Publicité
Publicité
Format du document : text/plain
Prévisualisation
Rapport de ZHPDiag v2013.4.18.101 par Nicolas Coolman, Update du 18/04/2013
Run by no�le at 19/04/2013 15:11:50
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Norton Internet Security v16.0.0.125
---\\ System Optimizer
CCleaner v3.20
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (32% free)
System Restore: Activ� (Enable)
System drive C: has 193 GB (67%) free of 288 GB
---\\ Logged in mode
~ Computer Name: PC-DE-NO�LE
~ User Name: no�le
~ All Users Names: UpdatusUser, no�le, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\no�le\AppData\Roaming\
~ %Desktop% : C:\Users\no�le\Desktop\
~ %Favorites% : C:\Users\no�le\Favorites\
~ %LocalAppData% : C:\Users\no�le\AppData\Local\
~ %StartMenu% : C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 193 Go of 288 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/11
~ Mes musiques (My Musics) : 1/692
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 0/4
~ Mes Documents (My Documents) : 1/103
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 0/55
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lanc�s
[MD5.94444693EA13A72F6820DFF844A1122E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176] [PID.3788]
[MD5.C18DAD67061885AE0D8BEA58726EA921] - (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688] [PID.3824]
[MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032] [PID.3836]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752] [PID.3880]
[MD5.B236FE89F31893CDF6DB5A1DC6FCB369] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450652] [PID.3904]
[MD5.D610CDEDF1F702EB0A86B0FBD9BB49E5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1820520] [PID.4000]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552] [PID.4072]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [PID.2776]
[MD5.0D9F0763B213DF519012DF96F02E9633] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [81920] [PID.2964]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3140]
[MD5.30043A612F93B30CF086824701400BE5] - (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [1219248] [PID.2324] =>Toolbar.AVGSearch
[MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624] [PID.2872]
[MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848] [PID.1740]
[MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616] [PID.3852]
[MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248] [PID.5252]
[MD5.3E802CE450D0E7A234978E9A2EA4772A] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.exe [107816] [PID.5468]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.exe [316720] [PID.1868]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3744]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propri�taire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360] [PID.2928]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe [1312720] [PID.2272]
[MD5.09E411E1DC92D813F49DFEEB4039CBCA] - (.Google - Google Talk Plugin.) -- C:\Users\no�le\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [79384] [PID.5204]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18642024] [PID.6136]
[MD5.596C3DD487001E237CCE431EAE6F3EA0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144] [PID.5708]
[MD5.A778E395D5481138169D233AAE92757A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6861312] [PID.3800]
[MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32\nvvsvc.exe [645992] [PID.992]
[MD5.2E3DB7DBC4D96949F4DA4383AA02AE72] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170] [PID.1220]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1356]
[MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168] [PID.1544]
[MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [864616] [PID.1576]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1996]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilit� pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.276]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.1904]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.2032]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920] [PID.1128]
[MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632] [PID.2088]
[MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.2340]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2444]
[MD5.0D362785BEF9BDF5A6E1F4628D06716D] - (.Pas de propri�taire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.2600]
[MD5.805AE1F90C64758D19AAA001CF8CBA12] - (.Pas de propri�taire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734] [PID.2856]
[MD5.BB313AE85EC95B7CB87FC5ED53F3A22B] - (.Pas de propri�taire - CLCapSvc Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320] [PID.3248]
[MD5.0C66E48654AFD8A6BCFBCE22E7FAB251] - (.Pas de propri�taire - CLSched Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096] [PID.3292]
[MD5.E2CA898E105C3F2B62DB130F28C73322] - (.Pas de propri�taire - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [990896] [PID.3316] =>Toolbar.AVGSearch
[MD5.184C500CB9F69585F3FE85E1D2667CD8] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [751672] [PID.4576]
[MD5.7795F8CEBC284A426B53F541E538695F] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [193840] [PID.6124]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.3304]
[MD5.BE78357FB49759B79CCC01894BCFDDDB] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520] [PID.4804]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\gji3cpa7.default\prefs.js (.not file.)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\rw8d7rkj.default\prefs.js (.not file.)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\szqn914x.default\prefs.js
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\szqn914x.default\user.js
M0 - MFSP: prefs.js [no�le - szqn914x.default] http://isearch.avg.com
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\npsitesafety.dll =>Toolbar.AVGSearch
~ Firefox Browser: 28 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} . (.ArcSoft, Inc. - ArcURLRecord Module.) -- C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: AOL Toolbar - [HKLM]{DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: (no name) - [HKLM]{265EEE8E-3228-44D3-AEA5-F7FDF5860049} Cl� orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\windows sidebar\sidebar.exe
O4 - HKCU\..\Run: [orangeinside] . (...) -- C:\Users\no�le\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\no�le\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\windows sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [orangeinside] . (...) -- C:\Users\no�le\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\no�le\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: AZR.lnk . (.DataNumen, Inc. - Pas de description.) -- C:\Program Files\AZR\AZR.exe
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files\PhotoFiltre\photofiltre.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Google Chrome (3).lnk . (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Advanced Uninstaller PRO 11.lnk . (.Innovative Solutions - Advanced Uninstaller.) -- C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
O4 - GS\Desktop: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: OpenOffice.org.lnk . (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: Traitement de texte Microsoft Works.lnk . (.Microsoft� Corporation - Microsoft� Works Word Processor.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\WksWP.exe
O4 - GS\Desktop: Windows Live Messenger .lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (vToolbarUpdater15.0.0) . (.Pas de propri�taire - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: {55662437-DA8C-40c0-AADA-2C816A897A49} ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.Cyberlink Corp. - Pas de description.) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Services: 19 Legitimates Filtered in 00mn 06s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateFiles_no�le.job [370]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateXML_no�le.job [366]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Registry Winner Schedule.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_no�le.job [376]
[MD5.884A69D4792AF25611934F0FE18F94C4] [APT] [Registry Winner Schedule] (.RegistryWinner.com.) -- C:\Program Files\Registry Winner\RegistryWinner.exe [7813360]
[MD5.00000000000000000000000000000000] [APT] [{3CD99EA3-4DFB-4134-9E14-1480ED094161}] (...) -- C:\Program Files\Orange\Launcher\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{40F796AA-DA78-4826-AF5E-34A72BBB0517}] (...) -- C:\Program Files\Orange\Launcher\Launcher.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 05s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Advanced Zip Repair v1.8 - (...) [HKLM] -- Advanced Zip Repair v1.8
O42 - Logiciel: BESCHERELLE, Le dico des synonymes - (.Diagonal.) [HKLM] -- {FB3C7931-DFD8-4F09-85D7-C0AA9D2075F0}
O42 - Logiciel: Registry Winner 6.3 - (.RegistryWinner.com.) [HKLM] -- Registry Winner_is1
O42 - Logiciel: Standard Edition - (.Encyclopaedia Britannica, Inc..) [HKLM] -- Standard Edition
~ Logic: 155 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AZR]
[HKCU\Software\Diagonal]
[HKCU\Software\digital publishing]
[HKLM\Software\Britannica 7.0]
[HKLM\Software\TSMSTV_Upgrade]
[HKLM\Software\digital publishing]
~ Key Software: 233 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/09/2011 - 15:23:06 - [0,829] ----D C:\Program Files\AZR
O43 - CFD: 12/05/2011 - 13:45:48 - [1318,580] ----D C:\Program Files\Britannica 7.0
O43 - CFD: 15/04/2011 - 21:38:24 - [5,762] ----D C:\Program Files\Diagonal
O43 - CFD: 19/02/2011 - 14:53:58 - [-1484,601] ----D C:\Program Files\digital publishing
O43 - CFD: 21/04/2012 - 20:00:02 - [14,012] ----D C:\Program Files\Registry Winner
O43 - CFD: 10/01/2013 - 15:55:20 - [0,006] ----D C:\ProgramData\prolexisws
O43 - CFD: 06/05/2011 - 14:02:52 - [33,621] ----D C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 15/04/2011 - 21:38:39 - [0,121] ----D C:\Users\no�le\AppData\Roaming\Diagonal
O43 - CFD: 19/02/2011 - 15:48:02 - [0,099] ----D C:\Users\no�le\AppData\Roaming\digital publishing
O43 - CFD: 03/02/2013 - 11:20:23 - [0,032] ----D C:\Users\no�le\AppData\Local\Temp(48)
O43 - CFD: 12/05/2011 - 13:45:38 - [0,007] ----D C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Britannica 7.0
O43 - CFD: 19/02/2011 - 14:47:58 - [0,015] ----D C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\digital publishing
~ 4 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 232 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.71F5CDE09BEB6945EAA79B170B28DFE9] - 19/04/2013 - 12:31:09 ---A- - C:\Windows\Prefetch\LIVEBOXUTILITIES.EXE-39FF901D.pf
O45 - LFCP:[MD5.D156EB88D5F23623F0295CDC1C806F7E] - 26/03/2013 - 15:53:49 ---A- - C:\Windows\Prefetch\OLRSUBMISSION.EXE-1DADAD8F.pf
O45 - LFCP:[MD5.83F720012C3FA5F76CACEDC49D4052CA] - 28/03/2013 - 17:53:53 ---A- - C:\Windows\Prefetch\OLRSTATECHECK.EXE-86F774DE.pf
O45 - LFCP:[MD5.B920F8DBD79E24A9EB6077AD7FE47A2C] - 28/03/2013 - 17:53:57 ---A- - C:\Windows\Prefetch\PDR.EXE-9084E397.pf
O45 - LFCP:[MD5.CAD14D2FE25BF355DEF278D545BD84D5] - 28/03/2013 - 17:54:03 ---A- - C:\Windows\Prefetch\PDHANUMANSVR.EXE-C9AF27AC.pf
~ Prefetcher: 84 Legitimates Filtered in 00mn 02s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{7cd0455b-fa59-11e0-b0a9-00238b61f0c9}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\ROC_roc_ssl_v12 [Key] . (...) -- C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.) =>Toolbar.AVGSearch
~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] - 13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [35896]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 17/04/2013 - 14:40:52 ---A- C:\Users\no�le\AppData\Local\AVG Secure Search\SiteSafety\l_2013_04_17_06_40_44.db [613968] =>Toolbar.AVGSearch
O61 - LFC: 17/04/2013 - 14:48:07 ---A- C:\Users\no�le\.recently-used.xbel [2703]
O61 - LFC: 19/04/2013 - 12:30:45 ---A- C:\Users\no�le\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk [3921]
O61 - LFC: 19/04/2013 - 12:30:52 ---A- C:\Users\no�le\AppData\Local\AVG Secure Search\SiteSafety\l_2013_04_19_04_30_36.db [613968] =>Toolbar.AVGSearch
O61 - LFC: 19/04/2013 - 12:39:59 ---A- C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268315]
O61 - LFC: 19/04/2013 - 13:33:27 ---A- C:\Users\no�le\RACCOURCIS PROGRAMMES\AdwCleaner.exe [613083]
O61 - LFC: 19/04/2013 - 14:13:54 ---A- C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Local State [27698]
~ 6 Fichiers temporaires (Temporary files)
~ Files: 196 Legitimates Filtered in 00mn 50s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe
O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <>[HKLM\..\Shell\open\Command] (.Not Key.)
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2E4C7146-FEAE-4CC5-8C65-ED909144EE36} [DefaultScope] - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKCU] {91E89DD9-6220-4F21-A416-186CC567BB77} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {93B8115B-FF23-40BC-BDED-33B52D5A517C} - (Yahoo!) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.A9A1A20E28D8BE8B22AA224CC1EE4882] [SPRF][26/07/2011] (...) -- C:\ProgramData\nvModes.dat [31871]
[MD5.DA8D33A063272D4F30C1A12C10B692C6] [SPRF][08/12/2010] (...) -- C:\Users\no�le\AppData\Local\d3d8caps.dat [552]
[MD5.F65E6E4C0F394A6AF607F8DB1B6F92B7] [SPRF][29/09/2012] (...) -- C:\Users\no�le\AppData\Local\d3d9caps.dat [7916]
[MD5.7BDB6EE80ED4DBF12B64EAF3B72C0CA6] [SPRF][12/01/2013] (...) -- C:\Users\no�le\AppData\Roaming\wklnhst.dat [16416]
[MD5.AF59DE458776D6F5570047749588E460] [SPRF][19/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\no�le\Desktop\ZHPDiag2.exe [5583119]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11580 - (18/04/2013)
Cl�s trouv�es (Keys found) : 30
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 5
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\Software\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\no�le\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\no�le\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
~ Additionnel: Scanned in 00mn 32s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "1397C3BF8DFD90F4587D0CAAD902570F" . (.BESCHERELLE, Le dico des synonymes.) -- C:\Windows\Installer\{FB3C7931-DFD8-4F09-85D7-C0AA9D2075F0}\_6FEFF9B68218417F98F549.exe
~ Update Products: 124 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 17/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/08/2009 69632 | C:\Program Files\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SS - | Demand 05/05/2008 165416 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
SR - | Auto 15/11/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 14/10/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 14/10/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 09/06/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SS - | Auto 02/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 365952 | (Recovery Service for Windows) . (...) - C:\Program Files\SMINST\BLService.exe
SR - | Auto 241734 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 03/06/2009 217170 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
SR - | Auto 296320 | (TVCapSvc) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
SR - | Auto 116096 | (TVSched) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
SR - | Auto 990896 | (vToolbarUpdater15.0.0) . (...) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/09/2008 59376 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.Cyberlink Corp..) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by no�le at 19/04/2013 15:16:43
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1540 Legitimates filtered by white list
End of the scan (572 lines in 04mn 52s)(0)
Run by no�le at 19/04/2013 15:11:50
State : Version � jour.
WhiteList : Enable
High Elevated Privileges : OK
UAC : Activate by user
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421
GCIE: Google Chrome v26.0.1410.64 (Defaut)
---\\ Windows Product Information
~ Langage: Fran�ais
Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)
Windows Server License Manager Script : OK
~ Vista, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : WQD8Q
Windows License : OK
Windows Automatic Updates : OK
---\\ System Protection
avast! Free Antivirus v8.0.1483.0
Malwarebytes Anti-Malware version 1.75.0.1300
Norton Internet Security v16.0.0.125
---\\ System Optimizer
CCleaner v3.20
---\\ Software Update
Adobe Flash Player 11 Plugin
Adobe Reader X
---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 3068 MB (32% free)
System Restore: Activ� (Enable)
System drive C: has 193 GB (67%) free of 288 GB
---\\ Logged in mode
~ Computer Name: PC-DE-NO�LE
~ User Name: no�le
~ All Users Names: UpdatusUser, no�le, Administrateur,
~ Unselected Option: None
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\no�le\AppData\Roaming\
~ %Desktop% : C:\Users\no�le\Desktop\
~ %Favorites% : C:\Users\no�le\Favorites\
~ %LocalAppData% : C:\Users\no�le\AppData\Local\
~ %StartMenu% : C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\System32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 193 Go of 288 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 11 Go)
E:\ CD-ROM drive (Not Inserted)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK
~ Security Center: Scanned in 00mn 00s
---\\ Recherche particuli�re de fichiers g�n�riques
[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.11/04/2009 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]
[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de d�marrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\System32\Wininit.exe [96768]
[MD5.C5B6468422DB1C8AA36C32CBB0197E5E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/02/2013 - 04:38:00.) -- C:\Windows\System32\wininet.dll [1129472]
[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.11/04/2009 - 07:28:13.) -- C:\Windows\System32\Winlogon.exe [314368]
[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.21/04/2011 - 14:58:27.) -- C:\Windows\system32\Drivers\AFD.sys [273408]
[MD5.1F05B78AB91C9075565A9D8A4B880BC4] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.11/04/2009 - 07:32:26.) -- C:\Windows\system32\Drivers\atapi.sys [19944]
[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\Drivers\Cdfs.sys [70144]
[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/04/2009 - 05:39:17.) -- C:\Windows\system32\Drivers\Cdrom.sys [67072]
[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.14/04/2011 - 15:59:03.) -- C:\Windows\system32\Drivers\DfsC.sys [75264]
[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/04/2009 - 05:42:42.) -- C:\Windows\system32\Drivers\HDAudBus.sys [561152]
[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\Drivers\i8042prt.sys [54784]
[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\Drivers\IpNat.sys [100864]
[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.29/04/2011 - 14:24:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [106496]
[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.11/04/2009 - 05:45:37.) -- C:\Windows\system32\Drivers\netBT.sys [185856]
[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du syst�me de fichiers NT.) (.11/04/2009 - 07:32:49.) -- C:\Windows\system32\Drivers\ntfs.sys [1083880]
[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parall�le.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\Drivers\Parport.sys [79360]
[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [76288]
[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\Drivers\rdpdr.sys [248832]
[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.11/04/2009 - 05:45:22.) -- C:\Windows\system32\Drivers\smb.sys [66560]
[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.11/04/2009 - 05:45:56.) -- C:\Windows\system32\Drivers\tdx.sys [72192]
[MD5.786DB5771F05EF300390399F626BF30A] - (.Microsoft Corporation - Pilote de clich� instantan� du volume.) (.21/08/2012 - 12:47:42.) -- C:\Windows\system32\Drivers\volsnap.sys [224640]
~ Generic Processes: Scanned in 00mn 00s
---\\ Etat des fichiers cach�s (Cach�/Total)
~ Mes images (My Pictures) : 1/11
~ Mes musiques (My Musics) : 1/692
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : 0/4
~ Mes Documents (My Documents) : 1/103
~ Mon Bureau (My Desktop) : 1/8
~ Menu demarrer (Programs) : 0/55
~ Hidden Files: Scanned in 00mn 02s
---\\ Processus lanc�s
[MD5.94444693EA13A72F6820DFF844A1122E] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176] [PID.3788]
[MD5.C18DAD67061885AE0D8BEA58726EA921] - (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [912688] [PID.3824]
[MD5.F7CF218E5CAA6FC0BB55791AD31E2B3F] - (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe [202032] [PID.3836]
[MD5.8CB896C573FD15AE8B13180DA53E93D2] - (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [488752] [PID.3880]
[MD5.B236FE89F31893CDF6DB5A1DC6FCB369] - (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe [450652] [PID.3904]
[MD5.D610CDEDF1F702EB0A86B0FBD9BB49E5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1820520] [PID.4000]
[MD5.72DE9723E5203A5C5D284C6D001A1D14] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\Launcher\Launcher.exe [717552] [PID.4072]
[MD5.527F995C40417C0F4EBB74ACA98F915A] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe [90112] [PID.2776]
[MD5.0D9F0763B213DF519012DF96F02E9633] - (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe [81920] [PID.2964]
[MD5.148C545849C1379A3D4448F5DE768E86] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [4767304] [PID.3140]
[MD5.30043A612F93B30CF086824701400BE5] - (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe [1219248] [PID.2324] =>Toolbar.AVGSearch
[MD5.ABC9091B6D438381DBACFD1A82E0C0EA] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\systray\systrayapp.exe [282624] [PID.2872]
[MD5.682DB04704A74F228A080B31003B6FC6] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\connectivitymanager.exe [974848] [PID.1740]
[MD5.CAF2CCB6E9F5FDBE99EE8904EB9DC506] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\CoreCom.exe [495616] [PID.3852]
[MD5.8E884B0A19679340BFFF5C157075D6B5] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\connectivity\CoreCom\OraConfigRecover.exe [53248] [PID.5252]
[MD5.3E802CE450D0E7A234978E9A2EA4772A] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.exe [107816] [PID.5468]
[MD5.8D07F0687318214A3CEF62EA1048D101] - (.Hewlett-Packard Development Company, L.P. - Module to process WiFi messages..) -- C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.exe [316720] [PID.1868]
[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.3744]
[MD5.1EDC4865C8003A0251956835273904B1] - (.Pas de propri�taire - HpqToaster Module.) -- C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe [685360] [PID.2928]
[MD5.4E9592BB2C100E571F82640E59E9ECD5] - (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe [1312720] [PID.2272]
[MD5.09E411E1DC92D813F49DFEEB4039CBCA] - (.Google - Google Talk Plugin.) -- C:\Users\no�le\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe [79384] [PID.5204]
[MD5.7E4AD8220AF0B281274F9785DD53E25C] - (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe [18642024] [PID.6136]
[MD5.596C3DD487001E237CCE431EAE6F3EA0] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1689144] [PID.5708]
[MD5.A778E395D5481138169D233AAE92757A] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [6861312] [PID.3800]
[MD5.EB5A13F9139F20AD71ADF4BF79C3AA29] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.9.) -- C:\Windows\system32\nvvsvc.exe [645992] [PID.992]
[MD5.2E3DB7DBC4D96949F4DA4383AA02AE72] - (.IDT, Inc. - IDT PC Audio.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe [217170] [PID.1220]
[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.1356]
[MD5.C0BEB56ED79B59B7B33D0AA6C38A0BA6] - (.Hewlett-Packard Company - HpService.) -- C:\Windows\system32\Hpservice.exe [26168] [PID.1544]
[MD5.C71F2B4D0151CFEDE5D405C5D60B6FCE] - (.NVIDIA Corporation - NVIDIA User Experience Driver Component.) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [864616] [PID.1576]
[MD5.41735B82DB57E4EBE9504EC400FD120E] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [45248] [PID.1996]
[MD5.23C3A0680042C0D1DE1F360F8B62BC57] - (.Microsoft Corporation - Infrastructure d'extensibilit� pour les ser.) -- C:\Windows\system32\WLANExt.exe [74240] [PID.276]
[MD5.ADC420616C501B45D26C0FD3EF1E54E4] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152] [PID.1904]
[MD5.3927397AC60D943DAF8808AFFED582B7] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [65192] [PID.2032]
[MD5.827DBC22C96EECF6D36A13162FABAFD3] - (.Andrea Electronics Corporation - Andrea filters APO access service (32-bit).) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe [81920] [PID.1128]
[MD5.B0C9FFF54F16DF2012F53A34736A0975] - (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [69632] [PID.2088]
[MD5.2DFB151FD34DF104DAC0ADF070EDA83C] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe [92216] [PID.2340]
[MD5.ABF90FC5A127F481219B873C1B8DFC1C] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.2444]
[MD5.0D362785BEF9BDF5A6E1F4628D06716D] - (.Pas de propri�taire - STServices.) -- C:\Program Files\SMINST\BLService.exe [365952] [PID.2600]
[MD5.805AE1F90C64758D19AAA001CF8CBA12] - (.Pas de propri�taire - RichVideo Module.) -- C:\Program Files\CyberLink\Shared files\RichVideo.exe [241734] [PID.2856]
[MD5.BB313AE85EC95B7CB87FC5ED53F3A22B] - (.Pas de propri�taire - CLCapSvc Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320] [PID.3248]
[MD5.0C66E48654AFD8A6BCFBCE22E7FAB251] - (.Pas de propri�taire - CLSched Module.) -- C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096] [PID.3292]
[MD5.E2CA898E105C3F2B62DB130F28C73322] - (.Pas de propri�taire - ToolbarU Application.) -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe [990896] [PID.3316] =>Toolbar.AVGSearch
[MD5.184C500CB9F69585F3FE85E1D2667CD8] - (.Hewlett-Packard Company - hpqwmiex Module.) -- C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [751672] [PID.4576]
[MD5.7795F8CEBC284A426B53F541E538695F] - (.Hewlett-Packard Development Company, L.P. - Com for QLB application.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [193840] [PID.6124]
[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.3304]
[MD5.BE78357FB49759B79CCC01894BCFDDDB] - (.Hewlett-Packard Company - HP Support Assistant.) -- C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [126520] [PID.4804]
~ Processes Running: Scanned in 00mn 03s
---\\ Google Chrome, D�marrage,Recherche,Extensions (G0,G1,G2)
C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Default\Preferences
G1 - GCS: Preference [User Data\Default] None
~ Google Browser: Scanned in 00mn 00s
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\gji3cpa7.default\prefs.js (.not file.)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\rw8d7rkj.default\prefs.js (.not file.)
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\szqn914x.default\prefs.js
C:\Users\no�le\AppData\Roaming\Mozilla\Firefox\Profiles\szqn914x.default\user.js
M0 - MFSP: prefs.js [no�le - szqn914x.default] http://isearch.avg.com
P2 - FPN: [HKLM] [@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] - (.AVG Technologies - npsitesafety.) -- C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.0.0\npsitesafety.dll =>Toolbar.AVGSearch
~ Firefox Browser: 28 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, D�marrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://r.orange.fr
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)
~ IE Browser: 9 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Proxy management: Scanned in 00mn 00s
---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs
F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: Shell=C:\Windows\explorer.exe
F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"
~ Keys: Scanned in 00mn 00s
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Hosts File: Scanned in 00mn 00s
~ Nombre de lignes (Lines number): 20
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: IEPlugin Class - {11222041-111B-46E3-BD29-EFB2449479B1} . (.ArcSoft, Inc. - ArcURLRecord Module.) -- C:\Program Files\ArcSoft\Media Converter for Philips\Internet Video Downloader\ArcURLRecord.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
~ BHO: 12 Legitimates Filtered in 00mn 00s
---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: AOL Toolbar - [HKLM]{DE9C389F-3316-41A7-809B-AA305ED9D922} . (.AOL LLC - AOL IE Toolbar Dynamic Link Library.) -- C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: (no name) - [HKLM]{265EEE8E-3228-44D3-AEA5-F7FDF5860049} Cl� orpheline
O3 - Toolbar: avast! WebRep - [HKLM]{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: (no name) - [HKLM]{95B7759C-8C7F-4BF1-B163-73684A933233} Cl� orpheline
~ Toolbar: Scanned in 00mn 00s
---\\ Applications d�marr�es par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SmartMenu] . (.Hewlett-Packard - HP MediaSmart SmartMenu.) -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
O4 - HKLM\..\Run: [QlbCtrl.exe] . (. Hewlett-Packard Development Company, L.P. - Quick Launch Buttons.) -- C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] . (.Hewlett-Packard Development Company, L.P. - HPWAMain Module.) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray.exe
O4 - HKLM\..\Run: [ORAHSSSessionManager] . (.France Telecom SA - Orange Connection Kit.) -- C:\Program Files\Orange\Connexion Internet Orange\SessionManager\SessionManager.exe
O4 - HKLM\..\Run: [hpqSRMon] . (.Hewlett-Packard - HpqSRmon.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe
O4 - HKLM\..\Run: [vProt] . (.Pas de propri�taire - VProtect Application.) -- C:\Program Files\AVG Secure Search\vprot.exe =>Toolbar.AVGSearch
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\windows sidebar\sidebar.exe
O4 - HKCU\..\Run: [orangeinside] . (...) -- C:\Users\no�le\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\no�le\AppData\Local\Google\Update\GoogleUpdate.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\windows sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [orangeinside] . (...) -- C:\Users\no�le\AppData\Roaming\Orange\OrangeInside\two\OrangeInside.exe
O4 - HKUS\S-1-5-21-2001441431-2361965922-2423994464-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\no�le\AppData\Local\Google\Update\GoogleUpdate.exe
~ Application: Scanned in 00mn 00s
---\\ Autres liens utilisateurs (O4)
O4 - GS\Desktop: AZR.lnk . (.DataNumen, Inc. - Pas de description.) -- C:\Program Files\AZR\AZR.exe
O4 - GS\Desktop: PhotoFiltre.lnk . (.Antonio Da Cruz - PhotoFiltre.) -- C:\Program Files\PhotoFiltre\photofiltre.exe
O4 - GS\Programs: Internet Explorer.lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\Programs: Windows Mail.lnk . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe
O4 - GS\Programs: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\QuickLaunch: Google Chrome (3).lnk . (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\QuickLaunch: HP Total Care Advisor.lnk . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
O4 - GS\QuickLaunch: Windows Media Player.lnk . (.Microsoft Corporation - Windows Media Player.) -- C:\Program Files\Windows Media Player\wmplayer.exe
O4 - GS\Accessories: Internet Explorer (No Add-ons).lnk . (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - GS\SendTo: Skype.lnk . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe
O4 - GS\Desktop: Advanced Uninstaller PRO 11.lnk . (.Innovative Solutions - Advanced Uninstaller.) -- C:\Program Files\Innovative Solutions\Advanced Uninstaller PRO\uninstaller.exe
O4 - GS\Desktop: Disk Cleanup.lnk . (.Microsoft Corporation - Gestionnaire de nettoyage de disque pour Wi.) -- C:\Windows\System32\cleanmgr.exe
O4 - GS\Desktop: Google Chrome.lnk . (.Google Inc. - Google Chrome.) -- C:\Users\no�le\AppData\Local\Google\Chrome\Application\chrome.exe
O4 - GS\Desktop: OpenOffice.org.lnk . (.OpenOffice.org - OpenOffice.org 3.3.) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
O4 - GS\Desktop: Traitement de texte Microsoft Works.lnk . (.Microsoft� Corporation - Microsoft� Works Word Processor.) -- C:\Windows\Installer\{3B160861-7250-451E-B5EE-8B92BF30A710}\WksWP.exe
O4 - GS\Desktop: Windows Live Messenger .lnk . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
~ Global Startup: Scanned in 00mn 00s
---\\ Boutons situ�s sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll
O9 - Extra button: &Envoyer � OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -- Cl� orpheline
~ IE Extra Buttons: Scanned in 00mn 00s
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} ((no name)) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
~ Objets ActiveX: Scanned in 00mn 00s
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CS3\Services\Tcpip\..\{618BBF21-303A-45C2-AEE8-023A95EFE6DD}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
~ Domain: Scanned in 00mn 00s
---\\ Protocole additionnel (O18)
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Protocole Additionnel: Scanned in 00mn 00s
---\\ Cl� de Registre autorun SharedTaskScheduler (STS) (O22)
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Biblioth�que de l'interface utilisateur du.) -- C:\Windows\System32\browseui.dll
~ STS/SSO: Scanned in 00mn 00s
---\\ Liste des services NT non Microsoft et non d�sactiv�s (O23)
O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard Company - HP Support Assistant.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: (vToolbarUpdater15.0.0) . (.Pas de propri�taire - ToolbarU Application.) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
O23 - Service: {55662437-DA8C-40c0-AADA-2C816A897A49} ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.Cyberlink Corp. - Pas de description.) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Services: 19 Legitimates Filtered in 00mn 06s
---\\ T�ches planifi�es en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateFiles_no�le.job [370]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\ReclaimerUpdateXML_no�le.job [366]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Registry Winner Schedule.job [404]
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_no�le.job [376]
[MD5.884A69D4792AF25611934F0FE18F94C4] [APT] [Registry Winner Schedule] (.RegistryWinner.com.) -- C:\Program Files\Registry Winner\RegistryWinner.exe [7813360]
[MD5.00000000000000000000000000000000] [APT] [{3CD99EA3-4DFB-4134-9E14-1480ED094161}] (...) -- C:\Program Files\Orange\Launcher\Launcher.exe (.not file.) [0]
[MD5.00000000000000000000000000000000] [APT] [{40F796AA-DA78-4826-AF5E-34A72BBB0517}] (...) -- C:\Program Files\Orange\Launcher\Launcher.exe (.not file.) [0]
~ Scheduled Task: 29 Legitimates Filtered in 00mn 05s
---\\ Logiciels install�s (O42)
O42 - Logiciel: Advanced Zip Repair v1.8 - (...) [HKLM] -- Advanced Zip Repair v1.8
O42 - Logiciel: BESCHERELLE, Le dico des synonymes - (.Diagonal.) [HKLM] -- {FB3C7931-DFD8-4F09-85D7-C0AA9D2075F0}
O42 - Logiciel: Registry Winner 6.3 - (.RegistryWinner.com.) [HKLM] -- Registry Winner_is1
O42 - Logiciel: Standard Edition - (.Encyclopaedia Britannica, Inc..) [HKLM] -- Standard Edition
~ Logic: 155 Legitimates Filtered in 00mn 00s
---\\ HKCU & HKLM Software Keys
[HKCU\Software\AZR]
[HKCU\Software\Diagonal]
[HKCU\Software\digital publishing]
[HKLM\Software\Britannica 7.0]
[HKLM\Software\TSMSTV_Upgrade]
[HKLM\Software\digital publishing]
~ Key Software: 233 Legitimates Filtered in 00mn 00s
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 24/09/2011 - 15:23:06 - [0,829] ----D C:\Program Files\AZR
O43 - CFD: 12/05/2011 - 13:45:48 - [1318,580] ----D C:\Program Files\Britannica 7.0
O43 - CFD: 15/04/2011 - 21:38:24 - [5,762] ----D C:\Program Files\Diagonal
O43 - CFD: 19/02/2011 - 14:53:58 - [-1484,601] ----D C:\Program Files\digital publishing
O43 - CFD: 21/04/2012 - 20:00:02 - [14,012] ----D C:\Program Files\Registry Winner
O43 - CFD: 10/01/2013 - 15:55:20 - [0,006] ----D C:\ProgramData\prolexisws
O43 - CFD: 06/05/2011 - 14:02:52 - [33,621] ----D C:\ProgramData\{23D58E70-3B83-4B83-A227-68770F84F5EC}
O43 - CFD: 15/04/2011 - 21:38:39 - [0,121] ----D C:\Users\no�le\AppData\Roaming\Diagonal
O43 - CFD: 19/02/2011 - 15:48:02 - [0,099] ----D C:\Users\no�le\AppData\Roaming\digital publishing
O43 - CFD: 03/02/2013 - 11:20:23 - [0,032] ----D C:\Users\no�le\AppData\Local\Temp(48)
O43 - CFD: 12/05/2011 - 13:45:38 - [0,007] ----D C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Britannica 7.0
O43 - CFD: 19/02/2011 - 14:47:58 - [0,015] ----D C:\Users\no�le\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\digital publishing
~ 4 Dossiers CLSID vides (CLSID Empty Folders)
~ Program Folder: 232 Legitimates Filtered in 00mn 58s
---\\ Derniers fichiers cr��s dans Windows Prefetcher (O45)
O45 - LFCP:[MD5.71F5CDE09BEB6945EAA79B170B28DFE9] - 19/04/2013 - 12:31:09 ---A- - C:\Windows\Prefetch\LIVEBOXUTILITIES.EXE-39FF901D.pf
O45 - LFCP:[MD5.D156EB88D5F23623F0295CDC1C806F7E] - 26/03/2013 - 15:53:49 ---A- - C:\Windows\Prefetch\OLRSUBMISSION.EXE-1DADAD8F.pf
O45 - LFCP:[MD5.83F720012C3FA5F76CACEDC49D4052CA] - 28/03/2013 - 17:53:53 ---A- - C:\Windows\Prefetch\OLRSTATECHECK.EXE-86F774DE.pf
O45 - LFCP:[MD5.B920F8DBD79E24A9EB6077AD7FE47A2C] - 28/03/2013 - 17:53:57 ---A- - C:\Windows\Prefetch\PDR.EXE-9084E397.pf
O45 - LFCP:[MD5.CAD14D2FE25BF355DEF278D545BD84D5] - 28/03/2013 - 17:54:03 ---A- - C:\Windows\Prefetch\PDHANUMANSVR.EXE-C9AF27AC.pf
~ Prefetcher: 84 Legitimates Filtered in 00mn 02s
---\\ MountPoints2 Shell Key (O51)
O51 - MPSK:{7cd0455b-fa59-11e0-b0a9-00238b61f0c9}\AutoRun\command. (...) -- G:\setup.exe (.not file.)
~ Keys: Scanned in 00mn 00s
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\ROC_roc_ssl_v12 [Key] . (...) -- C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe (.not file.) =>Toolbar.AVGSearch
~ SMSR Keys: 13 Legitimates Filtered in 00mn 00s
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
~ MWPS: 16 Legitimates Filtered in 00mn 00s
---\\ Liste des Drivers Syst�me (O58)
O58 - SDL:[MD5.CC1F1D3D70DC13C2C281488D347D4415] - 13/05/2011 - 17:57:20 ---A- . (.Hewlett-Packard Company - HP Accelerometer.) -- C:\Windows\System32\Drivers\Accelerometer.sys [35896]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029]
~ Drivers: Scanned in 00mn 00s
---\\ Derniers fichiers modifi�s ou cr�es (Utilisateur) (O61)
O61 - LFC: 17/04/2013 - 14:40:52 ---A- C:\Users\no�le\AppData\Local\AVG Secure Search\SiteSafety\l_2013_04_17_06_40_44.db [613968] =>Toolbar.AVGSearch
O61 - LFC: 17/04/2013 - 14:48:07 ---A- C:\Users\no�le\.recently-used.xbel [2703]
O61 - LFC: 19/04/2013 - 12:30:45 ---A- C:\Users\no�le\AppData\Roaming\Microsoft\Network\Connections\Pbk\rasphone.pbk [3921]
O61 - LFC: 19/04/2013 - 12:30:52 ---A- C:\Users\no�le\AppData\Local\AVG Secure Search\SiteSafety\l_2013_04_19_04_30_36.db [613968] =>Toolbar.AVGSearch
O61 - LFC: 19/04/2013 - 12:39:59 ---A- C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Certificate Revocation Lists [268315]
O61 - LFC: 19/04/2013 - 13:33:27 ---A- C:\Users\no�le\RACCOURCIS PROGRAMMES\AdwCleaner.exe [613083]
O61 - LFC: 19/04/2013 - 14:13:54 ---A- C:\Users\no�le\AppData\Local\Google\Chrome\User Data\Local State [27698]
~ 6 Fichiers temporaires (Temporary files)
~ Files: 196 Legitimates Filtered in 00mn 50s
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 2013 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ ADS: Scanned in 00mn 00s
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet:
O68 - StartMenuInternet:
O68 - StartMenuInternet:
~ Keys: Scanned in 00mn 00s
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {2E4C7146-FEAE-4CC5-8C65-ED909144EE36} [DefaultScope] - (AOL Recherche) - http://slirsredirect.search.aol.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (@ieframe.dll,-12512) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://rws.search.ke.voila.fr
O69 - SBI: SearchScopes [HKCU] {91E89DD9-6220-4F21-A416-186CC567BB77} - (Kelkoo) - http://fr.kelkoopartners.net
O69 - SBI: SearchScopes [HKCU] {93B8115B-FF23-40BC-BDED-33B52D5A517C} - (Yahoo!) - http://fr.search.yahoo.com
~ Keys: Scanned in 00mn 00s
---\\ Recherche particuliere � la racine de certains dossiers (O84)
[MD5.A9A1A20E28D8BE8B22AA224CC1EE4882] [SPRF][26/07/2011] (...) -- C:\ProgramData\nvModes.dat [31871]
[MD5.DA8D33A063272D4F30C1A12C10B692C6] [SPRF][08/12/2010] (...) -- C:\Users\no�le\AppData\Local\d3d8caps.dat [552]
[MD5.F65E6E4C0F394A6AF607F8DB1B6F92B7] [SPRF][29/09/2012] (...) -- C:\Users\no�le\AppData\Local\d3d9caps.dat [7916]
[MD5.7BDB6EE80ED4DBF12B64EAF3B72C0CA6] [SPRF][12/01/2013] (...) -- C:\Users\no�le\AppData\Roaming\wklnhst.dat [16416]
[MD5.AF59DE458776D6F5570047749588E460] [SPRF][19/04/2013] (.Nicolas Coolman - ZHPDiag.) -- C:\Users\no�le\Desktop\ZHPDiag2.exe [5583119]
~ Files: Scanned in 00mn 00s
---\\ Scan Additionnel (O88)
Database Version : v2.11580 - (18/04/2013)
Cl�s trouv�es (Keys found) : 30
Valeurs trouv�es (Values found) : 0
Dossiers trouv�s (Folders found) : 5
Fichiers trouv�s (Files found) : 0
[HKLM\Software\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}] =>Toolbar.Agent
[HKLM\Software\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}] =>Toolbar.Agent
[HKLM\Software\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}] =>Toolbar.Agent
[HKLM\Software\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}] =>Toolbar.Conduit
[HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}] =>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}] =>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}] =>Adware.Yontoo
[HKLM\Software\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}] =>Toolbar.Agent
[HKLM\Software\Classes\AppID\ScriptHelper.EXE] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search] =>Toolbar.AVGSearch
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi] =>Toolbar.Agent
[HKLM\Software\Classes\ScriptHelper.ScriptHelperApi.1] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE] =>Toolbar.Agent
[HKLM\Software\Classes\ViProtocol.ViProtocolOLE.1] =>Toolbar.Agent
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\Software\Classes\CLSID\{08C06D61-F1F3-4799-86F8-BE1A89362C85}] =>Toolbar.Orange
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search] =>Toolbar.AVGSearch
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] =>Toolbar.Bing
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Classes\CLSID\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1D970ED5-3EDA-438D-BFFD-715931E2775B}] =>Toolbar.Sorcim
[HKLM\Software\Classes\AOLTB.AOLToolBand.1] =>Toolbar.Agent
C:\Program Files\AVG Secure Search =>Toolbar.AVGSearch
C:\Program Files\Common Files\AVG Secure Search =>Toolbar.AVGSearch
C:\ProgramData\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\no�le\AppData\Local\AVG Secure Search =>Toolbar.AVGSearch
C:\Users\no�le\AppData\LocalLow\AVG Secure Search =>Toolbar.AVGSearch
~ Additionnel: Scanned in 00mn 32s
---\\ Product Upgrade Codes (O90)
O90 - PUC: "1397C3BF8DFD90F4587D0CAAD902570F" . (.BESCHERELLE, Le dico des synonymes.) -- C:\Windows\Installer\{FB3C7931-DFD8-4F09-85D7-C0AA9D2075F0}\_6FEFF9B68218417F98F549.exe
~ Update Products: 124 Legitimates Filtered in 00mn 00s
---\\ Etat g�n�ral des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 18/03/2010 113152 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
SR - | Auto 18/12/2012 65192 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Demand 17/04/2013 256904 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
SR - | Auto 02/03/2009 81920 | (AESTFilters) . (.Andrea Electronics Corporation.) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\aestsrv.exe
SR - | Auto 07/03/2013 45248 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
SR - | Demand 03/04/2008 193840 | (Com4QLBEx) . (.Hewlett-Packard Development Company, L.P..) - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\System32\ezsvc7.dll (ezSharedSvc) . (.EasyBits Sofware AS.) - C:\Windows\System32\svchost.exe
SR - | Auto 24/08/2009 69632 | C:\Program Files\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe (FTRTSVC) . (.France Telecom SA.) - C:\Program Files\Common Files\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
SS - | Demand 05/05/2008 165416 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
SR - | Auto 15/11/2010 126520 | (HP Health Check Service) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
SR - | Auto 14/10/2010 92216 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
SR - | Demand 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\System32\svchost.exe
SR - | Demand 14/10/2010 751672 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
SR - | Auto 13/05/2011 26168 | (hpsrv) . (.Hewlett-Packard Company.) - C:\Windows\System32\Hpservice.exe
SS - | Demand 03/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
SR - | Auto 09/06/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 02/10/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\System32\nvvsvc.exe
SS - | Auto 02/10/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe
SR - | Auto 365952 | (Recovery Service for Windows) . (...) - C:\Program Files\SMINST\BLService.exe
SR - | Auto 241734 | (RichVideo) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo.exe
SS - | Auto 28/02/2013 161384 | (SkypeUpdate) . (.Skype Technologies.) - C:\Program Files\Skype\Updater\Updater.exe
SR - | Auto 03/06/2009 217170 | (STacSV) . (.IDT, Inc..) - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_827e372d\STacSV.exe
SR - | Auto 296320 | (TVCapSvc) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
SR - | Auto 116096 | (TVSched) . (...) - C:\Program Files\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
SR - | Auto 990896 | (vToolbarUpdater15.0.0) . (...) - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe =>Toolbar.AVGSearch
SR - | Auto 21/01/2008 21504 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
SR - | Auto 26/09/2008 59376 | ({55662437-DA8C-40c0-AADA-2C816A897A49}) . (.Cyberlink Corp..) - C:\Program Files\Hewlett-Packard\Media\DVD\000.fcl
~ Services: Scanned in 00mn 01s
---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
~ MBR: 1 Legitimates Filtered in 00mn 02s
---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by no�le at 19/04/2013 15:16:43
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ MBR: Scanned in 00mn 04s
~ 1540 Legitimates filtered by white list
End of the scan (572 lines in 04mn 52s)(0)