77%) free of 582 GB

---\\ Logged in mode
~ Computer Name: ARNAUD-VAIO
~ User Name: Arnaud
~ All Users Names: HomeGroupUser$, Arnaud, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator

---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Arnaud\AppData\Roaming\
~ %Desktop% : C:\Users\Arnaud\Desktop\
~ %Favorites% : C:\Users\Arnaud\Favorites\
~ %LocalAppData% : C:\Users\Arnaud\AppData\Local\
~ %StartMenu% : C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\

---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 452 Go of 582 Go)
D:\ CD-ROM drive (Not Inserted)



---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Legitimates Scanned in 00mn 00s



---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.28/12/2011 - 02:23:45.) -- C:\Windows\Explorer.exe [2871808]
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]
[MD5.FA274190682AA41A46B285208ED46A74] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/02/2013 - 07:47:19.) -- C:\Windows\System32\wininet.dll [1392128]
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d�ouverture de session Windows.) (.21/11/2010 - 04:24:29.) -- C:\Windows\System32\Winlogon.exe [390656]
[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Biblioth�que de licences.) (.21/11/2010 - 04:24:16.) -- C:\Windows\System32\sppcomapi.dll [232448]
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]
[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]
[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]
[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.28/12/2011 - 02:24:43.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]
[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.21/11/2010 - 04:23:51.) -- C:\Windows\system32\Drivers\netBT.sys [261632]
[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]
[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parall�le.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]
[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/11/2010 - 04:24:33.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.21/11/2010 - 04:24:32.) -- C:\Windows\system32\Drivers\tdx.sys [119296]
[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/11/2010 - 04:23:47.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]
~ Generic Processes: Legitimates Scanned in 00mn 00s



---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/445
~ Mes musiques (My Musics) : 7/580
~ Mes Videos (My Videos) : 1/244
~ Mes Favoris (My Favorites) : 1/20
~ Mes Documents (My Documents) : 1/1667
~ Mon Bureau (My Desktop) : 4/678
~ Menu demarrer (Programs) : 1/37
~ Hidden Files: Legitimates Scanned in 00mn 13s



---\\ Processus lanc�s
[MD5.7853D2AB445C10F97610B2B05FA4CF0A] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [512360] [PID.2192]
[MD5.C0B97E53A0E39A48EEA2DCD500EEA07A] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160] [PID.3360]
[MD5.440699F90786EF6A7722B4417BB0F5C7] - (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312] [PID.3380]
[MD5.48B9248CED8A5DE4EB0917CB676CB8D5] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032] [PID.3404]
[MD5.587EFD6A3A30A35A27904D21AE1FB882] - (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe [356376] [PID.2016]
[MD5.2C5BA148BA7936D9BB6BB1F4945BA469] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Arnaud\AppData\Roaming\Dropbox\bin\Dropbox.exe [28539272] [PID.3836]
[MD5.8E2A7F1F62467A7DCB8AB2C0642F47CA] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392] [PID.1488]
[MD5.4D96F6F7508BDF46771262EEEA505F98] - (.Sony of America Corporation - VaioCare Window Listener Application.) -- C:\Program Files\Sony\VAIO Care\listener.exe [81016] [PID.1092]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [917400] [PID.4340]
[MD5.AA6844A5127ED4B20DF6D313467B929D] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [17304] [PID.3224]
[MD5.680AD8F376970696B45269F074A8A28E] - (.Adobe Systems, Inc. - Adobe Flash Player 11.6 r602.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe [1822424] [PID.5124]
[MD5.F61C36F79384DA4FB1D34CFDC50ABCBD] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [5943296] [PID.3600]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.1796]
[MD5.4FE5C6D40664AE07BE5105874357D2ED] - (.Apple Inc. - MobileDeviceService.) -- C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [57008] [PID.1884]
[MD5.650F111D5CDA64C10AE4B9D1BA9D4FFF] - (.Atheros - Atheros Coex Service Application.) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592] [PID.1928]
[MD5.98C413E1A2FB6E5A4C101C25B3D0B275] - (.Cisco Systems, Inc. - Cisco Systems VPN Client.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe [1529856] [PID.1060]
[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.2072]
[MD5.916B8954AC3E06DC9E898AFFB41F3FB6] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [682344] [PID.2092]
[MD5.63694C307273062A2167AE4CE80730EF] - (.Sony Corporation - Device Information Provider.) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [398176] [PID.2132]
[MD5.79969ACAEEBEDA7DC3673656AB9918FD] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [378472] [PID.2268]
[MD5.DCB1F83AD167D16D263CE57C94E9EEDF] - (.Sony Corporation - VAIO Event Service (Service Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe [64704] [PID.2360]
[MD5.3A8BEB885C3AC9E96BE055FA00DFBC73] - (.Sony Corporation - VAIO Event Service (Service Sub Module).) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe [180928] [PID.2480]
[MD5.A63DC5C2EA944E6657203E0C8EDEAF61] - (.Microsoft Corporation - COM Surrogate.) -- C:\Windows\SysWOW64\DllHost.exe [7168] [PID.2716]
[MD5.B25F192EA1F84A316EB7C19EFCCCF33D] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.1344]
[MD5.98B16E756243BEA9410E32025B19C06F] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [326168] [PID.3168]
[MD5.934BB0D23A25C8C136570800A5A149B6] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [687400] [PID.5620]
[MD5.1FE69F3C1CA1CF4B7EC7E2E9090FFFDC] - (.ArcSoft, Inc. - MgiSvr.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024] [PID.5360]
[MD5.7A78ED1088890114DFDE2C4AB038D6B6] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2656280] [PID.5844]
[MD5.D347D3ABE070AA09C22FC37121555D52] - (.Sony Corporation - VAIOCare.) -- C:\Program Files\Sony\VAIO Care\VCService.exe [44736] [PID.936]
~ Processes Running: Legitimates Scanned in 00mn 01s



---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\Arnaud\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Legitimates Scanned in 00mn 00s



---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\Arnaud\AppData\Roaming\Mozilla\Firefox\Profiles\6qjejgzp.default\prefs.js
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml
M3 - MFPP: Plugins - [Arnaud] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml
M2 - MFEP: prefs.js [Arnaud - 6qjejgzp.default\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}] [WOT] WOT v20130129 (.WOT Services Oy.)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll
P2 - FPN: [HKLM] [@java.com/DTPlugin,version=10.17.2] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(TM) Deploy.) -- C:\Windows\system32\npDeployJava1.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin,version=10.17.2] - (.Oracle Corporation - Next Generation Java Plug-in 10.17.2 for Mozilla browsers.) -- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 5.1.20125.0.) -- c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.2] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.4] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
P2 - FPN: [HKLM] [@videolan.org/vlc,version=2.0.5] - (.VideoLAN - VLC media player Web Plugin 2.0.2.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll
~ Firefox Browser: Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm
R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ IE Browser: Legitimates Scanned in 00mn 00s



---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Legitimates Scanned in 00mn 00s



---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Legitimates Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 2



---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: McAfee Phishing Filter [64Bits] - {27B4851A-3207-45A2-B947-BE8AFE6163AB} Cl� orpheline
O2 - BHO: ContentBlockerBrowserHelperObject [64Bits] - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} . (.Kaspersky Lab ZAO - Content Blocker Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll
O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll
O2 - BHO: VirtualKeyboardBrowserHelperObject [64Bits] - {73455575-E40C-433C-9784-C78DC7761455} . (.Kaspersky Lab ZAO - Virtual Keyboard Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll
O2 - BHO: Java(tm) Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc [64Bits] - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} . (.Atheros Commnucations - Bluetooth IE PlugIn.) -- C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Programme d�aide de l�Assistant de connexion au compte Microsoft [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft� Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Safe Money Plugin [64Bits] - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} . (.Kaspersky Lab ZAO - Safe Money Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll
O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll
O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (...) -- "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (.not file.)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: link filter bho [64Bits] - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - URL Advisor Plugin.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll
~ BHO: Legitimates Scanned in 00mn 00s



---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [cAudioFilterAgent] . (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) -- C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
O4 - HKLM\..\Run: [AtherosBtStack] . (.Atheros Communications - Serveur Stack Bluetooth.) -- C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
O4 - HKLM\..\Run: [AthBtTray] . (.Atheros Commnucations - Bluetooth Tray.) -- C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe (.not file.)
O4 - HKLM\..\Run: [BCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files\Microsoft Office\Office14\BCSSync.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - HKLM\..\Wow6432Node\Run: [IAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Wow6432Node\Run: [ISBMgr.exe] . (.Sony Corporation - Pas de description.) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Wow6432Node\Run: [PMBVolumeWatcher] . (.Sony Corporation - Media Check Tool.) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe
O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Wow6432Node\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe
O4 - HKUS\S-1-5-21-2753847971-1112077462-2077709559-1001\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2753847971-1112077462-2077709559-1001\..\Run: [FileHippo.com] . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
~ Application: Legitimates Scanned in 00mn 00s



---\\ Autres liens utilisateurs (O4)
O4 - GS\TaskBar: CES EduPack 2012.lnk . (...) -- C:\Windows\Installer\{D0DC3280-CE37-4735-AD40-93B53F0045CA}\ces.ico
O4 - GS\TaskBar: Installer for SoftSafe.lnk . (.SoftSafe - Installer for SoftSafe.) -- C:\Users\Arnaud\Downloads\S04E08.VF.unt.rar.exe
O4 - GS\TaskBar: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\TaskBar: Mozilla Firefox.lnk . (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O4 - GS\TaskBar: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - GS\TaskBar: PMB.lnk . (.Sony Corporation - Browser.) -- C:\Program Files (x86)\Sony\PMB\PMBBrowser.exe
O4 - GS\TaskBar: Snipping Tool.lnk . (.Microsoft Corporation - Outil Capture.) -- C:\Windows\system32\SnippingTool.exe
O4 - GS\TaskBar: Windows Explorer.lnk . (.Microsoft Corporation - Explorateur Windows.) -- C:\Windows\explorer.exe
O4 - GS\TaskBar: Windows Media Player.lnk . (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
O4 - GS\Programs: Internet Explorer (64-bit).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Programs: Microsoft SkyDrive.lnk . (.Microsoft Corporation - Microsoft SkyDrive.) -- C:\Users\Arnaud\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
O4 - GS\Programs: Update Checker.lnk . (.FileHippo.com - FileHippo.com Update Checker.) -- C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
O4 - GS\QuickLaunch: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: Launch Internet Explorer Browser.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\QuickLaunch: Mozilla Thunderbird.lnk . (.Mozilla Corporation - Thunderbird.) -- C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
O4 - GS\Accessories: Private Character Editor.lnk . (.Microsoft Corporation - �diteur de caract�res priv�s.) -- C:\Windows\system32\eudcedit.exe
O4 - GS\SendTo: Fax Recipient.lnk . (.Microsoft Corporation - Microsoft Windows Fax and Scan.) -- C:\Windows\system32\WFS.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - PrivatBank - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe
O4 - GS\Desktop: CopyTrans Control Center.lnk . (.WindSolutions - Pas de description.) -- C:\Users\Arnaud\AppData\Roaming\WindSolutions\CopyTransControlCenter\Applications\CopyTransControlCenter.exe
O4 - GS\Desktop: MATLAB R2011a.lnk . (...) -- C:\Program Files (x86)\MATLAB\R2011a\bin\matlab.exe (.not file.)
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe
O4 - GS\Desktop: Protection des transactions bancaires.lnk . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus Launcher.) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\starter_avp.exe
O4 - GS\Desktop: VPN Client.lnk . (...) -- C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A85.exe
~ Global Startup: Legitimates Scanned in 00mn 01s



---\\ Invisibilit� de l'ic�ne d'options IE dans le panneau de Configuration (O5)
~ IE Control Panel: 1 Legitimates Scanned in 00mn 00s



---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: Clavier virtuel [64Bits] - {0C4CC089-D306-440D-9772-464E226F6539} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\kbrd.ico
O9 - Extra button: &Envoyer � OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)
O9 - Extra button: Notes &li�es OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)
O9 - Extra button: Analyse des liens [64Bits] - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\logo.ico
~ IE Extra Buttons: Legitimates Scanned in 00mn 00s



---\\ Winsock hijacker (Layered Service Provider) (O10)
~ Winsock: 10 Legitimates Scanned in 00mn 00s



---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpDomain = lan
O17 - HKLM\System\CS1\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS1\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpDomain = lan
O17 - HKLM\System\CS2\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CS2\Services\Tcpip\..\{B340648E-9DAE-45F7-8942-72FC673EAC3B}: DhcpDomain = lan
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
~ Domain: Legitimates Scanned in 00mn 00s



---\\ Protocole additionnel (O18)
O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) --
O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll
~ Protocole Additionnel: Legitimates Scanned in 00mn 00s



---\\ Cl� de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
~ SSODL: 1 Legitimates Scanned in 00mn 00s



---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: Atheros Bt&Wlan Coex Agent (Atheros Bt&Wlan Coex Agent) . (.Atheros - Atheros Coex Service Application.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: Kaspersky Anti-Virus Service (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) . (.Sony Corporation - Device Information Provider.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: VAIO Care Performance Service (SampleCollector) . (.Sony Corporation - VAIO Care Performance Service.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
O23 - Service: CamMonitor (uCamMonitor) . (.ArcSoft, Inc. - MgiSvr.) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: VAIO Event Service (VAIO Event Service) . (.Sony Corporation - VAIO Event Service (Service Module).) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VSNService (VSNService) . (.Sony Corporation - VAIO Smart Network Service.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)
~ Services: 22 Legitimates Scanned in 00mn 11s



---\\ Enum�ration Active Desktop & MHTML Editor (O24)
~ Desktop Component: 1 Legitimates Scanned in 00mn 00s



---\\ BootExecute (O34)
~ BEX: 1 Legitimates Scanned in 00mn 00s



---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job [1002]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job [1064]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [1068]
[MD5.EA856F4A46320389D1899B2CAA7BF40F] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [253656]
[MD5.00000000000000000000000000000000] [APT] [AutoKMS] (...) -- C:\Windows\AutoKMS.exe (.not file.) [0]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] [APT] [{7D4E6839-7184-445E-A39D-6D55E12323F0}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [917400]
[MD5.BF2F2717C13A4BD4FD73F2788534E86B] [APT] [{DA99857B-83E9-42AF-ABFF-181AF7AEBA22}] (.Mozilla Corporation.) -- c:\program files (x86)\mozilla firefox\firefox.exe [917400]
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [561984]
[MD5.8FC4F572DCDC761EF1968DE2BFE042D8] [APT] [VAIO Gate] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [1866080]
[MD5.8F0D164F3159CD9032C6E31FCA56F676] [APT] [VAIOImprovementUploader] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2697960]
[MD5.65C23DFD51D64A5A768536047DCEDB3E] [APT] [VAIO Improvement Validation] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [208224]
[MD5.F1599A0D508D38AF2F1BB331776DA3E2] [APT] [VAIO Update] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [1157280]
[MD5.0164F32D289642BD9AF64C5BB7CCCCBF] [APT] [VAIO Update Self Repair] (.Sony Corporation.) -- C:\Program Files\Sony\VAIO Update\VUSR.exe [617120]
~ Scheduled Task: Legitimates Scanned in 00mn 04s



---\\ Composants install�s (ActiveSetup Installed Components) (O40)
~ Active Setup: 10 Legitimates Scanned in 00mn 00s



---\\ Pilotes lanc�s au d�marrage (O41)
O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x64].) - C:\Windows\System32\DRIVERS\klif.sys
O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys
O41 - Driver: (kltdi) . (.Kaspersky Lab - Network filtering component.) - C:\Windows\System32\DRIVERS\kltdi.sys
O41 - Driver: (kneps) . (.Kaspersky Lab - KNEPS Power.) - C:\Windows\System32\DRIVERS\kneps.sys
O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys
~ Drivers: 75 Legitimates Scanned in 00mn 00s



---\\ Logiciels install�s (O42)
O42 - Logiciel: 4Videosoft PDF Converter Ultimate - (...) [HKLM][64Bits] -- 4Videosoft PDF Converter Ultimate_is1
O42 - Logiciel: 4Videosoft Transfert iPhone Platinum 6.0.12 - (...) [HKLM][64Bits] -- {E16D939E-1E8B-44ca-A57A-9A8768BFAA0E}_is1
O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM][64Bits] -- {1E03DB52-D5CB-4338-A338-E526DD4D4DB1}
O42 - Logiciel: Bluetooth Win7 Suite (64) - (.Atheros Communications.) [HKLM][64Bits] -- {230D1595-57DA-4933-8C4E-375797EBB7E1}
O42 - Logiciel: BrowseToSave - (...) [HKLM][64Bits] -- {784F4396-4256-4971-AB9A-0A74A3AC6160}
O42 - Logiciel: Bundled software uninstaller - (...) [HKLM][64Bits] -- bi_uninstaller
O42 - Logiciel: CES EduPack 2012 - (.Granta Design Ltd.) [HKLM][64Bits] -- {D0DC3280-CE37-4735-AD40-93B53F0045CA}
O42 - Logiciel: CopyTrans Suite d�sinstallation uniquement - (.WindSolutions.) [HKCU][64Bits] -- CopyTrans Suite
O42 - Logiciel: Fotogalleri - (.Microsoft Corporation.) [HKLM][64Bits] -- {E354D495-5DA4-4CCF-AB39-080F6A4141BE}
O42 - Logiciel: Fotogalleriet - (.Microsoft Corporation.) [HKLM][64Bits] -- {9F470E17-4FC3-4091-A508-D5347A16A2B9}
O42 - Logiciel: Fotogal�ria - (.Microsoft Corporation.) [HKLM][64Bits] -- {9093B0D5-EA59-4C9E-A2E3-CC130138DFCD}
O42 - Logiciel: Fotograf Galerisi - (.Microsoft Corporation.) [HKLM][64Bits] -- {DB7B6508-2AAB-4F26-99D4-74559A2F5E42}
O42 - Logiciel: Fot�t�r - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50E3DBC-46AA-4827-B2A6-F995D81DF526}
O42 - Logiciel: Free PDF to Word Converter 2.0 - (.Free-PDF-to-Word.com.) [HKLM][64Bits] -- Free PDF to Word Converter_is1
O42 - Logiciel: Galerie foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {C2F1EBBF-9AC4-4E0B-A7F4-74C9C7AD4813}
O42 - Logiciel: GanttProject - (...) [HKLM][64Bits] -- GanttProject
O42 - Logiciel: High-Definition Video Playback - (.Nero AG.) [HKLM][64Bits] -- {9193490D-5229-4FC4-9BB9-A6D63C09574A}
O42 - Logiciel: Logon Screen - (.Daniel Rebelo.) [HKLM][64Bits] -- {1730D13B-7517-4321-A88B-64627CF67CDC}_is1
O42 - Logiciel: LyX 2.0.5 - (.LyX Team.) [HKLM][64Bits] -- LyX205
O42 - Logiciel: MATLAB R2011a - (.The MathWorks, Inc..) [HKLM][64Bits] -- MatlabR2011a
O42 - Logiciel: Manuel VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {C6E893E7-E5EA-4CD5-917C-5443E753FCBD}
O42 - Logiciel: Media Gallery - (.Your Company Name.) [HKLM][64Bits] -- {115B60D5-BBDB-490E-AF2E-064D37A3CE01}
O42 - Logiciel: MiKTeX 2.9 - (.MiKTeX.org.) [HKLM][64Bits] -- MiKTeX 2.9
O42 - Logiciel: Optimizer Pro v3.0 - (.PC Utilities Pro.) [HKLM][64Bits] -- Optimizer Pro_is1
O42 - Logiciel: Outil de restauration de donn�es VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}
O42 - Logiciel: PLan-Project version 2.0 - (...) [HKLM][64Bits] -- PLan-Project gestion de projets_is1
O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM][64Bits] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}
O42 - Logiciel: PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- {66081CDD-C1FE-415F-BB3A-F2622BA27461}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {133D3F07-D558-46CE-80E8-F4D75DBBAD63}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {270380EB-8812-42E1-8289-53700DB840D2}
O42 - Logiciel: PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- {8356CB97-A48F-44CB-837A-A12838DC4669}
O42 - Logiciel: PSpice Student 9.1 - (...) [HKLM][64Bits] -- PSpice Student
O42 - Logiciel: PlanBee 2.0e (Evaluation Copy) - (.Guy Software.) [HKLM][64Bits] -- PlanBee Critical Path Project Management_is1
O42 - Logiciel: Planner v1.3 - (.Dolphinity BV.) [HKLM][64Bits] -- Planner_is1
O42 - Logiciel: Prise en charge du transfert VAIO - (.Sony Corporation.) [HKLM][64Bits] -- {5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}
O42 - Logiciel: Raccolta foto - (.Microsoft Corporation.) [HKLM][64Bits] -- {D04EBB49-C985-4A38-8695-62000861293A}
O42 - Logiciel: SSLx64 - (.Sony Corporation .) [HKLM][64Bits] -- {312395BC-7CC2-434C-A660-30250276A926}
O42 - Logiciel: SSLx86 - (.Sony Corporation .) [HKLM][64Bits] -- {63C43435-F428-42BA-8E7B-5848749D9262}
O42 - Logiciel: VAIO - Clavier � distance - (.Sony Corporation.) [HKLM][64Bits] -- {7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}
O42 - Logiciel: VAIO - Lecture � distance avec PlayStation�3 - (.Sony Corporation.) [HKLM][64Bits] -- {07441A52-E208-478A-92B7-5C337CA8C131}
O42 - Logiciel: VAIO - Media Gallery - (.Sony Corporation.) [HKLM][64Bits] -- {FA870BF1-44A1-4B7D-93E1-C101369AF0C1}
O42 - Logiciel: VAIO - PMB VAIO Edition Guide - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}
O42 - Logiciel: VAIO - PMB VAIO Edition Plug-in - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}
O42 - Logiciel: VAIO Care - (.Sony Corporation.) [HKLM][64Bits] -- {36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}
O42 - Logiciel: VAIO Control Center - (.Sony Corporation.) [HKLM][64Bits] -- {72042FA6-5609-489F-A8EA-3C2DD650F667}
O42 - Logiciel: VAIO Easy Connect - (.Sony Corporation.) [HKLM][64Bits] -- InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}
O42 - Logiciel: VAIO Easy Connect - (.Sony Corporation.) [HKLM][64Bits] -- {7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}
O42 - Logiciel: VAIO Event Service - (.Sony Corporation.) [HKLM][64Bits] -- {73D8886A-D416-4687-B609-0D3836BA410C}
O42 - Logiciel: VAIO Gate - (.Sony Corporation.) [HKLM][64Bits] -- {A7C30414-2382-4086-B0D6-01A88ABA21C3}
O42 - Logiciel: VAIO Gate Default - (.Sony Corporation.) [HKLM][64Bits] -- {B7546697-2A80-4256-A24B-1C33163F535B}
O42 - Logiciel: VAIO Hero Screensaver - Summer 2011 Screensaver - (...) [HKLM][64Bits] -- VAIO Hero Screensaver - Summer 2011 Screensaver
O42 - Logiciel: VAIO Improvement - (.Sony Corporation.) [HKLM][64Bits] -- {3A26D9BD-0F73-432D-B522-2BA18138F7EF}
O42 - Logiciel: VAIO Improvement Validation - (.Sony Corporation.) [HKLM][64Bits] -- {75C95C84-264F-4CC7-8A7E-346444E6C7C1}
O42 - Logiciel: VAIO Quick Web Access - (.Sony Corporation.) [HKLM][64Bits] -- splashtop
O42 - Logiciel: VAIO Quick Web Access - (.Sony Corporation.) [HKLM][64Bits] -- {5A92468F-3ED8-4F96-A9E1-4F176C80EC29}
O42 - Logiciel: VAIO Sample Contents - (.Sony Corporation.) [HKLM][64Bits] -- {547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}
O42 - Logiciel: VAIO Smart Network - (.Sony Corporation.) [HKLM][64Bits] -- {0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}
O42 - Logiciel: VAIO Update - (.Sony Corporation.) [HKLM][64Bits] -- {9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}
O42 - Logiciel: VCCx86 - (.Sony Corporation.) [HKLM][64Bits] -- {9B088046-8A01-4355-99DD-8530C022F682}
O42 - Logiciel: VESx64 - (.Sony Corporation.) [HKLM][64Bits] -- {F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}
O42 - Logiciel: VESx86 - (.Sony Corporation.) [HKLM][64Bits] -- {3A94F54D-A8A4-4B82-B346-92B4D56A2708}
O42 - Logiciel: VIx64 - (.Sony Corporation.) [HKLM][64Bits] -- {D55EAC07-7207-44BD-B524-0F063F327743}
O42 - Logiciel: VIx86 - (.Sony Corporation.) [HKLM][64Bits] -- {D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}
O42 - Logiciel: VSNx64 - (.Sony Corporation.) [HKLM][64Bits] -- {F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}
O42 - Logiciel: VU5x64 - (.Sony Corporation .) [HKLM][64Bits] -- {6B7DE186-374B-4873-AEC1-7464DA337DD6}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {9D12A8B5-9D41-4465-BF11-70719EB0CD02}
O42 - Logiciel: VU5x86 - (.Sony Corporation .) [HKLM][64Bits] -- {D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}
O42 - Logiciel: VWSTx86 - (.Sony Corporation.) [HKLM][64Bits] -- {B8991D99-88FD-41F2-8C32-DB70278D5C30}
O42 - Logiciel: Valokuvavalikoima - (.Microsoft Corporation.) [HKLM][64Bits] -- {C32F4F5A-C9FB-427C-9F6F-9DB157611FFF}
O42 - Logiciel: Welcome App (Start-up experience) - (.Nero AG.) [HKLM][64Bits] -- {51865D9D-8F63-46F2-87AB-9E72F93B618C}
O42 - Logiciel: iExplorer 3.0.1.1 - (.Macroplant LLC.) [HKLM][64Bits] -- {7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1
O42 - Logiciel: S?????? f?t???af??? - (.Microsoft Corporation.) [HKLM][64Bits] -- {A19A8C25-272A-4CD6-8BA8-3772321A021B}
O42 - Logiciel: ?????????? - (.Microsoft Corporation.) [HKLM][64Bits] -- {087D261B-73AE-4B8A-8F18-2EE80DD2ED8B}
O42 - Logiciel: ??????????? - (.Microsoft Corporation.) [HKLM][64Bits] -- {32AA7594-09A9-437F-9541-5F760509B752}
O42 - Logiciel: ?????????? (????????????? ??????) - (.Microsoft Corporation.) [HKLM][64Bits] -- {2B068A64-F867-44E9-8827-A795647C8730}
O42 - Logiciel: ???????????? - (.Microsoft Corporation.) [HKLM][64Bits] -- {115356B4-8E81-43DB-BB2A-19E5ED95FBAF}
~ Logic: 222 Legitimates Scanned in 00mn 00s



---\\ HKCU & HKLM Software Keys
[HKCU\Software\4Videosoft Studio]
[HKCU\Software\4Videosoft]
[HKCU\Software\BI]
[HKCU\Software\DeterministicNetworks]
[HKCU\Software\Granta Design]
[HKCU\Software\Guy]
[HKCU\Software\KeepVid]
[HKCU\Software\LyX]
[HKCU\Software\MathWorks]
[HKCU\Software\MiKTeX.org]
[HKCU\Software\OrCAD]
[HKCU\Software\PSpice]
[HKCU\Software\Wget]
[HKCU\Software\dolphinity]
[HKCU\Software\dskMetrics]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\DeterministicNetworks]
[HKLM\Software\DeviceVM]
[HKLM\Software\MathWorks]
[HKLM\Software\Wow6432Node\DeterministicNetworks]
[HKLM\Software\Wow6432Node\DeviceVM]
[HKLM\Software\Wow6432Node\Granta Design]
[HKLM\Software\Wow6432Node\Guy]
[HKLM\Software\Wow6432Node\ImageMagick]
[HKLM\Software\Wow6432Node\MiKTeX.org]
[HKLM\Software\Wow6432Node\OrCAD]
[HKLM\Software\Wow6432Node\instinno]
[HKLM\Software\swearware]
~ Key Software: 224 Legitimates Scanned in 00mn 00s



---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 21/01/2013 - 14:35:39 - [106,591] ----D C:\Program Files (x86)\4Videosoft Studio
O43 - CFD: 13/02/2013 - 15:40:13 - [524,081] ----D C:\Program Files (x86)\CES EduPack 2012
O43 - CFD: 22/07/2012 - 14:06:53 - [0,116] ----D C:\Program Files (x86)\Free FLV Converter
O43 - CFD: 21/02/2013 - 16:03:48 - [1,469] ----D C:\Program Files (x86)\Free PDF to Word Converter
O43 - CFD: 12/12/2012 - 16:29:24 - [12,607] ----D C:\Program Files (x86)\GanttProject-2.5
O43 - CFD: 01/08/2012 - 19:45:02 - [12,210] ----D C:\Program Files (x86)\iExplorer
O43 - CFD: 25/01/2013 - 18:48:30 - [290,305] ----D C:\Program Files (x86)\LyX 2.0
O43 - CFD: 25/01/2013 - 18:44:46 - [376,195] ----D C:\Program Files (x86)\MiKTeX 2.9
O43 - CFD: 06/02/2012 - 06:19:26 - [0,099] ----D C:\Program Files (x86)\Nascom
O43 - CFD: 14/11/2012 - 22:44:06 - [2,765] ----D C:\Program Files (x86)\PLan-Project
O43 - CFD: 14/11/2012 - 22:41:13 - [3,531] ----D C:\Program Files (x86)\PlanBee
O43 - CFD: 16/12/2012 - 19:11:06 - [7,570] ----D C:\Program Files (x86)\Planner
O43 - CFD: 21/01/2013 - 14:35:39 - [0] ----D C:\ProgramData\4Videosoft Studio
O43 - CFD: 05/10/2012 - 20:13:41 - [0] ----D C:\ProgramData\BDLogging
O43 - CFD: 25/01/2013 - 18:45:25 - [16,258] ----D C:\ProgramData\MiKTeX
O43 - CFD: 03/07/2012 - 19:01:09 - [0] ----D C:\ProgramData\Mod�les
O43 - CFD: 22/12/2012 - 02:46:14 - [0,107] ----D C:\ProgramData\WindSolutions
O43 - CFD: 21/03/2013 - 15:01:35 - [0,000] ----D C:\Users\Arnaud\AppData\Roaming\Download Manager
O43 - CFD: 22/07/2012 - 14:00:49 - [0,050] ----D C:\Users\Arnaud\AppData\Roaming\FreeFLVConverter
O43 - CFD: 03/07/2012 - 19:07:45 - [0] ----D C:\Users\Arnaud\AppData\Roaming\Intel Corporation
O43 - CFD: 25/01/2013 - 19:05:34 - [0,076] ----D C:\Users\Arnaud\AppData\Roaming\LyX2.0
O43 - CFD: 11/07/2012 - 17:10:28 - [1,507] ----D C:\Users\Arnaud\AppData\Roaming\MathWorks
O43 - CFD: 25/01/2013 - 19:01:40 - [77,761] ----D C:\Users\Arnaud\AppData\Roaming\MiKTeX
O43 - CFD: 05/10/2012 - 20:08:57 - [0] ----D C:\Users\Arnaud\AppData\Roaming\QuickScan
O43 - CFD: 22/12/2012 - 02:49:19 - [44,355] ----D C:\Users\Arnaud\AppData\Roaming\WindSolutions
O43 - CFD: 04/09/2012 - 20:21:57 - [0] ----D C:\Users\Arnaud\AppData\Local\4Videosoft Studio
O43 - CFD: 03/07/2012 - 19:07:45 - [0] ----D C:\Users\Arnaud\AppData\Local\BMExplorer
O43 - CFD: 21/03/2013 - 15:28:27 - [0,220] ----D C:\Users\Arnaud\AppData\Local\Bundled software uninstaller
O43 - CFD: 01/08/2012 - 19:48:23 - [0,001] ----D C:\Users\Arnaud\AppData\Local\Macroplant_LLC
O43 - CFD: 25/01/2013 - 18:48:30 - [25,870] ----D C:\Users\Arnaud\AppData\Local\MiKTeX
O43 - CFD: 01/08/2012 - 19:13:24 - [0,003] ----D C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
O43 - CFD: 27/01/2013 - 19:36:48 - [0,002] ----D C:\Users\Arnaud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV
~ Program Folder: 194 Legitimates Scanned in 05mn 09s



---\\ Derniers fichiers modifi�s ou cr�es sous Windows et System32 (O44)
O44 - LFC:[MD5.2D136C64820312377BB97FD4B9D46ABC] - 23/03/2013 - 16:26:06 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28576]
O44 - LFC:[MD5.2D136C64820312377BB97FD4B9D46ABC] - 23/03/2013 - 16:26:06 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28576]
O44 - LFC:[MD5.2D136C64820312377BB97FD4B9D46ABC] - 23/03/2013 - 16:26:06 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [28576]
O44 - LFC:[MD5.2D136C64820312377BB97FD4B9D46ABC] - 23/03/2013 - 16:26:06 RSHAD . (...) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [28576]
O44 - LFC:[MD5.B86342E96A8810457818A784EDFD8FAF] - 23/03/2013 - 16:12:34 ---A- . (...) -- C:\AdwCleaner[S1].txt [16384]
O44 - LFC:[MD5.F448ADBEC1DD571CB9FD94887E7690E9] - 10/03/2013 - 13:26:53 ---A- . (.Oracle Corporation - Pas de description.) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll [108448]
O44 - LFC:[MD5.F448ADBEC1DD571CB9FD94887E7690E9] - 10/03/2013 - 13:26:53 RSHAD . (.Oracle Corporation - Pas de description.) -- C:\Windows\System32\WindowsAccessBridge-64.dll [108448]
O44 - LFC:[MD5.0F45D7D53C50DF2072415D1C2E62F299] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [963488]
O44 - LFC:[MD5.3808FF3BC46F148ADE33FFECDC3348E8] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\java.exe [188320]
O44 - LFC:[MD5.27C6C5EA645BF58DFD026CFC3DAF409E] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [188832]
O44 - LFC:[MD5.0F45D7D53C50DF2072415D1C2E62F299] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [963488]
O44 - LFC:[MD5.3808FF3BC46F148ADE33FFECDC3348E8] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\java.exe [188320]
O44 - LFC:[MD5.27C6C5EA645BF58DFD026CFC3DAF409E] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Windows\System32\javaw.exe [188832]
O44 - LFC:[MD5.8502185F8EDBEC8CB6846DE44491BC1B] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [310688]
O44 - LFC:[MD5.8502185F8EDBEC8CB6846DE44491BC1B] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - Java(TM) Web Start Launcher.) -- C:\Windows\System32\javaws.exe [310688]
O44 - LFC:[MD5.28FEC9F9C57751388BBF14098474D94A] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\SysNative\npDeployJava1.dll [1085344]
O44 - LFC:[MD5.28FEC9F9C57751388BBF14098474D94A] - 10/03/2013 - 13:26:52 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npDeployJava1.dll [1085344]
~ Files: 120 Legitimates Scanned in 00mn 11s



---\\ Op�rations et fonctions au d�marrage de Windows Explorer (O46)
O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
~ ShellExecuteHooks: Legitimates Scanned in 00mn 00s



---\\ D�ni du service (Local Security Authority) (O48)
~ LSA: 9 Legitimates Scanned in 00mn 00s



---\\ Contr�le du Safe Boot (CSB) (O49)
~ CBS: 13 Legitimates Scanned in 00mn 00s



---\\ Trojan Driver Search Data (HKLM) (O52)
~ TDSD: 2 Legitimates Scanned in 00mn 01s



---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (.not file.)
~ SMSR Keys: Legitimates Scanned in 00mn 00s



---\\ Microsoft Control Security Providers (O54)
~ MSCP: 2 Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Microsoft Windows Policies Explorer (O56)
O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDrives"=0
O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDrives"=0
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]
~ Drivers: Legitimates Scanned in 00mn 00s



---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Legitimates Scanned in 00mn 00s



---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 04/03/2011 - C:\Windows\system32\Drivers\CVPNDRVA.sys - Cisco Systems Inc. IPSec Driver (CVPNDRVA) .(...) - LEGACY_CVPNDRVA
O64 - Services: CurCS - 19/06/2012 - C:\Windows\System32\DRIVERS\kl1.sys (kl1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1
O64 - Services: CurCS - 21/01/2013 - C:\Windows\System32\DRIVERS\klif.sys (KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x64].) - LEGACY_KLIF
O64 - Services: CurCS - 02/08/2012 - C:\Windows\System32\DRIVERS\klim6.sys (KLIM6) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6
O64 - Services: CurCS - 21/01/2013 - C:\Windows\System32\DRIVERS\kltdi.sys (kltdi) .(.Kaspersky Lab - Network filtering component.) - LEGACY_KLTDI
O64 - Services: CurCS - 13/08/2012 - C:\Windows\System32\DRIVERS\kneps.sys (kneps) .(.Kaspersky Lab - KNEPS Power.) - LEGACY_KNEPS
O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 01/12/2011 - C:\Windows\System32\DRIVERS\NBVol.sys (NBVol) .(.Nero AG - Nero Backup Volume Filter Driver for the Di.) - LEGACY_NBVOL
O64 - Services: CurCS - 01/12/2011 - C:\Windows\System32\DRIVERS\NBVolUp.sys (NBVolUp) .(.Nero AG - Nero Backup Volume Upper Filter Driver for.) - LEGACY_NBVOLUP
O64 - Services: CurCS - 10/06/2009 - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
~ Services: Legitimates Scanned in 00mn 07s



---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.exe> [HKCU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.exe> [HKU\..\open\Command] (.Not Key.)
O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d��v�nements.) -- C:\Windows\System32\eventvwr.exe
O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft � Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - �diteur du Registre.) -- C:\Windows\regedit.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Search Browser Infection (O69)
O69 - SBI: prefs.js [Arnaud - 6qjejgzp.default] user_pref("weboftrust.search.ask.display", "Ask.com Web Search");
O69 - SBI: SearchScopes [HKCU] {40DFF13F-6AB7-4021-95FB-0A4FCB45FDE9} - (eBay) - http://rover.ebay.com
O69 - SBI: SearchScopes [HKCU] {F857AEC2-7842-4465-BAB9-1A5D9BF95E0B} - (Zinio) - http://services.zinio.com
~ Keys: Legitimates Scanned in 00mn 00s



---\\ Recherche des services d�marr�s par Svchost (O83)
~ Services: 32 Legitimates Scanned in 00mn 00s



---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.5CBEED31225B0D10F320DC6296704849] [SPRF][05/07/2012] (...) -- C:\ProgramData\ezsidmv.dat [56]
[MD5.9C0C41E05CAE696F59D9A39182646FC5] [SPRF][19/03/2013] (...) -- C:\ProgramData\ntuser.dat [262144]
[MD5.B28C334C03CEE7C5E829C43AE75DAE5A] [SPRF][28/01/2013] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\Arnaud\AppData\Local\Temp\AskSLib.dll [248008]
[MD5.11D751D299B9ABDC77BFF4156C75C4CF] [SPRF][21/03/2013] (...) -- C:\Users\Arnaud\AppData\Local\Temp\bitool.dll [38480]
[MD5.5AC98C84160A9400DB448D153C959BB6] [SPRF][21/03/2013] (...) -- C:\Users\Arnaud\AppData\Local\Temp\DeltaTB.exe [773104]
[MD5.1BE52FA937585CCFEB9D0B6568B1C9D0] [SPRF][09/02/2013] (.DeskMetrics - DeskMetrics x86 DLL.) -- C:\Users\Arnaud\AppData\Local\Temp\DeskMetrics.dll [75264]
[MD5.FDDD6BD553F5C3D34339BE80711E0789] [SPRF][25/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Arnaud\AppData\Local\Temp\firefoxjre_exe.exe [31473568]
[MD5.0DCB060AEA810DFC8A2DBFC84714F0BE] [SPRF][21/02/2013] (.Nosibay - Bubble Dock installer.) -- C:\Users\Arnaud\AppData\Local\Temp\Install_BubbleDock.exe [365152]
[MD5.F655170EB3DC3CBB3F564077C670A7E1] [SPRF][31/01/2013] (.Oracle Corporation - Java(TM) Platform SE binary.) -- C:\Users\Arnaud\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe [897448]
[MD5.AAE68EEC8D99EF9D1092AD1B045AAB3E] [SPRF][16/12/2012] (.Dolphinity BV - Planner Setup.) -- C:\Users\Arnaud\AppData\Local\Temp\TomsDownloader1B2355.exe [6876208]
[MD5.36179B382A989075FF5FA282434F6892] [SPRF][21/03/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\Arnaud\AppData\Local\Temp\uninst1.exe [394736]
[MD5.D80E8C0D95F8A537D79E63A44F8C42B7] [SPRF][04/03/2011] (...) -- C:\Users\Arnaud\AppData\Local\Temp\vpnclient_setup.exe [56832]
[MD5.9FD95D3294E949C527DC4A98009C74AF] [SPRF][21/02/2013] (.Kaspersky Lab - Assistant d'installation de Kaspersky Internet Security 2013 (13.0.1.4190.0.26.0).) -- C:\Users\Arnaud\Desktop\kis13.0.1.4190fr-fr.exe [166432704]
~ Files: Legitimates Scanned in 00mn 06s



---\\ Firewall Active Exception List (FirewallRules) (O87)
~ Firewall: 206 Legitimates Scanned in 00mn 01s



---\\ Scan Additionnel (O88)
Database Version : v2.11299 - (23/03/2013)
Cl�s trouv�es (Keys found) : 18
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 1
Fichiers trouv�s (Files found) : 4

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASAPI32] =>PUP.OfferBox
[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxUpdateService_RASMANCS] =>PUP.OfferBox
[HKLM\Software\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
[HKLM\Software\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Features\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Classes\Installer\Products\25BD30E1BC5D83343A835E62DDD4D41B] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5] =>Toolbar.Agent
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller] =>Adware.MegaSearch
[HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db] =>Adware.Browse2Save
C:\Users\Arnaud\AppData\Local\Bundled software uninstaller =>Adware.MegaSearch
C:\Users\Arnaud\AppData\Local\Temp\uninst1.exe =>Toolbar.Babylon
C:\Users\Arnaud\AppData\Local\Temp\nsm342.tmp => Adware.MegaSearch
~ Additionnel: Legitimates Scanned in 00mn 32s



---\\ Product Upgrade Codes (O90)
O90 - PUC: "02DED8BE788AC9A4BBA53F7E25D3BF44" . (.Nero WaveEditor 11 Help (CHM).) -- C:\Windows\Installer\{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "07266D4D7419FDB49964CF2A3B30AAF8" . (.Nero ControlCenter 11 Help (CHM).) -- C:\Windows\Installer\{D4D66270-9147-4BDF-9946-FCA2B303AA8F}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "0823CD0D73EC5374DA04395BF30054AC" . (.CES EduPack 2012.) -- C:\Windows\Installer\{D0DC3280-CE37-4735-AD40-93B53F0045CA}\product.ico
O90 - PUC: "0B4CB15EE5AECC94FAB3395B6C72CE22" . (.Nero 11 Effects Basic.) -- C:\Windows\Installer\{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}\ARPPRODUCTICON.exe
O90 - PUC: "1276481B6E8A7C64386BD0FCA7BD2476" . (.Nero Burning ROM 11.) -- C:\Windows\Installer\{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}\ARPPRODUCTICON.exe
O90 - PUC: "14BA0230629081248A6A86CA486EBB39" . (.Nero Recode 11.) -- C:\Windows\Installer\{0320AB41-0926-4218-A8A6-68AC84E6BB93}\ARPPRODUCTICON.exe
O90 - PUC: "1F844FAF0644C0442908706FA6366D5F" . (.Nero Kwik Media.) -- C:\Windows\Installer\{FAF448F1-4460-440C-9280-07F66A63D6F5}\NeroKwikMedia._63C8A7B0BBE5459F9AC436392B2FF50D.exe
O90 - PUC: "25BD30E1BC5D83343A835E62DDD4D41B" . (.Bing Bar.) -- C:\Windows\Installer\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}\icon_installer_ico
O90 - PUC: "344FE94FDB2B01F4A86478FADC9BE0DD" . (.Nero 11 Disc Menus Basic.) -- C:\Windows\Installer\{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}\ARPPRODUCTICON.exe
O90 - PUC: "46CBB2BA8CA866E4BB3F2ED2E5CAEEAC" . (.Nero BackItUp 11.) -- C:\Windows\Installer\{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}\ARPPRODUCTICON.exe
O90 - PUC: "48C59C57F4627CC4A8E74346446E7C1C" . (.VAIO Improvement Validation.) -- C:\Windows\Installer\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}\_853F67D554F05449430E7E.exe
O90 - PUC: "4AFEBC2D3D2F79E41A17B8DFA6135ACE" . (.Nero Express 11 Help (CHM).) -- C:\Windows\Installer\{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "58FE3D111E364EA47A1C2914DB1BB615" . (.Nero ControlCenter 11.) -- C:\Windows\Installer\{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}\ARPPRODUCTICON.exe
O90 - PUC: "5D06B511BDBBE094FAE260D4733AEC10" . (.Media Gallery.) -- C:\Windows\Installer\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}\ARPPRODUCTICON.exe
O90 - PUC: "5ECB44FF81A51504580FCB71D2B76459" . (.Nero CoverDesigner 11.) -- C:\Windows\Installer\{FF44BCE5-5A18-4051-85F0-BC172D7B4695}\ARPPRODUCTICON.exe
O90 - PUC: "7040BB568CC47CD459E2E3FEFD5006A2" . (.Nero Update.) -- C:\Windows\Installer\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}\ARPPRODUCTICON.exe
O90 - PUC: "753D006D9BC59ED4F84D412E80DB9107" . (.Nero Backup Drivers.) -- C:\Windows\Installer\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}\ARPPRODUCTICON.exe
O90 - PUC: "80E9A9E16630EE54B9661558F2D88921" . (.Open Workbench.) -- C:\Windows\Installer\{1E9A9E08-0366-45EE-9B66-51852F8D9812}\ARPPRODUCTICON.exe
O90 - PUC: "9824A7D0FC99D8B48B2168EB055A5425" . (.Nero Video 11.) -- C:\Windows\Installer\{0D7A4289-99CF-4B8D-B812-86BE50A54552}\ARPPRODUCTICON.exe
O90 - PUC: "985E2342652631540BFBFE8A3E525D0F" . (.Nero SharedVideoCodecs.) -- C:\Windows\Installer\{2432E589-6256-4513-B0BF-EFA8E325D5F0}\ARPPRODUCTICON.exe
O90 - PUC: "9F1D317077DD1C24C8D7454D972E7E34" . (.Nero SoundTrax 11.) -- C:\Windows\Installer\{0713D1F9-DD77-42C1-8C7D-54D479E2E743}\ARPPRODUCTICON.exe
O90 - PUC: "9FACD4307E696394A97017F2085B81E1" . (.Nero RescueAgent 11.) -- C:\Windows\Installer\{034DCAF9-96E7-4936-9A07-712F80B5181E}\ARPPRODUCTICON.exe
O90 - PUC: "A03D08C720CAF3E49BD5920F4EFF39B7" . (.VAIO Easy Connect.) -- C:\Windows\Installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}\Icon_vww_icon.exe
O90 - PUC: "A4EAA01E8B89A024DB390E25C0326D42" . (.Nero Express 11.) -- C:\Windows\Installer\{E10AAE4A-98B8-420A-BD93-E0520C23D624}\ARPPRODUCTICON.exe
O90 - PUC: "A6477F35AA695A94688B95896908AD5C" . (.Nero Burning ROM 11 Help (CHM).) -- C:\Windows\Installer\{53F7746A-96AA-49A5-86B8-59989680DAC5}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "A99EC10D2088C3847AF992B896E14B23" . (.Nero RescueAgent 11 Help (CHM).) -- C:\Windows\Installer\{D01CE99A-8802-483C-A79F-298B691EB432}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "AA7570930388CD34EA0EE4B5F64893BE" . (.Nero SoundTrax 11 Help (CHM).) -- C:\Windows\Installer\{390757AA-8830-43DC-AEE0-4E5B6F8439EB}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "BCAF4108D1D12C8449AA2EE92E6E9BEC" . (.Nero WaveEditor 11.) -- C:\Windows\Installer\{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}\ARPPRODUCTICON.exe
O90 - PUC: "BE08307221881E2428983507D08B042D" . (.PMB VAIO Edition Plug-in.) -- C:\Windows\Installer\{270380EB-8812-42E1-8289-53700DB840D2}\ARPPRODUCTICON.exe
O90 - PUC: "BF58906567B412141998A7C2CD87686D" . (.Kaspersky Internet Security 2013.) -- C:\Windows\Installer\{560985FB-4B76-4121-9189-7A2CDC7886D6}\setup2.ico
O90 - PUC: "C2A3473FF5D56544F889D53FA659C405" . (.Nero 11 Image Samples.) -- C:\Windows\Installer\{F3743A2C-5D5F-4456-8F98-5DF36A954C50}\ARPPRODUCTICON.exe
O90 - PUC: "D094391992254CF4B99B6A6DC39075A4" . (.High-Definition Video Playback.) -- C:\Windows\Installer\{9193490D-5229-4FC4-9BB9-A6D63C09574A}\ARPPRODUCTICON.exe
O90 - PUC: "D2B212A5D0414F646B52D2C15A0A5049" . (.Nero 11 Kwik Themes Basic.) -- C:\Windows\Installer\{5A212B2D-140D-46F4-B625-2D1CA5A00594}\ARPPRODUCTICON.exe
O90 - PUC: "D5227AC221BCA264D91D0513E951B85A" . (.Nero 11 PiP Effects Basic.) -- C:\Windows\Installer\{2CA7225D-CB12-462A-9DD1-50319E158BA5}\ARPPRODUCTICON.exe
O90 - PUC: "DDC18066EF1CF514BBA32F26B22A4716" . (.PMB VAIO Edition Guide.) -- C:\Windows\Installer\{66081CDD-C1FE-415F-BB3A-F2622BA27461}\ARPPRODUCTICON.exe
O90 - PUC: "E2FB0A7ACC133E949931255C30BE69D9" . (.Nero Audio Pack 1.) -- C:\Windows\Installer\{A7A0BF2E-31CC-49E3-9913-52C503EB969D}\ARPPRODUCTICON.exe
O90 - PUC: "E3412C555ABFF244A9AF27F60F863FD9" . (.Nero CoverDesigner 11 Help (CHM).) -- C:\Windows\Installer\{55C2143E-FBA5-442F-9AFA-726FF068F39D}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "E7242BA6F81A9084A921925FBEBABBA3" . (.Nero BackItUp 11 Help (CHM).) -- C:\Windows\Installer\{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "E73C3CAFBADEA3F41A377A7CC08CF890" . (.Nero Video 11 Help (CHM).) -- C:\Windows\Installer\{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "F7AB1B9B70E7DD947A31B593A7B56BB6" . (.Nero Kwik Media Help (CHM).) -- C:\Windows\Installer\{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}\NeroHelpIcon.BBDB24D3_07A5_496B_AA18_6A3ED03D6698
O90 - PUC: "F86429A58DE369F49A1EF471C608CE92" . (.VAIO Quick Web Access.) -- C:\Windows\Installer\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}\ARPPRODUCTICON.exe
O90 - PUC: "F8BA81CF3AB9B324192F2692095F9787" . (.Nero 11.) -- C:\Windows\Installer\{FC18AB8F-9BA3-423B-91F2-622990F57978}\ARPPRODUCTICON.exe
O90 - PUC: "FCE08F75C72EEEE4BA859E17ABEC6293" . (.Nero Recode 11 Help (CHM).) -- C:\Windows\Installer\{57F80ECF-E27C-4EEE-AB58-E971BACE2639}\NeroHelpIcon.8BC7562A_6065_4ED9_8502_C368ECC0724D
O90 - PUC: "FF2B9E104FAD9254C99C12102655717C" . (.nero.prerequisites.msi.) -- C:\Windows\Installer\{01E9B2FF-DAF4-4529-9CC9-2101625517C7}\ARPPRODUCTICON.exe
~ Update Products: 374 Legitimates Scanned in 00mn 00s



---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SS - | Demand 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 13/03/2013 253656 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 21/12/2012 57008 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SR - | Auto 29/04/2011 146592 | (Atheros Bt&Wlan Coex Agent) . (.Atheros.) - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
SR - | Auto 29/04/2011 91296 | (AtherosSvc) . (.Atheros Commnucations.) - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
SR - | Auto 21/01/2013 356376 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
SS - | Demand 01/03/2011 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe
SS - | Demand 30/08/2011 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 04/03/2011 1529856 | (CVPND) . (.Cisco Systems, Inc..) - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
SS - | Auto 08/03/2013 116648 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SS - | Demand 08/03/2013 116648 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
SR - | Auto 13/09/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
SR - | Auto 29/03/2011 2361344 | (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
SR - | Demand 20/02/2013 641352 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 01/02/2011 326168 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
SR - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 08/03/2013 115608 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
SR - | Auto 25/11/2011 687400 | (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe
SR - | Auto 18/02/2011 993896 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SR - | Auto 27/11/2010 398176 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
SR - | Auto 29/01/2011 259192 | (SampleCollector) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCPerfService.exe
SR - | Auto 25/02/2011 249648 | (SeaPort) . (.Microsoft Corporation.) - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files (x86)\Skype\Updater\Updater.exe
SS - | Demand 21/02/2011 113824 | (SOHCImp) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
SS - | Demand 21/02/2011 67232 | (SOHDs) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
SS - | Demand 20/01/2011 286936 | (SpfService) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
SR - | Auto 18/02/2011 378472 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
SR - | Auto 23/02/2011 105024 | (uCamMonitor) . (.ArcSoft, Inc..) - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
SR - | Auto 01/02/2011 2656280 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
SR - | Auto 05/03/2011 64704 | (VAIO Event Service) . (.Sony Corporation.) - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
SS - | Demand 20/01/2011 887000 | (VCFw) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
SS - | Demand 19/05/2011 549616 | (VcmIAlzMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
SS - | Demand 18/02/2011 385336 | (VcmINSMgr) . (.Sony Corporation.) - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
SS - | Demand 18/02/2011 99104 | (VcmXmlIfHelper) . (.Sony Corporation.) - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
SR - | Demand 14/02/2011 44736 | (VCService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Care\VCService.exe
SR - | Auto 28/02/2011 852160 | (VSNService) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
SR - | Demand 26/10/2012 1286784 | (VUAgent) . (.Sony Corporation.) - C:\Program Files\Sony\VAIO Update\VUAgent.exe
SR - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe
SR - | Auto 14/07/2009 27136 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Services: Legitimates Scanned in 00mn 03s



End of the scan (854 lines in 07mn 01s)(0)

Publicité


Signaler le contenu de ce document

Publicité