casimir2004

Membres

Afficher le profil Afficher son activité

Compteur de contenus
104
Inscription
le 22 octobre 2006
Dernière visite
le 1 septembre 2015

Type de contenu

Toute l’activité

Profils

Forums

Blogs

Tout ce qui a été posté par casimir2004

Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonjour, Le pc fonctionne beaucoup mieux, et sans détection de virus. Merci pour vos conseis et différentes manipulations. A+
- le 6 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Kaspery rapport: Download Kaspery.txt from Sendspace.com - send big files the easy way
- le 3 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Lien CJoint.com BHctzlo9Sog
- le 2 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

ComboFix 12-07-31.03 - Famille Meyer 01/08/2012 22:51:33.2.8 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6103.3924 [GMT 2:00] Lancé depuis: c:\users\Famille Meyer\Desktop\ComboFix.exe Commutateurs utilisés :: c:\users\Famille Meyer\Desktop\CFScript.txt AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\FAMILL~1\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll c:\users\Famille Meyer\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-01 au 2012-08-01 )))))))))))))))))))))))))))))))))))) . . 2012-08-01 20:56 . 2012-08-01 20:56 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-01 20:56 . 2012-08-01 20:56 -------- d-----w- c:\users\Rémy\AppData\Local\temp 2012-08-01 20:56 . 2012-08-01 20:56 -------- d-----w- c:\users\Default\AppData\Local\temp 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{E6846CA8-9CBA-425F-848B-BC6932D3C888} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{801B41C5-E4BD-4601-8679-CB1E39A5BD52} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{8E930C39-7CFD-45A3-A368-EFB1CF9656C4} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{48D8D874-6FF0-46E1-8625-9C08DB8335CD} 2012-07-28 21:31 . 2012-07-28 21:32 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Skype 2012-07-28 21:31 . 2012-07-28 21:31 -------- d-----r- c:\program files (x86)\Skype 2012-07-28 21:31 . 2012-07-28 21:31 -------- d-----w- c:\programdata\Skype 2012-07-28 05:34 . 2012-07-28 05:34 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\PMS 2012-07-27 18:23 . 2012-08-01 17:48 -------- d-----w- c:\program files (x86)\ZHPDiag 2012-07-27 08:48 . 2012-07-27 08:49 -------- d-----w- c:\users\Rémy\AppData\Local\{1665EC99-BC63-4CE0-A438-D3A5C002BA60} 2012-07-26 19:03 . 2012-07-26 19:03 -------- d-----w- c:\users\Rémy\AppData\Local\{3631E458-46E2-42F2-8823-647023F971DB} 2012-07-26 19:03 . 2012-07-27 08:48 -------- d-----w- c:\users\Rémy\AppData\Local\{ABD81BCE-7D6F-4714-AE96-8C6D69666910} 2012-07-26 07:02 . 2012-07-26 07:03 -------- d-----w- c:\users\Rémy\AppData\Local\{70D02D13-2FE8-483D-A44E-C86C73DF640D} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{04A41701-9651-4B5A-92A8-44BAA0A85A37} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{4ECDBADF-91B2-425A-8DFD-84A3A89E4596} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{24D2B8FD-161A-4EDE-9F08-BB2AD257787C} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{02D1C752-960A-4C95-8CD1-EB888940E021} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{B584CE86-6513-48F4-8DBC-77F2F51E4FD9} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{33E6E66C-1706-4EE7-A0B3-575809E97C07} 2012-07-22 14:01 . 2012-07-22 14:01 -------- d-----w- c:\users\Rémy\AppData\Local\{8B0B3468-D692-40A7-9238-66E1E3A06025} 2012-07-22 14:00 . 2012-07-22 14:01 -------- d-----w- c:\users\Rémy\AppData\Local\{AE8D6F79-D3B0-433D-80D5-62F74180817E} 2012-07-22 14:00 . 2012-07-22 14:00 -------- d-----w- c:\users\Rémy\AppData\Local\{BFE96AB6-112F-4C45-A540-3788EFB2D33C} 2012-07-22 14:00 . 2012-07-22 14:00 -------- d-----w- c:\users\Rémy\AppData\Local\{407F148E-9861-4D68-9003-E10BE8EDD50D} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{CBB51232-17E8-4C25-8292-9DD3FD18B5FF} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{8BDA1E9F-3B75-4E5D-82EE-82FD128062F6} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{1BAC53DD-CA39-416F-9253-AC0A663BD850} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{8BF8C4FB-A679-4F75-81A1-D8752E19E3FD} 2012-07-18 07:49 . 2012-07-18 07:50 -------- d-----w- c:\users\Rémy\AppData\Local\{0B9439B8-CE73-4598-B589-7766636AAEFB} 2012-07-18 07:49 . 2012-07-18 07:49 -------- d-----w- c:\users\Rémy\AppData\Local\{B052FEF5-30F7-423C-8D1E-328DD4620412} 2012-07-18 07:49 . 2012-07-18 07:49 -------- d-----w- c:\users\Rémy\AppData\Local\{CD00095B-E498-4ECE-A6D3-30A1AA6DA842} 2012-07-17 15:10 . 2012-07-17 15:11 -------- d-----w- c:\users\Rémy\AppData\Local\{E0392C27-47CF-4210-84A6-B95EAC58EFB9} 2012-07-17 15:10 . 2012-07-17 15:10 -------- d-----w- c:\users\Rémy\AppData\Local\{67065D77-425F-4975-BB73-F042C222930B} 2012-07-17 15:10 . 2012-07-17 15:10 -------- d-----w- c:\users\Rémy\AppData\Local\{DAE39543-2B65-4871-8667-B215F15B0F7C} 2012-07-15 13:16 . 2012-07-15 13:16 -------- d-----w- c:\users\Rémy\AppData\Local\{D1B91C14-D3FA-4ECA-8C9C-04168CFAC634} 2012-07-15 13:15 . 2012-07-15 13:16 -------- d-----w- c:\users\Rémy\AppData\Local\{50AD798B-2EFB-41E3-9163-DAFAD5797784} 2012-07-15 13:15 . 2012-07-15 13:15 -------- d-----w- c:\users\Rémy\AppData\Local\{980822AB-D654-4353-87E7-DC24FF6F7572} 2012-07-15 13:15 . 2012-07-15 13:15 -------- d-----w- c:\users\Rémy\AppData\Local\{257B53EA-681A-43D5-AC6F-5C11FBC79C99} 2012-07-15 07:39 . 2012-07-15 07:50 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Systweak 2012-07-15 07:39 . 2012-07-13 10:53 18856 ----a-w- c:\windows\system32\roboot64.exe 2012-07-14 06:07 . 2012-07-14 06:07 -------- d-----w- c:\users\Rémy\AppData\Local\{BCFE8BED-86F1-43AC-96ED-277C91EF5DD1} 2012-07-14 06:07 . 2012-07-14 06:07 -------- d-----w- c:\users\Rémy\AppData\Local\{8201180D-17EF-4B83-B476-1F65234A6627} 2012-07-14 06:06 . 2012-07-14 06:06 -------- d-----w- c:\users\Rémy\AppData\Local\{8D09B695-EDB6-4D8E-9AA7-DC930D52B76C} 2012-07-14 06:06 . 2012-07-14 06:06 -------- d-----w- c:\users\Rémy\AppData\Local\{EC31E66B-CDC9-4A14-94D3-04C4AA23A7D7} 2012-07-12 16:10 . 2012-07-12 16:11 -------- d-----w- c:\users\Rémy\AppData\Local\{A0DDA4A2-5F8C-4395-B33E-4B71B020571D} 2012-07-12 16:10 . 2012-07-12 16:10 -------- d-----w- c:\users\Rémy\AppData\Local\{7BD4D19C-3650-4A8C-ABDE-663652CB32BE} 2012-07-12 16:10 . 2012-07-12 16:10 -------- d-----w- c:\users\Rémy\AppData\Local\{8D59AD13-9A5B-405E-BD8C-B3E200FC937A} 2012-07-11 18:23 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 15:37 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 15:36 . 2012-07-11 15:36 -------- d-----w- c:\users\Rémy\AppData\Local\{22C3F9A3-AD7F-4ED3-82F6-346D78DBBABB} 2012-07-11 15:35 . 2012-07-11 15:36 -------- d-----w- c:\users\Rémy\AppData\Local\{8358823B-1FC4-43D4-8198-7E82D1C52629} 2012-07-11 15:35 . 2012-07-11 15:35 -------- d-----w- c:\users\Rémy\AppData\Local\{9FF1CA16-8DCF-47DE-B558-4FE160941259} 2012-07-11 15:35 . 2012-07-11 15:35 -------- d-----w- c:\users\Rémy\AppData\Local\{62E98F92-AFD7-49BE-8C68-5A618AE51BE9} 2012-07-10 19:03 . 2012-07-28 21:15 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2012-07-10 15:42 . 2012-07-10 15:42 -------- d-----w- c:\users\Rémy\AppData\Local\{09BB5E1E-50D9-4BE1-BE86-E69E80CBC589} 2012-07-10 15:41 . 2012-07-10 15:42 -------- d-----w- c:\users\Rémy\AppData\Local\{9470E399-6C6D-4CE4-8286-10359206ED42} 2012-07-10 15:41 . 2012-07-10 15:41 -------- d-----w- c:\users\Rémy\AppData\Local\{5974CF93-8F43-45C1-BD33-0C4D1FD9BD6D} 2012-07-10 15:41 . 2012-07-10 15:41 -------- d-----w- c:\users\Rémy\AppData\Local\{1AC2CF85-7B9F-46CE-A480-B862646CD91B} 2012-07-09 19:39 . 2012-07-09 19:39 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-07-09 19:39 . 2012-07-09 19:39 -------- d-----w- c:\program files (x86)\Java 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{B65533A9-7AB6-400F-98AA-BB33BD543EAA} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{D4FE8AEE-F52E-4A81-92F3-736A80849D1C} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{475ED156-86F6-46CD-A316-8CA09047D13D} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{299724FF-9A66-4608-ADA6-71495A99231A} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{B480D18B-7229-4F7E-BAC7-EDF3E3068B6B} 2012-07-08 10:38 . 2012-07-08 10:38 -------- d-----w- c:\users\Rémy\AppData\Local\{0500A084-2B52-44C2-BD86-F448B97A1CDB} 2012-07-08 10:38 . 2012-07-08 10:38 -------- d-----w- c:\users\Rémy\AppData\Local\{66B3EBD4-C638-4885-BF00-B048BD310B01} 2012-07-08 10:37 . 2012-07-08 10:37 -------- d-----w- c:\users\Rémy\AppData\Local\{88B98D72-28E9-4231-97B6-59ED77FC1D4E} 2012-07-08 10:37 . 2012-07-08 10:37 -------- d-----w- c:\users\Rémy\AppData\Local\{B871A454-CC15-4258-B714-2F306240B7BB} 2012-07-07 08:27 . 2012-07-07 08:27 -------- d-----w- c:\users\Rémy\AppData\Local\{F002E24B-3797-4A3A-8B37-FE7E63F47557} 2012-07-06 18:04 . 2012-07-06 18:04 -------- d-----w- c:\users\Rémy\AppData\Roaming\Unity 2012-07-06 18:04 . 2012-07-06 18:04 -------- d-----w- c:\users\Rémy\AppData\Local\Unity 2012-07-06 07:40 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{704D3EEF-B765-4B22-B975-ACC2C1DC5AFF} 2012-07-06 07:40 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{0D6FD283-0F6D-4C9A-8C6C-0CBD753311D0} 2012-07-06 07:39 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{5C8EDE9C-B040-432C-A603-5058BA7FB800} 2012-07-06 07:39 . 2012-07-07 08:27 -------- d-----w- c:\users\Rémy\AppData\Local\{DDD79BAC-4DFF-4297-B578-E1BE647A2638} 2012-07-05 19:37 . 2012-07-05 19:37 -------- d-----w- c:\users\Famille Meyer\AppData\Local\Symantec 2012-07-05 08:55 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{9E5BD79E-ACC1-40E8-A059-0F5FD55AA57F} 2012-07-05 08:55 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{DEEBE4B8-29CA-47BC-800B-34BE2B6E3FE6} 2012-07-05 08:54 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{77F5FC44-696C-4B84-9A46-8C605A6FAC42} 2012-07-05 08:54 . 2012-07-05 08:54 -------- d-----w- c:\users\Rémy\AppData\Local\{94D2FFCA-75D1-4979-B313-1055E4CCDBC4} 2012-07-04 17:35 . 2012-07-04 17:35 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Malwarebytes 2012-07-04 17:35 . 2012-07-04 17:35 -------- d-----w- c:\programdata\Malwarebytes 2012-07-03 20:13 . 2012-07-03 20:13 -------- d-----w- c:\users\Rémy\AppData\Local\{0DB081F9-18C1-4FCD-A794-6040EB3D29F5} 2012-07-03 20:13 . 2012-07-03 20:13 -------- d-----w- c:\users\Rémy\AppData\Local\{08525FFE-BE31-4DC2-ACCB-7345B0296D9A} 2012-07-03 09:16 . 2012-07-03 09:16 -------- d-----w- c:\users\Rémy\AppData\Local\{E81F9B66-462B-4B0E-B5F0-F5831AF82DCB} 2012-07-03 09:16 . 2012-07-03 09:16 -------- d-----w- c:\users\Rémy\AppData\Local\{DEE3B2EB-25EC-476A-A0A2-54543E38367A} 2012-07-03 08:12 . 2012-07-03 08:12 -------- d-----w- c:\users\Rémy\AppData\Local\{EC7BE4B3-D55F-4A51-8741-03A944EDE5B6} 2012-07-03 08:12 . 2012-07-03 08:12 -------- d-----w- c:\users\Rémy\AppData\Local\{D667CAE3-E63E-4764-94D7-9C40EDDD4A6A} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-01 18:46 . 2012-06-25 18:17 383 ----a-w- c:\users\Public\{29CBCEE0-EB50-4d0e-9A95-F72D85A254AF}.pif 2012-07-27 19:18 . 2012-04-12 08:00 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-27 19:18 . 2011-11-17 21:07 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 18:21 . 2011-11-13 10:51 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-09 19:39 . 2011-12-06 18:16 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-07-02 16:27 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-02 22:19 . 2012-06-21 15:51 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:51 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 15:51 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:51 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:51 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 15:51 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 15:51 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 15:50 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 15:50 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-29 07:38 . 2011-10-31 10:22 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-04 11:06 . 2012-06-13 11:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 11:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 11:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-08-01_19.37.38 ))))))))))))))))))))))))))))))))))))))))) . - 2009-07-14 04:54 . 2012-08-01 19:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2009-07-14 04:54 . 2012-08-01 20:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2009-07-14 04:54 . 2012-08-01 19:36 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-01 20:57 32768 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2009-07-14 04:54 . 2012-08-01 19:36 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2009-07-14 04:54 . 2012-08-01 20:57 16384 c:\windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2011-11-13 16:35 . 2012-08-01 21:00 56014 c:\windows\system32\wdi\ShutdownPerformanceDiagnostics_SystemData.bin + 2009-07-14 05:10 . 2012-08-01 21:00 35812 c:\windows\system32\wdi\BootPerformanceDiagnostics_SystemData.bin + 2011-11-13 07:58 . 2012-08-01 21:00 15396 c:\windows\system32\wdi\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-138286456-3482806532-3217213568-1000_UserData.bin + 2011-11-13 16:39 . 2012-08-01 20:13 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat - 2011-11-13 16:39 . 2012-08-01 17:32 16384 c:\windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2011-11-13 16:39 . 2012-08-01 20:13 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2011-11-13 16:39 . 2012-08-01 17:32 32768 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2009-07-14 04:54 . 2012-08-01 20:13 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2009-07-14 04:54 . 2012-08-01 17:32 16384 c:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2012-08-01 19:36 . 2012-08-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat + 2012-08-01 20:57 . 2012-08-01 20:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat - 2012-08-01 19:36 . 2012-08-01 19:36 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2012-08-01 20:57 . 2012-08-01 20:57 2048 c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat + 2009-07-14 05:01 . 2012-08-01 20:56 392604 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat - 2009-07-14 05:01 . 2012-08-01 19:36 392604 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-System.dat + 2011-11-13 09:10 . 2012-08-01 20:56 4164236 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-138286456-3482806532-3217213568-1000-8192.dat - 2011-11-13 14:20 . 2012-07-28 21:32 6164508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-138286456-3482806532-3217213568-1000-12288.dat + 2011-11-13 14:20 . 2012-08-01 19:46 6164508 c:\windows\ServiceProfiles\LocalService\AppData\Local\FontCache-S-1-5-21-138286456-3482806532-3217213568-1000-12288.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-02-10 1712184] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176] "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BUFFALO NAS Navigator2.lnk - c:\program files (x86)\BUFFALO\NASNAVI\NasNavi.exe [2010-1-26 1897952] NAS Scheduler.lnk - c:\program files (x86)\BUFFALO\NASNAVI\nassche.exe [2011-12-16 206128] {29CBCEE0-EB50-4d0e-9A95-F72D85A254AF}.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-01 20568] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-01 16392] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-13 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 450680] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 912504] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-06-19 1161376] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120731.001\IDSvia64.sys [2012-06-14 509088] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2011-01-27 171128] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 386168] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 130008] S2 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [2009-05-15 251184] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-04 2214504] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-17 279616] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912] S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-03-10 86120] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Contenu du dossier 'Tâches planifiées' . 2012-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 19:18] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 11:31] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 11:31] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job - c:\users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 10:58] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job - c:\users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 10:58] . 2012-07-31 c:\windows\Tasks\HPCeeScheduleForFamille Meyer.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53] . 2012-07-03 c:\windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-03-08 884584] . ------- Examen supplémentaire ------- . uStart Page = hxxp://portail.free.fr/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 FF - ProfilePath - c:\users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\ FF - prefs.js: browser.startup.homepage - www.free.fr . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe . ************************************************************************** . Heure de fin: 2012-08-01 23:02:36 - La machine a redémarré ComboFix-quarantined-files.txt 2012-08-01 21:02 ComboFix2.txt 2012-08-01 19:42 . Avant-CF: 1 346 420 367 360 octets libres Après-CF: 1 346 100 101 120 octets libres . - - End Of File - - 6034ECE2629F954F5D514A002ABA4D72
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Quel est le résultat svp
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

ComboFix 12-07-31.03 - Famille Meyer 01/08/2012 20:50:25.1.8 - x64 Microsoft Windows 7 Édition Familiale Premium 6.1.7601.1.1252.33.1036.18.6103.4372 [GMT 2:00] Lancé depuis: c:\users\Famille Meyer\Desktop\ComboFix.exe AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF} FW: Norton 360 *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4} SP: Norton 360 *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\FAMILL~1\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll c:\users\Famille Meyer\AppData\Local\Temp\26b4a1dd-e07b-48af-be4e-9642b273284b\CliSecureRT.dll c:\users\Public\{29CBCEE0-EB50-4d0e-9A95-F72D85A254AF}.dll c:\windows\SysWow64\muzapp.exe . . ((((((((((((((((((((((((((((( Fichiers créés du 2012-07-01 au 2012-08-01 )))))))))))))))))))))))))))))))))))) . . 2012-08-01 19:35 . 2012-08-01 19:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{E6846CA8-9CBA-425F-848B-BC6932D3C888} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{801B41C5-E4BD-4601-8679-CB1E39A5BD52} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{8E930C39-7CFD-45A3-A368-EFB1CF9656C4} 2012-08-01 11:26 . 2012-08-01 11:26 -------- d-----w- c:\users\Rémy\AppData\Local\{48D8D874-6FF0-46E1-8625-9C08DB8335CD} 2012-07-28 21:31 . 2012-07-28 21:32 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Skype 2012-07-28 21:31 . 2012-07-28 21:31 -------- d-----r- c:\program files (x86)\Skype 2012-07-28 21:31 . 2012-07-28 21:31 -------- d-----w- c:\programdata\Skype 2012-07-28 05:34 . 2012-07-28 05:34 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\PMS 2012-07-27 18:23 . 2012-08-01 17:48 -------- d-----w- c:\program files (x86)\ZHPDiag 2012-07-27 08:48 . 2012-07-27 08:49 -------- d-----w- c:\users\Rémy\AppData\Local\{1665EC99-BC63-4CE0-A438-D3A5C002BA60} 2012-07-26 19:03 . 2012-07-26 19:03 -------- d-----w- c:\users\Rémy\AppData\Local\{3631E458-46E2-42F2-8823-647023F971DB} 2012-07-26 19:03 . 2012-07-27 08:48 -------- d-----w- c:\users\Rémy\AppData\Local\{ABD81BCE-7D6F-4714-AE96-8C6D69666910} 2012-07-26 07:02 . 2012-07-26 07:03 -------- d-----w- c:\users\Rémy\AppData\Local\{70D02D13-2FE8-483D-A44E-C86C73DF640D} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{04A41701-9651-4B5A-92A8-44BAA0A85A37} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{4ECDBADF-91B2-425A-8DFD-84A3A89E4596} 2012-07-26 07:02 . 2012-07-26 07:02 -------- d-----w- c:\users\Rémy\AppData\Local\{24D2B8FD-161A-4EDE-9F08-BB2AD257787C} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{02D1C752-960A-4C95-8CD1-EB888940E021} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{B584CE86-6513-48F4-8DBC-77F2F51E4FD9} 2012-07-25 18:44 . 2012-07-25 18:44 -------- d-----w- c:\users\Rémy\AppData\Local\{33E6E66C-1706-4EE7-A0B3-575809E97C07} 2012-07-22 14:01 . 2012-07-22 14:01 -------- d-----w- c:\users\Rémy\AppData\Local\{8B0B3468-D692-40A7-9238-66E1E3A06025} 2012-07-22 14:00 . 2012-07-22 14:01 -------- d-----w- c:\users\Rémy\AppData\Local\{AE8D6F79-D3B0-433D-80D5-62F74180817E} 2012-07-22 14:00 . 2012-07-22 14:00 -------- d-----w- c:\users\Rémy\AppData\Local\{BFE96AB6-112F-4C45-A540-3788EFB2D33C} 2012-07-22 14:00 . 2012-07-22 14:00 -------- d-----w- c:\users\Rémy\AppData\Local\{407F148E-9861-4D68-9003-E10BE8EDD50D} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{CBB51232-17E8-4C25-8292-9DD3FD18B5FF} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{8BDA1E9F-3B75-4E5D-82EE-82FD128062F6} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{1BAC53DD-CA39-416F-9253-AC0A663BD850} 2012-07-21 15:20 . 2012-07-21 15:20 -------- d-----w- c:\users\Rémy\AppData\Local\{8BF8C4FB-A679-4F75-81A1-D8752E19E3FD} 2012-07-18 07:49 . 2012-07-18 07:50 -------- d-----w- c:\users\Rémy\AppData\Local\{0B9439B8-CE73-4598-B589-7766636AAEFB} 2012-07-18 07:49 . 2012-07-18 07:49 -------- d-----w- c:\users\Rémy\AppData\Local\{B052FEF5-30F7-423C-8D1E-328DD4620412} 2012-07-18 07:49 . 2012-07-18 07:49 -------- d-----w- c:\users\Rémy\AppData\Local\{CD00095B-E498-4ECE-A6D3-30A1AA6DA842} 2012-07-17 15:10 . 2012-07-17 15:11 -------- d-----w- c:\users\Rémy\AppData\Local\{E0392C27-47CF-4210-84A6-B95EAC58EFB9} 2012-07-17 15:10 . 2012-07-17 15:10 -------- d-----w- c:\users\Rémy\AppData\Local\{67065D77-425F-4975-BB73-F042C222930B} 2012-07-17 15:10 . 2012-07-17 15:10 -------- d-----w- c:\users\Rémy\AppData\Local\{DAE39543-2B65-4871-8667-B215F15B0F7C} 2012-07-15 13:16 . 2012-07-15 13:16 -------- d-----w- c:\users\Rémy\AppData\Local\{D1B91C14-D3FA-4ECA-8C9C-04168CFAC634} 2012-07-15 13:15 . 2012-07-15 13:16 -------- d-----w- c:\users\Rémy\AppData\Local\{50AD798B-2EFB-41E3-9163-DAFAD5797784} 2012-07-15 13:15 . 2012-07-15 13:15 -------- d-----w- c:\users\Rémy\AppData\Local\{980822AB-D654-4353-87E7-DC24FF6F7572} 2012-07-15 13:15 . 2012-07-15 13:15 -------- d-----w- c:\users\Rémy\AppData\Local\{257B53EA-681A-43D5-AC6F-5C11FBC79C99} 2012-07-15 07:39 . 2012-07-15 07:50 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Systweak 2012-07-15 07:39 . 2012-07-13 10:53 18856 ----a-w- c:\windows\system32\roboot64.exe 2012-07-14 06:07 . 2012-07-14 06:07 -------- d-----w- c:\users\Rémy\AppData\Local\{BCFE8BED-86F1-43AC-96ED-277C91EF5DD1} 2012-07-14 06:07 . 2012-07-14 06:07 -------- d-----w- c:\users\Rémy\AppData\Local\{8201180D-17EF-4B83-B476-1F65234A6627} 2012-07-14 06:06 . 2012-07-14 06:06 -------- d-----w- c:\users\Rémy\AppData\Local\{8D09B695-EDB6-4D8E-9AA7-DC930D52B76C} 2012-07-14 06:06 . 2012-07-14 06:06 -------- d-----w- c:\users\Rémy\AppData\Local\{EC31E66B-CDC9-4A14-94D3-04C4AA23A7D7} 2012-07-12 16:10 . 2012-07-12 16:11 -------- d-----w- c:\users\Rémy\AppData\Local\{A0DDA4A2-5F8C-4395-B33E-4B71B020571D} 2012-07-12 16:10 . 2012-07-12 16:10 -------- d-----w- c:\users\Rémy\AppData\Local\{7BD4D19C-3650-4A8C-ABDE-663652CB32BE} 2012-07-12 16:10 . 2012-07-12 16:10 -------- d-----w- c:\users\Rémy\AppData\Local\{8D59AD13-9A5B-405E-BD8C-B3E200FC937A} 2012-07-11 18:23 . 2012-06-12 03:08 3148800 ----a-w- c:\windows\system32\win32k.sys 2012-07-11 15:37 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll 2012-07-11 15:36 . 2012-07-11 15:36 -------- d-----w- c:\users\Rémy\AppData\Local\{22C3F9A3-AD7F-4ED3-82F6-346D78DBBABB} 2012-07-11 15:35 . 2012-07-11 15:36 -------- d-----w- c:\users\Rémy\AppData\Local\{8358823B-1FC4-43D4-8198-7E82D1C52629} 2012-07-11 15:35 . 2012-07-11 15:35 -------- d-----w- c:\users\Rémy\AppData\Local\{9FF1CA16-8DCF-47DE-B558-4FE160941259} 2012-07-11 15:35 . 2012-07-11 15:35 -------- d-----w- c:\users\Rémy\AppData\Local\{62E98F92-AFD7-49BE-8C68-5A618AE51BE9} 2012-07-10 19:03 . 2012-07-28 21:15 512 ----a-w- C:\PhysicalDisk0_MBR.bin 2012-07-10 15:42 . 2012-07-10 15:42 -------- d-----w- c:\users\Rémy\AppData\Local\{09BB5E1E-50D9-4BE1-BE86-E69E80CBC589} 2012-07-10 15:41 . 2012-07-10 15:42 -------- d-----w- c:\users\Rémy\AppData\Local\{9470E399-6C6D-4CE4-8286-10359206ED42} 2012-07-10 15:41 . 2012-07-10 15:41 -------- d-----w- c:\users\Rémy\AppData\Local\{5974CF93-8F43-45C1-BD33-0C4D1FD9BD6D} 2012-07-10 15:41 . 2012-07-10 15:41 -------- d-----w- c:\users\Rémy\AppData\Local\{1AC2CF85-7B9F-46CE-A480-B862646CD91B} 2012-07-09 19:39 . 2012-07-09 19:39 476936 ----a-w- c:\windows\SysWow64\npdeployJava1.dll 2012-07-09 19:39 . 2012-07-09 19:39 -------- d-----w- c:\program files (x86)\Java 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{B65533A9-7AB6-400F-98AA-BB33BD543EAA} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{D4FE8AEE-F52E-4A81-92F3-736A80849D1C} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{475ED156-86F6-46CD-A316-8CA09047D13D} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{299724FF-9A66-4608-ADA6-71495A99231A} 2012-07-09 16:58 . 2012-07-09 16:58 -------- d-----w- c:\users\Rémy\AppData\Local\{B480D18B-7229-4F7E-BAC7-EDF3E3068B6B} 2012-07-08 10:38 . 2012-07-08 10:38 -------- d-----w- c:\users\Rémy\AppData\Local\{0500A084-2B52-44C2-BD86-F448B97A1CDB} 2012-07-08 10:38 . 2012-07-08 10:38 -------- d-----w- c:\users\Rémy\AppData\Local\{66B3EBD4-C638-4885-BF00-B048BD310B01} 2012-07-08 10:37 . 2012-07-08 10:37 -------- d-----w- c:\users\Rémy\AppData\Local\{88B98D72-28E9-4231-97B6-59ED77FC1D4E} 2012-07-08 10:37 . 2012-07-08 10:37 -------- d-----w- c:\users\Rémy\AppData\Local\{B871A454-CC15-4258-B714-2F306240B7BB} 2012-07-07 08:27 . 2012-07-07 08:27 -------- d-----w- c:\users\Rémy\AppData\Local\{F002E24B-3797-4A3A-8B37-FE7E63F47557} 2012-07-06 18:04 . 2012-07-06 18:04 -------- d-----w- c:\users\Rémy\AppData\Roaming\Unity 2012-07-06 18:04 . 2012-07-06 18:04 -------- d-----w- c:\users\Rémy\AppData\Local\Unity 2012-07-06 07:40 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{704D3EEF-B765-4B22-B975-ACC2C1DC5AFF} 2012-07-06 07:40 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{0D6FD283-0F6D-4C9A-8C6C-0CBD753311D0} 2012-07-06 07:39 . 2012-07-06 07:40 -------- d-----w- c:\users\Rémy\AppData\Local\{5C8EDE9C-B040-432C-A603-5058BA7FB800} 2012-07-06 07:39 . 2012-07-07 08:27 -------- d-----w- c:\users\Rémy\AppData\Local\{DDD79BAC-4DFF-4297-B578-E1BE647A2638} 2012-07-05 19:37 . 2012-07-05 19:37 -------- d-----w- c:\users\Famille Meyer\AppData\Local\Symantec 2012-07-05 08:55 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{9E5BD79E-ACC1-40E8-A059-0F5FD55AA57F} 2012-07-05 08:55 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{DEEBE4B8-29CA-47BC-800B-34BE2B6E3FE6} 2012-07-05 08:54 . 2012-07-05 08:55 -------- d-----w- c:\users\Rémy\AppData\Local\{77F5FC44-696C-4B84-9A46-8C605A6FAC42} 2012-07-05 08:54 . 2012-07-05 08:54 -------- d-----w- c:\users\Rémy\AppData\Local\{94D2FFCA-75D1-4979-B313-1055E4CCDBC4} 2012-07-04 17:35 . 2012-07-04 17:35 -------- d-----w- c:\users\Famille Meyer\AppData\Roaming\Malwarebytes 2012-07-04 17:35 . 2012-07-04 17:35 -------- d-----w- c:\programdata\Malwarebytes 2012-07-03 20:13 . 2012-07-03 20:13 -------- d-----w- c:\users\Rémy\AppData\Local\{0DB081F9-18C1-4FCD-A794-6040EB3D29F5} 2012-07-03 20:13 . 2012-07-03 20:13 -------- d-----w- c:\users\Rémy\AppData\Local\{08525FFE-BE31-4DC2-ACCB-7345B0296D9A} 2012-07-03 09:16 . 2012-07-03 09:16 -------- d-----w- c:\users\Rémy\AppData\Local\{E81F9B66-462B-4B0E-B5F0-F5831AF82DCB} 2012-07-03 09:16 . 2012-07-03 09:16 -------- d-----w- c:\users\Rémy\AppData\Local\{DEE3B2EB-25EC-476A-A0A2-54543E38367A} 2012-07-03 08:12 . 2012-07-03 08:12 -------- d-----w- c:\users\Rémy\AppData\Local\{EC7BE4B3-D55F-4A51-8741-03A944EDE5B6} 2012-07-03 08:12 . 2012-07-03 08:12 -------- d-----w- c:\users\Rémy\AppData\Local\{D667CAE3-E63E-4764-94D7-9C40EDDD4A6A} . . . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-01 18:46 . 2012-06-25 18:17 383 ----a-w- c:\users\Public\{29CBCEE0-EB50-4d0e-9A95-F72D85A254AF}.pif 2012-07-27 19:18 . 2012-04-12 08:00 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-07-27 19:18 . 2011-11-17 21:07 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-07-11 18:21 . 2011-11-13 10:51 59701280 ----a-w- c:\windows\system32\MRT.exe 2012-07-09 19:39 . 2011-12-06 18:16 472840 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-07-02 16:27 . 2011-03-28 16:36 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll 2012-06-02 22:19 . 2012-06-21 15:51 38424 ----a-w- c:\windows\system32\wups.dll 2012-06-02 22:19 . 2012-06-21 15:51 2428952 ----a-w- c:\windows\system32\wuaueng.dll 2012-06-02 22:19 . 2012-06-21 15:51 57880 ----a-w- c:\windows\system32\wuauclt.exe 2012-06-02 22:19 . 2012-06-21 15:51 44056 ----a-w- c:\windows\system32\wups2.dll 2012-06-02 22:19 . 2012-06-21 15:51 701976 ----a-w- c:\windows\system32\wuapi.dll 2012-06-02 22:15 . 2012-06-21 15:51 2622464 ----a-w- c:\windows\system32\wucltux.dll 2012-06-02 22:15 . 2012-06-21 15:51 99840 ----a-w- c:\windows\system32\wudriver.dll 2012-06-02 13:19 . 2012-06-21 15:50 186752 ----a-w- c:\windows\system32\wuwebv.dll 2012-06-02 13:15 . 2012-06-21 15:50 36864 ----a-w- c:\windows\system32\wuapp.exe 2012-05-29 07:38 . 2011-10-31 10:22 330240 ----a-w- c:\windows\MASetupCaller.dll 2012-05-04 11:06 . 2012-06-13 11:19 5559664 ----a-w- c:\windows\system32\ntoskrnl.exe 2012-05-04 10:03 . 2012-06-13 11:19 3968368 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2012-05-04 10:03 . 2012-06-13 11:19 3913072 ----a-w- c:\windows\SysWow64\ntoskrnl.exe . . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TomTomHOME.exe"="c:\program files (x86)\TomTom HOME 2\TomTomHOMERunner.exe" [2012-01-23 247728] "KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-06-08 21432] "HPAdvisorDock"="c:\program files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe" [2010-02-10 1712184] "DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2011-11-10 3514176] "AlcoholAutomount"="c:\program files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe" [2010-08-20 33120] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2011-03-07 89456] "PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2009-10-14 563736] "LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152] "LaunchHPOSIAPP"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe" [2009-04-04 385024] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] "BATINDICATOR"="c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe" [2009-05-08 2068992] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] . c:\users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ BUFFALO NAS Navigator2.lnk - c:\program files (x86)\BUFFALO\NASNAVI\NasNavi.exe [2010-1-26 1897952] NAS Scheduler.lnk - c:\program files (x86)\BUFFALO\NASNAVI\nassche.exe [2011-12-16 206128] {29CBCEE0-EB50-4d0e-9A95-F72D85A254AF}.lnk - c:\windows\System32\rundll32.exe [2009-7-14 45568] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "EnableShellExecuteHooks"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 gupdate;Service Google Update (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176] R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2011-09-09 86072] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-27 250056] R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [2010-05-01 20568] R3 gupdatem;Service Google Update (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 136176] R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2010-05-01 16392] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392] R3 WatAdminSvc;Service Windows Activation Technologies;c:\windows\system32\Wat\WatAdminSvc.exe [2011-11-13 1255736] R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184] S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\0502020.003\SYMDS64.SYS [2011-01-27 450680] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\0502020.003\SYMEFA64.SYS [2011-03-15 912504] S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys [2012-06-19 1161376] S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120731.001\IDSvia64.sys [2012-06-14 509088] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [2011-01-27 171128] S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [2011-04-21 386168] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904] S2 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe [x] S2 hcwD3bda_dvbt;Hauppauge MSi2500 DVBT Service;c:\windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe [2010-07-15 2641920] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-03-28 94264] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [2011-04-17 130008] S2 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [2009-05-15 251184] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-08-04 2214504] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2009-10-14 635416] S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2012-01-23 92592] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-11-17 279616] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-05-31 138912] S3 hcwD3bda;Driver for WinTV DVB-T (Model 133xxx);c:\windows\system32\DRIVERS\hcwD3bda64.sys [2010-07-15 116352] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys [2009-12-19 852256] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2010-03-10 86120] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2010-03-04 346144] S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920] . . Contenu du dossier 'Tâches planifiées' . 2012-08-01 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 19:18] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 11:31] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-11-13 11:31] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job - c:\users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 10:58] . 2012-08-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job - c:\users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-13 10:58] . 2012-07-31 c:\windows\Tasks\HPCeeScheduleForFamille Meyer.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53] . 2012-07-03 c:\windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 10:53] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VX3000"="c:\windows\vVX3000.exe" [2010-05-20 762736] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "fssui"="c:\program files (x86)\Windows Live\Family Safety\fsui.exe" [2012-03-08 884584] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Examen supplémentaire ------- . uStart Page = hxxp://portail.free.fr/ uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xporter vers Microsoft Excel - c:\progra~2\MIF5BA~1\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.27.40.240 212.27.40.241 FF - ProfilePath - c:\users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\ FF - prefs.js: browser.startup.homepage - www.free.fr . - - - - ORPHELINS SUPPRIMES - - - - . AddRemove-{6F44AF95-3CDE-4513-AD3F-6D45F17BF324} - c:\program files (x86)\InstallShield Installation Information\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}\setup.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360] "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll\" /prefetch:1" -- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_268_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_268.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Autres processus actifs ------------------------ . c:\windows\SysWOW64\ezSharedSvcHost.exe c:\program files (x86)\Windows Live\Family Safety\fsssvc.exe c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe c:\program files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe . ************************************************************************** . Heure de fin: 2012-08-01 21:42:25 - La machine a redémarré ComboFix-quarantined-files.txt 2012-08-01 19:42 . Avant-CF: 1 343 546 634 240 octets libres Après-CF: 1 345 908 543 488 octets libres . - - End Of File - - 8B526DE059B92A03A7F504B44CFD0F30
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

https://www.virustotal.com/file/23e4cb638099b20cee2e23bbf8b126fdf709a6da0e9312666f4265862991ac4d/analysis/1343845373/ Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\b9f7b31f.exe ____________________________ ____________________________ Sur les ordinateurs à partir du : 01/08/2012 à 20:18:46 Dernière utilisation : 01/08/2012 à 20:18:46 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\b9f7b31f.exe Bloqués ____________________________ Empreinte numérique de fichier - SHA : cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5 ____________________________ Empreinte numérique de fichier - MD5 : b8f062cf2dd72e7c4254f825ebb28a35 ____________________________
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\b9f7b31f.exe ____________________________ ____________________________ Sur les ordinateurs à partir du : 01/08/2012 à 19:53:34 Dernière utilisation : 01/08/2012 à 19:53:34 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\b9f7b31f.exe Bloqués ____________________________ Empreinte numérique de fichier - SHA : cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5 ____________________________ Empreinte numérique de fichier - MD5 : b8f062cf2dd72e7c4254f825ebb28a35 ____________________________ Norton indique que le virus est toujours là...
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Rapport Dr Web Download CureIt.log from Sendspace.com - send big files the easy way
- le 1 août 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Version de la base de données: v2012.07.30.10 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Famille Meyer :: FAMILLEMEYER-HP [administrateur] 30/07/2012 21:42:22 mbam-log-2012-07-30 (21-42-22).txt Type d'examen: Examen complet (C:\|D:\|F:\|M:\|) Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 394860 Temps écoulé: 54 minute(s), 12 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 0 (Aucun élément nuisible détecté) (fin)
- le 31 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Rapport SFT Lien CJoint.com BGEvzwEk8sW
- le 30 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonsoir, Toujours le problème de trjoan détecté par Norton360: Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx ____________________________ ____________________________ Sur les ordinateurs à partir du : 30/07/2012 à 21:13:03 Dernière utilisation : 30/07/2012 à 21:13:03 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx Bloqués ____________________________ Empreinte numérique de fichier - SHA : d8e36fb552cf9313e6e867ab9da8e1fe61a21b09a51cca5f5ce88cd1fec5e6ee ____________________________ Empreinte numérique de fichier - MD5 : 45ce07e5671bd3f93a62ed0e20676abc ____________________________
- le 30 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonjour, trojanGen toujours détecté par Norton360.... et fichier .exe introuvable...
- le 30 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\682f974f.exe ____________________________ ____________________________ Sur les ordinateurs à partir du : 29/07/2012 à 08:37:09 Dernière utilisation : 29/07/2012 à 08:37:09 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\682f974f.exe Bloqués ____________________________ Empreinte numérique de fichier - SHA : cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5 ____________________________ Empreinte numérique de fichier - MD5 : b8f062cf2dd72e7c4254f825ebb28a35 ____________________________
- le 29 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonsoir, Merci pour le coup de main Lien CJoint.com BGCxqB3yFcm
- le 28 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonjour, Que pensez-vous du résultat du scan?? Merci d'avance
- le 28 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

############################## | UsbFix V 7.094 | [suppression] Utilisateur: Famille Meyer (Administrateur) # FAMILLEMEYER-HP Mis à jour le 20/07/2012 par El Desaparecido Lancé à 22:49:36 | 28/07/2012 Site Web: http://eldesaparecido.com Forum: http://forum.eldesaparecido.com Fichier suspect ? : http://eldesaparecido.com/upload.php Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HPE-450fr) (x64-based PC) # Desktop Computer CPU: Intel® Core i7 CPU 870 @ 2.93GHz (2934) RAM -> [Total : 6103 | Free : 4183] BIOS: 07/12/10 14:03:04 Ver: 6.12 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Norton 360 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 1384 Go (1261 Go libre(s) - 91%) [OS] # NTFS D:\ -> Disque fixe # 13 Go (2 Go libre(s) - 12%) [HP_RECOVERY] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 126 Mo (126 Mo libre(s) - 100%) [] # FAT J:\ -> CD-ROM L:\ -> CD-ROM M:\ -> Disque amovible # 7 Go (7 Go libre(s) - 100%) [] # FAT32 ################## | Processus Actif | C:\Windows\system32\csrss.exe (608) C:\Windows\system32\wininit.exe (700) C:\Windows\system32\csrss.exe (724) C:\Windows\system32\services.exe (760) C:\Windows\system32\lsass.exe (784) C:\Windows\system32\lsm.exe (796) C:\Windows\system32\svchost.exe (896) C:\Windows\system32\winlogon.exe (932) C:\Windows\system32\nvvsvc.exe (1004) C:\Windows\system32\svchost.exe (140) C:\Windows\System32\svchost.exe (752) C:\Windows\System32\svchost.exe (912) C:\Windows\system32\svchost.exe (1040) C:\Windows\system32\svchost.exe (1152) C:\Windows\system32\svchost.exe (1244) C:\Windows\System32\spoolsv.exe (1420) C:\Windows\system32\svchost.exe (1460) C:\Windows\system32\svchost.exe (1660) C:\Windows\SysWOW64\ezSharedSvcHost.exe (1748) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (1812) C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe (1844) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1940) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (1992) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (2024) C:\Windows\system32\nvvsvc.exe (2044) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1704) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (2076) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (2108) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (2172) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (2240) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (2324) C:\Windows\system32\svchost.exe (2344) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (2376) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2456) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2528) C:\Windows\system32\SearchIndexer.exe (3104) C:\Windows\system32\svchost.exe (3564) C:\Windows\system32\WUDFHost.exe (3660) C:\Windows\system32\taskhost.exe (1032) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (3796) C:\Windows\system32\taskeng.exe (3400) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe (2744) C:\Windows\system32\Dwm.exe (348) C:\Windows\Explorer.EXE (2260) C:\Windows\vVX3000.exe (3244) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (2424) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe (2692) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (3880) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2392) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (2332) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (3612) C:\Windows\System32\rundll32.exe (1296) C:\Windows\SysWOW64\rundll32.exe (4136) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (4148) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (4188) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (4212) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4236) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (4572) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (4744) C:\Program Files\Windows Media Player\wmpnetwk.exe (4472) C:\Windows\System32\svchost.exe (4648) C:\Windows\system32\DllHost.exe (5912) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (6024) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (6520) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (6788) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (7008) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (6432) C:\Program Files\Internet Explorer\iexplore.exe (7276) C:\Program Files\Internet Explorer\iexplore.exe (1312) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe (1348) C:\Program Files\Internet Explorer\iexplore.exe (5220) C:\UsbFix\Go.exe (7772) C:\Windows\system32\wbem\wmiprvse.exe (1688) ################## | Processus Stoppés | Stoppé! C:\Windows\system32\nvvsvc.exe (1004) Stoppé! C:\Windows\System32\spoolsv.exe (1420) Stoppé! C:\Windows\SysWOW64\ezSharedSvcHost.exe (1748) Stoppé! C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (1812) Stoppé! C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe (1844) Stoppé! C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1940) Stoppé! c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (1992) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (2024) Stoppé! C:\Windows\system32\nvvsvc.exe (2044) Stoppé! C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1704) Stoppé! C:\Program Files\Microsoft LifeCam\MSCamS64.exe (2076) Stoppé! C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (2108) Stoppé! C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (2172) Stoppé! C:\Program Files (x86)\PDF Complete\pdfsvc.exe (2240) Stoppé! C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (2324) Stoppé! C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (2376) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2456) Stoppé! C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2528) Stoppé! C:\Windows\system32\SearchIndexer.exe (3104) Stoppé! C:\Windows\system32\WUDFHost.exe (3660) Stoppé! C:\Windows\system32\taskhost.exe (1032) Stoppé! C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (3796) Stoppé! C:\Windows\system32\taskeng.exe (3400) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe (2744) Stoppé! C:\Windows\vVX3000.exe (3244) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (2424) Stoppé! C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe (2692) Stoppé! C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (3880) Stoppé! C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2392) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (2332) Stoppé! C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (3612) Stoppé! C:\Windows\System32\rundll32.exe (1296) Stoppé! C:\Windows\SysWOW64\rundll32.exe (4136) Stoppé! C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (4148) Stoppé! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (4188) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (4212) Stoppé! C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4236) Stoppé! C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (4572) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (4744) Stoppé! C:\Program Files\Windows Media Player\wmpnetwk.exe (4472) Stoppé! C:\Windows\system32\DllHost.exe (5912) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (6024) Stoppé! C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (6520) Stoppé! C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (6788) Stoppé! C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (7008) Stoppé! C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (6432) Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (7276) Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (1312) Stoppé! C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe (1348) Stoppé! C:\Program Files\Internet Explorer\iexplore.exe (5220) ################## | Éléments infectieux | Supprimé! C:\Users\Famille Meyer\AppData\Roaming\Temp Supprimé! C:\Users\FAMILL~1\AppData\Local\Temp\7a52a6dc.exe Supprimé! C:\$RECYCLE.BIN\S-1-5-20 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-1000 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-1001 Supprimé! C:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-500 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-1000 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-1001 Supprimé! D:\$RECYCLE.BIN\S-1-5-21-138286456-3482806532-3217213568-500 (!) Fichiers temporaires supprimés. ################## | Registre | ################## | Mountpoints2 | Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{17480f40-388c-11e1-9fb3-6c626d5b4a28} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{b9c56442-2032-11e1-93b3-6c626d5b4a28} Supprimé! HKCU\.\.\.\.\Explorer\MountPoints2\{cddfc161-0df4-11e1-8018-6c626d5b4a28} ################## | Listing | [28/07/2012 - 22:50:00 | SHD ] C:\$RECYCLE.BIN [11/07/2012 - 21:34:31 | N | 5458] C:\AdwCleaner[R1].txt [16/07/2012 - 21:13:00 | N | 1567] C:\AdwCleaner[R2].txt [11/07/2012 - 21:36:39 | N | 4540] C:\AdwCleaner[s1].txt [16/07/2012 - 21:13:15 | N | 1631] C:\AdwCleaner[s2].txt [27/07/2012 - 20:17:36 | N | 1567] C:\AdwCleaner[s3].txt [13/11/2011 - 16:43:08 | N | 2006] C:\aqua_bitmap.cpp [24/07/2009 - 21:22:28 | SD ] C:\Boot [14/07/2009 - 03:38:58 | RAS | 383562] C:\bootmgr [24/07/2009 - 21:22:29 | N | 8192] C:\BOOTSECT.BAK [20/07/2012 - 19:31:01 | D ] C:\Config.Msi [14/07/2009 - 07:08:56 | SHD ] C:\Documents and Settings [28/07/2012 - 07:18:10 | ASH | 4799655936] C:\hiberfil.sys [20/10/2010 - 03:14:40 | D ] C:\hp [02/07/2012 - 19:06:27 | N | 921624] C:\img2-001.raw [20/10/2010 - 02:51:09 | D ] C:\Intel [13/11/2011 - 14:33:39 | RD ] C:\MSOCache [20/10/2010 - 04:22:17 | N | 0] C:\OS [28/07/2012 - 07:18:11 | ASH | 6399541248] C:\pagefile.sys [14/07/2009 - 05:20:08 | D ] C:\PerfLogs [27/07/2012 - 20:28:58 | N | 512] C:\PhysicalDisk0_MBR.bin [02/07/2012 - 18:26:49 | D ] C:\Program Files [28/07/2012 - 21:45:39 | D ] C:\Program Files (x86) [15/07/2012 - 09:49:37 | D ] C:\ProgramData [24/07/2009 - 20:32:39 | SHD ] C:\Recovery [13/11/2011 - 11:11:26 | D ] C:\swsetup [28/07/2012 - 07:18:33 | SHD ] C:\System Volume Information [13/11/2011 - 11:03:46 | D ] C:\SYSTEM.SAV [18/02/2012 - 22:19:08 | D ] C:\Temp [28/07/2012 - 22:50:00 | D ] C:\UsbFix [28/07/2012 - 22:49:45 | A | 11626] C:\UsbFix.txt [20/05/2012 - 17:38:08 | D ] C:\Users [18/07/2012 - 09:47:53 | D ] C:\Windows [27/07/2012 - 20:26:41 | D ] C:\ZHP [14/12/2011 - 21:14:54 | N | 1936] C:\{780E47D5-828E-4E54-9864-6319233867AF} [28/07/2012 - 22:50:00 | SHD ] D:\$RECYCLE.BIN [13/11/2011 - 09:56:47 | SD ] D:\boot [17/12/2010 - 18:44:38 | AS | 383562] D:\bootmgr [13/11/2011 - 09:56:46 | N | 0] D:\BT_HP.FLG [13/11/2011 - 18:59:26 | N | 474] D:\CSP.dat [13/11/2011 - 18:19:03 | D ] D:\hp [17/12/2010 - 18:44:38 | N | 0] D:\hpdrcu.prc [06/02/2012 - 20:25:23 | N | 19] D:\HPSF_Rep.txt [26/03/2012 - 19:06:32 | N | 8] D:\HP_WSD.dat [13/11/2011 - 09:56:35 | N | 44] D:\language.ini [13/11/2011 - 18:35:40 | SD ] D:\preload [13/11/2011 - 09:56:47 | SD ] D:\Recovery [13/11/2011 - 18:19:02 | N | 0] D:\RPCONFIG.LOG [28/07/2012 - 07:18:33 | SHD ] D:\System Volume Information ################## | Vaccin | C:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) D:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) F:\Autorun.inf -> Vaccin créé par UsbFix (El Desaparecido) ################## | Upload | Veuillez envoyer le fichier: C:\UsbFix_Upload_Me_FAMILLEMEYER-HP.zip http://eldesaparecido.com/upload.php Merci de votre contribution. ################## | E.O.F |
- le 28 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

############################## | UsbFix V 7.094 | [Recherche] Utilisateur: Famille Meyer (Administrateur) # FAMILLEMEYER-HP Mis à jour le 20/07/2012 par El Desaparecido Lancé à 22:44:24 | 28/07/2012 Site Web: http://eldesaparecido.com Forum: http://forum.eldesaparecido.com Fichier suspect ? : http://eldesaparecido.com/upload.php Contact: contact@eldesaparecido.com PC: Hewlett-Packard (HPE-450fr) (x64-based PC) # Desktop Computer CPU: Intel® Core i7 CPU 870 @ 2.93GHz (2934) RAM -> [Total : 6103 | Free : 4313] BIOS: 07/12/10 14:03:04 Ver: 6.12 BOOT: Normal boot OS: Microsoft Windows 7 Édition Familiale Premium (6.1.7601 64-Bit) # Service Pack 1 WB: Windows Internet Explorer 9.0.8112.16421 SC: Security Center Service [Enabled] WU: Windows Update Service [Enabled] AV: Norton 360 [(!) Disabled | Updated] FW: Windows FireWall Service [Enabled] C:\ (%systemdrive%) -> Disque fixe # 1384 Go (1261 Go libre(s) - 91%) [OS] # NTFS D:\ -> Disque fixe # 13 Go (2 Go libre(s) - 12%) [HP_RECOVERY] # NTFS E:\ -> CD-ROM F:\ -> Disque amovible # 126 Mo (126 Mo libre(s) - 100%) [] # FAT J:\ -> CD-ROM L:\ -> CD-ROM ################## | Processus Actif | C:\Windows\system32\csrss.exe (608) C:\Windows\system32\wininit.exe (700) C:\Windows\system32\csrss.exe (724) C:\Windows\system32\services.exe (760) C:\Windows\system32\lsass.exe (784) C:\Windows\system32\lsm.exe (796) C:\Windows\system32\svchost.exe (896) C:\Windows\system32\winlogon.exe (932) C:\Windows\system32\nvvsvc.exe (1004) C:\Windows\system32\svchost.exe (140) C:\Windows\System32\svchost.exe (752) C:\Windows\System32\svchost.exe (912) C:\Windows\system32\svchost.exe (1040) C:\Windows\system32\svchost.exe (1152) C:\Windows\system32\svchost.exe (1244) C:\Windows\System32\spoolsv.exe (1420) C:\Windows\system32\svchost.exe (1460) C:\Windows\system32\svchost.exe (1660) C:\Windows\SysWOW64\ezSharedSvcHost.exe (1748) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe (1812) C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe (1844) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (1940) c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (1992) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (2024) C:\Windows\system32\nvvsvc.exe (2044) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (1704) C:\Program Files\Microsoft LifeCam\MSCamS64.exe (2076) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (2108) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe (2172) C:\Program Files (x86)\PDF Complete\pdfsvc.exe (2240) C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe (2324) C:\Windows\system32\svchost.exe (2344) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe (2376) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (2456) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe (2528) C:\Windows\system32\SearchIndexer.exe (3104) C:\Windows\system32\svchost.exe (3564) C:\Windows\system32\WUDFHost.exe (3660) C:\Windows\system32\taskhost.exe (1032) C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe (3796) C:\Windows\system32\taskeng.exe (3400) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe (2744) C:\Windows\system32\Dwm.exe (348) C:\Windows\Explorer.EXE (2260) C:\Windows\vVX3000.exe (3244) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (2424) C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe (2692) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (3880) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (2392) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe (2332) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (3612) C:\Windows\System32\rundll32.exe (1296) C:\Windows\SysWOW64\rundll32.exe (4136) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (4148) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (4188) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (4212) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (4236) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (4572) C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (4744) C:\Program Files\Windows Media Player\wmpnetwk.exe (4472) C:\Windows\System32\svchost.exe (4648) C:\Windows\system32\DllHost.exe (5912) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (6024) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (6520) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (6788) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (7008) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe (6432) C:\Program Files\Internet Explorer\iexplore.exe (7276) C:\Program Files\Internet Explorer\iexplore.exe (1312) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_3_300_268_ActiveX.exe (1348) C:\Windows\system32\wbem\wmiprvse.exe (6648) C:\Windows\system32\SearchProtocolHost.exe (4872) C:\Windows\System32\svchost.exe (8164) C:\UsbFix\Go.exe (7352) C:\Windows\system32\wbem\wmiprvse.exe (7452) C:\Windows\system32\SearchFilterHost.exe (6696) ################## | Éléments infectieux | Présent! C:\Users\Famille Meyer\AppData\Roaming\Temp Présent! C:\Users\FAMILL~1\AppData\Local\Temp\7a52a6dc.exe ################## | Registre | ################## | Mountpoints2 | HKCU\.\.\.\.\Explorer\MountPoints2\{17480f40-388c-11e1-9fb3-6c626d5b4a28} Shell\AutoRun\Command = K:\run.bat HKCU\.\.\.\.\Explorer\MountPoints2\{b9c56442-2032-11e1-93b3-6c626d5b4a28} Shell\AutoRun\Command = K:\Startme.exe HKCU\.\.\.\.\Explorer\MountPoints2\{cddfc161-0df4-11e1-8018-6c626d5b4a28} Shell\AutoRun\Command = J:\autorun.exe -auto ################## | Vaccin | (!) Cet ordinateur n'est pas vacciné! ################## | E.O.F |
- le 28 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

# AdwCleaner v1.703 - Rapport créé le 27/07/2012 à 20:17:29 # Mis à jour le 20/07/2012 par Xplode # Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits) # Nom d'utilisateur : Famille Meyer - FAMILLEMEYER-HP # Exécuté depuis : C:\Users\Famille Meyer\Desktop\adwcleaner.exe # Option [suppression] ***** [services] ***** ***** [Fichiers / Dossiers] ***** ***** [Registre] ***** Clé Supprimée : HKLM\SOFTWARE\DT Soft ***** [Registre - GUID] ***** ***** [Navigateurs] ***** -\\ Internet Explorer v9.0.8112.16421 [OK] Le registre ne contient aucune entrée illégitime. -\\ Mozilla Firefox v8.0 (fr) Nom du profil : default Fichier : C:\Users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\prefs.js [OK] Le fichier ne contient aucune entrée illégitime. -\\ Google Chrome v20.0.1132.57 Fichier : C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. Fichier : C:\Users\Rémy\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] Le fichier ne contient aucune entrée illégitime. ************************* AdwCleaner[R1].txt - [5458 octets] - [11/07/2012 21:34:28] AdwCleaner[s1].txt - [4540 octets] - [11/07/2012 21:36:21] AdwCleaner[R2].txt - [1567 octets] - [16/07/2012 21:12:56] AdwCleaner[s2].txt - [1631 octets] - [16/07/2012 21:13:07] AdwCleaner[s3].txt - [1438 octets] - [27/07/2012 20:17:29] ########## EOF - C:\AdwCleaner[s3].txt - [1566 octets] ########## Rapport de ZHPDiag Bonjour, Voila les manipulations réalisées. Merci, dans l'attente d'une réponse
- le 27 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a posté un sujet dans Analyses et éradication malwares

Bonjour, Norton 360 indique à chaque démmarrage du pc la présence e ce virus. Comment faire pour le supprimer svp? Merci d'avance
- le 26 juillet 2012
- 34 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonjour, Norton 360 indique à chaque démmarrage du pc la présence e ce virus. Comment faire pour le supprimer svp? Merci d'avance Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\682f974f.exe ____________________________ ____________________________ Sur les ordinateurs à partir du : 17/07/2012 à 19:05:50 Dernière utilisation : 17/07/2012 à 19:05:50 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\682f974f.exe Bloqués ____________________________ Empreinte numérique de fichier - SHA : cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5 ____________________________ Empreinte numérique de fichier - MD5 : b8f062cf2dd72e7c4254f825ebb28a35 Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx ____________________________ ____________________________ Sur les ordinateurs à partir du : 17/07/2012 à 19:05:33 Dernière utilisation : 17/07/2012 à 19:05:33 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx Bloqués ____________________________ Empreinte numérique de fichier - SHA : d8e36fb552cf9313e6e867ab9da8e1fe61a21b09a51cca5f5ce88cd1fec5e6ee ____________________________ Empreinte numérique de fichier - MD5 : 45ce07e5671bd3f93a62ed0e20676abc ____________________________ malwear etc rien n'y fait... ____________________________
- le 17 juillet 2012
- 19 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: webmail http://webmail.ovh.net C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:59:41 le 13/07/2012, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Famille Meyer@FAMILLEMEYER-HP (Hewlett-Packard HPE-450fr) ============== RECHERCHE ============== ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [8.0 (fr)] **** HKLM_MozillaPlugins\@camfrogweb.com/Camfrog Web Plugin,version=2,0 (x) HKLM_MozillaPlugins\@playstation.com/PsndlCheck,version=1.00 (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\ HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_9_4 -- C:\Users\Famille Meyer\AppData\Roaming\Mozilla\FireFox\Profiles\wun2jzbg.default -- Prefs.js - browser.startup.homepage, www.free.fr Prefs.js - browser.startup.homepage_override.buildID, 20111104165243 Prefs.js - browser.startup.homepage_override.mstone, rv:8.0 -- C:\Users\Rémy\AppData\Roaming\Mozilla\FireFox\Profiles\77of9r4z.default -- ======================================== **** Google Chrome Version [20.0.1132.57] **** -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default -- Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: false Preferences - urls_to_restore_on_startup: hxxp://www.google.com/ Preferences - default_search_provider: "Google" (Activé: true) (?) Preferences - homepage: hxxp://www.google.com/ Preferences - homepage_is_newtabpage: false Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x) Plugin - "Remoting Viewer" (Activé: true) Plugin - Native Client (Activé: true) (C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll) (x) Plugin - "Native Client" (Activé: true) Plugin - "Camfrog Web FF Plugin" (Activé: true) Plugin - "Java" (Activé: true) Plugin - "PlayStation®Network Downloader Check Plug-in" (Activé: true) Plugin - VLC Web Plugin (Activé: true) (C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll) Plugin - "VLC Web Plugin" (Activé: true) Plugin - "Silverlight" (Activé: true) Preferences - urls_to_restore_on_startup: hxxp://www.google.com/ ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPDSK/3 HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKCU_Main|Start Page - hxxp://www.free.fr/ HKLM_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPDSK/3 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://g.uk.msn.com/HPDSK/3 HKCU_SearchScopes\{28912588-0B9D-48B1-BDA5-5FFEC9C71158} - "Yahoo! Search" (hxxp://search.yahoo.fr/search?p={searchTerms}&ei=utf-8&fr=b2ie7) HKCU_SearchScopes\{5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - "AlloCine" (hxxp://www.allocine.fr/recherche/?motcle={searchTerms}) HKCU_SearchScopes\{65861B09-E98E-4EAB-96A1-552F2A5DA828} - "?" (?) HKCU_SearchScopes\{6751C177-539E-4B0D-AB2C-E54730B14D38} - "?" (?) HKCU_SearchScopes\{76685F19-2182-412B-87ED-8D3C8F4A89EF} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}) HKCU_SearchScopes\{BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - "Dailymotion" (hxxp://www.dailymotion.com/relevance/search/{searchTerms}/1) HKLM_SearchScopes\{76685F19-2182-412B-87ED-8D3C8F4A89EF} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms}) HKCU_ElevationPolicy\{AB2E3005-0F5E-49B7-910B-14AA1E8C69BC} - C:\Program Files (x86)\eMule\eMule.exe (http://emulemorph.sourceforge.net) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) BHO\{1E8A6170-7264-4D0F-BEAE-D42A53123C75} (?) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s) C:\Ad-Report-SCAN[1].txt - 13/07/2012 21:00:04 (4795 Octet(s)) Fin à: 21:00:35, 13/07/2012 ============== E.O.F ==============
- le 13 juillet 2012
- 19 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012 Run by Famille Meyer at 13/07/2012 20:47:37 Web site : ZHPDiag Outil de diagnostic Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) MFIE: Mozilla Firefox 8.0 v8.0 ---\\ Windows Product Information ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6103 MB (67% free) System Restore: Activé (Enable) System drive C: has 1298 GB (93%) free of 1384 GB ---\\ Logged in mode ~ Computer Name: FAMILLEMEYER-HP ~ User Name: Famille Meyer ~ All Users Names: UpdatusUser, Rémy, HomeGroupUser$, Famille Meyer, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Famille Meyer\AppData\Roaming\ ~ %Desktop% : C:\Users\Famille Meyer\Desktop\ ~ %Favorites% : C:\Users\Famille Meyer\Favorites\ ~ %LocalAppData% : C:\Users\Famille Meyer\AppData\Local\ ~ %StartMenu% : C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 1298 Go of 1384 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ CD-ROM drive (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) L:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 13:05:28.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/303 ~ Mes musiques (My Musics) : 2/345 ~ Mes Videos (My Videos) : 1/6 ~ Mes Favoris (My Favorites) : 1/287 ~ Mes Documents (My Documents) : 1/1844 ~ Mon Bureau (My Desktop) : 1/11 ~ Menu demarrer (Programs) : 1/35 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008] [PID.] [MD5.4FF9D0D5FEC26D9F2312A8C15CA59C8F] - (.Pas de propriétaire - Monitor LED Key.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [53248] [PID.3312] [MD5.69764A6475A4C54732E6A07CE6EF8BE2] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe [762736] [PID.4444] [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.4452] [MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.4468] [MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.4480] [MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4508] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4868] [MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696] [PID.5004] [MD5.4298DB2F9FE4FE4C96AC4528542680F8] - (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992] [PID.5028] [MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5040] [MD5.DA614F3014897FE46D6E4A2D483CDDD2] - (.BUFFALO INC. - NAS Function Scheduling Application.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe [206128] [PID.4120] [MD5.EDCB55CF7135CCF9818EEC413FB39410] - (.Hewlett-Packard - HP LED INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe [2068992] [PID.4212] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3676] [MD5.47D1F0444CE33A0CA42409A88896CD8D] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.2716] [MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3838464] [PID.6548] [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.] [MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.] [MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.] [MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.E38775922D4A4C05B5D96733AB4CE169] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824] [PID.] [MD5.15E5ABD9E03D57671BB74EB5CBAB8019] - (.BUFFALO INC. - NAS Power Management Service.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251184] [PID.] [MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.] [MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.] [MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.] [MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.] [MD5.FF7E8BC3A8B90F03BD20588B5840154F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504] [PID.] [MD5.02C298382359653BEC4C737C2AB7F9C5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\prefs.js M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Famille Meyer - wun2jzbg.default] www.free.fr P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 22 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) [64Bits] - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} Clé orpheline O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.dll O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [VX3000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe O4 - HKLM\..\Wow6432Node\Run: [LaunchHPOSIAPP] . (.Hewlett-Packard - Launch a application..) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [bATINDICATOR] . (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAut O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\UpdatusUser\Desktop\Super Architect 3D Expert CAD - 18 Tools.lnk . (...) -- C:\Program Files (x86)\Easy Computing\ECStart.exe (.not file.) O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Rémy\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\BUFFALO NAS Navigator2.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\CyberLink DVD Suite Deluxe.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\eMule.lnk . (.http://emulemorph.sourceforge.net.) -- C:\Program Files (x86)\eMule\eMule.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\HomePlayer.lnk . (...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\LS-CHLC80.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\TomTom HOME 2.lnk . (.TomTom International B.V..) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WinRAR.lnk . (...) -- C:\Program Files (x86)\WinRAR\WinRAR.exe (.not file.) O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MIF5BA~1\Office12\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) -- O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) -- O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: tv [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: vbscript [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd - Mirics FlexiTV DVBT 2.1.0rc11: R.03.46.48.0.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe O23 - Service: NAS PM Service (NasPmService) . (...) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (.not file.) O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.8.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Intel® Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFamille Meyer.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job [MD5.5E1A953C6472E7BB644892A4D0DF5E72] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.57CFD2E9CC23E1C6B0584B7AFCAB2EBA] [APT] [elbyExecuteWithUAC] (...) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\executeWithUAC.exe [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFamille Meyer] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFAMILLEMEYER-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.00000000000000000000000000000000] [APT] [{24B1BFB5-835C-453D-A4BD-BE49B9FF2EDE}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.B64BAF38F446B9F521D820671B42E7EB] [APT] [{2DEE240E-0F76-4AB2-A085-5306E5A02421}] (.A. Brochard.) -- C:\Program Files (x86)\PS3 Media Server\PMS.exe [MD5.00000000000000000000000000000000] [APT] [{41238FFF-6187-475E-B2A6-DFF4400B6637}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{74BB5DC9-1E9B-4404-BAFE-C5E1412C8F2D}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{7698F5AF-0E3A-42E3-B198-15195B7792FB}] (...) -- J:\Installer.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{9DDE89E2-9135-4B15-90CA-3FFFC8A4E38F}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{CAF82E2D-534E-4B54-8583-855396CC401A}] (...) -- C:\Users\Famille Meyer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6VUX14H\CFWebU.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{D039FAB9-2070-434E-B1CD-F14DCD025651}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{DB441831-4D64-4155-95E6-7EC3E731477F}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{EA64C32B-8DC0-4F72-8A35-8FCD4719F606}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [MD5.7A14C25B7EC229B7F8B3E457779C83CC] [APT] [HP Total Care Tune-Up] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.A87F567F053191361B617D7908F8E062] [APT] [update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120712.001\IDSvia64.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.sys O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\System32\DRIVERS\SymIMv.sys O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.sys O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120711.001\IDSvia64.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: BUFFALO NAS Navigator2 - (.Pas de propriétaire.) [HKLM] -- UN060501 O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2 O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU_BOBTV.FR O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E} O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM] -- FileZilla Client O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP MAINSTREAM KEYBOARD - (.Hewlett-Packard.) [HKLM] -- {B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP Product Detection - (.HP.) [HKLM] -- {A436F67F-687E-4736-BD2B-537121A804CF} O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- HP Remote Solution O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- {C611CF88-969D-43E6-A877-D6D6439DD081} O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {6F44AF95-3CDE-4513-AD3F-6D45F17BF324} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: HomePlayer 1.5.9d - (.HomePlayer.) [HKLM] -- HomePlayer O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678 O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {41CB4C45-5559-4D7B-98F6-E469444F1549} O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Java 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Mira version 2.7.0.1 - (.Pas de propriétaire.) [HKLM] -- Mira_is1 O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr) O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B4F3A360-E1E2-479D-ADE7-9BE3B07F4539} O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- N360 O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {34610DE0-3C13-42CA-8E32-01FFA38AB6E8} O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM] -- PDF Complete O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PlayStation®Network Downloader - (.Sony Computer Entertainment Inc..) [HKLM] -- {B6659DD8-00A7-4A24-BBFB-C1F6982E5D66} O42 - Logiciel: PlayStation®Store - (.Sony Computer Entertainment Inc..) [HKLM] -- {0E532C84-4275-41B3-9D81-D4A1A20D8EE7} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM] -- {912CED74-88D3-4C5B-ACB0-13231864975D} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{27609E26-63D9-4180-BD50-08837BD3B1DC} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E34960DB-2A93-45DB-A208-02650F7AB09C} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{293FB6BE-D3EB-4162-B522-F9108040B9FE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3069CE04-082C-4669-9BA1-E6AA66330C1F} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AEA16A27-0B97-4670-818F-A98D06EC0A6F} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{075C2272-0881-46D3-B3A5-1D83D6940270} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: TomTom HOME 2.8.3.2499 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B689F89-5E1C-4DA9-B2B1-7B3843275596} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{E425BC5B-458F-4084-9C7D-2BE4020BFA35} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-B - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6C4E1D7E-EEB2-4EDE-8B39-9844D8AD9273} O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: eMule MorphXT 12.6 - (.Morph team.) [HKLM] -- eMule MorphXT_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\Hewlett-Packard] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AdwCleaner] [HKLM\Software\Alcohol Soft] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DT Soft] [HKLM\Software\Easy Computing] [HKLM\Software\EasyBits] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Electronic Arts] [HKLM\Software\FileZilla 3] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LEDPointer] [HKLM\Software\LOXANE] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\LogMeIn Rescue] [HKLM\Software\MELCO INC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Myfree Codec] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewspaperDirect] [HKLM\Software\Norton PC Checkup] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PDFComplete] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Samsung] [HKLM\Software\Sony Corporation] [HKLM\Software\Sony] [HKLM\Software\Symantec] [HKLM\Software\TomTom] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Win32 Services] [HKLM\Software\Windows] [HKLM\Software\hauppauge] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2 O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360 O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 28/03/2012 - 19:25:21 - [0,001] ----D C:\ProgramData\Autodesk O43 - CFD: 17/11/2011 - 20:05:28 - [0,162] ----D C:\ProgramData\CyberLink O43 - CFD: 13/11/2011 - 18:41:17 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Documents O43 - CFD: 20/05/2012 - 18:24:11 - [0,000] ----D C:\ProgramData\Electronic Arts O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 16/11/2011 - 19:56:49 - [152,398] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 17/11/2011 - 20:06:29 - [0,001] ----D C:\ProgramData\LightScribe O43 - CFD: 04/07/2012 - 19:35:21 - [0,004] ----D C:\ProgramData\Malwarebytes O43 - CFD: 01/07/2012 - 22:57:38 - [0] ----D C:\ProgramData\Media Center Programs O43 - CFD: 04/07/2012 - 19:27:35 - [129,221] -S--D C:\ProgramData\Microsoft O43 - CFD: 11/07/2012 - 20:23:18 - [0,062] ----D C:\ProgramData\Microsoft Help O43 - CFD: 20/10/2010 - 03:11:49 - [0] ----D C:\ProgramData\NewspaperDirect O43 - CFD: 05/07/2012 - 20:58:41 - [656,653] ----D C:\ProgramData\Norton O43 - CFD: 05/07/2012 - 20:48:22 - [1,422] ----D C:\ProgramData\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:28 - [0,598] ----D C:\ProgramData\NVIDIA O43 - CFD: 20/10/2010 - 02:43:24 - [0,582] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 13/11/2011 - 16:51:04 - [0] ----D C:\ProgramData\PC Suite O43 - CFD: 13/11/2011 - 12:06:46 - [0] ----D C:\ProgramData\PCSettings O43 - CFD: 07/07/2012 - 10:26:51 - [0] ----D C:\ProgramData\PDFC O43 - CFD: 20/10/2010 - 02:51:29 - [3,376] ----D C:\ProgramData\Ralink Driver O43 - CFD: 13/11/2011 - 18:59:03 - [25,323] ----D C:\ProgramData\Recovery O43 - CFD: 13/11/2011 - 18:37:33 - [10,632] ----D C:\ProgramData\Samsung O43 - CFD: 06/12/2011 - 21:09:34 - [0] ----D C:\ProgramData\Sony Corporation O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 06/12/2011 - 20:16:34 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 17/11/2011 - 22:47:40 - [0] ----D C:\ProgramData\Symantec O43 - CFD: 20/10/2010 - 03:01:10 - [0,469] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Templates O43 - CFD: 22/12/2011 - 11:19:08 - [0,394] ----D C:\ProgramData\TomTom O43 - CFD: 13/11/2011 - 11:08:41 - [0,272] ----D C:\ProgramData\WildTangent O43 - CFD: 20/10/2010 - 03:02:01 - [5,467] ----D C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18} O43 - CFD: 20/10/2010 - 02:48:46 - [33,439] ----D C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268} O43 - CFD: 07/02/2012 - 22:35:50 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} O43 - CFD: 16/11/2011 - 20:01:20 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837} O43 - CFD: 13/11/2011 - 11:47:27 - [16,902] ----D C:\Users\Famille Meyer\AppData\Roaming\Adobe O43 - CFD: 28/03/2012 - 19:25:21 - [0,008] ----D C:\Users\Famille Meyer\AppData\Roaming\Autodesk O43 - CFD: 17/11/2011 - 20:25:09 - [0,122] ----D C:\Users\Famille Meyer\AppData\Roaming\CyberLink O43 - CFD: 28/05/2012 - 08:42:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 19/11/2011 - 21:25:10 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\Day 1 Studios O43 - CFD: 26/06/2012 - 20:42:59 - [0,024] ----D C:\Users\Famille Meyer\AppData\Roaming\FileZilla O43 - CFD: 16/11/2011 - 19:56:58 - [0,173] ----D C:\Users\Famille Meyer\AppData\Roaming\Hewlett-Packard O43 - CFD: 09/07/2012 - 18:50:27 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\HP Support Assistant O43 - CFD: 16/11/2011 - 20:03:15 - [0,030] ----D C:\Users\Famille Meyer\AppData\Roaming\hpqLog O43 - CFD: 09/07/2012 - 18:50:27 - [0,014] ----D C:\Users\Famille Meyer\AppData\Roaming\HpUpdate O43 - CFD: 13/11/2011 - 11:03:54 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Identities O43 - CFD: 13/11/2011 - 11:04:12 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Intel Corporation O43 - CFD: 13/11/2011 - 11:47:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Macromedia O43 - CFD: 04/07/2012 - 19:35:24 - [0,006] ----D C:\Users\Famille Meyer\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Media Center Programs O43 - CFD: 28/04/2012 - 13:43:00 - [85,552] -S--D C:\Users\Famille Meyer\AppData\Roaming\Microsoft O43 - CFD: 13/11/2011 - 13:01:02 - [12,411] ----D C:\Users\Famille Meyer\AppData\Roaming\Mozilla O43 - CFD: 16/12/2011 - 21:35:32 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\NASNaviator2 O43 - CFD: 13/11/2011 - 16:50:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\PC Suite O43 - CFD: 13/11/2011 - 18:39:52 - [27,953] ----D C:\Users\Famille Meyer\AppData\Roaming\Samsung O43 - CFD: 06/12/2011 - 21:10:02 - [16,731] ----D C:\Users\Famille Meyer\AppData\Roaming\Sony O43 - CFD: 04/07/2012 - 20:42:41 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Temp O43 - CFD: 18/11/2011 - 18:45:19 - [0,036] ----D C:\Users\Famille Meyer\AppData\Roaming\Tific O43 - CFD: 13/11/2011 - 18:07:10 - [1,476] ----D C:\Users\Famille Meyer\AppData\Roaming\TomTom O43 - CFD: 12/07/2012 - 20:55:17 - [0,380] ----D C:\Users\Famille Meyer\AppData\Roaming\vlc O43 - CFD: 16/11/2011 - 20:00:23 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\WinBatch O43 - CFD: 13/11/2011 - 15:37:57 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\WinRAR O43 - CFD: 27/12/2011 - 18:33:08 - [6,004] ----D C:\Users\Famille Meyer\AppData\Local\AliensVsPredator O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Application Data O43 - CFD: 13/11/2011 - 12:57:57 - [1,245] ----D C:\Users\Famille Meyer\AppData\Local\Apps O43 - CFD: 13/07/2012 - 20:31:42 - [0] ----D C:\Users\Famille Meyer\AppData\Local\CrashDumps O43 - CFD: 17/11/2011 - 20:25:06 - [0,043] ----D C:\Users\Famille Meyer\AppData\Local\CyberLink O43 - CFD: 13/11/2011 - 12:58:07 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Deployment O43 - CFD: 11/07/2012 - 20:58:16 - [0,425] ----D C:\Users\Famille Meyer\AppData\Local\Diagnostics O43 - CFD: 06/12/2011 - 21:09:42 - [237,831] ----D C:\Users\Famille Meyer\AppData\Local\Downloaded Installations O43 - CFD: 21/05/2012 - 19:17:10 - [0] ----D C:\Users\Famille Meyer\AppData\Local\ElevatedDiagnostics O43 - CFD: 13/11/2011 - 13:33:19 - [290,243] ----D C:\Users\Famille Meyer\AppData\Local\Google O43 - CFD: 28/02/2012 - 23:37:32 - [56,267] ----D C:\Users\Famille Meyer\AppData\Local\Hewlett-Packard O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Historique O43 - CFD: 03/07/2012 - 11:16:03 - [113,460] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft O43 - CFD: 13/11/2011 - 20:04:35 - [0,194] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft Help O43 - CFD: 13/11/2011 - 13:00:52 - [10,364] ----D C:\Users\Famille Meyer\AppData\Local\Mozilla O43 - CFD: 04/07/2012 - 21:07:51 - [7,468] ----D C:\Users\Famille Meyer\AppData\Local\NPE O43 - CFD: 13/11/2011 - 11:04:08 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PDFC O43 - CFD: 17/11/2011 - 20:25:05 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PowerCinema O43 - CFD: 20/02/2012 - 20:03:39 - [0,050] ----D C:\Users\Famille Meyer\AppData\Local\Samsung O43 - CFD: 06/12/2011 - 21:10:41 - [0,007] ----D C:\Users\Famille Meyer\AppData\Local\Sony O43 - CFD: 05/07/2012 - 21:37:41 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\Symantec O43 - CFD: 13/07/2012 - 20:46:41 - [0,683] ----D C:\Users\Famille Meyer\AppData\Local\Temp O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Temporary Internet Files O43 - CFD: 13/11/2011 - 18:07:10 - [1,889] ----D C:\Users\Famille Meyer\AppData\Local\TomTom O43 - CFD: 16/11/2011 - 19:55:46 - [5,940] ----D C:\Users\Famille Meyer\AppData\Local\VirtualStore O43 - CFD: 26/11/2011 - 11:54:58 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\WBFSManager O43 - CFD: 13/07/2012 - 20:14:54 - [0,004] ----D C:\Users\Famille Meyer\AppData\Local\Windows Live O43 - CFD: 04/07/2012 - 19:18:19 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{168B06B3-1EA0-4E48-9EE6-D0C1E7E39E49} O43 - CFD: 11/07/2012 - 15:19:34 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{16999B7A-EA63-4B7A-AC45-EF883A680AB0} O43 - CFD: 07/07/2012 - 13:27:06 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{1F88DF9A-2A26-4C15-8EE4-C388055A3A27} O43 - CFD: 09/07/2012 - 18:42:29 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{23C22838-64E7-458C-8979-FEB66ED5D15D} O43 - CFD: 05/07/2012 - 20:42:25 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{264792B2-A124-4FF4-94F9-54482D7DF235} O43 - CFD: 11/07/2012 - 15:19:46 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{2BD34C31-7EBC-4CD6-8C87-4CD39525A412} O43 - CFD: 13/07/2012 - 20:14:38 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{452C0DB5-E3F0-44DB-9811-2628F978CA2F} O43 - CFD: 05/07/2012 - 20:42:36 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{4CC781EB-07F5-4666-B6D1-68619A0286DC} O43 - CFD: 07/07/2012 - 13:27:17 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{5B5B847C-1841-40C0-8342-88E7EF4513D2} O43 - CFD: 10/07/2012 - 20:47:55 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{77C4A752-58D3-4D18-8CA9-099B7209C3EC} O43 - CFD: 12/07/2012 - 16:56:51 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{81ABAAB4-D18F-4ACE-AC06-9F31BA1648AA} O43 - CFD: 12/07/2012 - 16:56:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{87802E59-3F9B-4EF8-918B-33E374F2FB08} O43 - CFD: 09/07/2012 - 18:42:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8A0069C5-7F23-4E3C-ADD3-8CB022509354} O43 - CFD: 10/07/2012 - 20:47:44 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8AF4AA1F-1C1A-467F-BA22-0B81C5A151B2} O43 - CFD: 04/07/2012 - 19:18:04 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{930F0D4A-5ADD-4994-806A-4E19BE53CF23} O43 - CFD: 03/07/2012 - 23:17:33 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{B27F61BF-6A5F-4CE0-A165-339DD1D50737} O43 - CFD: 12/07/2012 - 03:20:20 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C1E70EB4-5EC4-4F40-BC84-79C3A23F7F35} O43 - CFD: 08/07/2012 - 14:27:39 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C37425C6-9B2A-4DF2-8CA3-E1ACAF33D21D} O43 - CFD: 08/07/2012 - 14:27:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C38A4200-E8EE-4AE1-9169-769049D7C683} O43 - CFD: 13/07/2012 - 20:14:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{CB78448A-2C83-499C-A358-B7612EA45196} O43 - CFD: 12/07/2012 - 03:20:31 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{EED1BADB-45E5-4031-8E14-45908B12922E} O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 11/07/2012 - 20:47:20 - [0,000] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/12/2011 - 21:36:53 - [0,002] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO O43 - CFD: 13/11/2011 - 12:58:58 - [0,005] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 13/11/2011 - 15:31:05 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomePlayer O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/11/2011 - 12:10:11 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton O43 - CFD: 11/07/2012 - 20:47:20 - [0,003] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 13/11/2011 - 15:33:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager O43 - CFD: 13/11/2011 - 15:37:23 - [0,003] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2 O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360 O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard ~ Scan Program Folder in 00mn 04s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B26D138E294B7F3EB60736F6FF69BEE7] - 13/07/2012 - 19:17:12 ----- . (...) -- C:\Windows\WindowsUpdate.log [1783759] O44 - LFC:[MD5.75536F897E885FE4D89296A907F84484] - 13/07/2012 - 19:13:16 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1557650] O44 - LFC:[MD5.D0F93C09ECF43ACF09EFCE2B98054552] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107566] O44 - LFC:[MD5.03EA8E56EF19F34121E3A101F6BA6635] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132162] O44 - LFC:[MD5.670E14657112792486A37AB57345C8E3] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [619246] O44 - LFC:[MD5.6D750593199E36D7666E5B92E2A3C5C4] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [707548] O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1557650] O44 - LFC:[MD5.4E696120E4625D03FACDA45F963BD3D6] - 11/07/2012 - 20:36:39 ---A- . (...) -- C:\AdwCleaner[s1].txt [4540] O44 - LFC:[MD5.D9049468326C11A54563AE65D4DD251F] - 11/07/2012 - 20:34:31 ---A- . (...) -- C:\AdwCleaner[R1].txt [5458] O44 - LFC:[MD5.6CAA7426E0F1FA2C974ABFBF53C1939B] - 11/07/2012 - 19:26:13 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [419696] O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 11/07/2012 - 19:23:08 ---A- . (...) -- C:\Windows\win.ini [478] O44 - LFC:[MD5.0AC7E54445F7FEC27046E4FF3807CF6A] - 10/07/2012 - 20:03:19 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.C2DC69FDA8AF0E107C6421F66B3B7C08] - 02/07/2012 - 18:06:27 ---A- . (...) -- C:\img2-001.raw [921624] ~ Scan Files in 00mn 13s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{17480f40-388c-11e1-9fb3-6c626d5b4a28}\AutoRun\command. (...) -- K:\run.bat (.not file.) O51 - MPSK:{b9c56442-2032-11e1-93b3-6c626d5b4a28}\AutoRun\command. (...) -- K:\Startme.exe (.not file.) O51 - MPSK:{cddfc161-0df4-11e1-8018-6c626d5b4a28}\AutoRun\command. (...) -- J:\autorun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) (None) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2 O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.D0D4F3CA1D3A4400E1F40F36A800CD12] - 01/05/2010 - 07:50:00 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18136] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {28912588-0B9D-48B1-BDA5-5FFEC9C71158} - (Yahoo! Search) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - (AlloCine) - http://www.allocine.fr O69 - SBI: SearchScopes [HKCU] {76685F19-2182-412B-87ED-8D3C8F4A89EF} - (Wikipedia) - Wikipédia, l'encyclopédie libre O69 - SBI: SearchScopes [HKCU] {B08C0E91-95A4-42DF-9964-D043983A285A} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - (Dailymotion) - Dailymotion - Watch, publish, share videos ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] ~ Scan Services in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{CFEF55E8-8E17-4836-A151-5E8D261FAEFB}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe O87 - FAEL: "{94BC8B49-B819-48E3-8BEB-DBE3A6617C88}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{9983EFFF-988E-447D-8DD8-57AB34A5ACFC}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe O87 - FAEL: "{E3C0D7B6-3E7E-4757-9DDA-85D5C7572DA9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe O87 - FAEL: "{C5C4113C-1946-4FE3-B84B-3D63B2737C56}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe O87 - FAEL: "{F17FE936-5A73-4807-B364-E9672C228585}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{6F040ED0-95D5-4915-BEC5-CB0D4B5FC043}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{64DBCDD1-B6D4-4BCD-8A2B-15F1C71E1C71}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{8EEFC00D-F0BC-41D2-9819-9F9F2535FA2F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{2CDDAF0B-576F-46C8-A515-40A82860D816}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O87 - FAEL: "{A4B0ED14-3C58-4D21-8877-B5EA7A28C72D}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O87 - FAEL: "{AD253646-791F-4BBF-BE4C-76780556D3A5}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe O87 - FAEL: "{3A73484B-B52D-4407-82AA-5C6B69D1E5AE}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe O87 - FAEL: "{DD1AC9D9-B2F7-46D9-9CD8-4B3EED343326}" | Out - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe O87 - FAEL: "{E2E1A16C-11D1-4865-8B54-F5A0891FFAAC}" | In - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe O87 - FAEL: "{7C72CAC3-D7FF-41C3-B202-691A665CFB36}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe O87 - FAEL: "{129AA54E-463F-44B1-AEB6-48559BAA0739}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe O87 - FAEL: "{55D84BD4-7905-4BBC-8D23-02B4C8F51DC6}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe O87 - FAEL: "{3CCDB9D2-91F7-44F5-9955-4525B2FC2460}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe O87 - FAEL: "{7CDA954F-ABD3-4C43-B3A5-209874896C26}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O87 - FAEL: "{8A29C95C-AB57-45CE-BD35-580805F1FF46}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O87 - FAEL: "{DA3D29C1-B065-4A52-9139-8E1F7EE978B0}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{8A4AF84B-B7AA-436F-85D0-EF6D58FA0761}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe ~ Scan Firewall in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 11/07/2012 250056 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 15/07/2010 2641920 | (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe SR - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 01/10/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Auto 17/04/2011 130008 | (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe SR - | Auto 15/05/2009 251184 | C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (NasPmService) . (.BUFFALO INC..) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe SR - | Auto 05/08/2011 1016936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 05/08/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Auto 15/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe SS - | Demand 11/11/2008 620544 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 23/01/2012 92592 | (TrkWks) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SS - | Auto 23/01/2012 92592 | (TrustedInstaller) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 01/10/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 04s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite ~ Scan Emulateurs in 00mn 04s End of the scan (1309 lines in 00mn 42s)(0) Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012 Run by Famille Meyer at 13/07/2012 20:47:37 Web site : ZHPDiag Outil de diagnostic Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com State : Version à jour. ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 (Defaut) MFIE: Mozilla Firefox 8.0 v8.0 ---\\ Windows Product Information ~ Langage: Français Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 3Q6C9 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 6103 MB (67% free) System Restore: Activé (Enable) System drive C: has 1298 GB (93%) free of 1384 GB ---\\ Logged in mode ~ Computer Name: FAMILLEMEYER-HP ~ User Name: Famille Meyer ~ All Users Names: UpdatusUser, Rémy, HomeGroupUser$, Famille Meyer, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Famille Meyer\AppData\Roaming\ ~ %Desktop% : C:\Users\Famille Meyer\Desktop\ ~ %Favorites% : C:\Users\Famille Meyer\Favorites\ ~ %LocalAppData% : C:\Users\Famille Meyer\AppData\Local\ ~ %StartMenu% : C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\System32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 1298 Go of 1384 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go) E:\ CD-ROM drive (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ Floppy drive, Flash card reader, USB Key (Not Inserted) I:\ Floppy drive, Flash card reader, USB Key (Not Inserted) J:\ CD-ROM drive (Not Inserted) K:\ Floppy drive, Flash card reader, USB Key (Not Inserted) L:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024] [MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 13:05:28.) -- C:\Windows\System32\wininet.dll [1392128] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448] [MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296] [MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes images (My Pictures) : 2/303 ~ Mes musiques (My Musics) : 2/345 ~ Mes Videos (My Videos) : 1/6 ~ Mes Favoris (My Favorites) : 1/287 ~ Mes Documents (My Documents) : 1/1844 ~ Mon Bureau (My Desktop) : 1/11 ~ Menu demarrer (Programs) : 1/35 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008] [PID.] [MD5.4FF9D0D5FEC26D9F2312A8C15CA59C8F] - (.Pas de propriétaire - Monitor LED Key.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [53248] [PID.3312] [MD5.69764A6475A4C54732E6A07CE6EF8BE2] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe [762736] [PID.4444] [MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.4452] [MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.4468] [MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.4480] [MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4508] [MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4868] [MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696] [PID.5004] [MD5.4298DB2F9FE4FE4C96AC4528542680F8] - (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992] [PID.5028] [MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5040] [MD5.DA614F3014897FE46D6E4A2D483CDDD2] - (.BUFFALO INC. - NAS Function Scheduling Application.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe [206128] [PID.4120] [MD5.EDCB55CF7135CCF9818EEC413FB39410] - (.Hewlett-Packard - HP LED INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe [2068992] [PID.4212] [MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3676] [MD5.47D1F0444CE33A0CA42409A88896CD8D] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.2716] [MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3838464] [PID.6548] [MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.] [MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.] [MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.] [MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.] [MD5.E38775922D4A4C05B5D96733AB4CE169] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824] [PID.] [MD5.15E5ABD9E03D57671BB74EB5CBAB8019] - (.BUFFALO INC. - NAS Power Management Service.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251184] [PID.] [MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.] [MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.] [MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.] [MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.] [MD5.FF7E8BC3A8B90F03BD20588B5840154F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504] [PID.] [MD5.02C298382359653BEC4C737C2AB7F9C5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google G0 - GCSP: Preference [user Data\Default] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\prefs.js M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml M0 - MFSP: prefs.js [Famille Meyer - wun2jzbg.default] www.free.fr P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ~ Nombre de lignes (Lines number): 22 ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: (no name) [64Bits] - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} Clé orpheline O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.dll O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [VX3000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKCU\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe O4 - HKLM\..\Wow6432Node\Run: [LaunchHPOSIAPP] . (.Hewlett-Packard - Launch a application..) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Wow6432Node\Run: [bATINDICATOR] . (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAut O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\UpdatusUser\Desktop\Super Architect 3D Expert CAD - 18 Tools.lnk . (...) -- C:\Program Files (x86)\Easy Computing\ECStart.exe (.not file.) O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Rémy\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\BUFFALO NAS Navigator2.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\CyberLink DVD Suite Deluxe.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\eMule.lnk . (.http://emulemorph.sourceforge.net.) -- C:\Program Files (x86)\eMule\eMule.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\HomePlayer.lnk . (...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\LS-CHLC80.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\TomTom HOME 2.lnk . (.TomTom International B.V..) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WinRAR.lnk . (...) -- C:\Program Files (x86)\WinRAR\WinRAR.exe (.not file.) O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MIF5BA~1\Office12\EXCEL.exe ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Objets ActiveX (Downloaded Program Files)(O16) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab ~ Scan Objets ActiveX in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CCS\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS1\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241 O17 - HKLM\System\CS2\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) -- O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) -- O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) -- O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: tv [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: vbscript [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) -- O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) -- O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd - Mirics FlexiTV DVBT 2.1.0rc11: R.03.46.48.0.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe O23 - Service: NAS PM Service (NasPmService) . (...) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (.not file.) O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.8.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Intel® Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFamille Meyer.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job [MD5.5E1A953C6472E7BB644892A4D0DF5E72] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [MD5.57CFD2E9CC23E1C6B0584B7AFCAB2EBA] [APT] [elbyExecuteWithUAC] (...) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\executeWithUAC.exe [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.) [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFamille Meyer] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFAMILLEMEYER-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [MD5.00000000000000000000000000000000] [APT] [{24B1BFB5-835C-453D-A4BD-BE49B9FF2EDE}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.B64BAF38F446B9F521D820671B42E7EB] [APT] [{2DEE240E-0F76-4AB2-A085-5306E5A02421}] (.A. Brochard.) -- C:\Program Files (x86)\PS3 Media Server\PMS.exe [MD5.00000000000000000000000000000000] [APT] [{41238FFF-6187-475E-B2A6-DFF4400B6637}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{74BB5DC9-1E9B-4404-BAFE-C5E1412C8F2D}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{7698F5AF-0E3A-42E3-B198-15195B7792FB}] (...) -- J:\Installer.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{9DDE89E2-9135-4B15-90CA-3FFFC8A4E38F}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{CAF82E2D-534E-4B54-8583-855396CC401A}] (...) -- C:\Users\Famille Meyer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6VUX14H\CFWebU.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{D039FAB9-2070-434E-B1CD-F14DCD025651}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{DB441831-4D64-4155-95E6-7EC3E731477F}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{EA64C32B-8DC0-4F72-8A35-8FCD4719F606}] (...) -- E:\AUTORUN.exe (.not file.) [MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [MD5.7A14C25B7EC229B7F8B3E457779C83CC] [APT] [HP Total Care Tune-Up] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [MD5.A87F567F053191361B617D7908F8E062] [APT] [update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe [MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Composants installés (ActiveSetup Installed Components) (O40) O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll ~ Scan Active Setup in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120712.001\IDSvia64.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.sys O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\System32\DRIVERS\SymIMv.sys O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.sys O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.sys O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120711.001\IDSvia64.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: BUFFALO NAS Navigator2 - (.Pas de propriétaire.) [HKLM] -- UN060501 O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2 O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU_BOBTV.FR O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF} O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E} O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM] -- FileZilla Client O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E} O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B} O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544} O42 - Logiciel: HP MAINSTREAM KEYBOARD - (.Hewlett-Packard.) [HKLM] -- {B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095} O42 - Logiciel: HP Product Detection - (.HP.) [HKLM] -- {A436F67F-687E-4736-BD2B-537121A804CF} O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- HP Remote Solution O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- {C611CF88-969D-43E6-A877-D6D6439DD081} O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833} O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {6F44AF95-3CDE-4513-AD3F-6D45F17BF324} O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40} O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F} O42 - Logiciel: HomePlayer 1.5.9d - (.HomePlayer.) [HKLM] -- HomePlayer O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678 O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {41CB4C45-5559-4D7B-98F6-E469444F1549} O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D} O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A} O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC} O42 - Logiciel: Java 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243} O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7} O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Mira version 2.7.0.1 - (.Pas de propriétaire.) [HKLM] -- Mira_is1 O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E} O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr) O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B4F3A360-E1E2-479D-ADE7-9BE3B07F4539} O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- N360 O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {34610DE0-3C13-42CA-8E32-01FFA38AB6E8} O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM] -- PDF Complete O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: PlayStation®Network Downloader - (.Sony Computer Entertainment Inc..) [HKLM] -- {B6659DD8-00A7-4A24-BBFB-C1F6982E5D66} O42 - Logiciel: PlayStation®Store - (.Sony Computer Entertainment Inc..) [HKLM] -- {0E532C84-4275-41B3-9D81-D4A1A20D8EE7} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM] -- {912CED74-88D3-4C5B-ACB0-13231864975D} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A} O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906 O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827 O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{27609E26-63D9-4180-BD50-08837BD3B1DC} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E34960DB-2A93-45DB-A208-02650F7AB09C} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{293FB6BE-D3EB-4162-B522-F9108040B9FE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3069CE04-082C-4669-9BA1-E6AA66330C1F} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15} O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AEA16A27-0B97-4670-818F-A98D06EC0A6F} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525} O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{075C2272-0881-46D3-B3A5-1D83D6940270} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: TomTom HOME 2.8.3.2499 - (.TomTom.) [HKLM] -- TomTom HOME O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B689F89-5E1C-4DA9-B2B1-7B3843275596} O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{E425BC5B-458F-4084-9C7D-2BE4020BFA35} O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-B - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6C4E1D7E-EEB2-4EDE-8B39-9844D8AD9273} O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0 O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: eMule MorphXT 12.6 - (.Morph team.) [HKLM] -- eMule MorphXT_is1 ---\\ HKCU & HKLM Software Keys [HKCU\Software\AppDataLow\Software\MarkAny] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\Hewlett-Packard] [HKLM\Software\AGEIA Technologies] [HKLM\Software\AdwCleaner] [HKLM\Software\Alcohol Soft] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\CyberLink] [HKLM\Software\DT Soft] [HKLM\Software\Easy Computing] [HKLM\Software\EasyBits] [HKLM\Software\Elaborate Bytes] [HKLM\Software\Electronic Arts] [HKLM\Software\FileZilla 3] [HKLM\Software\Google] [HKLM\Software\Hewlett-Packard] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\LEDPointer] [HKLM\Software\LOXANE] [HKLM\Software\Licenses] [HKLM\Software\LightScribe] [HKLM\Software\LogMeIn Rescue] [HKLM\Software\MELCO INC] [HKLM\Software\Macromedia] [HKLM\Software\Malwarebytes' Anti-Malware (Trial)] [HKLM\Software\Malwarebytes' Anti-Malware] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\Myfree Codec] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\NewspaperDirect] [HKLM\Software\Norton PC Checkup] [HKLM\Software\Norton] [HKLM\Software\ODBC] [HKLM\Software\PC Connectivity Solution] [HKLM\Software\PDFComplete] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\Samsung] [HKLM\Software\Sony Corporation] [HKLM\Software\Sony] [HKLM\Software\Symantec] [HKLM\Software\TomTom] [HKLM\Software\Valve] [HKLM\Software\VideoLAN] [HKLM\Software\Volatile] [HKLM\Software\Win32 Services] [HKLM\Software\Windows] [HKLM\Software\hauppauge] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2 O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360 O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Application Data O43 - CFD: 28/03/2012 - 19:25:21 - [0,001] ----D C:\ProgramData\Autodesk O43 - CFD: 17/11/2011 - 20:05:28 - [0,162] ----D C:\ProgramData\CyberLink O43 - CFD: 13/11/2011 - 18:41:17 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Documents O43 - CFD: 20/05/2012 - 18:24:11 - [0,000] ----D C:\ProgramData\Electronic Arts O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Favorites O43 - CFD: 16/11/2011 - 19:56:49 - [152,398] ----D C:\ProgramData\Hewlett-Packard O43 - CFD: 17/11/2011 - 20:06:29 - [0,001] ----D C:\ProgramData\LightScribe O43 - CFD: 04/07/2012 - 19:35:21 - [0,004] ----D C:\ProgramData\Malwarebytes O43 - CFD: 01/07/2012 - 22:57:38 - [0] ----D C:\ProgramData\Media Center Programs O43 - CFD: 04/07/2012 - 19:27:35 - [129,221] -S--D C:\ProgramData\Microsoft O43 - CFD: 11/07/2012 - 20:23:18 - [0,062] ----D C:\ProgramData\Microsoft Help O43 - CFD: 20/10/2010 - 03:11:49 - [0] ----D C:\ProgramData\NewspaperDirect O43 - CFD: 05/07/2012 - 20:58:41 - [656,653] ----D C:\ProgramData\Norton O43 - CFD: 05/07/2012 - 20:48:22 - [1,422] ----D C:\ProgramData\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:28 - [0,598] ----D C:\ProgramData\NVIDIA O43 - CFD: 20/10/2010 - 02:43:24 - [0,582] ----D C:\ProgramData\NVIDIA Corporation O43 - CFD: 13/11/2011 - 16:51:04 - [0] ----D C:\ProgramData\PC Suite O43 - CFD: 13/11/2011 - 12:06:46 - [0] ----D C:\ProgramData\PCSettings O43 - CFD: 07/07/2012 - 10:26:51 - [0] ----D C:\ProgramData\PDFC O43 - CFD: 20/10/2010 - 02:51:29 - [3,376] ----D C:\ProgramData\Ralink Driver O43 - CFD: 13/11/2011 - 18:59:03 - [25,323] ----D C:\ProgramData\Recovery O43 - CFD: 13/11/2011 - 18:37:33 - [10,632] ----D C:\ProgramData\Samsung O43 - CFD: 06/12/2011 - 21:09:34 - [0] ----D C:\ProgramData\Sony Corporation O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Start Menu O43 - CFD: 06/12/2011 - 20:16:34 - [0,000] ----D C:\ProgramData\Sun O43 - CFD: 17/11/2011 - 22:47:40 - [0] ----D C:\ProgramData\Symantec O43 - CFD: 20/10/2010 - 03:01:10 - [0,469] ----D C:\ProgramData\Temp O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Templates O43 - CFD: 22/12/2011 - 11:19:08 - [0,394] ----D C:\ProgramData\TomTom O43 - CFD: 13/11/2011 - 11:08:41 - [0,272] ----D C:\ProgramData\WildTangent O43 - CFD: 20/10/2010 - 03:02:01 - [5,467] ----D C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18} O43 - CFD: 20/10/2010 - 02:48:46 - [33,439] ----D C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268} O43 - CFD: 07/02/2012 - 22:35:50 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E} O43 - CFD: 16/11/2011 - 20:01:20 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837} O43 - CFD: 13/11/2011 - 11:47:27 - [16,902] ----D C:\Users\Famille Meyer\AppData\Roaming\Adobe O43 - CFD: 28/03/2012 - 19:25:21 - [0,008] ----D C:\Users\Famille Meyer\AppData\Roaming\Autodesk O43 - CFD: 17/11/2011 - 20:25:09 - [0,122] ----D C:\Users\Famille Meyer\AppData\Roaming\CyberLink O43 - CFD: 28/05/2012 - 08:42:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 19/11/2011 - 21:25:10 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\Day 1 Studios O43 - CFD: 26/06/2012 - 20:42:59 - [0,024] ----D C:\Users\Famille Meyer\AppData\Roaming\FileZilla O43 - CFD: 16/11/2011 - 19:56:58 - [0,173] ----D C:\Users\Famille Meyer\AppData\Roaming\Hewlett-Packard O43 - CFD: 09/07/2012 - 18:50:27 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\HP Support Assistant O43 - CFD: 16/11/2011 - 20:03:15 - [0,030] ----D C:\Users\Famille Meyer\AppData\Roaming\hpqLog O43 - CFD: 09/07/2012 - 18:50:27 - [0,014] ----D C:\Users\Famille Meyer\AppData\Roaming\HpUpdate O43 - CFD: 13/11/2011 - 11:03:54 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Identities O43 - CFD: 13/11/2011 - 11:04:12 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Intel Corporation O43 - CFD: 13/11/2011 - 11:47:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Macromedia O43 - CFD: 04/07/2012 - 19:35:24 - [0,006] ----D C:\Users\Famille Meyer\AppData\Roaming\Malwarebytes O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Media Center Programs O43 - CFD: 28/04/2012 - 13:43:00 - [85,552] -S--D C:\Users\Famille Meyer\AppData\Roaming\Microsoft O43 - CFD: 13/11/2011 - 13:01:02 - [12,411] ----D C:\Users\Famille Meyer\AppData\Roaming\Mozilla O43 - CFD: 16/12/2011 - 21:35:32 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\NASNaviator2 O43 - CFD: 13/11/2011 - 16:50:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\PC Suite O43 - CFD: 13/11/2011 - 18:39:52 - [27,953] ----D C:\Users\Famille Meyer\AppData\Roaming\Samsung O43 - CFD: 06/12/2011 - 21:10:02 - [16,731] ----D C:\Users\Famille Meyer\AppData\Roaming\Sony O43 - CFD: 04/07/2012 - 20:42:41 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Temp O43 - CFD: 18/11/2011 - 18:45:19 - [0,036] ----D C:\Users\Famille Meyer\AppData\Roaming\Tific O43 - CFD: 13/11/2011 - 18:07:10 - [1,476] ----D C:\Users\Famille Meyer\AppData\Roaming\TomTom O43 - CFD: 12/07/2012 - 20:55:17 - [0,380] ----D C:\Users\Famille Meyer\AppData\Roaming\vlc O43 - CFD: 16/11/2011 - 20:00:23 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\WinBatch O43 - CFD: 13/11/2011 - 15:37:57 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\WinRAR O43 - CFD: 27/12/2011 - 18:33:08 - [6,004] ----D C:\Users\Famille Meyer\AppData\Local\AliensVsPredator O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Application Data O43 - CFD: 13/11/2011 - 12:57:57 - [1,245] ----D C:\Users\Famille Meyer\AppData\Local\Apps O43 - CFD: 13/07/2012 - 20:31:42 - [0] ----D C:\Users\Famille Meyer\AppData\Local\CrashDumps O43 - CFD: 17/11/2011 - 20:25:06 - [0,043] ----D C:\Users\Famille Meyer\AppData\Local\CyberLink O43 - CFD: 13/11/2011 - 12:58:07 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Deployment O43 - CFD: 11/07/2012 - 20:58:16 - [0,425] ----D C:\Users\Famille Meyer\AppData\Local\Diagnostics O43 - CFD: 06/12/2011 - 21:09:42 - [237,831] ----D C:\Users\Famille Meyer\AppData\Local\Downloaded Installations O43 - CFD: 21/05/2012 - 19:17:10 - [0] ----D C:\Users\Famille Meyer\AppData\Local\ElevatedDiagnostics O43 - CFD: 13/11/2011 - 13:33:19 - [290,243] ----D C:\Users\Famille Meyer\AppData\Local\Google O43 - CFD: 28/02/2012 - 23:37:32 - [56,267] ----D C:\Users\Famille Meyer\AppData\Local\Hewlett-Packard O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Historique O43 - CFD: 03/07/2012 - 11:16:03 - [113,460] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft O43 - CFD: 13/11/2011 - 20:04:35 - [0,194] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft Help O43 - CFD: 13/11/2011 - 13:00:52 - [10,364] ----D C:\Users\Famille Meyer\AppData\Local\Mozilla O43 - CFD: 04/07/2012 - 21:07:51 - [7,468] ----D C:\Users\Famille Meyer\AppData\Local\NPE O43 - CFD: 13/11/2011 - 11:04:08 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PDFC O43 - CFD: 17/11/2011 - 20:25:05 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PowerCinema O43 - CFD: 20/02/2012 - 20:03:39 - [0,050] ----D C:\Users\Famille Meyer\AppData\Local\Samsung O43 - CFD: 06/12/2011 - 21:10:41 - [0,007] ----D C:\Users\Famille Meyer\AppData\Local\Sony O43 - CFD: 05/07/2012 - 21:37:41 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\Symantec O43 - CFD: 13/07/2012 - 20:46:41 - [0,683] ----D C:\Users\Famille Meyer\AppData\Local\Temp O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Temporary Internet Files O43 - CFD: 13/11/2011 - 18:07:10 - [1,889] ----D C:\Users\Famille Meyer\AppData\Local\TomTom O43 - CFD: 16/11/2011 - 19:55:46 - [5,940] ----D C:\Users\Famille Meyer\AppData\Local\VirtualStore O43 - CFD: 26/11/2011 - 11:54:58 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\WBFSManager O43 - CFD: 13/07/2012 - 20:14:54 - [0,004] ----D C:\Users\Famille Meyer\AppData\Local\Windows Live O43 - CFD: 04/07/2012 - 19:18:19 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{168B06B3-1EA0-4E48-9EE6-D0C1E7E39E49} O43 - CFD: 11/07/2012 - 15:19:34 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{16999B7A-EA63-4B7A-AC45-EF883A680AB0} O43 - CFD: 07/07/2012 - 13:27:06 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{1F88DF9A-2A26-4C15-8EE4-C388055A3A27} O43 - CFD: 09/07/2012 - 18:42:29 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{23C22838-64E7-458C-8979-FEB66ED5D15D} O43 - CFD: 05/07/2012 - 20:42:25 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{264792B2-A124-4FF4-94F9-54482D7DF235} O43 - CFD: 11/07/2012 - 15:19:46 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{2BD34C31-7EBC-4CD6-8C87-4CD39525A412} O43 - CFD: 13/07/2012 - 20:14:38 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{452C0DB5-E3F0-44DB-9811-2628F978CA2F} O43 - CFD: 05/07/2012 - 20:42:36 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{4CC781EB-07F5-4666-B6D1-68619A0286DC} O43 - CFD: 07/07/2012 - 13:27:17 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{5B5B847C-1841-40C0-8342-88E7EF4513D2} O43 - CFD: 10/07/2012 - 20:47:55 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{77C4A752-58D3-4D18-8CA9-099B7209C3EC} O43 - CFD: 12/07/2012 - 16:56:51 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{81ABAAB4-D18F-4ACE-AC06-9F31BA1648AA} O43 - CFD: 12/07/2012 - 16:56:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{87802E59-3F9B-4EF8-918B-33E374F2FB08} O43 - CFD: 09/07/2012 - 18:42:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8A0069C5-7F23-4E3C-ADD3-8CB022509354} O43 - CFD: 10/07/2012 - 20:47:44 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8AF4AA1F-1C1A-467F-BA22-0B81C5A151B2} O43 - CFD: 04/07/2012 - 19:18:04 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{930F0D4A-5ADD-4994-806A-4E19BE53CF23} O43 - CFD: 03/07/2012 - 23:17:33 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{B27F61BF-6A5F-4CE0-A165-339DD1D50737} O43 - CFD: 12/07/2012 - 03:20:20 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C1E70EB4-5EC4-4F40-BC84-79C3A23F7F35} O43 - CFD: 08/07/2012 - 14:27:39 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C37425C6-9B2A-4DF2-8CA3-E1ACAF33D21D} O43 - CFD: 08/07/2012 - 14:27:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C38A4200-E8EE-4AE1-9169-769049D7C683} O43 - CFD: 13/07/2012 - 20:14:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{CB78448A-2C83-499C-A358-B7612EA45196} O43 - CFD: 12/07/2012 - 03:20:31 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{EED1BADB-45E5-4031-8E14-45908B12922E} O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories O43 - CFD: 11/07/2012 - 20:47:20 - [0,000] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools O43 - CFD: 16/12/2011 - 21:36:53 - [0,002] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO O43 - CFD: 13/11/2011 - 12:58:58 - [0,005] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome O43 - CFD: 13/11/2011 - 15:31:05 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomePlayer O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance O43 - CFD: 13/11/2011 - 12:10:11 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton O43 - CFD: 11/07/2012 - 20:47:20 - [0,003] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup O43 - CFD: 13/11/2011 - 15:33:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager O43 - CFD: 13/11/2011 - 15:37:23 - [0,003] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2 O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2 O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360 O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2 O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard ~ Scan Program Folder in 00mn 04s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.B26D138E294B7F3EB60736F6FF69BEE7] - 13/07/2012 - 19:17:12 ----- . (...) -- C:\Windows\WindowsUpdate.log [1783759] O44 - LFC:[MD5.75536F897E885FE4D89296A907F84484] - 13/07/2012 - 19:13:16 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1557650] O44 - LFC:[MD5.D0F93C09ECF43ACF09EFCE2B98054552] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107566] O44 - LFC:[MD5.03EA8E56EF19F34121E3A101F6BA6635] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132162] O44 - LFC:[MD5.670E14657112792486A37AB57345C8E3] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [619246] O44 - LFC:[MD5.6D750593199E36D7666E5B92E2A3C5C4] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [707548] O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1557650] O44 - LFC:[MD5.4E696120E4625D03FACDA45F963BD3D6] - 11/07/2012 - 20:36:39 ---A- . (...) -- C:\AdwCleaner[s1].txt [4540] O44 - LFC:[MD5.D9049468326C11A54563AE65D4DD251F] - 11/07/2012 - 20:34:31 ---A- . (...) -- C:\AdwCleaner[R1].txt [5458] O44 - LFC:[MD5.6CAA7426E0F1FA2C974ABFBF53C1939B] - 11/07/2012 - 19:26:13 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [419696] O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 11/07/2012 - 19:23:08 ---A- . (...) -- C:\Windows\win.ini [478] O44 - LFC:[MD5.0AC7E54445F7FEC27046E4FF3807CF6A] - 10/07/2012 - 20:03:19 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] O44 - LFC:[MD5.C2DC69FDA8AF0E107C6421F66B3B7C08] - 02/07/2012 - 18:06:27 ---A- . (...) -- C:\img2-001.raw [921624] ~ Scan Files in 00mn 13s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{17480f40-388c-11e1-9fb3-6c626d5b4a28}\AutoRun\command. (...) -- K:\run.bat (.not file.) O51 - MPSK:{b9c56442-2032-11e1-93b3-6c626d5b4a28}\AutoRun\command. (...) -- K:\Startme.exe (.not file.) O51 - MPSK:{cddfc161-0df4-11e1-8018-6c626d5b4a28}\AutoRun\command. (...) -- J:\autorun.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) (None) ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0 O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2 O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088] O58 - SDL:[MD5.D0D4F3CA1D3A4400E1F40F36A800CD12] - 01/05/2010 - 07:50:00 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18136] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.) O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: SearchScopes [HKCU] {28912588-0B9D-48B1-BDA5-5FFEC9C71158} - (Yahoo! Search) - Yahoo! Search - Recherche Web O69 - SBI: SearchScopes [HKCU] {5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - (AlloCine) - http://www.allocine.fr O69 - SBI: SearchScopes [HKCU] {76685F19-2182-412B-87ED-8D3C8F4A89EF} - (Wikipedia) - Wikipédia, l'encyclopédie libre O69 - SBI: SearchScopes [HKCU] {B08C0E91-95A4-42DF-9964-D043983A285A} [DefaultScope] - (Google) - Google O69 - SBI: SearchScopes [HKCU] {BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - (Dailymotion) - Dailymotion - Watch, publish, share videos ~ Scan Keys in 00mn 00s ---\\ Recherche des services démarrés par Svchost (O83) O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192] O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384] O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032] O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504] O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424] O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328] O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064] O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792] O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512] O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424] O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928] O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960] O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952] O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952] O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688] O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344] O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720] O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656] O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672] O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584] O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688] O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856] O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192] O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016] O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480] O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920] O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544] ~ Scan Services in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{CFEF55E8-8E17-4836-A151-5E8D261FAEFB}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe O87 - FAEL: "{94BC8B49-B819-48E3-8BEB-DBE3A6617C88}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe O87 - FAEL: "{9983EFFF-988E-447D-8DD8-57AB34A5ACFC}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe O87 - FAEL: "{E3C0D7B6-3E7E-4757-9DDA-85D5C7572DA9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe O87 - FAEL: "{C5C4113C-1946-4FE3-B84B-3D63B2737C56}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe O87 - FAEL: "{F17FE936-5A73-4807-B364-E9672C228585}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{6F040ED0-95D5-4915-BEC5-CB0D4B5FC043}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{64DBCDD1-B6D4-4BCD-8A2B-15F1C71E1C71}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{8EEFC00D-F0BC-41D2-9819-9F9F2535FA2F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.) O87 - FAEL: "{2CDDAF0B-576F-46C8-A515-40A82860D816}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O87 - FAEL: "{A4B0ED14-3C58-4D21-8877-B5EA7A28C72D}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe O87 - FAEL: "{AD253646-791F-4BBF-BE4C-76780556D3A5}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe O87 - FAEL: "{3A73484B-B52D-4407-82AA-5C6B69D1E5AE}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe O87 - FAEL: "{DD1AC9D9-B2F7-46D9-9CD8-4B3EED343326}" | Out - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe O87 - FAEL: "{E2E1A16C-11D1-4865-8B54-F5A0891FFAAC}" | In - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe O87 - FAEL: "{7C72CAC3-D7FF-41C3-B202-691A665CFB36}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe O87 - FAEL: "{129AA54E-463F-44B1-AEB6-48559BAA0739}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe O87 - FAEL: "{55D84BD4-7905-4BBC-8D23-02B4C8F51DC6}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe O87 - FAEL: "{3CCDB9D2-91F7-44F5-9955-4525B2FC2460}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe O87 - FAEL: "{7CDA954F-ABD3-4C43-B3A5-209874896C26}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O87 - FAEL: "{8A29C95C-AB57-45CE-BD35-580805F1FF46}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe O87 - FAEL: "{DA3D29C1-B065-4A52-9139-8E1F7EE978B0}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{8A4AF84B-B7AA-436F-85D0-EF6D58FA0761}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe ~ Scan Firewall in 00mn 00s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Demand 11/07/2012 250056 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SR - | Auto 15/07/2010 2641920 | (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe SR - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe SR - | Auto 01/10/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe SS - | Auto 17/04/2011 130008 | (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe SR - | Auto 15/05/2009 251184 | C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (NasPmService) . (.BUFFALO INC..) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe SR - | Auto 05/08/2011 1016936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 05/08/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SR - | Auto 15/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe SS - | Demand 11/11/2008 620544 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 23/01/2012 92592 | (TrkWks) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SS - | Auto 23/01/2012 92592 | (TrustedInstaller) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe SR - | Auto 01/10/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe ~ Scan Services in 00mn 04s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite ~ Scan Emulateurs in 00mn 04s End of the scan (1309 lines in 00mn 42s)(0)
- le 13 juillet 2012
- 19 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Bonjour, toujours le même pb Trojan Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\682f974f.exe ____________________________ ____________________________ Sur les ordinateurs à partir du : 13/07/2012 à 20:17:12 Dernière utilisation : 13/07/2012 à 20:17:12 Elément de démarrage : Non Lancé : Non ____________________________ ____________________________ Peu d'utilisateurs Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier. ____________________________ Elevée Ce fichier représente un risque élevé. ____________________________ Détails menace Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support. ____________________________ Origine Téléchargé à partir de URL non disponible ____________________________ Actions de fichier Fichier : c:\users\famille meyer\appdata\local\temp\682f974f.exe Bloqués ____________________________ Empreinte numérique de fichier - SHA : cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5 ____________________________ Empreinte numérique de fichier - MD5 : b8f062cf2dd72e7c4254f825ebb28a35 ____________________________
- le 13 juillet 2012
- 19 réponses
Trojan.gen

casimir2004 a répondu à un(e) sujet de casimir2004 dans Analyses et éradication malwares

Malwarebytes Anti-Malware (Essai) 1.61.0.1400 www.malwarebytes.org Version de la base de données: v2012.07.11.09 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Famille Meyer :: FAMILLEMEYER-HP [administrateur] Protection: Activé 11/07/2012 22:41:53 mbam-log-2012-07-11 (22-41-53).txt Type d'examen: Examen complet Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM Options d'examen désactivées: P2P Elément(s) analysé(s): 417379 Temps écoulé: 47 minute(s), 40 seconde(s) Processus mémoire détecté(s): 0 (Aucun élément nuisible détecté) Module(s) mémoire détecté(s): 0 (Aucun élément nuisible détecté) Clé(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Valeur(s) du Registre détectée(s): 0 (Aucun élément nuisible détecté) Elément(s) de données du Registre détecté(s): 0 (Aucun élément nuisible détecté) Dossier(s) détecté(s): 0 (Aucun élément nuisible détecté) Fichier(s) détecté(s): 1 C:\Users\Famille Meyer\Desktop\Setup.exe (PUP.Bundle.Installer.OI) -> Mis en quarantaine et supprimé avec succès. (fin)
- le 12 juillet 2012
- 19 réponses

Connexion

casimir2004

Compteur de contenus

Inscription

Dernière visite

Type de contenu

Profils

Forums

Blogs

Tout ce qui a été posté par casimir2004

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Trojan.gen

Zebulon

Outils en ligne

Naviguer