Rapport de ZHPDiag v1.31.24 par Nicolas Coolman, Update du 22/09/2012 Run by Maxime at 23/09/2012 19:39:33 Web site : http://nicolascoolman.skyrock.com/ State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 GCIE: Google Chrome v21.0.1180.89 (Defaut) ---\\ Windows Product Information ~ Langage: Français Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows(R) 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : HYRR2 Windows License : OK ~ Windows Remaining Initializations Number : 4 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: x86 Family 15 Model 12 Stepping 0, AuthenticAMD ~ Operating System: 32 Bits Boot mode: Normal (Normal boot) Total RAM: 1023 MB (59% free) System Restore: Activé (Enable) System drive C: has 91 GB (69%) free of 130 GB ---\\ Logged in mode ~ Computer Name: MAXIME-PC ~ User Name: Maxime ~ All Users Names: UpdatusUser, Maxime, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Maxime\AppData\Roaming\ ~ %Desktop% : C:\Users\Maxime\Desktop\ ~ %Favorites% : C:\Users\Maxime\Favorites\ ~ %LocalAppData% : C:\Users\Maxime\AppData\Local\ ~ %StartMenu% : C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 91 Go of 130 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 16 Go) E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go) F:\ CD-ROM drive (Not Inserted) G:\ CD-ROM drive (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations UAC deactivate by program [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 06:30:54.) -- C:\Windows\Explorer.exe [2616320] [MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256] [MD5.75A97A2C060E72AB49E071E08C7DD2BA] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.18/09/2012 - 02:19:28.) -- C:\Windows\System32\wininet.dll [1129472] [MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 13:17:54.) -- C:\Windows\System32\Winlogon.exe [286720] [MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 13:21:24.) -- C:\Windows\System32\sppcomapi.dll [193536] [MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:18:03.) -- C:\Windows\system32\Drivers\AFD.sys [338944] [MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -- C:\Windows\system32\Drivers\atapi.sys [21584] [MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:11:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [70656] [MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 09:38:10.) -- C:\Windows\system32\Drivers\Cdrom.sys [108544] [MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 09:42:32.) -- C:\Windows\system32\Drivers\DfsC.sys [78336] [MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 10:59:29.) -- C:\Windows\system32\Drivers\HDAudBus.sys [108544] [MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:11:24.) -- C:\Windows\system32\Drivers\i8042prt.sys [80896] [MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 00:54:29.) -- C:\Windows\system32\Drivers\IpNat.sys [101888] [MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:17:22.) -- C:\Windows\system32\Drivers\MRxSmb.sys [123904] [MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 09:39:44.) -- C:\Windows\system32\Drivers\netBT.sys [187904] [MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 06:39:00.) -- C:\Windows\system32\Drivers\ntfs.sys [1211264] [MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 00:45:35.) -- C:\Windows\system32\Drivers\Parport.sys [79360] [MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [78848] [MD5.B973FCFC50DC1434E1970A146F7E3885] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.20/11/2010 - 11:24:46.) -- C:\Windows\system32\Drivers\rdpdr.sys [133632] [MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 00:53:41.) -- C:\Windows\system32\Drivers\smb.sys [71168] [MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 09:39:17.) -- C:\Windows\system32\Drivers\tdx.sys [74752] [MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 13:30:16.) -- C:\Windows\system32\Drivers\volsnap.sys [245632] ~ Scan Generic Processes in 00mn 01s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes musiques (My Musics) : 1/382 ~ Mes Favoris (My Favorites) : 1/25 ~ Mes Documents (My Documents) : 1/15 ~ Mon Bureau (My Desktop) : 1/13 ~ Menu demarrer (Programs) : 1/27 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.E0D2F6BF46E6053193FAA3E294D657FF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [766536] [PID.2044] [MD5.B70BCC55743C5A5BD7C7C6D6A02BB6F9] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe [604704] [PID.3328] [MD5.EB7CDE6477A62D7A57AA9B2C30769233] - (.Pas de propriétaire - ioCentre.) -- C:\Genius\ioCentre\gTaskBar.exe [61440] [PID.3604] [MD5.19019702F6BB7A0AA867BE9746E6AB40] - (.Glarysoft Ltd - Memory Optimizer.) -- C:\Program Files\Glary Utilities\memdefrag.exe [108384] [PID.3924] [MD5.689FC8FBEA850DFD7A4ABA89D30B3949] - (.Pas de propriétaire - ioCentre.) -- C:\Genius\ioCentre\gMouseTask.exe [299008] [PID.2260] [MD5.A1AB6561BF2F61F4884C817FF54537AD] - (.Pas de propriétaire - ioCentre.) -- C:\Genius\ioCentre\gKbdTask.exe [172032] [PID.1892] [MD5.4F0AFF9C3CBAE23FBD72690CCBC17C6D] - (.ioCentre - ioCentre.) -- C:\Genius\ioCentre\gIoCentreFunMgm.exe [49152] [PID.2380] [MD5.311CCA642D0BFAF29EBC2C0D71CBB286] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [1820520] [PID.2716] [MD5.2E0B0A051FFAA86E358465BB0880D453] - (.Microsoft Corporation - Windows Update.) -- C:\Windows\system32\wuauclt.exe [53784] [PID.2600] [MD5.A1999D0386C241AACEA536FF39E6E2D9] - (...) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [3765248] [PID.2464] ~ Scan Processes Running in 00mn 01s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Maxime\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com # win # 6.0.3.0.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Maxime\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 21 ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [SoundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.exe O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O4 - HKLM\..\Run: [SwitchBoard] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] . (.Adobe Systems Incorporated - Adobe CS6 Service Manager.) -- C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe O4 - HKLM\..\Run: [ioCentre] . (.Pas de propriétaire - ioCentre.) -- C:\Genius\ioCentre\gTaskBar.exe O4 - HKLM\..\Run: [VIARaidUtl] . (.Pas de propriétaire - VIA_RaidTool MFC Application.) -- C:\Program Files\VIA\RAID\raid_tool.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKCU\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe O4 - HKCU\..\Run: [Glary Memory Optimizer] . (.Glarysoft Ltd - Memory Optimizer.) -- C:\Program Files\Glary Utilities\memdefrag.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\Run: [AdobeBridge] Clé orpheline O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\Run: [PC Suite Tray] . (.Nokia - Nokia Launch Application.) -- C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\Run: [Glary Memory Optimizer] . (.Glarysoft Ltd - Memory Optimizer.) -- C:\Program Files\Glary Utilities\memdefrag.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-21-2147875237-430048901-3979125244-1002-2147875237-430048901-3979125244-1000\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Maxime\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe O4 - Global Startup: C:\Users\Maxime\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Maxime\Desktop\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files\JDownloader\JDownloaderPortable.exe O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\JDownloader.lnk . (.AppWork GmbH.) -- C:\Program Files\JDownloader\JDownloaderPortable.exe O4 - Global Startup: C:\Users\Maxime\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe ~ Scan Global Startup in 00mn 00s ---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5) O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no ~ Scan IE Control Panel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} ("Ma-Config.com control) - http://www.ma-config.com/plugins/MaConfig_6_0_2_0.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{85C58D6C-EDF6-4F3C-8DCC-508D38A5842B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{85C58D6C-EDF6-4F3C-8DCC-508D38A5842B}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{85C58D6C-EDF6-4F3C-8DCC-508D38A5842B}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: VRAID Log Service (VRAID Log Service) . (...) - C:\Program Files\VIA\RAID\vialogsv.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\DriverEasy Scheduled Scan.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2147875237-430048901-3979125244-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2147875237-430048901-3979125244-1000UA.job [MD5.1315C5C5C54CE2AA37A155F97027DB59] [APT] [AdobeAAMUpdater-1.0-Maxime-PC-Maxime] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [MD5.45C26D4AF94C4D2335B5960F1D9BCC7D] [APT] [CCleanerSkipUAC] (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe [MD5.BBE0FEAC6A74B78A1AEFD689AE95C4B9] [APT] [DriverEasy Scheduled Scan] (.Easeware.) -- C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [MD5.D65560625F5F6247332D0633F991B0F6] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2147875237-430048901-3979125244-1000Core] (.Google Inc..) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-2147875237-430048901-3979125244-1000UA] (.Google Inc..) -- C:\Users\Maxime\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [{12CCD4AE-759E-45F7-BEAD-B43F748B37AB}] (...) -- C:\Users\Maxime\Downloads\rhine_win7_v1.15a (1)\x86\WinSetup.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{4328349D-FFCF-4515-B0E0-6B901D02481A}] (...) -- D:\A garder\dwa131_drivers_120\dwa131_drivers_120\Setup\Setup.exe (.not file.) [MD5.5DF35F553ECE7D8256E154114C4545B5] [APT] [{82A7B005-E8AA-4E33-8FA4-8A9A8837DA66}] (...) -- D:\Programes d'instal\wlan_163_r105\R105_Logo\Setup.exe [MD5.0F30B7AC2B0505ADC1E9325916365DF0] [APT] [{DC3DEDB4-3D2C-4A2E-96E1-1910705B5921}] (.InstallShield Software Corporation.) -- D:\Programes d'instal\wlan_163_r105\R105_Logo\AMD64\setup.exe [MD5.00000000000000000000000000000000] [APT] [{E8706848-C0D1-4357-9491-6012769DF583}] (...) -- C:\Users\Maxime\Downloads\Rhine_Win7_V1.15A\x86\WinSetup.exe (.not file.) ~ Scan Scheduled Task in 00mn 07s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll O40 - ASIC: Themes Setup - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll O40 - ASIC: Adobe Flash Player 9 ActiveX - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 9.0 r28.) -- C:\Windows\system32\Macromed\Flash\Flash9b.ocx ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys O41 - Driver: C:\Windows\System32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 01s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {14DC0059-00F1-4F62-BD1A-AB23CD51A95E} O42 - Logiciel: Adobe Flash Player 9 ActiveX - (.Adobe Systems.) [HKLM] -- ShockwaveFlash O42 - Logiciel: Adobe Photoshop CS6 - (.Adobe Systems Incorporated.) [HKLM] -- {74EB3499-8B95-4B5C-96EB-7B342F3FD0C6} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Dragonica version TEST - (.Gala Networks Europe Ltd..) [HKLM] -- {46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1 O42 - Logiciel: DriverEasy 4.0.6 - (.Easeware.) [HKLM] -- DriverEasy_is1 O42 - Logiciel: Glary Utilities 2.49.0.1600 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1 O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM] -- 5513-1208-7298-9440 O42 - Logiciel: MSVC80_x86_v2 - (.Nokia.) [HKLM] -- {6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6} O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM] -- {5001D32E-3E0E-4BBE-99E5-C4B3AF54DF49} O42 - Logiciel: Malwarebytes Anti-Malware version 1.65.0.1400 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E} O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702} O42 - Logiciel: Microsoft .NET Framework 4 Extended FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {043F86B7-EE12-3399-B2CA-D0B603D87963} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5} O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C} O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403} O42 - Logiciel: Mises à jour NVIDIA 1.10.8 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel O42 - Logiciel: NVIDIA Pilote graphique 306.23 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: Nokia Connectivity Cable Driver - (.Nokia.) [HKLM] -- {C50EF365-2898-489A-B6C7-30DAA466E9A2} O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- Nokia PC Suite O42 - Logiciel: Nokia PC Suite - (.Nokia.) [HKLM] -- {19DC9559-9C20-4A46-A67D-7ECBA52A2788} O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0} O42 - Logiciel: PDF Settings CS6 - (.Adobe Systems Incorporated.) [HKLM] -- {BFEAAE77-BD7F-4534-B286-9C5CB4697EB1} O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A} O42 - Logiciel: Package de pilotes Windows - Nokia Modem (06/01/2009 7.01.0.4) - (.Nokia.) [HKLM] -- 8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA O42 - Logiciel: Package de pilotes Windows - Nokia Modem (10/05/2009 4.2) - (.Nokia.) [HKLM] -- 05B59228C7E1C21DFBE89260F879BD95880548D8 O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693 O42 - Logiciel: Realtek AC'97 Audio - (.Realtek Semiconductor Corp..) [HKLM] -- {FB08F381-6533-4108-B7DD-039E11FBC27E} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2604121 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656368v2 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656405 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2686827 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2487367 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2656351 O42 - Logiciel: Speccy - (.Piriform.) [HKLM] -- Speccy O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217 O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523 O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217 O42 - Logiciel: VIA Gestionnaire de périphériques de plate-forme - (.VIA Technologies, Inc..) [HKLM] -- InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} O42 - Logiciel: VIA Rhine Family Fast Ethernet Adapter - (.VIA Technologies, Inc..) [HKLM] -- VN_VUIns_Rhine_VIA O42 - Logiciel: WhoCrashed 3.06 - (.Resplendence Software Projects Sp..) [HKLM] -- WhoCrashed_is1 O42 - Logiciel: WinRAR 4.20 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver O42 - Logiciel: ioCentre - (.KYE.) [HKLM] -- {A2B4621B-CEB9-4E44-95FD-3500D4DB3727} ---\\ HKCU & HKLM Software Keys [HKCU\Software\Adobe] [HKCU\Software\AppDataLow] [HKCU\Software\Applications Produites Par AppWizard Locales] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\GlarySoft] [HKCU\Software\Google] [HKCU\Software\INCAInternet] [HKCU\Software\InstallCore] [HKCU\Software\JavaSoft] [HKCU\Software\Macromedia] [HKCU\Software\Malwarebytes' Anti-Malware] [HKCU\Software\MozillaPlugins] [HKCU\Software\NETGEAR] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nokia] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Resplendence Sp] [HKCU\Software\SiS] [HKCU\Software\Trolltech] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\cybelsoft] [HKCU\Software\ej-technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Adobe] [HKLM\Software\AdwCleaner] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\GlarySoft] [HKLM\Software\Google] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\KYE] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MozillaPlugins] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nokia] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PCSuite] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Sonic] [HKLM\Software\V-RAID RAID Tool] [HKLM\Software\VIA Raid Lib] [HKLM\Software\VIA Technologies, Inc] [HKLM\Software\VN_VUIns] [HKLM\Software\Volatile] [HKLM\Software\WinRAR] [HKLM\Software\cybelsoft] [HKLM\Software\ej-technologies] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 19/09/2012 - 09:04:36 - [642,441] ----D C:\Program Files\Adobe O43 - CFD: 21/09/2012 - 08:54:04 - [0,641] ----D C:\Program Files\Atheros O43 - CFD: 16/09/2012 - 20:39:53 - [4,779] ----D C:\Program Files\CCleaner O43 - CFD: 20/09/2012 - 09:21:49 - [741,520] ----D C:\Program Files\Common Files O43 - CFD: 20/09/2012 - 09:22:26 - [1,522] ----D C:\Program Files\DIFX O43 - CFD: 18/09/2012 - 13:17:20 - [79,371] ----D C:\Program Files\DVD Maker O43 - CFD: 19/09/2012 - 20:40:37 - [6,679] ----D C:\Program Files\Easeware O43 - CFD: 15/09/2012 - 19:47:05 - [0] R---D C:\Program Files\Fichiers communs O43 - CFD: 20/09/2012 - 12:25:41 - [21,211] ----D C:\Program Files\Glary Utilities O43 - CFD: 21/09/2012 - 13:51:26 - [15,362] --H-D C:\Program Files\InstallShield Installation Information O43 - CFD: 18/09/2012 - 13:17:20 - [4,937] ----D C:\Program Files\Internet Explorer O43 - CFD: 18/09/2012 - 11:15:20 - [164,787] ----D C:\Program Files\JDownloader O43 - CFD: 21/09/2012 - 12:11:50 - [7,250] ----D C:\Program Files\ma-config.com O43 - CFD: 16/09/2012 - 20:39:44 - [12,665] ----D C:\Program Files\Malwarebytes' Anti-Malware O43 - CFD: 14/07/2009 - 11:01:21 - [140,966] ----D C:\Program Files\Microsoft Games O43 - CFD: 16/09/2012 - 16:16:06 - [0,023] ----D C:\Program Files\Microsoft.NET O43 - CFD: 14/07/2009 - 06:52:30 - [0,025] ----D C:\Program Files\MSBuild O43 - CFD: 21/09/2012 - 13:51:26 - [0] ----D C:\Program Files\NETGEAR O43 - CFD: 20/09/2012 - 09:21:48 - [45,526] ----D C:\Program Files\Nokia O43 - CFD: 20/09/2012 - 09:43:13 - [-1922,371] ----D C:\Program Files\NosTale(FR) O43 - CFD: 21/09/2012 - 12:30:59 - [410,135] ----D C:\Program Files\NVIDIA Corporation O43 - CFD: 20/09/2012 - 09:21:19 - [12,188] ----D C:\Program Files\PC Connectivity Solution O43 - CFD: 16/09/2012 - 20:34:14 - [38,633] ----D C:\Program Files\Realtek AC97 O43 - CFD: 14/07/2009 - 06:52:30 - [37,349] ----D C:\Program Files\Reference Assemblies O43 - CFD: 16/09/2012 - 13:09:11 - [0] ----D C:\Program Files\SFR O43 - CFD: 20/09/2012 - 20:48:53 - [7,148] ----D C:\Program Files\Speccy O43 - CFD: 14/07/2009 - 06:53:23 - [0] --H-D C:\Program Files\Uninstall Information O43 - CFD: 19/09/2012 - 19:54:23 - [8,743] ----D C:\Program Files\VIA O43 - CFD: 19/09/2012 - 12:00:08 - [6,017] ----D C:\Program Files\WhoCrashed O43 - CFD: 18/09/2012 - 13:17:18 - [2,909] ----D C:\Program Files\Windows Defender O43 - CFD: 18/09/2012 - 13:17:20 - [6,689] ----D C:\Program Files\Windows Journal O43 - CFD: 18/09/2012 - 13:17:20 - [5,895] ----D C:\Program Files\Windows Mail O43 - CFD: 18/09/2012 - 13:17:20 - [6,298] ----D C:\Program Files\Windows Media Player O43 - CFD: 15/09/2012 - 19:47:05 - [11,632] ----D C:\Program Files\Windows NT O43 - CFD: 18/09/2012 - 13:17:20 - [4,213] ----D C:\Program Files\Windows Photo Viewer O43 - CFD: 18/09/2012 - 13:17:20 - [0,181] ----D C:\Program Files\Windows Portable Devices O43 - CFD: 18/09/2012 - 13:17:20 - [6,374] ----D C:\Program Files\Windows Sidebar O43 - CFD: 16/09/2012 - 20:31:43 - [4,131] ----D C:\Program Files\WinRAR O43 - CFD: 23/09/2012 - 19:40:14 - [10,003] ----D C:\Program Files\ZHPDiag O43 - CFD: 19/09/2012 - 09:03:46 - [591,323] ----D C:\Program Files\Common Files\Adobe O43 - CFD: 18/09/2012 - 09:23:27 - [39,997] ----D C:\Program Files\Common Files\Adobe AIR O43 - CFD: 15/09/2012 - 20:27:05 - [1,457] ----D C:\Program Files\Common Files\France Telecom O43 - CFD: 15/09/2012 - 22:11:55 - [0] ----D C:\Program Files\Common Files\INCA Shared O43 - CFD: 16/09/2012 - 20:13:34 - [5,222] ----D C:\Program Files\Common Files\InstallShield O43 - CFD: 19/09/2012 - 08:58:36 - [47,530] ----D C:\Program Files\Common Files\microsoft shared O43 - CFD: 20/09/2012 - 09:21:48 - [6,937] ----D C:\Program Files\Common Files\Nokia O43 - CFD: 20/09/2012 - 09:21:49 - [0,084] ----D C:\Program Files\Common Files\PCSuite O43 - CFD: 16/09/2012 - 20:18:58 - [0,003] ----D C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 04:37:05 - [39,200] ----D C:\Program Files\Common Files\SpeechEngines O43 - CFD: 18/09/2012 - 13:17:19 - [9,767] ----D C:\Program Files\Common Files\System O43 - CFD: 20/09/2012 - 02:00:02 - [260,090] ----D C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Application Data O43 - CFD: 15/09/2012 - 19:47:05 - [0] --H-D C:\ProgramData\Bureau O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Documents O43 - CFD: 16/09/2012 - 12:42:22 - [10,307] ----D C:\ProgramData\F-Secure O43 - CFD: 15/09/2012 - 19:47:05 - [0] --H-D C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Favorites O43 - CFD: 20/09/2012 - 09:18:52 - [135,973] ----D C:\ProgramData\Installations O43 - CFD: 21/09/2012 - 12:11:50 - [1,341] ----D C:\ProgramData\ma-config.com O43 - CFD: 16/09/2012 - 14:01:58 - [7,373] ----D C:\ProgramData\Malwarebytes O43 - CFD: 15/09/2012 - 19:47:05 - [0] --H-D C:\ProgramData\Menu Démarrer O43 - CFD: 15/09/2012 - 20:26:48 - [335,291] -S--D C:\ProgramData\Microsoft O43 - CFD: 15/09/2012 - 19:47:05 - [0] --H-D C:\ProgramData\Modèles O43 - CFD: 21/09/2012 - 13:44:18 - [0,038] ----D C:\ProgramData\NETGEAR O43 - CFD: 15/09/2012 - 22:21:38 - [4,090] ----D C:\ProgramData\Nexon O43 - CFD: 21/09/2012 - 12:31:04 - [0,459] ----D C:\ProgramData\NVIDIA O43 - CFD: 20/09/2012 - 21:21:40 - [2,471] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 20/09/2012 - 09:22:28 - [0] ----D C:\ProgramData\PC Suite O43 - CFD: 19/09/2012 - 09:06:21 - [0,002] ----D C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Start Menu O43 - CFD: 14/07/2009 - 06:53:55 - [0] --H-D C:\ProgramData\Templates O43 - CFD: 20/09/2012 - 15:56:04 - [7,194] ----D C:\Users\Maxime\AppData\Roaming\Adobe O43 - CFD: 18/09/2012 - 09:23:50 - [0,041] ----D C:\Users\Maxime\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 15/09/2012 - 22:12:14 - [0,000] ----D C:\Users\Maxime\AppData\Roaming\DragonicaECB O43 - CFD: 19/09/2012 - 20:40:51 - [222,229] ----D C:\Users\Maxime\AppData\Roaming\Easeware O43 - CFD: 20/09/2012 - 12:25:28 - [0,034] ----D C:\Users\Maxime\AppData\Roaming\GlarySoft O43 - CFD: 15/09/2012 - 19:47:32 - [0] ----D C:\Users\Maxime\AppData\Roaming\Identities O43 - CFD: 15/09/2012 - 19:57:41 - [0] ----D C:\Users\Maxime\AppData\Roaming\InstallShield O43 - CFD: 15/09/2012 - 20:42:21 - [0,054] ----D C:\Users\Maxime\AppData\Roaming\Macromedia O43 - CFD: 16/09/2012 - 14:02:07 - [0,002] ----D C:\Users\Maxime\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 11:00:32 - [0] ----D C:\Users\Maxime\AppData\Roaming\Media Center Programs O43 - CFD: 15/09/2012 - 21:07:46 - [0,733] -S--D C:\Users\Maxime\AppData\Roaming\Microsoft O43 - CFD: 17/09/2012 - 10:35:00 - [0,004] ----D C:\Users\Maxime\AppData\Roaming\Mipony O43 - CFD: 20/09/2012 - 09:30:35 - [0,001] ----D C:\Users\Maxime\AppData\Roaming\Nokia O43 - CFD: 20/09/2012 - 13:41:28 - [0,032] ----D C:\Users\Maxime\AppData\Roaming\NVIDIA O43 - CFD: 20/09/2012 - 09:22:32 - [0,000] ----D C:\Users\Maxime\AppData\Roaming\PC Suite O43 - CFD: 15/09/2012 - 21:40:30 - [0,000] ----D C:\Users\Maxime\AppData\Roaming\WinRAR O43 - CFD: 23/09/2012 - 17:47:34 - [2,487] ----D C:\Users\Maxime\AppData\Local\Adobe O43 - CFD: 15/09/2012 - 19:47:20 - [0] ----D C:\Users\Maxime\AppData\Local\Application Data O43 - CFD: 15/09/2012 - 20:47:47 - [1,507] ----D C:\Users\Maxime\AppData\Local\Apps O43 - CFD: 15/09/2012 - 20:50:30 - [0] ----D C:\Users\Maxime\AppData\Local\Deployment O43 - CFD: 15/09/2012 - 19:59:39 - [0,181] ----D C:\Users\Maxime\AppData\Local\Diagnostics O43 - CFD: 15/09/2012 - 20:16:56 - [0,133] ----D C:\Users\Maxime\AppData\Local\ElevatedDiagnostics O43 - CFD: 15/09/2012 - 21:13:08 - [422,302] ----D C:\Users\Maxime\AppData\Local\Google O43 - CFD: 15/09/2012 - 19:47:20 - [0] ----D C:\Users\Maxime\AppData\Local\Historique O43 - CFD: 19/09/2012 - 09:35:06 - [33,782] ----D C:\Users\Maxime\AppData\Local\Microsoft O43 - CFD: 23/09/2012 - 19:39:52 - [7,445] ----D C:\Users\Maxime\AppData\Local\Temp O43 - CFD: 15/09/2012 - 19:47:20 - [0] ----D C:\Users\Maxime\AppData\Local\Temporary Internet Files O43 - CFD: 16/09/2012 - 12:08:45 - [0] ----D C:\Users\Maxime\AppData\Local\VirtualStore O43 - CFD: 16/09/2012 - 20:18:46 - [0,014] R---D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 18/09/2012 - 13:28:09 - [0,000] R---D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/09/2012 - 20:18:46 - [0,005] ----D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 16/09/2012 - 20:18:46 - [0,001] R---D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 18/09/2012 - 13:28:09 - [0,000] R---D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 16/09/2012 - 20:31:47 - [0,003] ----D C:\Users\Maxime\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR ~ Scan Program Folder in 00mn 15s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.3F27D0EC3CC16EE083E9579EB4D64A60] - 23/09/2012 - 18:38:33 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1936400] O44 - LFC:[MD5.1AE2DAE4AC4FC493DC5276688DB3EF57] - 23/09/2012 - 16:59:08 ---A- . (...) -- C:\Windows\setupact.log [504] O44 - LFC:[MD5.2FF65D1942E00065CBD0A4D23B55D202] - 23/09/2012 - 16:59:06 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.3FF45EE4415A9A2ABABBDE90436AE694] - 23/09/2012 - 16:59:03 ---A- . (...) -- C:\Windows\MEMORY.DMP [110627394] O44 - LFC:[MD5.185F24CEE597B6BD57B7BC6FA992CF93] - 21/09/2012 - 18:57:23 ---A- . (...) -- C:\Windows\ntbtlog.txt [50592] O44 - LFC:[MD5.C49F2C1E7C398FC42B49A70BA817734B] - 21/09/2012 - 13:25:23 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\arusb_win7.sys [609280] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 21/09/2012 - 13:10:49 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.E023AEC59B4C1E0F2015F60FE6BDFB7D] - 20/09/2012 - 19:24:05 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3664264] O44 - LFC:[MD5.50830161C30CD736AD1466E372B32A36] - 20/09/2012 - 08:22:47 ---A- . (...) -- C:\Windows\System32\perfc009.dat [120770] O44 - LFC:[MD5.6DF983793259F9B990EF82981BE22AD3] - 20/09/2012 - 08:22:47 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [148474] O44 - LFC:[MD5.5C08F081CCCA5A6A0499AA2A8A1D3D75] - 20/09/2012 - 08:22:47 ---A- . (...) -- C:\Windows\System32\perfh009.dat [651838] O44 - LFC:[MD5.B6B4AA983BAB1CE8759D42D4A0097536] - 20/09/2012 - 08:22:47 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [744956] O44 - LFC:[MD5.6C63A66663027EA4F36076B994D6A6A0] - 20/09/2012 - 08:22:46 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1661282] O44 - LFC:[MD5.FD2041E9BA03DB7764B2248F02475079] - 20/09/2012 - 08:21:35 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\Windows\System32\Drivers\pccsmcfd.sys [18816] O44 - LFC:[MD5.2E486A19CF9DF98714BC68977665CE85] - 20/09/2012 - 08:20:58 ---A- . (.Nokia - Wireless Communication Device Class Install.) -- C:\Windows\System32\nmwcdcls.dll [91136] O44 - LFC:[MD5.D4692D4CBBDE6A622A47F63D2CCC26C5] - 20/09/2012 - 07:32:50 ---A- . (.Pas de propriétaire - Extended function Driver.) -- C:\Windows\System32\Drivers\gHidPnp.sys [20480] O44 - LFC:[MD5.D7B70109E9589D5F3C3CCDD6BA76E0C1] - 20/09/2012 - 07:32:50 ---A- . (.Pas de propriétaire - WDM NULL filter driver.) -- C:\Windows\System32\Drivers\gMouUsb.sys [11520] O44 - LFC:[MD5.56781F90D4BB9B420114BA3285D5D6BF] - 20/09/2012 - 07:28:59 ---A- . (.Pas de propriétaire - Windows network adapter uninstaller.) -- C:\Windows\System32\vuins32.dll [69632] O44 - LFC:[MD5.6D0DEDB7C9B2FC3D99C9F46D90AAE179] - 19/09/2012 - 18:48:02 ---A- . (.VIA Technologies, Inc. - NDIS 6.2 miniport driver.) -- C:\Windows\System32\Drivers\fetn62.sys [53872] O44 - LFC:[MD5.C147AFA614B9925479D47CD173329789] - 19/09/2012 - 18:48:01 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\System32\Drivers\videX32.sys [13976] O44 - LFC:[MD5.D9AE4157DA14B7DC9061B93CF789275A] - 19/09/2012 - 09:36:43 ---A- . (.INCA Internet Co., Ltd. - nProtect Game Monitor Rev 1865.) -- C:\Windows\System32\GameMon.des [3975544] O44 - LFC:[MD5.9131FE60ADFAB595C8DA53AD6A06AA31] - 19/09/2012 - 09:30:22 ---A- . (.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) -- C:\Windows\System32\npptNT2.sys [4682] O44 - LFC:[MD5.518318A103C888001054EFA1236E5033] - 18/09/2012 - 09:20:25 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\System32\dfshim.dll [1130824] O44 - LFC:[MD5.A04C06A2142226D79DDA75920A496243] - 18/09/2012 - 09:20:13 ---A- . (.Pas de propriétaire - RemoteFX Helper.) -- C:\Windows\System32\RDVGHelper.exe [80896] O44 - LFC:[MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - 18/09/2012 - 09:19:42 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\System32\DShowRdpFilter.dll [252928] O44 - LFC:[MD5.39B9273CA01364E115B464416CFB729B] - 18/09/2012 - 09:19:02 ---A- . (.Microsoft - robocopy.) -- C:\Windows\System32\Robocopy.exe [98816] O44 - LFC:[MD5.737AFC772243C75E6AD17A7A8E8E23F9] - 18/09/2012 - 09:18:45 ---A- . (.Windows (R) Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\System32\fms.dll [93696] O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 18/09/2012 - 09:18:41 ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\Windows\twain_32.dll [51200] O44 - LFC:[MD5.EB6C16CE0163AD282E95FCE5EE9BA518] - 18/09/2012 - 09:18:27 ---A- . (.Pas de propriétaire - Application PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048] O44 - LFC:[MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - 18/09/2012 - 09:18:26 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944] O44 - LFC:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 18/09/2012 - 07:31:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) -- C:\Windows\System32\Drivers\nvstor.sys [143744] O44 - LFC:[MD5.D320BF87125326F996D4904FE24300FC] - 18/09/2012 - 07:30:59 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\Drivers\amdsata.sys [80256] O44 - LFC:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 18/09/2012 - 07:30:59 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\Drivers\amdxata.sys [22400] O44 - LFC:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 18/09/2012 - 07:30:59 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\Drivers\iaStorV.sys [332160] O44 - LFC:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 18/09/2012 - 07:30:59 ---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -- C:\Windows\System32\Drivers\nvraid.sys [117120] O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 18/09/2012 - 02:19:28 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 17/09/2012 - 09:57:25 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [0] O44 - LFC:[MD5.C5ACDBF61DF211BDCC2B5021B1405BB0] - 17/09/2012 - 09:13:18 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304] O44 - LFC:[MD5.ED4649A28AFE0B3DB93C3198BA48E34E] - 17/09/2012 - 09:13:18 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912] O44 - LFC:[MD5.5A848E27E532C6A7A3C965D21EBEBD00] - 16/09/2012 - 19:33:55 ---A- . (.Realtek Semiconductor Corp. - Realtek Audio Control Panel.) -- C:\Windows\System32\RTLCPL.EXE [10975264] O44 - LFC:[MD5.8AE081B2663BCF5A5D8B109D33218300] - 16/09/2012 - 19:33:51 ---A- . (.Realtek Semiconductor Corp. - Realtek AC97 Audio Control Panel.) -- C:\Windows\System32\ALSNDMGR.CPL [19036704] O44 - LFC:[MD5.B70BCC55743C5A5BD7C7C6D6A02BB6F9] - 16/09/2012 - 19:33:50 ---A- . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\Windows\SOUNDMAN.EXE [604704] O44 - LFC:[MD5.3F7A615CA47CF0ACE308D408BD49B3CB] - 16/09/2012 - 19:33:49 ---A- . (.Pas de propriétaire - RtlCPAPI Module.) -- C:\Windows\System32\RTLCPAPI.dll [154144] O44 - LFC:[MD5.7997B6F02CBDA0E31FA18CC85871B938] - 16/09/2012 - 19:33:49 ---A- . (.Realtek Semiconductor Corp. - Realtek AC'97 Audio Driver (WDM).) -- C:\Windows\System32\Drivers\RTKVAC.SYS [4172832] O44 - LFC:[MD5.874C114237165323DD8C24ABFEA176C2] - 16/09/2012 - 19:33:42 ---A- . (.Realtek Semiconductor Corp. - Realtek LFX/GFX DSP UI component for Window.) -- C:\Windows\System32\RtkPgExt.dll [965664] O44 - LFC:[MD5.F3C87FBD23BB39C9828C4AC5E3231873] - 16/09/2012 - 19:33:42 ---A- . (.Realtek Semiconductor Corp. - RtkCfg.dll.) -- C:\Windows\System32\RtkCfg.dll [141856] O44 - LFC:[MD5.A3CF502659EF4EBA42C70E832ED967ED] - 16/09/2012 - 19:33:41 ---A- . (.Realtek Semiconductor Corp. - Driver Update for Windows x64 or x86_32.) -- C:\Windows\alcupd.exe [315392] O44 - LFC:[MD5.340AACBBB9DEAAB3BF43BD1139A629E0] - 16/09/2012 - 19:33:41 ---A- . (.Realtek Semiconductor Corp. - Realtek(r) LFX/GFX DSP component.) -- C:\Windows\System32\RtkAPO.dll [2510368] O44 - LFC:[MD5.4B3233D74CD69091244E6B78B2BE3630] - 16/09/2012 - 19:33:40 ---A- . (.Realtek Semiconductor Corp. - Driver Removing for Windows x64 or x86_32.) -- C:\Windows\alcrmv.exe [223776] O44 - LFC:[MD5.9BD2CE6A5F3D6C82E6D11104E876FD26] - 16/09/2012 - 19:33:14 ---A- . (.Realtek Semiconductor Corp. - Hide Windows.) -- C:\Windows\HideWin.exe [319488] O44 - LFC:[MD5.0EF88090E9E33F74C83810A63492C366] - 16/09/2012 - 19:33:14 ---A- . (.Realtek Semiconductor Corp. - RtlExUpd DLL for setup utility function.) -- C:\Windows\RtlExUpd.dll [524288] O44 - LFC:[MD5.93EA7D94959BEF66D0E4ADBC8CE4E073] - 15/09/2012 - 19:25:30 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driv.) -- C:\Windows\System32\Drivers\WLANUHN.sys [453120] O44 - LFC:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 15/09/2012 - 19:23:39 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCAMp50.sys [28224] O44 - LFC:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 15/09/2012 - 19:23:39 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\System32\Drivers\PCASp50.sys [27072] O44 - LFC:[MD5.2CB0A80F5D1EEE0F1A7C64BE8500FB0A] - 15/09/2012 - 19:12:04 ---A- . (.Politecnico di Torino - NPF Driver - TME extensions.) -- C:\Windows\System32\Drivers\sisnpf.sys [31872] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/09/2012 - 19:11:59 ---A- . (...) -- C:\Windows\System32\wunilog.ini [0] O44 - LFC:[MD5.C3727A0867CFC3E057080C321DB58A15] - 15/09/2012 - 18:43:18 ---A- . (...) -- C:\Windows\System32\license.rtf [57704] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 15/09/2012 - 18:41:26 --HA- . (...) -- C:\Windows\System32\Drivers\Msft_User_WpdFs_01_09_00.Wdf [0] O44 - LFC:[MD5.65E794E86468B61F2BC79ABC48BC4433] - 07/09/2012 - 16:04:46 ---A- . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Windows\System32\Drivers\mbam.sys [22856] O44 - LFC:[MD5.E3220959586B5FE3BE9F32B6BCF2FC41] - 30/08/2012 - 20:13:00 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [12956] O44 - LFC:[MD5.81B28189DBEB342A1E7707D0849A634B] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdispco32.dll [1009512] O44 - LFC:[MD5.56B792FC60D844A46AD48521858EB0C4] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvdispgenco32.dll [888168] O44 - LFC:[MD5.29721466E0130C298DA309CD74325D73] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.23.) -- C:\Windows\System32\nvcuda.dll [7626088] O44 - LFC:[MD5.11B15FA6508EFB891F225C4C8B376DFC] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 306.23.) -- C:\Windows\System32\nvopencl.dll [6109032] O44 - LFC:[MD5.E47AF4EAEAADBE8A88D9D3EAD0BA3440] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 306.2.) -- C:\Windows\System32\nvcuvid.dll [2573672] O44 - LFC:[MD5.EFAA72B604FA513CE83DABF23B2321E9] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 306.23.) -- C:\Windows\System32\nvcuvenc.dll [1866088] O44 - LFC:[MD5.C0FEF9AF70BA0FEFB94C1323635EEA51] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvoglv32.dll [19828584] O44 - LFC:[MD5.BC685C4DF101BF99E97B34B7ACA3F207] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 306.23.) -- C:\Windows\System32\nvcompiler.dll [17559912] O44 - LFC:[MD5.97F064EA7D1240ADA38657E249EB3C5B] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 306.23.) -- C:\Windows\System32\nvapi.dll [2422120] O44 - LFC:[MD5.0C1C10223C7627D656ED1DA67E3F6E73] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 306.23.) -- C:\Windows\System32\nvd3dum.dll [15291752] O44 - LFC:[MD5.D3F22DA8F670EFD15D348B5952769CEF] - 30/08/2012 - 20:13:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\Drivers\nvlddmkm.sys [10790760] O44 - LFC:[MD5.A3B80E6B7CDE9660F639658739A5824E] - 30/08/2012 - 16:57:55 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvvsvc.exe [645992] O44 - LFC:[MD5.692A2ECA4ACB58BB337EE084E414B132] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvsvcr.dll [2557288] O44 - LFC:[MD5.3DC8C008A20E0C356E8DA65B2DA5CA83] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\System32\nvmctray.dll [108392] O44 - LFC:[MD5.4582878C3BBBF2005A2DC4F2726C4A5A] - 30/08/2012 - 16:57:54 ---A- . (.NVIDIA Corporation - Pas de description.) -- C:\Windows\System32\nvshext.dll [62312] O44 - LFC:[MD5.3CB15ED250A70B9FA3FF5AA125362A63] - 30/08/2012 - 16:57:32 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\System32\nvcpl.dll [3963240] O44 - LFC:[MD5.56139C1B79B6EE0C6D02754F3F70892F] - 30/08/2012 - 16:57:27 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 306.2.) -- C:\Windows\System32\nvsvc.dll [2836840] O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 20/11/2010 - 06:23:54 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600] O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 04:52:32 ---A- . (...) -- C:\Windows\System32\locale.nls [419880] O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 02:45:49 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429] O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 05/11/2010 - 03:20:53 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852] O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 03:20:45 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559] O44 - LFC:[MD5.18485C88BCE2BF805CF53C199A364189] - 05/08/2005 - 01:28:56 ---A- . (...) -- C:\Windows\System32\unWdWu.exe [49152] O44 - LFC:[MD5.FB820C142B89F3037B8BEE0968B0276B] - 20/07/2003 - 10:17:16 ---A- . (...) -- C:\Windows\System32\nppt9x.vxd [5174] O44 - LFC:[MD5.C99E22EFE74C8B3EFF93E227472FE247] - 05/02/2002 - 12:54:58 ---A- . (...) -- C:\Windows\System32\ALSNDMGR.WAV [141016] ~ Scan Files in 00mn 38s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) (None) ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) (None) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [422976] O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\System32\ANSI.SYS [9029] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 16/11/2006 - C:\Windows\System32\Drivers\DNISp50.sys (DNISp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_DNISP50 O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys (driverhardwarev2) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2 O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY O64 - Services: CurCS - 07/09/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR O64 - Services: CurCS - 04/01/2005 - C:\Windows\system32\npptNT2.sys (NPPTNT2) .(.INCA Internet Co., Ltd. - nProtect NPSC Kernel Mode Driver for NT.) - LEGACY_NPPTNT2 O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV O64 - Services: CurCS - 14/07/2009 - C:\Windows\System32\drivers\viaide.sys (viaide) .(.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) - LEGACY_VIAIDE ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> [HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> [HKCU\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.bat> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> [HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> [HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> [HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> [HKCR\..\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe O67 - Shell Spawning: <.js> [HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> [HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe O68 - StartMenuInternet: [HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\Maxime\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.) O68 - StartMenuInternet: [HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (Bing) - http://www.bing.com O69 - SBI: SearchScopes [HKCU] {6A3DC86E-C999-40DA-B3C0-A73C683C083A} - (Google) - http://www.google.com ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [168960] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [593408] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [674304] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473600] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [286208] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -- C:\Windows\System32\tapisrv.dll [242176] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [521216] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\System32\wuaueng.dll [1933848] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [585728] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [499712] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [47104] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [114688] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [49664] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [164352] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [750592] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [71168] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [113664] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [168960] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102912] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [37376] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800] O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504] ~ Scan Services in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{1CCFE52A-6179-4E1F-9593-8CB07A363E63}" | In - Public - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{7609ED96-6A6E-419C-9F24-3D555D5F94CB}" | In - Public - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "TCP Query User{82323CD1-7ACB-4339-A645-7F8713C12171}C:\program files\jdownloader\jre\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\program files\jdownloader\jre\bin\javaw.exe O87 - FAEL: "UDP Query User{5F7DEE18-4FD2-4771-B053-E927D0941EE3}C:\program files\jdownloader\jre\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\program files\jdownloader\jre\bin\javaw.exe O87 - FAEL: "{62E7C75E-D0ED-401B-916F-8A9D07994765}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{0BDC7400-DF19-4AC0-8452-DA54CC92EAA6}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\maconfservice.exe O87 - FAEL: "{A69E385C-336E-442D-ABE0-65885CF769C6}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O87 - FAEL: "{6E13CCF0-6BAE-4ED6-9515-652AC619DAF7}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe ~ Scan Firewall in 00mn 01s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 20/09/2012 312264 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\maconfservice.exe SR - | Auto 07/09/2012 399432 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe SR - | Auto 07/09/2012 676936 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe SS - | Demand 09/05/2012 3975544 | (npggsvc) . (.INCA Internet Co., Ltd..) - C:\Windows\system32\GameMon.des SR - | Auto 30/08/2012 645992 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 30/08/2012 1258856 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe SR - | Demand 27/10/2009 657408 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 55920 | (VRAID Log Service) . (...) - C:\Program Files\VIA\RAID\vialogsv.exe SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 14/07/2009 20992 | C:\Windows\System32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 10s End of the scan (906 lines in 02mn 06s)(0)