Acrobate

Bonjour Lance, POur le changement de lettre rien de grave, j'ai peut être inversé les positions dezs lecteurs amovible et il me semble que je n'avais pas mis le HDD USB 3.0 sur un port 3.0 enfin le principal est fait et je t'en remercie. Merci pour ton aide et ta patience, je suis d'accord pour tout ce que tu as inséré sur les P2P, les crack etc, normalement je ne pratique pas ce genre de choses et j'ai vu qu'il y en avait qui dataient de 2007 et que j'ai rapatrié sur le nouveau pc mais aussi pour un certain nombre de log il est vrai que ça m'arrangeait de les avoir pour bosser à la maison ce que je n'avais pas bien intégré et ils viennnent de collègues mais bon le log de P2P est dégagé et n'ai plus besoin de rien niveau log en général j'achète enfin personne (particulier)ne peut acheter CATIA non plus (logiciel Dassault) et ayant bossé dessus pas mal d'année il me sert pour la conception 3D mais les autres le vais les acquérir par la voie normale comme j'ai tjs fait ! J'ai ajouté résolu, je vais maintenant effectuer les dernières opérations et aller faire un tour dans la section optimisation, mon vieux pc va passer au formatage car il est tjs compé"titif mais trop de partitions dont une de récup qui ne sert plus ! POur celui ci je te remercie encore, tous les cracck sont virés et je vais mettre un pass dessus que je le retrouve propre quand je pars plusieurs jours mais je pernse que là c'est moi qui avait infecté ce pc via le transfert de vieilles données de l'ancien pc et ce que j'ai ramené du taf (une certaine creative suite que tu as pu déceler). Bonne journée et encore merci pour ton aide et surtout d'avoir accepté de reprendre le dossier que j'avais laissé traîné en longueur n'étant pas là ! Cordialement, Hervé

Oh dsl oui pour les couleur, un bug ^^ Bon alors, mon à changé de lettre de I:/ il est devenu j:/, pkoi ? ce qui fait que certain dossier n'ont pu être viré par OTL mais, sur ce disque il y avait de vieux docs et cochoneries que j'ai nettoyées et ce que OTL n'a putrouver je l'ai enlevé à la main pour ceux qui étaient visibles et pour un qui ne l'était pas j'ai changé la lettre et ai repassé OTL. Ci joint, 1 un screen de la poubelle où je n'avais gardé que les choses qu'OTL n'a pas trouvé. POubelle vidée depuis 2 . Txt le 1er où je n'ai touché à rien et où j'ai remarqué que le HDD était passé en J: 3 un .txt où je change la lettre dans une ligne car cochonnerie n'était pas visible...... Je sais un peu brouillon tout ça mais la plupart des docs reprises du vieux pc et des récup du boulot (surtout les crack) sont virés !! J'accuse le grand mais c'est moi qui a bien pourri la machine quand j'ai ramené ces logiciels Hum !!!!!! Comme quoi Les not found sur C: là je ne capte pas ???? (sur la première passe de OTL) J'ai toujours des micro coupures (on dira ça) du navigateur et idem fait un courrier word que ce soit logiciel ou navigateur ça décroche au bout de quelques secondes puis je dois recliquer dans la fenêtre pour continuer d'écrire... 1 => Lien CJoint.com AKDqKA5Q1sX 2 => Lien CJoint.com AKDqK59oHf1 3 => Lien CJoint.com AKDqOg3gTvS

Bonsoir Lance BOn ben j'ai re scanné 6H40 mais pas de log, je te mets 2 lien de ce que j'ai [/b] Lien CJoint.com AKCv7BpsaF7 Lien CJoint.com AKCv73LlwH4 LA PAGE ie de scan est toujours ouverte et j'ai quand même la liste des fichiers je ne ferme pas pour le moment !! J'ai recherché manuellement log.txt je ne trouve pas je passe quand même la correction OLT dans la soirée et je poste le rapport. ====================================== ici ce que j'ai copié de ESET : http://cjoint.com/?AKCwjfpnYL9 ====================================== arghhh j'ai passé OLT, il a redémarré le pc j'ai perdu la page ie avec le scan eset pas grave rapport OLT : User: Administrator User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 56475 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Hervé ->Temp folder emptied: 6285729 bytes ->Temporary Internet Files folder emptied: 739538016 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 188242511 bytes ->Google Chrome cache emptied: 6184421 bytes ->Flash cache emptied: 67063 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 151676959 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50540 bytes RecycleBin emptied: 6530987 bytes Total Files Cleaned = 1 048,00 mb [EMPTYFLASH] User: Administrator User: All Users User: Default ->Flash cache emptied: 0 bytes User: Default User ->Flash cache emptied: 0 bytes User: Hervé ->Flash cache emptied: 0 bytes User: Public Total Flash Files Cleaned = 0,00 mb C:\Windows\System32\drivers\etc\Hosts moved successfully. HOSTS file reset successfully OTL by OldTimer - Version 3.2.31.0 log created on 11282011_221222 Files\Folders moved on Reboot... C:\Users\Hervé\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Hervé\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully. C:\Users\Hervé\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully. Registry entries deleted on Reboot... Bonne soirée à toi HH PS : "Edit" Mardi 29, passage de Malwerebytes Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8267 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 2011-11-29 09:52:32 mbam-log-2011-11-29 (09-52-32).txt Type d'examen: Examen complet (C:\|E:\|F:\|H:\|) Elément(s) analysé(s): 566883 Temps écoulé: 23 minute(s), 27 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 2 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): c:\ZHP\quarantine\PCtuto.DIR\updatepctuto\autoupdater.exe (Trojan.Eorezo) -> Quarantined and deleted successfully. h:\program files\macromedia mx crack valide\macromedia studio 8\macromedia.fireworks.mx.2004.7.0.crack-rev.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

Bonjour Lance, Oh oui cela a duré longtemps le scan en ligne et j'ai branché en plus un Hdd de 1To plus une lé usb de 32 Go mais idem des cochonneries dedans il en a trouvé pas mal mais l'opération éxécuter et %programfiles(x86)%\ESET\ESET Online Scanner\log.txt ne fonctionne pas je ne trouve pas le rapport ?? Une fenêtre dit que Windows ne trouve pas le chemin .. jusqu'au .txt j'ai fouillé ne le vois pas ! Autre chose de bizarre, lorsque je regarde une vidéo sur WMP en plein écran au bout de 20 seconde à peine il quitte de lui même le plein écran ? Toutefois j'ai passé OLT, voici les rapports. OLT.Txt Lien CJoint.com AKCg7sJXI9W Extra.Txt Lien CJoint.com AKChaC00Fbb Bon début de semaine à toi et merci pour ton aide on tpas mal de cochonneries dommage que je ne trouve pas le rapport créé, ça ne fonctionne pas (ESET) !! HH

wow clair ai vu ça mais c'est fait le basicscan était dans le et fonctionnalité et l'autre non j'ai désinstallé le pc a redémarré . Des changements, Hum pour le moment tout va bien, j'avais des micro coupure quand j'écrivais en fait même sans écrirela fénêtre mozilla passait qq seconde, enfin c'était furtif, active et se désactivait et qd je me retrouvais avec des mots à moitié ou carrément il me fallait recliquer dans la fenêtre pour continuer d'écrire, là sur ce message appraremment pas de phénomène qui se crée ..... A si ça le refait !!!!!! la fenêtre passe tranparente comme qd admettons je suis en fenêtre restreinte et clique sur le bureau et durant ce temps je perds le contrôle et ça revient ??????? Merci Lance pour ta rapidité et ton aide c'est dingue je mets un pass sur ma machine now !!!!!!! mdrrrrrrr champs de mine ouille et moi qui pensais solliciter ton aide pour le pc de Madame oupssss mais bon elle ne voudra pas poster elle même pc elle ne s'en sert que pour créer des vidéo pour youtube et là chez elle c'est 43 feu folets qui ont accès et son pc de ce que j'ai vu infecté gravement plus que moi je pense ^^ pas malin tu me dira mais nous allons mettre des mots de passe, fini tout ça !!

RE Lance, Voici les 3 rapports demandés, ZHPFixReport Rapport de ZHPFix 1.12.3366 par Nicolas Coolman, Update du 26/10/2011 Fichier d'export Registre : Run by Hervé at 2011-11-27 12:07:47 Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Web site : ZHPFix Fix de rapport ========== Logiciel(s) ========== ABSENT Software Key: PokerStars.fr ========== Clé(s) du Registre ========== SUPPRIME Key: HKCU\Software\PCTUTO ABSENT Key: HKLM\Software\Babylon ABSENT Key: HKLM\Software\PCTuto SUPPRIME Key**: StartupReg: MediaGet2 SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9} SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B} SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB} SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1} ABSENT Key: HKCU\Software\PCTuto SUPPRIME Key: HKLM\Software\WOW6432Node\PCTuto SUPPRIME CLSID MPSK: {e0ffad69-0acc-11e1-b05a-1c6f65c06866} SUPPRIME Key**: StartupReg: Mega Manager SUPPRIME Key: HKCU\Software\Conduit ABSENT Key: HKLM\Software\Conduit ========== Valeur(s) du Registre ========== SUPPRIME TCP Query User{71F73550-0C69-4AC9-B50F-0FCDBA67B177}C:/users/hervé/appdata/local/mediaget2/mediaget.exe SUPPRIME UDP Query User{8BCF1AC4-F1C2-4D0A-8DCD-7F23C4F02258}C:/users/hervé/appdata/local/mediaget2/mediaget.exe SUPPRIME TCP Query User{BC820EF3-0192-4D06-B725-2462F9CC2BCB}C:/users/hervé/appdata/local/mediaget2/mediaget.exe SUPPRIME UDP Query User{D04428CA-739E-4142-93E0-232F12F10611}C:/users/hervé/appdata/local/mediaget2/mediaget.exe SUPPRIME RunValue: AdobeBridge SUPPRIME RunValue: PCTuto ABSENT RunValue: AdobeBridge SUPPRIME {5007BCF8-4926-4FD8-9356-D2EE528EEFA1} SUPPRIME {4AE54B63-EE34-4AB2-8D30-1D4614E41269} SUPPRIME {3BF3E757-BC9F-46DB-8DF2-A037AB1F9AD9} SUPPRIME {04406FB8-2AD4-478A-954A-BF5452064EA7} SUPPRIME {1888ACC9-C9DA-4816-9F12-82F0829D74D9} SUPPRIME {1E5ECF32-5F54-4CCE-B733-D8B9180916E2} SUPPRIME {37A78D22-5F6B-43C0-9895-9D265CFC8B9C} SUPPRIME {B0D2F68C-643D-471A-9DD7-C8A01F59DB49} SUPPRIME {55A399F8-4F5F-499B-BDA6-5E924F0EEF0E} SUPPRIME {CD4C1552-32CA-4115-84E1-C4396E65A0A8} SUPPRIME {E942F3FD-BD64-4211-A3AB-45AFB1C44946} SUPPRIME {4B32C787-1E99-4278-A12E-A9F819133104} SUPPRIME {F554C2D5-3E98-4107-AEFC-78FDBD3AF4E3} SUPPRIME {A14BEBFE-1154-4D8C-B804-7F83D9C353E4} SUPPRIME TCP Query User{0E41019B-86C3-4A3F-94D3-05D807E8A519}C:/program files (x86)/vuze/azureus.exe SUPPRIME UDP Query User{7A18DB04-0737-4E85-891A-190D442CDCAF}C:/program files (x86)/vuze/azureus.exe SUPPRIME MWPS Value: EnableUIADesktopToggle SUPPRIME MWPS Value: FilterAdministratorToken SUPPRIME MWPE Value: NoActiveDesktop SUPPRIME MWPE Value: NoActiveDesktopChanges SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc} ========== Elément(s) de donnée du Registre ========== REMPLACE Value NoActiveDesktopChanges : Good (0) - Bad (1) SUPPRIME R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy ========== Préférences navigateur ========== PRESENT Chrome File: C:\Users\Hervé\AppData\Local\Google\Chrome\User Data\Default\Preferences ABSENT Chrome Site: None SUPPRIME Mozilla Pref: user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q="); ========== Dossier(s) ========== SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\extensions\[email protected] SUPPRIME Folder: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 SUPPRIME Folder: C:\ProgramData\Babylon SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Babylon SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\OpenCandy SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\PCtuto SUPPRIME Folder: C:\Users\Hervé\AppData\Local\Babylon SUPPRIME Folder: C:\ProgramData\regid.1986-12.com.adobe SUPPRIME Folder: C:\Users\Hervé\AppData\Local\CutePDF Writer SUPPRIME Folder: C:\Users\Hervé\AppData\Local\PokerStars.FR SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{00C6E1EE-7F12-4A1B-836A-09425AB56AC2} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{02CDDC35-2C18-4685-AFEB-EA128D69A99F} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{02D1880F-6D24-4757-BDC2-C7AA634A94F4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{06AE5117-6586-4180-8ED3-AF013339006B} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{080536D1-B102-4B5E-A3E5-4BF390433076} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0AEF8F1A-4E15-4E60-836D-C93151DD47FE} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0B7F197F-53A4-4A18-89E4-7EA606E2393E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0BE27EF7-0A6F-4EC2-A1DA-19114F666AC0} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0F8319AD-DE52-4B88-8D7D-3B66ABF5256E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1091C29D-5839-425B-B6D4-9F86FE8B562E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{114BFA07-5974-4ED6-800E-20E64805F2FA} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{138D6D6E-8D2B-4C3D-A03F-388FA37BB539} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{15311EA5-ED00-4EEC-8B83-9A636131737E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{175A740A-FA64-4A65-812D-EDCB2A8CB20E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1934FCB2-1DFD-442A-A555-4EF6B3A876CB} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1AE4167C-5E09-4BF2-8A33-A8C4163CD428} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1BEFBF98-5975-4999-B53A-B3D812B41EE2} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1CE6C590-897E-4544-BAE9-3AC266BD3B64} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{208B357A-2BB0-4ECA-922C-FA2C51671BDF} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{22BB70D5-4F07-4A6E-99C5-678D5D24344B} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2531770D-54D2-41E0-B24C-35C4FC1FAB9C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{26A9CF44-FAC1-49A8-86DF-54A2649C7C7D} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2A8A30F3-7A71-418B-9549-8B771625F31C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2CB132CC-6617-456A-8FB1-EB6336B9840A} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2D0CDD26-DFBB-4EC6-AC98-46F855D594E6} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2E2F4A09-79C3-42E1-9B41-2B5082C28671} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3028B61B-F5C8-4691-B373-081E2966AE32} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{30AA4B2F-481E-45F2-A318-BB8BC7B4E180} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{321CF00B-E85B-4EDE-BABB-640D8B9F9724} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{32F7668A-3985-44E0-8726-99E5540611BB} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{337BF2F3-70E9-41EE-B9FC-933EAE0FB634} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{34696E30-3A52-491E-B636-9525078E889F} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{34917689-FECA-4018-927B-C60B2982577D} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{38B03F42-9731-46A5-BF4C-EFF17A6CB3E0} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3A5B7AD6-F3A9-4019-BACC-A4648AFFF14F} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3CD3CEFF-22B7-4331-B14A-1AF4377C10E1} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{44CCCFC9-1D9C-4309-8BC5-0D235F1409D8} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4A85147F-6E6D-4410-86A9-4AB169D37911} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4B59F768-B4DA-4A38-ADDC-F734FB5E1F19} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4EE9E830-E44B-4568-A135-F30A1D3D5C04} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{506E35F8-BEB6-40B3-B4E9-E951265DCFEC} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{51439CE7-D7B3-4B14-8354-9344F61D8F49} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{526C8C8B-0640-4ABE-BF11-8EC60C353554} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{526CF8F9-AB33-4C0B-A0C8-C7EBBECDB6C7} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{58A41A2F-3F90-4E3E-8378-F41A6362FA79} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{5DA34096-EABB-45C1-A90B-5FB397F31F87} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{5F8B8DED-80FF-4917-B693-705A09594FD3} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{62DC2BBE-EC45-47CA-B2A1-62F4B05B573B} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{6C7F6D01-F4FC-4647-988C-E4DEB0F25913} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{72A7065B-8420-4123-9F64-57C6D9C62CD4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{72C57EA1-FE36-45E0-A2D1-675C553D5580} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{73EB9416-C1CE-4BFA-9955-9513B5477699} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{74C90F02-F7D0-4E06-B637-E445CAF36D06} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7521D90B-5587-4D8C-ABDB-0085989A54A4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{753B033E-7B44-4388-821B-35C9A1E88451} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7807ADC6-729B-4E34-8F83-900924F9006E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78530A86-BAF6-41FB-BC41-C68B384B7F5B} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78955A57-E87D-48DF-A2D2-39645DACBA89} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78EA1059-B90A-42CB-81FD-A5B472C75949} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78F56C8F-A2ED-405A-A074-C67073F17289} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7912EDB7-44E3-4566-8FEF-4505029C6FAD} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7D7D0664-385B-4C08-AA40-2395620CD076} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{81E640F7-668F-40A9-B443-E4D3779705AC} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8486F76A-DC91-42D8-94FC-E5DAF69C163F} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{86F28ACC-CC36-427F-A260-E97806A1C9BB} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{881ED1AD-65AA-47B0-9791-2530D7ABADAF} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8ACDE25E-21AE-4A2E-9750-F5FED095E5A5} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8BDB10D7-466E-480D-A67E-0396D2913E1B} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8CD7D08E-2CD7-4BCF-A78C-BCD90FA357BD} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{914EDD28-0687-4D51-B36A-5454BA9F81A2} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{919DB16E-BFC0-4EF8-BF24-31F8F18E8C3A} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{965A2E33-076F-4786-9D6C-A0A95BF39B82} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9670D023-A6C6-47A9-BE8A-EAA22CD690D6} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{97C252B9-498B-4D59-AB92-93F85EE0E324} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{99BABE23-9745-4CB1-8385-250BAE420CD9} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9ACDDE21-46F8-4139-BD6E-4596E75F2EFD} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9B9C7BE1-F1C5-4F1F-A4B7-CDFD031F2DCD} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{A87877DA-3A14-4223-8808-4B23155BAF41} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{AA85243A-B29A-4CBA-88DA-BDB09B71E293} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{AD0E8C74-4AFF-41B6-89CC-60281F850083} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B0F5E5E5-326B-4910-AA06-0E3A35067E6E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B177A1CC-DE7F-4602-B2D2-E7F1001F4ADF} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B41BFF44-EE11-4136-8F01-172686131269} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B5CAFB59-7E38-4998-B419-C1D16E8AA50C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B7EED034-5993-45F1-A4FF-2D6C613F59EB} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{BBD8A34E-54B5-4333-945E-3D0AB1B4BC33} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{BDCB8339-FA3C-49D3-AEBB-1256B5B689E4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C2DA10AF-3139-4E74-AB53-C7B6AF166819} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C2DE88E7-CA03-4F92-9D7B-454A8FEBEABA} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C35A66A5-98D1-42D9-AA9E-C99788B0E6A6} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C372D854-FE61-4E0F-90AF-E604F06B4F8D} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C7A189CF-4A45-4C5D-8A26-3413601A74DD} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CA6639DF-EC7B-467E-A45C-8256A05C3C81} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CA86A84E-2062-44DB-92DF-CDBC720038B0} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CEEEE8CB-FC4E-46C6-83CC-390A605C6DA2} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CF0FFDA6-0564-48FD-A3C5-5178F2BF8D1F} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CFD6336A-1813-4AEA-B644-42DE05BC5FF1} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D160B31E-67E5-49EB-B51D-01BD86EFC9D9} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D421163D-A9D4-4348-B18E-F84096C3BB94} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D42FA5EC-ED50-45F2-9A34-3E51D7BD49F4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D44B1131-78AE-404B-A4F3-4775EF6FC79C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D48EB198-3D95-42EA-9D8E-018D0AF2B96E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D55A98E9-A37C-4BDB-81E1-BBE0826FE6CB} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D59221BC-AA64-4125-9788-A668ACE11BF3} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D6293C27-C29C-410C-8537-CAAE68FF75B9} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D87F46DD-665D-476A-8E41-F08D7BF7A0AE} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DA22390D-535A-4AFD-95BA-475A49BB02E4} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DDE402D3-77E3-4016-AE52-B81ACDE30CC9} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DE426265-5B1A-4F8F-815F-6780FD23A035} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DEDC5717-27A6-4C77-B568-17BB0FC6E448} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E0F412BB-286E-42A5-9AB1-907248897054} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E6F610BB-4F46-47C3-A741-5CD9D1188D19} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E7C6A7B2-1B5A-46FD-8694-B8D2CEE80D1C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E8B0284E-F6E1-4AC9-8482-E18F07CD494E} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E9446A2C-53AC-4F76-BB3A-D332044FCB00} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EA579AD7-7833-417B-8BDA-D6ED170D6713} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EBCEBEDB-09C9-4941-B723-0D98D2626463} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EC8BD2CB-78C4-4C85-8ADE-3A49748FB6A5} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F08BF85D-F251-4666-AECA-B31BA4F3338C} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F20CC8A2-F19D-47A9-99F6-8B22E2EAC7A8} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F21CD5E0-401A-420B-8DE7-061119E0B133} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F24C3569-221D-44F8-8644-C2513D6F79C8} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F6225E5D-F011-4410-B84F-998ABA4AAF14} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FB4DDB94-BCFE-4890-A92D-E8FFD5FF887D} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FD440CCA-6FA6-4B3C-B5CD-DF246A7C713D} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FD511DA3-4602-4D99-A0F6-EC44D2DA10CE} SUPPRIME Folder: C:\Program Files (x86)\PokerStars.FR SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Azureus SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} SUPPRIME Folder: C:\Users\Hervé\AppData\Local\Conduit SUPPRIME Folder: c:\users\hervé\appdata\locallow\conduit SUPPRIME Temporaires Windows: : 426 SUPPRIME Flash Cookies: 144 ========== Fichier(s) ========== ABSENT File: c:\users\hervé\appdata\local\mediaget2\mediaget.exe ABSENT Folder/File: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65 ABSENT Folder/File: c:\programdata\babylon ABSENT Folder/File: c:\users\hervé\appdata\roaming\babylon ABSENT Folder/File: c:\users\hervé\appdata\roaming\opencandy ABSENT Folder/File: c:\users\hervé\appdata\roaming\pctuto ABSENT Folder/File: c:\users\hervé\appdata\local\babylon ABSENT Folder/File: c:\users\hervé\appdata\roaming\mozilla\firefox\profiles\c96ns2wb.default\extensions\[email protected] ABSENT Folder/File: c:\users\hervé\appdata\roaming\mozilla\firefox\profiles\c96ns2wb.default\user.js (.not file.) SUPPRIME File: c:\users\hervé\appdata\roaming\microsoft\internet explorer\quick launch\pokerstars.fr.lnk SUPPRIME File: c:\program files (x86)\pokerstars.fr\pokerstarsupdate.exe ABSENT File: f:\megamanager.exe ABSENT Folder/File: c:\users\hervé\appdata\local\conduit SUPPRIME Temporaires Windows: : 526 SUPPRIME Flash Cookies: 90 ========== Tache planifiée ========== SUPPRIME Task: RunAsStdUser Task ========== Récapitulatif ========== 15 : Clé(s) du Registre 28 : Valeur(s) du Registre 2 : Elément(s) de donnée du Registre 143 : Dossier(s) 15 : Fichier(s) 1 : Logiciel(s) 3 : Préférences navigateur 1 : Tache planifiée End of clean in 00mn 13s ========== Chemin de fichier rapport ========== C:\ZHP\ZHPFix[R1].txt - 2011-11-27 12:07:47 [16901] ======================================================= Malwarebytes Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Version de la base de données: 8251 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 2011-11-27 12:22:07 mbam-log-2011-11-27 (12-22-07).txt Type d'examen: Examen rapide Elément(s) analysé(s): 180321 Temps écoulé: 1 minute(s), 5 seconde(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 3 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 3 Fichier(s) infecté(s): 7 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BasicScan Service (Adware.Agent.ZGen) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\BrightBreeze (Adware.HotBar.BB) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): c:\program files (x86)\brightbreeze\bin (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\program files (x86)\brightbreeze\bin\2.0.12.0 (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\programdata\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully. Fichier(s) infecté(s): c:\program files (x86)\basicscan\basicscan.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully. c:\program files (x86)\brightbreeze\bin\2.0.12.0\brightbreezesacb.exe (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\program files (x86)\brightbreeze\bin\2.0.12.0\brightbreezesahook.dll (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\program files (x86)\brightbreeze\bin\2.0.12.0\copyright.txt (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\programdata\brightbreezesa\brightbreezesa.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\programdata\brightbreezesa\brightbreezesaau_update.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully. c:\programdata\brightbreezesa\brightbreezesa_kyf_update.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully. ===================================== SecurityCheck Results of screen317's Security Check version 0.99.28 Windows 7 x64 (UAC is enabled) Internet Explorer 9 `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware Java 6 Update 29 Adobe Flash Player 11.0.1.152 Adobe Reader X (10.1.1) Mozilla Firefox (7.0.1) Firefox out of Date! ```````````````````````````````` Process Check: objlist.exe by Laurent Windows Defender MSMpEng.exe Malwarebytes' Anti-Malware mbamgui.exe Microsoft Security Essentials msseces.exe Microsoft Security Client Antimalware MsMpEng.exe Microsoft Security Client Antimalware NisSrv.exe ``````````End of Log````````````

Re Lance, Je ne sais ce qu'il se passe avec ci-joint mais je n'arrive pas à l'ouvrir page blanche J'ai refais un ZHPDIAG je le colle ici entier (Désolé) car je ne sais quoi copier pour le FIX En espérant que tu pourras supprimer ce post car il risque 'être long d'où je pense l'utilisation de cijoint !! Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011 Run by Hervé at 2011-11-27 10:55:53 Web site : ZHPDiag Outil de diagnostic State : Nouvelle version disponible ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 5.0.1 v5.0.1 (Defaut) MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_COA_NSLP channel Windows ID Activation : OK ~ Windows Partial Key : QG8XD Windows License : OK ~ Windows Remaining Initializations Number : 2 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 8188 MB (78% free) System Restore: Activé (Enable) System drive C: has 6 GB (9%) free of 60 GB ---\\ Logged in mode ~ Computer Name: AVALANCHE ~ User Name: Hervé ~ All Users Names: HomeGroupUser$, Hervé, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82,O89 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Hervé\AppData\Roaming\ ~ %Desktop% : C:\Users\Hervé\Desktop\ ~ %Favorites% : C:\Users\Hervé\Favorites\ ~ %LocalAppData% : C:\Users\Hervé\AppData\Local\ ~ %StartMenu% : C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 60 Go) D:\ CD-ROM drive (Not Inserted) E:\ Hard drive, Flash drive, Thumb drive (Free 55 Go of 60 Go) F:\ Hard drive, Flash drive, Thumb drive (Free 412 Go of 440 Go) G:\ CD-ROM drive (Not Inserted) H:\ Hard drive, Flash drive, Thumb drive (Free 188 Go of 432 Go) J:\ Floppy drive, Flash card reader, USB Key (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-05-30 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.2009-07-14 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-14 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.271E8FB1354AA205A214F280A6766E30] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2011-10-25 - 06:17:57.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2010-11-21 - 04:24:29.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-21 - 04:24:16.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.2010-11-21 - 07:18:22.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] [MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-07-12 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-14 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-14 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160] [MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-21 - 04:23:47.) -- C:\Windows\system32\drivers\Cdrom.sys [147456] [MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-21 - 04:24:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400] [MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-21 - 04:23:47.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368] [MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-14 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472] [MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-14 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224] [MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-07-12 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208] [MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-21 - 04:23:51.) -- C:\Windows\system32\drivers\netBT.sys [261632] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2011-07-22 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-14 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280] [MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-21 - 04:24:33.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536] [MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-14 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184] [MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-21 - 04:24:32.) -- C:\Windows\system32\drivers\tdx.sys [119296] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) Mes images (My Pictures) : 2/2 (Modified) ~ Mes musiques (My Musics) : 21/26 Mes Videos (My Videos) : 2/2 (Modified) ~ Mes Favoris (My Favorites) : 9/73 ~ Mes Documents (My Documents) : 4/964 ~ Mon Bureau (My Desktop) : 1/124 ~ Menu demarrer (Programs) : 7/32 ~ Scan Hidden Files in 00mn 00s ---\\ Processus lancés [MD5.AE797B72D85E87D403FC11135507922C] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288] [PID.2996] [MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.1828] [MD5.F4D0446BA874917354801F210E66F545] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.2972] [MD5.2DB55B5ED8E8CD26597FDA3455535B4B] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [408936] [PID.2884] [MD5.4CB4054659ABEEEF925B153E2290E634] - (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe [924632] [PID.2928] [MD5.FD67E2C52F62995C3CF1D6D720EEB66F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- F:\Firefox\plugin-container.exe [16856] [PID.848] [MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- F:\ZHPDiag\ZHPDiag.exe [696320] [PID.4088] [MD5.10DBAA1703253FB511D0F5C5F6064B00] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [77824] [PID.] [MD5.65DF135CBD6B061309D95B570B27FD10] - (.Xobni Corporation - XobniService.) -- C:\Program Files (x86)\Xobni\XobniService.exe [62184] [PID.] ~ Scan Processes Running in 00mn 00s ---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2) C:\Users\Hervé\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [user Data\Default] None G0 - GCSP: Preference [user Data\Default][HomePage] Google ~ Scan Google Browser in 00mn 00s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\prefs.js C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\user.js (.not file.) M3 - MFPP: Plugins - [Hervé] -- C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\searchplugins\recherche-de-vidos-youtube.xml M0 - MFSP: prefs.js [Hervé - c96ns2wb.default] http://www.youtube.com M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\[email protected]] [] Babylon v1.1.9 (.Babylon.) M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.8.0.8 (.Conduit Ltd..) P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll P2 - FPN: [HKCU] [@megamedia/Megakey] - (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\npMegaPlugin.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Navigateur incompatible | Facebook R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (...) (No version) -- (.not file.) R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Le fichier hosts est sain (The hosts file is clean). ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: MegaIeHelperBHO [64Bits] - {77F4E711-789B-447F-9614-96759B2F83C6} . (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\x64\MegaIeHelper64.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems, Inc. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHT O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: MegaIeHelperBHO [64Bits] - {77F4E711-789B-447F-9614-96759B2F83C6} . (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\ O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: MegaIEMn [64Bits] - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (...) -- F:\MegaIEMn.dll (.not file.) O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe O4 - HKLM\..\Wow6432Node\Run: [PCTuto] Clé orpheline O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Wow6432Node\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- F:\SessionManager\SessionManager.exe O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [AdobeBridge] Clé orpheline O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: Capture Web Page . (...) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\CaptureWebPage.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~4\Office12\EXCEL.exe O8 - Extra context menu item: Fetch to Megaupload . (...) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegaUpload.htm ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS2\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O23 - Service: XobniService (XobniService) . (.Xobni Corporation - XobniService.) - C:\Program Files (x86)\Xobni\XobniService.exe O23 - Service: Power Control [2011/05/30 11:12:12] ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ BootExecute (O34) O34 - HKLM BootExecute: (autocheck autochk *) - File not found ~ Scan Keys in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.65EAF980F512358AD72005B0016A2E15] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files (x86)\BrightBreeze\bin\2.0.12.0\BrightBreezeSA.exe (.not file.) [MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe ~ Scan Scheduled Task in 00mn 00s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM] -- {23170F69-40C1-2702-0920-000001000000} O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {503F672D-6C84-448A-8F8F-4BC35AC83441} O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {4A35302C-A6D3-DDE5-38BA-55E7BABA9670} O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM] -- {E33AC780-456C-6295-E0F3-10A8D39A09FB} O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {C5823264-8DFC-6E63-9D69-A35B1A98B537} O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FE23D063-934D-4829-A0D8-00634CE79B4A} O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- {3521BDBD-D453-5D9F-AA55-44B75D214629} O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {1BBD8D70-721A-41AD-AC8F-7308A0C8FA92} O42 - Logiciel: Adobe Creative Suite 5.5 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {D57FC112-312E-4D70-860F-2DB8FB6858F0} O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.downloadassistant.AdobeDownloadAssistant O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- {DC0C5A78-6DBF-3444-0120-0FE8F0134FCD} O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {6E9EF98E-259E-416D-B5F8-0ABDB99942CE} O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {BC41C09D-FAA9-4346-9FE6-1E0017BC551A} O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001} O42 - Logiciel: Aeon - (.SoundSpectrum.) [HKLM] -- Aeon O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654} O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {75104836-CAC7-444E-A39E-3F54151942F5} O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE} O42 - Logiciel: Architecte 3D Platinium - (.Avanquest software.) [HKLM] -- {A552CCF8-51D3-49D9-AD30-A939626F2299} O42 - Logiciel: BOINC - (.Space Sciences Laboratory, U.C. Berkeley.) [HKLM] -- {23006768-D97B-4225-B12B-7EC4A25D275C} O42 - Logiciel: BasicScan 1.0 build 115 - (.Pas de propriétaire.) [HKLM] -- BasicScan O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D} O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62} O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6} O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3} O42 - Logiciel: CutePDF Writer 2.8 - (.Pas de propriétaire.) [HKLM] -- CutePDF Writer Installation O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79} O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384} O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE} O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1} O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3} O42 - Logiciel: D-Link AirPlus - (.Pas de propriétaire.) [HKLM] -- {CDC74FE6-5224-11D6-B27F-00E0181A6FA8} O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF} O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: Dassault Systemes Software B14 - (.Pas de propriétaire.) [HKLM] -- Dassault Systemes B14_0 O42 - Logiciel: DealScout for FireFox - (.Pinball Corp..) [HKLM] -- DealScout O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA} O42 - Logiciel: G-Force - (.SoundSpectrum.) [HKLM] -- G-Force O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1 O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C} O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2} O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {6994491D-D491-48F1-AE1F-E179C1FFFC2F} O42 - Logiciel: HyperLobby client - (.Jiri Fojtasek.) [HKLM] -- {333F3B34-0374-4B2C-9A23-EA6294D82772} O42 - Logiciel: IL-2 Sturmovik 1946 - (.Nom de votre societe.) [HKLM] -- InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605} O42 - Logiciel: IL-2 Sturmovik: Cliffs of Dover - (.1C: Maddox Games.) [HKLM] -- Steam App 63950 O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424} O42 - Logiciel: Iomega Home Storage Manager - (.Iomega Corporation an EMC Company.) [HKLM] -- {C08E4323-261D-4B2F-8F24-CDB26E2AA081} O42 - Logiciel: Java 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF} O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4} O42 - Logiciel: K-Lite Codec Pack 6.9.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1 O42 - Logiciel: LG Tool Kit - (.Pas de propriétaire.) [HKLM] -- {6179550A-3E7C-499E-BCC9-9E8113E0A285} O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F} O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9} O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71} O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC} O42 - Logiciel: Macromedia Fireworks MX - (.Macromedia.) [HKLM] -- {930B2432-43D4-11D5-9871-00C04F8EEB39} O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2} O42 - Logiciel: Megakey - (.Megamedia Ltd..) [HKCU] -- Megakey O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E} O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5} O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_ENTERPRISE_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8} O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE} O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC} O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE} O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE} O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8} O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {42738DB0-FC3E-4672-A99B-9372F5696E30} O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07} O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2} O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475} O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F} O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E} O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E} O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25} O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55} O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C} O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1} O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7} O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45} O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57} O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3} O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C} O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593} O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403} O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Microsoft Corporation.) [HKLM] -- {DF2035BE-5820-4965-BD97-7FAF8D4A7879} O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26} O42 - Logiciel: Microsoft_VC90_MFCLOC_x86 - (.Adobe.) [HKLM] -- {B6D38690-755E-4F40-A35A-23F8BC2B86AC} O42 - Logiciel: Microsoft_VC90_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {90BF0360-A1DB-4599-A643-95AB90A52C1E} O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A} O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB} O42 - Logiciel: Mozilla Firefox 5.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0.1 (x86 fr) O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr) O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKCU] -- Mozilla Firefox 8.0 (x86 fr) O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager O42 - Logiciel: PC Wizard 2010.1.96 - (.CPUID.) [HKLM] -- PC Wizard 2010_is1 O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392} O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C} O42 - Logiciel: Philips ToUcam Pro Camera - (.Pas de propriétaire.) [HKLM] -- {EDAC90A7-D34A-47D2-A644-BE5356C5F409} O42 - Logiciel: PlayerTuto.com 2.0.3 - (.Weecast SAS.) [HKLM] -- {2B7FD473-DF96-40D4-9EE3-A427B450B1BC}_is1 O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr O42 - Logiciel: PxMergeModule - (.Your Company Name.) [HKLM] -- {024521CF-C07E-4F8E-8481-0D75695E03AF} O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C9E14402-3631-4182-B377-6B0DFB1C0339} O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996} O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- {5442DAB8-7177-49E1-8B22-09A049EA5996} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078 O42 - Logiciel: Smart Technology Programming Software 7.0.2.7 - (.Mad Catz.) [HKLM] -- {4042812A-E4A4-47D2-8953-B3930CC89539} O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F} O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F} O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3} O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client O42 - Logiciel: Trapcode Particular - (.Red Giant Software.) [HKLM] -- InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F} O42 - Logiciel: Trapcode Particular - (.Red Giant Software.) [HKLM] -- {E489BCB7-D57D-4751-AAB6-589AF66E2F7F} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228} O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F} O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1 O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {449970F2-3F03-B47F-7D4C-B0A020B96EFF} O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5} O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {CEA21F20-DBF4-464C-8B81-28B8508AFDDD} O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {E01819BD-709F-43A1-9600-6F5E4C584C37} O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698} O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917} O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {180C8888-50F1-426B-A9DC-AB83A1989C65} O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30} O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5} O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A} O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11} O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3} O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38} O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3} O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70} O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1} O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B} O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F} O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F} O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4} O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4} O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F} O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2} O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04} O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF} O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194} O42 - Logiciel: Wondershare PPT to Video 6.0.0.4 - (.Wondershare Software.) [HKLM] -- Wondershare PPT to Video_is1 O42 - Logiciel: Xobni - (.Xobni Corp..) [HKLM] -- XobniMain O42 - Logiciel: Xobni Core - (.Xobni, Inc..) [HKLM] -- {8DC069E7-893C-41E1-9442-DE89FEC33371} O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.1 O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6CFB1B20-ECAE-488F-9FFB-6AD420882E71} O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D} ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\ACE Compression Software] [HKCU\Software\ACXPROFILE] [HKCU\Software\AMD] [HKCU\Software\ATI] [HKCU\Software\Acro Software Inc] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Megamedia] [HKCU\Software\AppDataLow\Software\Microsoft] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow] [HKCU\Software\Apple Computer, Inc.] [HKCU\Software\Apple Inc.] [HKCU\Software\Avanquest] [HKCU\Software\BOINC] [HKCU\Software\CPUID] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\Conduit] [HKCU\Software\CyberLink] [HKCU\Software\DT Soft] [HKCU\Software\DivXNetworks] [HKCU\Software\DivX] [HKCU\Software\GLOBAL] [HKCU\Software\GNU] [HKCU\Software\Gabest] [HKCU\Software\Google] [HKCU\Software\Haali] [HKCU\Software\Hewlett-Packard] [HKCU\Software\IM Providers] [HKCU\Software\Imagineer Systems Ltd] [HKCU\Software\JavaSoft] [HKCU\Software\Lake] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\LogiShrd] [HKCU\Software\MONOGRAM] [HKCU\Software\Macromedia] [HKCU\Software\MainConcept] [HKCU\Software\MakeMSI] [HKCU\Software\MediaInfo] [HKCU\Software\Megamedia] [HKCU\Software\Megaupload] [HKCU\Software\MozillaPlugins] [HKCU\Software\Mozilla] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\PCTUTO] [HKCU\Software\Pinnacle Systems] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Red Giant Software] [HKCU\Software\RegisteredApplications] [HKCU\Software\Renesas Electronics] [HKCU\Software\Saitek] [HKCU\Software\Seti@Home] [HKCU\Software\Sony Corporation] [HKCU\Software\Space Sciences Laboratory, U.C. Berkeley] [HKCU\Software\SpeedFan] [HKCU\Software\Trolltech] [HKCU\Software\VB and VBA Program Settings] [HKCU\Software\VOB] [HKCU\Software\Valve] [HKCU\Software\WinRAR SFX] [HKCU\Software\WinRAR] [HKCU\Software\Wondershare] [HKCU\Software\Wow6432Node] [HKCU\Software\Xenocode] [HKCU\Software\Xobni] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\brightbreezesa] [HKCU\Software\ej-technologies] [HKCU\Software\kde.org] [HKCU\Software\madFlac] [HKLM\Software\7-Zip] [HKLM\Software\AMD] [HKLM\Software\ASUS] [HKLM\Software\ATI Technologies] [HKLM\Software\ATI] [HKLM\Software\Acro Software Inc] [HKLM\Software\Adobe] [HKLM\Software\Apple Computer, Inc.] [HKLM\Software\Apple Inc.] [HKLM\Software\Avanquest] [HKLM\Software\Babylon] [HKLM\Software\BrightBreeze] [HKLM\Software\Bunndle] [HKLM\Software\CBSTEST] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\Codec Tweak Tool] [HKLM\Software\Conduit] [HKLM\Software\CyberLink] [HKLM\Software\Cyberlink] [HKLM\Software\D-Link] [HKLM\Software\DT Soft] [HKLM\Software\DTS] [HKLM\Software\Dassault Systemes] [HKLM\Software\Debug] [HKLM\Software\DivXNetworks] [HKLM\Software\DivX] [HKLM\Software\Dolby] [HKLM\Software\FRANCE TELECOM] [HKLM\Software\GEAR Software] [HKLM\Software\GNU] [HKLM\Software\GPL Ghostscript] [HKLM\Software\Gabest] [HKLM\Software\Google] [HKLM\Software\Gradient] [HKLM\Software\HaaliMkx] [HKLM\Software\Hewlett-Packard] [HKLM\Software\IBM] [HKLM\Software\Imagineer Systems Ltd] [HKLM\Software\InstallShield] [HKLM\Software\Intel] [HKLM\Software\InterVideo] [HKLM\Software\Iomega Corp] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\KLCodecPack] [HKLM\Software\Khronos] [HKLM\Software\LG Electronics] [HKLM\Software\Lake] [HKLM\Software\Logishrd] [HKLM\Software\Macromedia] [HKLM\Software\MakeMSI] [HKLM\Software\Megamedia] [HKLM\Software\Megaupload Limited] [HKLM\Software\Megaupload] [HKLM\Software\Minnetonka Audio Software] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\ODBC] [HKLM\Software\Orange] [HKLM\Software\PCTuto] [HKLM\Software\PDR_Upgrade] [HKLM\Software\PegasusImaging] [HKLM\Software\Philips] [HKLM\Software\Pinnacle Systems] [HKLM\Software\Policies] [HKLM\Software\PowerDVD9_Upgrade] [HKLM\Software\Preview Systems] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\S3R521] [HKLM\Software\SRS Labs] [HKLM\Software\Saitek] [HKLM\Software\SmartSound Software] [HKLM\Software\SonicFocus] [HKLM\Software\Sonic] [HKLM\Software\Sony Corporation] [HKLM\Software\Space Sciences Laboratory, U.C. Berkeley] [HKLM\Software\Synthetic Aperture] [HKLM\Software\TrendMicro] [HKLM\Software\Ubi Soft] [HKLM\Software\Uniblue] [HKLM\Software\Valve] [HKLM\Software\Vid_0471] [HKLM\Software\Waves Audio] [HKLM\Software\WinRAR] [HKLM\Software\Windows] [HKLM\Software\Wondershare] [HKLM\Software\Wow6432Node] [HKLM\Software\Xobni] [HKLM\Software\Xvid Team] [HKLM\Software\ej-technologies] [HKLM\Software\magnet] [HKLM\Software\mcafeeupdater] [HKLM\Software\mozilla.org] [HKLM\Software\webtogo] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 2011-03-02 - 11:51:54 - [4588532] ----D- C:\Program Files\7-Zip O43 - CFD: 2011-11-09 - 13:57:10 - [2432885559] ----D- C:\Program Files\Adobe O43 - CFD: 2011-05-26 - 15:51:24 - [23883157] ----D- C:\Program Files\ATI O43 - CFD: 2011-09-12 - 20:10:02 - [5405340] ----D- C:\Program Files\ATI Technologies O43 - CFD: 2011-11-25 - 12:43:04 - [613967] ----D- C:\Program Files\Bonjour O43 - CFD: 2011-09-26 - 18:07:10 - [263706721] ----D- C:\Program Files\Common Files O43 - CFD: 2011-09-20 - 22:15:32 - [486145255] ----D- C:\Program Files\CyberLink O43 - CFD: 2011-09-30 - 21:10:34 - [5953856] ----D- C:\Program Files\DivX O43 - CFD: 2010-11-21 - 07:29:50 - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 2011-07-22 - 20:49:06 - [684656] ----D- C:\Program Files\Google O43 - CFD: 2011-10-25 - 19:35:58 - [6652928] ----D- C:\Program Files\Internet Explorer O43 - CFD: 2011-11-25 - 12:43:22 - [2096267] ----D- C:\Program Files\iPod O43 - CFD: 2011-11-25 - 12:43:38 - [2501704] ----D- C:\Program Files\iTunes O43 - CFD: 2010-11-21 - 07:29:46 - [149237810] ----D- C:\Program Files\Microsoft Games O43 - CFD: 2011-07-23 - 19:34:58 - [1139478] ----D- C:\Program Files\Microsoft Office O43 - CFD: 2011-07-31 - 14:30:44 - [23595127] ----D- C:\Program Files\Microsoft Security Client O43 - CFD: 2009-07-14 - 06:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 2011-05-27 - 06:26:12 - [18408880] ----D- C:\Program Files\Realtek O43 - CFD: 2009-07-14 - 06:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 2011-09-20 - 22:19:22 - [67472185] ----D- C:\Program Files\Saitek O43 - CFD: 2011-08-10 - 21:22:38 - [1177089080] ----D- C:\Program Files\Ubisoft O43 - CFD: 2009-07-14 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 2010-11-21 - 07:19:02 - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 2010-11-21 - 07:29:48 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 2011-08-09 - 07:31:20 - [7987385] ----D- C:\Program Files\Windows Live O43 - CFD: 2010-11-21 - 07:19:02 - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 2010-11-21 - 07:19:02 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 2011-07-18 - 13:18:34 - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 2010-11-21 - 07:19:02 - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 2010-11-21 - 04:31:36 - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 2010-11-21 - 07:19:02 - [7044767] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 2011-10-11 - 21:56:12 - [4524560] ----D- C:\Program Files\WinRAR O43 - CFD: 2011-11-09 - 13:57:40 - [177192284] ----D- C:\Program Files\Common Files\Adobe O43 - CFD: 2011-09-26 - 18:07:10 - [6582134] ----D- C:\Program Files\Common Files\Apple O43 - CFD: 2011-09-12 - 19:47:32 - [413448] ----D- C:\Program Files\Common Files\ATI Technologies O43 - CFD: 2011-08-09 - 07:31:12 - [66713094] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 2009-07-14 - 04:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 2009-07-14 - 04:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 2011-11-15 - 14:30:30 - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 2011-11-23 - 17:32:50 - [0] ----D- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 O43 - CFD: 2011-11-10 - 02:00:02 - [451262301] ----D- C:\ProgramData\Adobe O43 - CFD: 2011-11-09 - 13:55:36 - [0] ----D- C:\ProgramData\ALM O43 - CFD: 2011-05-27 - 06:31:16 - [3634] ----D- C:\ProgramData\AMD O43 - CFD: 2011-10-01 - 22:51:10 - [81360033] ----D- C:\ProgramData\Apple O43 - CFD: 2011-09-26 - 18:07:20 - [71308505] ----D- C:\ProgramData\Apple Computer O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 2011-09-12 - 20:11:38 - [187] ----D- C:\ProgramData\ATI O43 - CFD: 2011-08-18 - 18:24:38 - [2407] ----D- C:\ProgramData\Avanquest O43 - CFD: 2011-10-02 - 12:07:46 - [0] ----D- C:\ProgramData\Babylon O43 - CFD: 2011-11-23 - 17:35:56 - [26112] ----D- C:\ProgramData\BasicScan O43 - CFD: 2011-11-23 - 17:33:12 - [1221219] ----D- C:\ProgramData\BrightBreezeSA O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 2011-09-20 - 22:13:12 - [0] ----D- C:\ProgramData\CLSK O43 - CFD: 2011-09-20 - 22:29:36 - [1553146] ----D- C:\ProgramData\CyberLink O43 - CFD: 2011-11-09 - 13:33:32 - [1368] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 2011-10-03 - 17:42:50 - [0] ----D- C:\ProgramData\DassaultSystemes O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 2011-09-30 - 21:10:48 - [5112052] ----D- C:\ProgramData\DivX O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 2011-05-27 - 06:28:32 - [2576262] ----D- C:\ProgramData\Downloaded Installations O43 - CFD: 2011-09-20 - 22:18:00 - [360580] ----D- C:\ProgramData\eSellerate O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 2011-07-22 - 20:49:18 - [539234] ----D- C:\ProgramData\Google O43 - CFD: 2011-09-13 - 10:32:28 - [37050] ----D- C:\ProgramData\Hewlett-Packard O43 - CFD: 2011-07-22 - 21:00:00 - [81454] ----D- C:\ProgramData\McAfee O43 - CFD: 2011-10-11 - 16:15:16 - [6557674] ----D- C:\ProgramData\Megamedia O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 2011-07-23 - 19:36:50 - [695230163] -S--D- C:\ProgramData\Microsoft O43 - CFD: 2011-10-31 - 20:21:48 - [66584] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 2011-11-21 - 08:28:30 - [10909982] ----D- C:\ProgramData\Orange O43 - CFD: 2011-10-12 - 22:15:46 - [392635] ----D- C:\ProgramData\Pinnacle O43 - CFD: 2011-08-09 - 06:04:56 - [36560] ----D- C:\ProgramData\Pinnacle Studio Ultimate Collection O43 - CFD: 2011-11-09 - 14:05:58 - [6867] ----D- C:\ProgramData\regid.1986-12.com.adobe O43 - CFD: 2011-08-09 - 21:47:30 - [524282] ----D- C:\ProgramData\Saitek O43 - CFD: 2011-09-20 - 22:18:02 - [49123277] ----D- C:\ProgramData\SmartSound Software Inc O43 - CFD: 2011-08-13 - 18:05:44 - [93464] ----D- C:\ProgramData\Sony Corporation O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 2011-03-02 - 11:49:54 - [189] ----D- C:\ProgramData\Sun O43 - CFD: 2011-07-27 - 17:27:16 - [1373] ----D- C:\ProgramData\Tages O43 - CFD: 2011-09-20 - 22:20:56 - [1709867] ----D- C:\ProgramData\Temp O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 2011-07-26 - 14:35:08 - [425] ----D- C:\ProgramData\Ubisoft O43 - CFD: 2011-11-09 - 13:36:56 - [0] ----D- C:\ProgramData\Uniblue O43 - CFD: 2011-09-26 - 18:07:32 - [894865] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001} O43 - CFD: 2011-11-17 - 22:07:16 - [264285178] ----D- C:\Users\Hervé\AppData\Roaming\Adobe O43 - CFD: 2011-10-01 - 22:51:22 - [703356] ----D- C:\Users\Hervé\AppData\Roaming\Apple Computer O43 - CFD: 2011-07-18 - 13:18:56 - [0] ----D- C:\Users\Hervé\AppData\Roaming\ATI O43 - CFD: 2011-11-27 - 10:45:36 - [23551830] ----D- C:\Users\Hervé\AppData\Roaming\Azureus O43 - CFD: 2011-10-02 - 12:07:46 - [6802] ----D- C:\Users\Hervé\AppData\Roaming\Babylon O43 - CFD: 2011-11-09 - 19:01:00 - [9157516] ----D- C:\Users\Hervé\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 O43 - CFD: 2011-10-11 - 16:45:50 - [16065] ----D- C:\Users\Hervé\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant O43 - CFD: 2011-09-28 - 19:38:24 - [33808730] ----D- C:\Users\Hervé\AppData\Roaming\CyberLink O43 - CFD: 2011-11-09 - 13:38:24 - [106] ----D- C:\Users\Hervé\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 2011-10-03 - 17:42:50 - [16509] ----D- C:\Users\Hervé\AppData\Roaming\DassaultSystemes O43 - CFD: 2011-09-30 - 21:11:08 - [192512] ----D- C:\Users\Hervé\AppData\Roaming\DivX O43 - CFD: 2011-07-22 - 20:51:26 - [2378] ----D- C:\Users\Hervé\AppData\Roaming\Google O43 - CFD: 2011-11-15 - 14:20:22 - [165] ----D- C:\Users\Hervé\AppData\Roaming\gtk-2.0 O43 - CFD: 2011-08-09 - 16:23:00 - [95330] ----D- C:\Users\Hervé\AppData\Roaming\HyperLobby O43 - CFD: 2011-07-18 - 13:18:44 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Identities O43 - CFD: 2011-11-12 - 17:23:46 - [614664] ----D- C:\Users\Hervé\AppData\Roaming\Image Zone Express O43 - CFD: 2011-07-23 - 00:36:22 - [1519420] ----D- C:\Users\Hervé\AppData\Roaming\LibreOffice O43 - CFD: 2011-10-13 - 17:38:18 - [799229] ----D- C:\Users\Hervé\AppData\Roaming\Macromedia O43 - CFD: 2010-11-21 - 07:29:26 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Media Center Programs O43 - CFD: 2011-08-11 - 21:57:02 - [68] ----D- C:\Users\Hervé\AppData\Roaming\Media Player Classic O43 - CFD: 2011-10-11 - 16:15:28 - [7168] ----D- C:\Users\Hervé\AppData\Roaming\Megamedia O43 - CFD: 2011-10-11 - 16:31:44 - [454978] ----D- C:\Users\Hervé\AppData\Roaming\Megaupload O43 - CFD: 2011-11-08 - 19:53:54 - [5541239] -S--D- C:\Users\Hervé\AppData\Roaming\Microsoft O43 - CFD: 2011-08-01 - 03:13:28 - [39249567] ----D- C:\Users\Hervé\AppData\Roaming\Mozilla O43 - CFD: 2011-11-09 - 13:34:56 - [5845440] ----D- C:\Users\Hervé\AppData\Roaming\OpenCandy O43 - CFD: 2011-09-17 - 18:26:34 - [659456] ----D- C:\Users\Hervé\AppData\Roaming\PCtuto O43 - CFD: 2011-08-13 - 18:13:30 - [1442] ----D- C:\Users\Hervé\AppData\Roaming\Sony Corporation O43 - CFD: 2011-08-24 - 06:27:22 - [23445] ----D- C:\Users\Hervé\AppData\Roaming\SoundSpectrum O43 - CFD: 2011-07-26 - 14:47:20 - [180201] ----D- C:\Users\Hervé\AppData\Roaming\Ubisoft O43 - CFD: 2011-08-09 - 05:21:00 - [1992749] ----D- C:\Users\Hervé\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1 O43 - CFD: 2011-11-09 - 14:58:38 - [25891041] ----D- C:\Users\Hervé\AppData\Roaming\Weecast O43 - CFD: 2011-08-03 - 15:37:08 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Windows Live Writer O43 - CFD: 2011-10-11 - 21:58:42 - [12] ----D- C:\Users\Hervé\AppData\Roaming\WinRAR O43 - CFD: 2011-11-10 - 21:11:54 - [44831698] ----D- C:\Users\Hervé\AppData\Local\Adobe O43 - CFD: 2011-07-18 - 13:19:02 - [8] ----D- C:\Users\Hervé\AppData\Local\AMD O43 - CFD: 2011-09-20 - 22:17:04 - [0] ----D- C:\Users\Hervé\AppData\Local\Apple O43 - CFD: 2011-11-15 - 18:43:12 - [13977570] ----D- C:\Users\Hervé\AppData\Local\Apple Computer O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Application Data O43 - CFD: 2011-07-18 - 13:18:56 - [68071] ----D- C:\Users\Hervé\AppData\Local\ATI O43 - CFD: 2011-10-02 - 12:07:46 - [3700063] ----D- C:\Users\Hervé\AppData\Local\Babylon O43 - CFD: 2011-09-02 - 02:59:10 - [0] ----D- C:\Users\Hervé\AppData\Local\Conduit O43 - CFD: 2011-11-25 - 16:12:06 - [0] ----D- C:\Users\Hervé\AppData\Local\CutePDF Writer O43 - CFD: 2011-09-20 - 22:22:00 - [245424] ----D- C:\Users\Hervé\AppData\Local\Cyberlink O43 - CFD: 2011-10-03 - 18:16:30 - [37025] ----D- C:\Users\Hervé\AppData\Local\DassaultSystemes O43 - CFD: 2011-11-18 - 05:01:14 - [392483] ----D- C:\Users\Hervé\AppData\Local\Diagnostics O43 - CFD: 2011-08-09 - 06:05:14 - [10515968] ----D- C:\Users\Hervé\AppData\Local\Downloaded Installations O43 - CFD: 2011-08-08 - 19:41:06 - [115741] ----D- C:\Users\Hervé\AppData\Local\Downloader O43 - CFD: 2011-11-21 - 01:52:08 - [395064] ----D- C:\Users\Hervé\AppData\Local\ElevatedDiagnostics O43 - CFD: 2011-11-21 - 08:46:04 - [9493371] ----D- C:\Users\Hervé\AppData\Local\Google O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Historique O43 - CFD: 2011-10-11 - 16:15:14 - [14292394] ----D- C:\Users\Hervé\AppData\Local\Megamedia O43 - CFD: 2011-11-02 - 20:27:44 - [1365905411] ----D- C:\Users\Hervé\AppData\Local\Microsoft O43 - CFD: 2011-07-26 - 03:16:32 - [355213] ----D- C:\Users\Hervé\AppData\Local\Microsoft Games O43 - CFD: 2011-11-08 - 19:53:54 - [106180] ----D- C:\Users\Hervé\AppData\Local\Microsoft Help O43 - CFD: 2011-08-01 - 03:13:16 - [162359548] ----D- C:\Users\Hervé\AppData\Local\Mozilla O43 - CFD: 2011-11-21 - 08:25:22 - [141] ----D- C:\Users\Hervé\AppData\Local\Orange O43 - CFD: 2011-08-17 - 16:09:30 - [65537662] ----D- C:\Users\Hervé\AppData\Local\Pinnacle O43 - CFD: 2011-11-25 - 01:24:14 - [890043] ----D- C:\Users\Hervé\AppData\Local\PokerStars.FR O43 - CFD: 2011-08-24 - 06:27:22 - [0] ----D- C:\Users\Hervé\AppData\Local\SoundSpectrum O43 - CFD: 2011-11-27 - 10:54:44 - [160337284] ----D- C:\Users\Hervé\AppData\Local\Temp O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Temporary Internet Files O43 - CFD: 2011-07-27 - 00:18:28 - [93476] ----D- C:\Users\Hervé\AppData\Local\VirtualStore O43 - CFD: 2011-08-10 - 01:02:54 - [902] ----D- C:\Users\Hervé\AppData\Local\Western Digital O43 - CFD: 2011-09-21 - 01:24:38 - [86016] ----D- C:\Users\Hervé\AppData\Local\Windows Live O43 - CFD: 2011-08-03 - 15:37:16 - [648463] ----D- C:\Users\Hervé\AppData\Local\Windows Live Writer O43 - CFD: 2011-09-10 - 15:43:46 - [314] ----D- C:\Users\Hervé\AppData\Local\Xobni O43 - CFD: 2011-09-17 - 08:49:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{00C6E1EE-7F12-4A1B-836A-09425AB56AC2} O43 - CFD: 2011-09-06 - 09:31:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{02CDDC35-2C18-4685-AFEB-EA128D69A99F} O43 - CFD: 2011-09-14 - 08:50:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{02D1880F-6D24-4757-BDC2-C7AA634A94F4} O43 - CFD: 2011-11-18 - 15:20:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{06AE5117-6586-4180-8ED3-AF013339006B} O43 - CFD: 2011-09-16 - 13:04:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{080536D1-B102-4B5E-A3E5-4BF390433076} O43 - CFD: 2011-08-29 - 16:54:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{0AEF8F1A-4E15-4E60-836D-C93151DD47FE} O43 - CFD: 2011-08-19 - 14:10:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{0B7F197F-53A4-4A18-89E4-7EA606E2393E} O43 - CFD: 2011-11-18 - 15:15:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{0BE27EF7-0A6F-4EC2-A1DA-19114F666AC0} O43 - CFD: 2011-08-31 - 09:02:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{0F8319AD-DE52-4B88-8D7D-3B66ABF5256E} O43 - CFD: 2011-09-12 - 19:48:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{1091C29D-5839-425B-B6D4-9F86FE8B562E} O43 - CFD: 2011-08-10 - 21:39:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{114BFA07-5974-4ED6-800E-20E64805F2FA} O43 - CFD: 2011-08-15 - 14:43:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{138D6D6E-8D2B-4C3D-A03F-388FA37BB539} O43 - CFD: 2011-08-25 - 19:45:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{15311EA5-ED00-4EEC-8B83-9A636131737E} O43 - CFD: 2011-09-12 - 14:21:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{175A740A-FA64-4A65-812D-EDCB2A8CB20E} O43 - CFD: 2011-08-16 - 15:21:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{1934FCB2-1DFD-442A-A555-4EF6B3A876CB} O43 - CFD: 2011-09-02 - 16:56:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{1AE4167C-5E09-4BF2-8A33-A8C4163CD428} O43 - CFD: 2011-08-26 - 12:08:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{1BEFBF98-5975-4999-B53A-B3D812B41EE2} O43 - CFD: 2011-08-17 - 14:34:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{1CE6C590-897E-4544-BAE9-3AC266BD3B64} O43 - CFD: 2011-09-08 - 19:34:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{208B357A-2BB0-4ECA-922C-FA2C51671BDF} O43 - CFD: 2011-08-16 - 02:43:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{22BB70D5-4F07-4A6E-99C5-678D5D24344B} O43 - CFD: 2011-09-09 - 10:58:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{2531770D-54D2-41E0-B24C-35C4FC1FAB9C} O43 - CFD: 2011-08-30 - 18:32:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{26A9CF44-FAC1-49A8-86DF-54A2649C7C7D} O43 - CFD: 2011-08-25 - 06:54:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{2A8A30F3-7A71-418B-9549-8B771625F31C} O43 - CFD: 2011-08-21 - 15:59:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{2CB132CC-6617-456A-8FB1-EB6336B9840A} O43 - CFD: 2011-09-12 - 19:48:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{2D0CDD26-DFBB-4EC6-AC98-46F855D594E6} O43 - CFD: 2011-09-15 - 17:29:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{2E2F4A09-79C3-42E1-9B41-2B5082C28671} O43 - CFD: 2011-08-18 - 02:35:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{3028B61B-F5C8-4691-B373-081E2966AE32} O43 - CFD: 2011-09-02 - 16:56:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{30AA4B2F-481E-45F2-A318-BB8BC7B4E180} O43 - CFD: 2011-08-14 - 18:48:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{321CF00B-E85B-4EDE-BABB-640D8B9F9724} O43 - CFD: 2011-09-13 - 10:00:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{32F7668A-3985-44E0-8726-99E5540611BB} O43 - CFD: 2011-09-08 - 19:34:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{337BF2F3-70E9-41EE-B9FC-933EAE0FB634} O43 - CFD: 2011-08-15 - 14:43:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{34696E30-3A52-491E-B636-9525078E889F} O43 - CFD: 2011-08-18 - 02:35:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{34917689-FECA-4018-927B-C60B2982577D} O43 - CFD: 2011-08-14 - 05:06:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{38B03F42-9731-46A5-BF4C-EFF17A6CB3E0} O43 - CFD: 2011-09-12 - 14:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{3A5B7AD6-F3A9-4019-BACC-A4648AFFF14F} O43 - CFD: 2011-09-19 - 08:16:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{3CD3CEFF-22B7-4331-B14A-1AF4377C10E1} O43 - CFD: 2011-08-24 - 18:18:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{44CCCFC9-1D9C-4309-8BC5-0D235F1409D8} O43 - CFD: 2011-08-16 - 15:21:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{4A85147F-6E6D-4410-86A9-4AB169D37911} O43 - CFD: 2011-08-30 - 06:31:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{4B59F768-B4DA-4A38-ADDC-F734FB5E1F19} O43 - CFD: 2011-09-14 - 08:50:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{4EE9E830-E44B-4568-A135-F30A1D3D5C04} O43 - CFD: 2011-08-10 - 21:38:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{506E35F8-BEB6-40B3-B4E9-E951265DCFEC} O43 - CFD: 2011-09-15 - 01:53:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{51439CE7-D7B3-4B14-8354-9344F61D8F49} O43 - CFD: 2011-08-11 - 17:40:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526C8C8B-0640-4ABE-BF11-8EC60C353554} O43 - CFD: 2011-08-31 - 21:03:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526CF8F9-AB33-4C0B-A0C8-C7EBBECDB6C7} O43 - CFD: 2011-08-27 - 15:33:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{58A41A2F-3F90-4E3E-8378-F41A6362FA79} O43 - CFD: 2011-09-08 - 07:33:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{5DA34096-EABB-45C1-A90B-5FB397F31F87} O43 - CFD: 2011-08-24 - 06:17:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{5F8B8DED-80FF-4917-B693-705A09594FD3} O43 - CFD: 2011-09-06 - 21:50:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{62DC2BBE-EC45-47CA-B2A1-62F4B05B573B} O43 - CFD: 2011-09-13 - 10:00:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{6C7F6D01-F4FC-4647-988C-E4DEB0F25913} O43 - CFD: 2011-09-21 - 01:24:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{72A7065B-8420-4123-9F64-57C6D9C62CD4} O43 - CFD: 2011-09-06 - 09:31:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{72C57EA1-FE36-45E0-A2D1-675C553D5580} O43 - CFD: 2011-08-25 - 06:54:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{73EB9416-C1CE-4BFA-9955-9513B5477699} O43 - CFD: 2011-09-17 - 08:49:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{74C90F02-F7D0-4E06-B637-E445CAF36D06} O43 - CFD: 2011-09-09 - 10:58:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{7521D90B-5587-4D8C-ABDB-0085989A54A4} O43 - CFD: 2011-08-23 - 14:39:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{753B033E-7B44-4388-821B-35C9A1E88451} O43 - CFD: 2011-08-29 - 02:55:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{7807ADC6-729B-4E34-8F83-900924F9006E} O43 - CFD: 2011-08-30 - 18:32:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{78530A86-BAF6-41FB-BC41-C68B384B7F5B} O43 - CFD: 2011-09-05 - 12:26:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{78955A57-E87D-48DF-A2D2-39645DACBA89} O43 - CFD: 2011-09-04 - 09:50:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{78EA1059-B90A-42CB-81FD-A5B472C75949} O43 - CFD: 2011-08-31 - 21:03:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{78F56C8F-A2ED-405A-A074-C67073F17289} O43 - CFD: 2011-08-14 - 05:06:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{7912EDB7-44E3-4566-8FEF-4505029C6FAD} O43 - CFD: 2011-08-09 - 15:21:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{7D7D0664-385B-4C08-AA40-2395620CD076} O43 - CFD: 2011-08-24 - 18:18:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{81E640F7-668F-40A9-B443-E4D3779705AC} O43 - CFD: 2011-08-29 - 02:55:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{8486F76A-DC91-42D8-94FC-E5DAF69C163F} O43 - CFD: 2011-08-29 - 16:54:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{86F28ACC-CC36-427F-A260-E97806A1C9BB} O43 - CFD: 2011-08-13 - 06:43:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{881ED1AD-65AA-47B0-9791-2530D7ABADAF} O43 - CFD: 2011-08-27 - 15:32:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{8ACDE25E-21AE-4A2E-9750-F5FED095E5A5} O43 - CFD: 2011-09-03 - 16:01:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{8BDB10D7-466E-480D-A67E-0396D2913E1B} O43 - CFD: 2011-08-12 - 05:54:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{8CD7D08E-2CD7-4BCF-A78C-BCD90FA357BD} O43 - CFD: 2011-08-18 - 14:36:32 - [0] ----D- C:\Users\Hervé\AppData\Local\{914EDD28-0687-4D51-B36A-5454BA9F81A2} O43 - CFD: 2011-09-10 - 15:07:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{919DB16E-BFC0-4EF8-BF24-31F8F18E8C3A} O43 - CFD: 2011-08-09 - 15:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{965A2E33-076F-4786-9D6C-A0A95BF39B82} O43 - CFD: 2011-08-23 - 14:39:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{9670D023-A6C6-47A9-BE8A-EAA22CD690D6} O43 - CFD: 2011-09-15 - 17:29:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{97C252B9-498B-4D59-AB92-93F85EE0E324} O43 - CFD: 2011-08-11 - 17:40:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{99BABE23-9745-4CB1-8385-250BAE420CD9} O43 - CFD: 2011-09-01 - 14:42:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{9ACDDE21-46F8-4139-BD6E-4596E75F2EFD} O43 - CFD: 2011-09-18 - 14:22:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{9B9C7BE1-F1C5-4F1F-A4B7-CDFD031F2DCD} O43 - CFD: 2011-08-13 - 06:43:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{A87877DA-3A14-4223-8808-4B23155BAF41} O43 - CFD: 2011-09-16 - 13:03:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{AA85243A-B29A-4CBA-88DA-BDB09B71E293} O43 - CFD: 2011-09-01 - 14:42:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{AD0E8C74-4AFF-41B6-89CC-60281F850083} O43 - CFD: 2011-08-20 - 21:14:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{B0F5E5E5-326B-4910-AA06-0E3A35067E6E} O43 - CFD: 2011-08-20 - 21:14:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{B177A1CC-DE7F-4602-B2D2-E7F1001F4ADF} O43 - CFD: 2011-08-25 - 19:45:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{B41BFF44-EE11-4136-8F01-172686131269} O43 - CFD: 2011-08-12 - 17:55:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{B5CAFB59-7E38-4998-B419-C1D16E8AA50C} O43 - CFD: 2011-08-21 - 15:59:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{B7EED034-5993-45F1-A4FF-2D6C613F59EB} O43 - CFD: 2011-09-06 - 21:50:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{BBD8A34E-54B5-4333-945E-3D0AB1B4BC33} O43 - CFD: 2011-09-11 - 15:31:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{BDCB8339-FA3C-49D3-AEBB-1256B5B689E4} O43 - CFD: 2011-09-11 - 15:31:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DA10AF-3139-4E74-AB53-C7B6AF166819} O43 - CFD: 2011-08-22 - 19:39:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DE88E7-CA03-4F92-9D7B-454A8FEBEABA} O43 - CFD: 2011-09-05 - 12:26:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{C35A66A5-98D1-42D9-AA9E-C99788B0E6A6} O43 - CFD: 2011-08-26 - 12:08:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{C372D854-FE61-4E0F-90AF-E604F06B4F8D} O43 - CFD: 2011-09-08 - 07:33:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{C7A189CF-4A45-4C5D-8A26-3413601A74DD} O43 - CFD: 2011-08-30 - 06:31:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA6639DF-EC7B-467E-A45C-8256A05C3C81} O43 - CFD: 2011-09-02 - 02:42:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA86A84E-2062-44DB-92DF-CDBC720038B0} O43 - CFD: 2011-09-10 - 00:26:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CEEEE8CB-FC4E-46C6-83CC-390A605C6DA2} O43 - CFD: 2011-08-27 - 00:21:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CF0FFDA6-0564-48FD-A3C5-5178F2BF8D1F} O43 - CFD: 2011-09-10 - 15:06:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{CFD6336A-1813-4AEA-B644-42DE05BC5FF1} O43 - CFD: 2011-08-12 - 05:54:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D160B31E-67E5-49EB-B51D-01BD86EFC9D9} O43 - CFD: 2011-08-18 - 14:36:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{D421163D-A9D4-4348-B18E-F84096C3BB94} O43 - CFD: 2011-08-20 - 09:13:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{D42FA5EC-ED50-45F2-9A34-3E51D7BD49F4} O43 - CFD: 2011-08-17 - 14:35:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{D44B1131-78AE-404B-A4F3-4775EF6FC79C} O43 - CFD: 2011-09-19 - 08:16:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D48EB198-3D95-42EA-9D8E-018D0AF2B96E} O43 - CFD: 2011-09-03 - 16:02:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{D55A98E9-A37C-4BDB-81E1-BBE0826FE6CB} O43 - CFD: 2011-09-07 - 13:48:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D59221BC-AA64-4125-9788-A668ACE11BF3} O43 - CFD: 2011-08-14 - 18:48:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D6293C27-C29C-410C-8537-CAAE68FF75B9} O43 - CFD: 2011-09-20 - 13:23:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{D87F46DD-665D-476A-8E41-F08D7BF7A0AE} O43 - CFD: 2011-09-10 - 00:26:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{DA22390D-535A-4AFD-95BA-475A49BB02E4} O43 - CFD: 2011-09-20 - 13:23:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{DDE402D3-77E3-4016-AE52-B81ACDE30CC9} O43 - CFD: 2011-09-15 - 01:53:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DE426265-5B1A-4F8F-815F-6780FD23A035} O43 - CFD: 2011-08-20 - 09:14:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DEDC5717-27A6-4C77-B568-17BB0FC6E448} O43 - CFD: 2011-08-22 - 04:31:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{E0F412BB-286E-42A5-9AB1-907248897054} O43 - CFD: 2011-08-16 - 02:44:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{E6F610BB-4F46-47C3-A741-5CD9D1188D19} O43 - CFD: 2011-09-18 - 14:22:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{E7C6A7B2-1B5A-46FD-8694-B8D2CEE80D1C} O43 - CFD: 2011-09-04 - 09:50:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{E8B0284E-F6E1-4AC9-8482-E18F07CD494E} O43 - CFD: 2011-08-31 - 09:02:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{E9446A2C-53AC-4F76-BB3A-D332044FCB00} O43 - CFD: 2011-08-28 - 14:55:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{EA579AD7-7833-417B-8BDA-D6ED170D6713} O43 - CFD: 2011-08-22 - 19:39:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{EBCEBEDB-09C9-4941-B723-0D98D2626463} O43 - CFD: 2011-08-12 - 17:55:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{EC8BD2CB-78C4-4C85-8ADE-3A49748FB6A5} O43 - CFD: 2011-08-27 - 00:21:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{F08BF85D-F251-4666-AECA-B31BA4F3338C} O43 - CFD: 2011-09-07 - 13:48:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{F20CC8A2-F19D-47A9-99F6-8B22E2EAC7A8} O43 - CFD: 2011-08-28 - 14:55:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{F21CD5E0-401A-420B-8DE7-061119E0B133} O43 - CFD: 2011-08-24 - 06:17:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{F24C3569-221D-44F8-8644-C2513D6F79C8} O43 - CFD: 2011-09-02 - 02:42:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{F6225E5D-F011-4410-B84F-998ABA4AAF14} O43 - CFD: 2011-08-19 - 14:10:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{FB4DDB94-BCFE-4890-A92D-E8FFD5FF887D} O43 - CFD: 2011-09-21 - 01:24:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD440CCA-6FA6-4B3C-B5CD-DF246A7C713D} O43 - CFD: 2011-08-22 - 04:30:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD511DA3-4602-4D99-A0F6-EC44D2DA10CE} O43 - CFD: 2011-08-24 - 18:24:42 - [271938] ----D- C:\Program Files (x86)\Acro Software O43 - CFD: 2011-11-23 - 17:27:24 - [5020005371] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 2011-09-17 - 17:54:04 - [2794315] ----D- C:\Program Files (x86)\Adobe Media Player O43 - CFD: 2011-09-12 - 20:10:12 - [2436124] ----D- C:\Program Files (x86)\AMD APP O43 - CFD: 2011-09-26 - 17:04:50 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update O43 - CFD: 2011-09-12 - 19:47:22 - [42762632] ----D- C:\Program Files (x86)\ATI Technologies O43 - CFD: 2011-11-24 - 01:32:52 - [991548] ----D- C:\Program Files (x86)\BasicScan O43 - CFD: 2011-11-25 - 12:43:04 - [631120] ----D- C:\Program Files (x86)\Bonjour O43 - CFD: 2011-11-23 - 17:32:50 - [409218] ----D- C:\Program Files (x86)\BrightBreeze O43 - CFD: 2011-11-18 - 17:58:14 - [1781147629] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 2011-09-20 - 22:21:20 - [454626790] ----D- C:\Program Files (x86)\CyberLink O43 - CFD: 2011-07-12 - 10:18:00 - [262144] ----D- C:\Program Files (x86)\D-Link AirPlus O43 - CFD: 2011-11-23 - 17:32:56 - [241440] ----D- C:\Program Files (x86)\DealScout O43 - CFD: 2011-09-30 - 21:10:50 - [103037152] ----D- C:\Program Files (x86)\DivX O43 - CFD: 2011-11-12 - 23:21:08 - [112231986] ----D- C:\Program Files (x86)\GIMP-2.0 O43 - CFD: 2011-08-08 - 20:34:54 - [45764852] ----D- C:\Program Files (x86)\Google O43 - CFD: 2011-08-24 - 18:25:28 - [8075602] ----D- C:\Program Files (x86)\GPLGS O43 - CFD: 2011-11-23 - 17:43:44 - [103246685] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 2011-10-25 - 19:35:58 - [6468088] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 2011-08-03 - 18:14:50 - [773494] ----D- C:\Program Files (x86)\Iomega O43 - CFD: 2011-11-25 - 12:43:36 - [147669125] ----D- C:\Program Files (x86)\iTunes O43 - CFD: 2011-10-18 - 21:53:24 - [91769218] ----D- C:\Program Files (x86)\Java O43 - CFD: 2011-08-11 - 21:56:28 - [45282901] ----D- C:\Program Files (x86)\K-Lite Codec Pack O43 - CFD: 2011-09-24 - 19:36:42 - [7250304] ----D- C:\Program Files (x86)\lg_fwupdate O43 - CFD: 2011-10-03 - 17:46:00 - [708069270] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 2011-07-31 - 02:07:32 - [1006208] ----D- C:\Program Files (x86)\Microsoft Security Client O43 - CFD: 2011-10-25 - 19:38:20 - [38412395] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 2011-03-02 - 11:47:46 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition O43 - CFD: 2011-07-23 - 19:37:04 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio O43 - CFD: 2011-07-23 - 19:34:56 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 2011-07-25 - 20:14:18 - [3726168] ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 2011-08-09 - 15:16:32 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 2011-07-23 - 19:37:10 - [26521] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 2011-08-09 - 21:35:44 - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 2011-10-16 - 13:57:04 - [0] ----D- C:\Program Files (x86)\My Company Name O43 - CFD: 2011-11-21 - 08:18:10 - [38784696] ----D- C:\Program Files (x86)\Orange O43 - CFD: 2011-11-24 - 00:39:00 - [90344996] ----D- C:\Program Files (x86)\PokerStars.FR O43 - CFD: 2011-05-27 - 06:25:52 - [3360505] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 2009-07-14 - 06:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 2011-05-27 - 06:28:42 - [1197242] ----D- C:\Program Files (x86)\Renesas Electronics O43 - CFD: 2011-09-20 - 22:18:00 - [22354572] ----D- C:\Program Files (x86)\SmartSound Software O43 - CFD: 2011-08-24 - 06:24:04 - [41880981] ----D- C:\Program Files (x86)\SoundSpectrum O43 - CFD: 2011-09-12 - 19:47:30 - [5693312] ----D- C:\Program Files (x86)\SpeedFan O43 - CFD: 2011-09-20 - 18:44:34 - [4842412836] ----D- C:\Program Files (x86)\Steam O43 - CFD: 2011-05-27 - 06:27:20 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 2011-10-12 - 22:10:24 - [22046044] ----D- C:\Program Files (x86)\Ubisoft O43 - CFD: 2009-07-14 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 2011-11-24 - 20:49:22 - [7276766] ----D- C:\Program Files (x86)\Winamax Poker O43 - CFD: 2010-11-21 - 07:19:02 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 2011-08-09 - 07:31:32 - [186735490] ----D- C:\Program Files (x86)\Windows Live O43 - CFD: 2010-11-21 - 07:19:02 - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 2010-11-21 - 07:19:02 - [5579025] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 2009-07-14 - 06:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 2010-11-21 - 07:19:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 2010-11-21 - 04:31:40 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 2010-11-21 - 07:19:02 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 2011-09-10 - 15:44:04 - [24314826] ----D- C:\Program Files (x86)\Xobni O43 - CFD: 2011-11-09 - 15:01:56 - [988585904] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 2011-11-16 - 23:32:26 - [39378332] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 2011-11-25 - 12:43:22 - [103791979] ----D- C:\Program Files (x86)\Common Files\Apple O43 - CFD: 2011-09-12 - 19:47:22 - [339208] ----D- C:\Program Files (x86)\Common Files\ATI Technologies O43 - CFD: 2011-05-30 - 09:54:30 - [138024] ----D- C:\Program Files (x86)\Common Files\CyberLink O43 - CFD: 2011-10-03 - 17:46:06 - [196160] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 2011-09-30 - 21:10:34 - [24656896] ----D- C:\Program Files (x86)\Common Files\DivX Shared O43 - CFD: 2011-11-18 - 17:58:14 - [7549132] ----D- C:\Program Files (x86)\Common Files\France Telecom O43 - CFD: 2011-09-13 - 10:35:12 - [647168] ----D- C:\Program Files (x86)\Common Files\HP O43 - CFD: 2011-07-26 - 23:22:58 - [4969657] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 2011-10-18 - 21:53:48 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 2011-10-13 - 17:37:28 - [28160] ----D- C:\Program Files (x86)\Common Files\Macromedia O43 - CFD: 2011-10-31 - 20:21:18 - [250674706] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 2011-08-09 - 06:05:20 - [0] ----D- C:\Program Files (x86)\Common Files\Pinnacle O43 - CFD: 2011-11-09 - 13:47:40 - [4809008] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 2009-07-14 - 04:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 2011-10-16 - 13:57:04 - [372019] ----D- C:\Program Files (x86)\Common Files\Sonic Shared O43 - CFD: 2009-07-14 - 04:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 2011-08-09 - 09:56:18 - [411432] ----D- C:\Program Files (x86)\Common Files\Steam O43 - CFD: 2011-11-15 - 14:30:30 - [47837723] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 2011-10-13 - 17:37:30 - [1375667] ----D- C:\Program Files (x86)\Common Files\Vbox O43 - CFD: 2011-03-02 - 11:46:56 - [263021018] ----D- C:\Program Files (x86)\Common Files\Windows Live ~ Scan Program Folder in 00mn 03s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.774687F2312F0749037F3F82E7F7DC2D] - 2011-03-19 - 16:05:37 ---A- . (...) -- C:\Windows\SysNative\xvidcore.dll [703488] O44 - LFC:[MD5.774687F2312F0749037F3F82E7F7DC2D] - 2011-03-19 - 16:05:37 ---A- . (...) -- C:\Windows\system32\xvidcore.dll [703488] O44 - LFC:[MD5.D239CA35ACD1EE0A3C6A82250DEB2589] - 2011-03-19 - 16:06:36 ---A- . (...) -- C:\Windows\SysNative\xvidvfw.dll [255488] O44 - LFC:[MD5.D239CA35ACD1EE0A3C6A82250DEB2589] - 2011-03-19 - 16:06:36 ---A- . (...) -- C:\Windows\system32\xvidvfw.dll [255488] O44 - LFC:[MD5.E5163BA9F0156E94F733F327F7029B61] - 2011-03-21 - 14:57:44 ---A- . (...) -- C:\Windows\SysNative\xvid.ax [173056] O44 - LFC:[MD5.E5163BA9F0156E94F733F327F7029B61] - 2011-03-21 - 14:57:44 ---A- . (...) -- C:\Windows\system32\xvid.ax [173056] O44 - LFC:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 2011-11-09 - 13:34:32 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912] O44 - LFC:[MD5.5D47664D0624F0367C7A2A6FA9AA8C66] - 2011-11-18 - 15:24:46 ---A- . (...) -- C:\Windows\win.ini [665] O44 - LFC:[MD5.1F24CF1F7DB6D4461AC65A86DB8E4BC2] - 2011-11-18 - 17:58:10 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [116224] O44 - LFC:[MD5.4B5C07DB91A0099272FAAE732E1152BD] - 2011-11-18 - 17:58:10 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [116864] O44 - LFC:[MD5.2E1B41D1904E0615C15FB568AD8B088E] - 2011-11-24 - 01:32:50 ---A- . (...) -- C:\Windows\PFRO.log [20380] O44 - LFC:[MD5.F5B696A228B5A0B9D1415790242749F1] - 2011-11-24 - 01:33:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5203800] O44 - LFC:[MD5.F5B696A228B5A0B9D1415790242749F1] - 2011-11-24 - 01:33:07 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [5203800] O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 2011-11-25 - 12:43:36 ---A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312] O44 - LFC:[MD5.E403AACF8C7BB11375122D2464560311] - 2011-11-25 - 12:43:36 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152] O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 2011-11-25 - 12:43:36 RSHAD . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\system32\GEARAspi64.dll [126312] O44 - LFC:[MD5.8F9F4D971D2D0B9294B37787550EADD1] - 2011-11-27 - 06:59:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.FF65ED49A8D3BFF2443E65849ACDDC94] - 2011-11-27 - 06:59:13 ---A- . (...) -- C:\Windows\setupact.log [93694] O44 - LFC:[MD5.68878278C256DF3BC1236E92B89965BD] - 2011-11-27 - 07:10:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1859735] O44 - LFC:[MD5.7BEB0242E37C4F1E25B82D281FEBB9AC] - 2011-11-27 - 10:51:23 ----- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1564030] O44 - LFC:[MD5.7BEB0242E37C4F1E25B82D281FEBB9AC] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1564030] O44 - LFC:[MD5.1A0C8EDF74801F54873098E5F2A1E6C3] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [108222] O44 - LFC:[MD5.764A90606A2A805C82A28D590493CBFD] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132614] O44 - LFC:[MD5.76DC7388207671FD51D538A1D2C37476] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [621002] O44 - LFC:[MD5.C58D5DD8197AC5FE57555CCB4C171F74] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [709286] O44 - LFC:[MD5.1A0C8EDF74801F54873098E5F2A1E6C3] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [108222] O44 - LFC:[MD5.764A90606A2A805C82A28D590493CBFD] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [132614] O44 - LFC:[MD5.76DC7388207671FD51D538A1D2C37476] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [621002] O44 - LFC:[MD5.C58D5DD8197AC5FE57555CCB4C171F74] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [709286] O44 - LFC:[MD5.15272F5536D4C9680EDEC1B6E4FB5466] - 2011-11-27 - 10:54:08 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512] ~ Scan Files in 00mn 01s ---\\ Export de clé d'application autorisée (O47) O47 - AAKE:Key Export SP - "F:\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- F:\Connectivity\ConnectivityManager.exe ~ Scan Keys in 00mn 00s ---\\ Déni du service (Local Security Authority) (O48) O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\system32\pku2u.dll O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\system32\livessp.dll ~ Scan Keys in 00mn 00s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{bfa56c5f-1204-11e1-b21c-1c6f65c06866}\AutoRun\command. (...) -- I:\AutoRunCardDetector.exe (.not file.) O51 - MPSK:{e0ffad69-0acc-11e1-b05a-1c6f65c06866}\AutoRun\command. (...) -- G:\Formation.exe (.not file.) ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll ~ Scan Keys in 00mn 00s ---\\ ShareTools MSconfig StartupReg (O53) O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe O53 - SMSR:HKLM\...\startupreg\AdobeCS5ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe O53 - SMSR:HKLM\...\startupreg\BDRegion [Key] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe O53 - SMSR:HKLM\...\startupreg\boincmgr [Key] . (.Space Sciences Laboratory - BOINC Manager for Windows.) -- F:\BOINC\boincmgr.exe O53 - SMSR:HKLM\...\startupreg\boinctray [Key] . (.Space Sciences Laboratory - BOINC System Tray for Windows.) -- F:\BOINC\boinctray.exe O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- F:\DAEMON Tools Lite\DTLite.exe O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe O53 - SMSR:HKLM\...\startupreg\Iomega Home Storage Manager [Key] . (.Iomega Corporation - Iomega Home Media Network Discover Applicat.) -- C:\Program Files (x86)\Iomega\Home Storage Manager\Iomega Discovery.exe O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe O53 - SMSR:HKLM\...\startupreg\LGODDFU [Key] . (.BL - Pas de description.) -- C:\Program Files (x86)\lg_fwupdate\fwupdate.exe O53 - SMSR:HKLM\...\startupreg\MailNotifier [Key] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe O53 - SMSR:HKLM\...\startupreg\MediaGet2 [Key] . (...) -- C:\Users\Hervé\AppData\Local\MediaGet2\mediaget.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Mega Manager [Key] . (...) -- F:\MegaManager.exe (.not file.) O53 - SMSR:HKLM\...\startupreg\Megakey [Key] . (.Megamedia Ltd. - Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\Megakey.exe O53 - SMSR:HKLM\...\startupreg\MegakeyUpdater [Key] . (.Megamedia Ltd. - Megakey Update.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegakeyUpdater.exe O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe O53 - SMSR:HKLM\...\startupreg\PMBVolumeWatcher [Key] . (.Sony Corporation - Media Check Tool.) -- F:\Caméscope\PMBVolumeWatcher.exe O53 - SMSR:HKLM\...\startupreg\ProfilerU [Key] . (.Saitek - Saitek SST Profile Launcher.) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- F:\Quick Time\QTTask.exe O53 - SMSR:HKLM\...\startupreg\RemoteControl9 [Key] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe O53 - SMSR:HKLM\...\startupreg\SaiMfd [Key] . (.Saitek - Saitek MFD File System Driver.) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O53 - SMSR:HKLM\...\startupreg\SwitchBoard [Key] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe ~ Scan SMSR Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 2009-06-10 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 2009-07-14 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 2011-05-27 - 08:18:24 RSHAD . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 2011-07-22 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 2009-06-10 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 2011-07-22 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.2FBB00A7616106B95104574C6CD640C2] - 2011-05-26 - 19:46:20 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amd_sata.sys [78976] O58 - SDL:[MD5.87D0D7645CB0D53220649BD5FE15D93E] - 2011-05-26 - 19:46:20 RSHAD . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\system32\drivers\amd_xata.sys [38528] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.03B7145C889603537E9FFEABB1AD1089] - 2005-03-29 - 01:30:38 RSHAD . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [8192] O58 - SDL:[MD5.5D4529AC4156E16BEDB01441AE0CF984] - 2009-07-08 - 23:49:16 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1484800] O58 - SDL:[MD5.DBB487D09F56C674430AC454FD8BCAB9] - 2011-09-12 - 23:07:00 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [231440] O58 - SDL:[MD5.5B03217859B014B090CB5060C1D96875] - 2011-09-12 - 23:23:16 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9980416] O58 - SDL:[MD5.35D2184A99AD4CD5D17284D6C9F382C9] - 2011-09-12 - 21:54:10 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [309248] O58 - SDL:[MD5.E82E61F46D1336447F4DEFF8C074F13E] - 2011-05-26 - 10:15:36 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie64.sys [16440] O58 - SDL:[MD5.B4BDE3F758A34658A37DFED3D9783CD8] - 2011-07-26 - 14:45:02 RSHAD . (...) -- C:\Windows\system32\drivers\atksgt.sys [88480] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 2009-06-10 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 2009-07-14 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 2009-07-14 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 2009-07-14 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 2009-06-10 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 2009-07-14 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 2011-11-09 - 13:34:32 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 2009-06-10 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 2009-06-10 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.1F24CF1F7DB6D4461AC65A86DB8E4BC2] - 2011-11-18 - 12:45:35 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [116224] O58 - SDL:[MD5.4B5C07DB91A0099272FAAE732E1152BD] - 2011-11-18 - 12:45:35 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [116864] O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 2011-11-25 - 13:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 2009-07-13 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2010-11-21 - 04:23:47 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 2011-07-22 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 2009-07-13 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.955982BF4421B77722196552B62E8DC2] - 2011-07-26 - 14:45:02 RSHAD . (...) -- C:\Windows\system32\drivers\lirsgt.sys [46400] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.024DA28053D57E9E32BEE52600576BBB] - 2011-08-09 - 21:18:34 RSHAD . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\system32\drivers\MarvinBus64.sys [261120] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 2009-06-10 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 2009-07-13 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.01266516E6E88D183A2B58722EEB4443] - 2011-05-27 - 17:30:50 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\system32\drivers\nusb3hub.sys [87552] O58 - SDL:[MD5.5EC04F55CC5F165F21752712437DF638] - 2011-05-27 - 17:30:54 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\system32\drivers\nusb3xhc.sys [207872] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 2011-07-22 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 2011-07-22 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 2009-06-10 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 2009-07-13 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 2010-06-23 - 09:10:56 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [344680] O58 - SDL:[MD5.88798B4381FD58FAE2DA07880C177C5C] - 2011-05-27 - 14:33:48 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2826984] O58 - SDL:[MD5.248ABD858FF7DCC966E5A54529DDD225] - 2011-08-09 - 15:10:48 RSHAD . (.Saitek - Saitek Hid Driver.) -- C:\Windows\system32\drivers\SaiH0255.sys [171144] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 2009-07-14 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 2009-06-10 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 2009-07-13 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 2009-07-13 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 2011-09-26 - 07:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712] O58 - SDL:[MD5.573D192E268F0C5B486B7E96F661E538] - 2011-05-26 - 04:06:46 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [47232] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 2009-07-14 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 2009-06-10 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] ~ Scan Drivers in 00mn 00s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 2011-07-28 - C:\Windows\system32\DRIVERS\atikmdag.sys - No object(No service) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG O64 - Services: CurCS - 2011-03-04 - C:\Windows\system32\DRIVERS\amd_sata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMD_SATA O64 - Services: CurCS - 2011-06-24 - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys - No object(No service) .(.Advanced Micro Devices - AMD OverDrive Service Driver.) - LEGACY_AODDRIVER4.01 O64 - Services: CurCS - 2011-07-26 - C:\Windows\system32\DRIVERS\atksgt.sys - No object (No service) .(...) - LEGACY_ATKSGT O64 - Services: CurCS - 2010-07-09 - F:\PC WIZARD\PC Wizard 2010\pcwiz_x64.sys - No object(No service) .(.Windows ® Win 7 DDK provider - CPUID Driver.) - LEGACY_CPUZ134 O64 - Services: CurCS - 2011-07-26 - C:\Windows\system32\DRIVERS\lirsgt.sys - No object (No service) .(...) - LEGACY_LIRSGT O64 - Services: CurCS - 2011-03-18 - C:\Windows\Syswow64\speedfan.sys - No object(No service) .(.Almico Software - SpeedFan x64 Driver.) - LEGACY_SPEEDFAN O64 - Services: CurCS - 2010-12-08 - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl - No object(No service) .(.CyberLink Corp. - Pas de description.) - LEGACY_{B154377D-700F-42CC-9474-23858FBDF4BD} ~ Scan Services in 00mn 00s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Hervé - c96ns2wb.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q="); O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - Babylon Search O69 - SBI: SearchScopes [HKCU] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.8C800F6BFE1323CBB2741AF23ED2CF68] [sPRF][2011-11-27] (...) -- C:\Users\Hervé\AppData\Local\Temp\i4jdel0.exe [4608] [MD5.475C87632DA49C2E5A818012B5E669FF] [sPRF][2010-03-23] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r52.) -- C:\Users\Hervé\AppData\Local\Temp\InstallAX.exe [2553344] [MD5.738D8A6AC0F3E275B8143E8AC0CC0C7A] [sPRF][2010-03-23] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r52.) -- C:\Users\Hervé\AppData\Local\Temp\InstallPlugin.exe [2516992] [MD5.359D655287B012A8E2032651CBA88741] [sPRF][2011-11-09] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssa_aih.bat [465] [MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][2011-11-09] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssa_aih.exe [748648] [MD5.347106DB7195AC85FACF9DD37DC97D9D] [sPRF][2011-10-06] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih.bat [465] [MD5.82F5A14E50C93D364DB1FF843C384DAA] [sPRF][2011-10-06] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih.exe [742216] [MD5.89191DE4D3DFE0592D5FDDB49F820F8F] [sPRF][2011-11-09] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih_1.bat [473] [MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][2011-11-09] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih_1.exe [748648] [MD5.84151460F6E63CAE2C163D7202EEDB1C] [sPRF][2011-10-06] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Hervé\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [910112] [MD5.F0168A2D9CEE9BDD083BE324BF9A1530] [sPRF][2011-11-10] (...) -- C:\Users\Hervé\AppData\Local\Temp\mediaget-uninstaller.exe [33512] [MD5.5A432A042DAE460ABE7199B758E8606C] [sPRF][2006-10-28] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\Hervé\AppData\Local\Temp\ose00000.exe [145184] [MD5.9A2347903D6EDB84C10F288BC0578C1C] [sPRF][2011-10-06] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Hervé\AppData\Local\Temp\TomsDownloader15149.exe [388608] [MD5.DB42F2574BEB18AD52E7447ED12CFBBC] [sPRF][2011-11-27] (...) -- C:\Users\Hervé\Desktop\SecurityCheck.exe [879652] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.) O87 - FAEL: "{DC5729A9-1E81-4923-8D4E-42BD1EEE371C}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema Main Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe O87 - FAEL: "{DB9B3A7E-A58A-46DD-9339-0541102ECCB7}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 9.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe O87 - FAEL: "TCP Query User{01E6F533-A91E-4D6D-B229-F11EC7E31B0D}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" | In - Public - P6 - TRUE | .(.Iomega Corporation.) -- C:\program files (x86)\iomega\home storage manager\iomega dis O87 - FAEL: "UDP Query User{465764C3-CF85-44F8-BB0B-3AD67AE44BEF}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" | In - Public - P17 - TRUE | .(.Iomega Corporation.) -- C:\program files (x86)\iomega\home storage manager\iomega di O87 - FAEL: "TCP Query User{FE568698-1463-4627-9A80-831A9A2BED22}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Private - P6 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega st O87 - FAEL: "UDP Query User{B2E6207D-F11B-446C-BCA5-063A24A460D4}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Private - P17 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega s O87 - FAEL: "{4056D6AC-D284-4B23-8702-FC6A6929B36C}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{6A6A3D15-6146-49C3-B596-D043B245D428}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe O87 - FAEL: "{5007BCF8-4926-4FD8-9356-D2EE528EEFA1}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.) O87 - FAEL: "{4AE54B63-EE34-4AB2-8D30-1D4614E41269}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.) O87 - FAEL: "{3BF3E757-BC9F-46DB-8DF2-A037AB1F9AD9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.) O87 - FAEL: "{04406FB8-2AD4-478A-954A-BF5452064EA7}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.) O87 - FAEL: "{1888ACC9-C9DA-4816-9F12-82F0829D74D9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.) O87 - FAEL: "{1E5ECF32-5F54-4CCE-B733-D8B9180916E2}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.) O87 - FAEL: "{68CE0C80-DACB-4EFA-9610-D3F4AC6B59B0}" | In - Private - P6 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST™ Install Manager.) -- C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe O87 - FAEL: "{95715C02-98E8-4787-BF63-B069A8634102}" | In - Private - P17 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST™ Install Manager.) -- C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe O87 - FAEL: "{EBE49B5F-7FC2-44D6-BCC6-BC2365A3D06D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.) O87 - FAEL: "{4E69E0B6-BA1E-4F4A-AFB7-4E1CCB788A10}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.) O87 - FAEL: "TCP Query User{5A1307FF-DB2A-441A-BCC0-F0AE2CDE14CE}F:\il2 1946\il2fb.exe" | In - Private - P6 - TRUE | .(...) -- F:\il2 1946\il2fb.exe O87 - FAEL: "UDP Query User{184AA91E-B3EE-443F-A360-FD4B3109611A}F:\il2 1946\il2fb.exe" | In - Private - P17 - TRUE | .(...) -- F:\il2 1946\il2fb.exe O87 - FAEL: "{F554C2D5-3E98-4107-AEFC-78FDBD3AF4E3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) O87 - FAEL: "{A14BEBFE-1154-4D8C-B804-7F83D9C353E4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.) O87 - FAEL: "TCP Query User{0E41019B-86C3-4A3F-94D3-05D807E8A519}C:\program files (x86)\vuze\azureus.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.) O87 - FAEL: "UDP Query User{7A18DB04-0737-4E85-891A-190D442CDCAF}C:\program files (x86)\vuze\azureus.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.) O87 - FAEL: "{CDECCACF-6E4F-443A-8243-AE1E8F0624EC}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR9.exe O87 - FAEL: "{9F4DDA75-DEF7-4FEF-85CB-EB976C1BCD0A}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe O87 - FAEL: "TCP Query User{71F73550-0C69-4AC9-B50F-0FCDBA67B177}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.) O87 - FAEL: "UDP Query User{8BCF1AC4-F1C2-4D0A-8DCD-7F23C4F02258}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.) O87 - FAEL: "TCP Query User{BC820EF3-0192-4D06-B725-2462F9CC2BCB}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.) O87 - FAEL: "UDP Query User{D04428CA-739E-4142-93E0-232F12F10611}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.) O87 - FAEL: "TCP Query User{5A864B9F-5F44-49EC-9863-07BB81A69818}F:\catia\intel_a\code\bin\orbixd.exe" | In - Private - P6 - TRUE | .(...) -- F:\catia\intel_a\code\bin\orbixd.exe O87 - FAEL: "UDP Query User{65DFFE21-4D72-49EB-86F6-827E38E89C95}F:\catia\intel_a\code\bin\orbixd.exe" | In - Private - P17 - TRUE | .(...) -- F:\catia\intel_a\code\bin\orbixd.exe O87 - FAEL: "TCP Query User{9F1183AD-8A2B-4858-A95C-4BB724D06F25}F:\catia\intel_a\code\bin\cnext.exe" | In - Private - P6 - TRUE | .(.Dassault Systemes - CATIA.) -- F:\catia\intel_a\code\bin\cnext.exe O87 - FAEL: "UDP Query User{BC11DE2E-9917-4C78-A53B-B3F0A1351AF8}F:\catia\intel_a\code\bin\cnext.exe" | In - Private - P17 - TRUE | .(.Dassault Systemes - CATIA.) -- F:\catia\intel_a\code\bin\cnext.exe O87 - FAEL: "{37A78D22-5F6B-43C0-9895-9D265CFC8B9C}" |In - Private - P6 - TRUE | .(...) -- F:\MegaManager.exe (.not file.) O87 - FAEL: "{B0D2F68C-643D-471A-9DD7-C8A01F59DB49}" |In - Private - P17 - TRUE | .(...) -- F:\MegaManager.exe (.not file.) O87 - FAEL: "{55A399F8-4F5F-499B-BDA6-5E924F0EEF0E}" |In - Domain - P6 - FALSE | .(...) -- F:\MegaManager.exe (.not file.) O87 - FAEL: "{CD4C1552-32CA-4115-84E1-C4396E65A0A8}" |In - Domain - P17 - FALSE | .(...) -- F:\MegaManager.exe (.not file.) O87 - FAEL: "{E942F3FD-BD64-4211-A3AB-45AFB1C44946}" |In - Public - P6 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "{4B32C787-1E99-4278-A12E-A9F819133104}" |In - Public - P17 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.) O87 - FAEL: "{8553FA20-FD00-4B62-9E06-3C1076F2BEEC}" | In - Public - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "{EFE41EFE-E0AB-4DE6-B156-67802F62C293}" | In - Public - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe O87 - FAEL: "TCP Query User{498E4640-D799-4946-AEE6-F710E847F6D0}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Public - P6 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega sto O87 - FAEL: "UDP Query User{AD957647-2235-45F0-A20A-69B5D2BC62E1}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Public - P17 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega st O87 - FAEL: "TCP Query User{481BE1AF-77CD-4456-9526-91BF75525205}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" | In - Private - P6 - TRUE | .(.Adobe Systems Incorporated.) -- C:\program files\adobe\adobe after effects cs5\supp O87 - FAEL: "UDP Query User{F28A8C89-9597-4F9D-B9F8-BB0F40759FE8}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" | In - Private - P17 - TRUE | .(.Adobe Systems Incorporated.) -- C:\program files\adobe\adobe after effects cs5\sup O87 - FAEL: "{62893FA2-18AE-4748-9A1C-5F8172037317}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{E37D8F17-DCE2-41F1-9194-6AE73AE22EBD}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe O87 - FAEL: "{FC0EFA09-7D9A-4863-9CBF-1349031DC824}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{09545272-1542-4C87-A457-A9B4D521B315}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe O87 - FAEL: "{9965C0AE-7BEC-4D3D-B6C8-7003B56813D7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe ~ Scan Firewall in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8852 - (28/10/2011) Clés trouvées (Keys found) : 7 Valeurs trouvées (Values found) : 0 Dossiers trouvés (Folders found) : 11 Fichiers trouvés (Files found) : 0 [HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent [HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch [HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon [HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon [HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon [HKCU\Software\PCTuto] =>Spyware.AgenceExclusive [HKLM\Software\WOW6432Node\PCTuto] =>Spyware.AgenceExclusive C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 =>Adware.Seekmo C:\ProgramData\Babylon =>Toolbar.Babylon C:\Users\Hervé\AppData\Roaming\Babylon =>Toolbar.Babylon C:\Users\Hervé\AppData\Roaming\OpenCandy =>Adware.OpenCandy C:\Users\Hervé\AppData\Roaming\PCTuto =>Spyware.AgenceExclusive C:\Users\Hervé\AppData\Local\Babylon =>Toolbar.Babylon C:\Users\Hervé\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\Hervé\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\Extensions\[email protected] =>Toolbar.Babylon ~ Scan Additionnel in 00mn 04s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SS - | Disabled 2011-11-09 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe SR - | Auto 2011-09-12 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe SR - | Auto 2011-09-12 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe SS - | Auto 2011-11-25 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe SS - | Disabled 26112 | (BasicScan Service) . (...) - C:\Program Files (x86)\BasicScan\basicscan.exe SS - | Disabled 2011-10-03 49214 | (BBDemon) . (.Dassault Systemes.) - F:\catia\intel_a\code\bin\CATSysDemon.exe SR - | Auto 2011-11-25 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe SR - | Auto 2011-11-18 77824 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe SS - | Auto 2011-07-22 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2011-07-22 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 2011-07-22 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SR - | Demand 2011-11-25 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe SS - | Auto 2011-11-21 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe SS - | Disabled 2011-08-13 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - F:\Caméscope\PMBDeviceInfoProvider.exe SS - | Disabled 386344 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe SS - | Disabled 2011-08-08 411432 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe SS - | Demand 2011-11-09 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe SR - | Auto 2009-07-14 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe SR - | Auto 2011-09-10 62184 | (XobniService) . (.Xobni Corporation.) - C:\Program Files (x86)\Xobni\XobniService.exe SR - | Auto 2011-05-30 146928 | ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl ~ Scan Services in 00mn 04s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover Run by Hervé at 2011-11-27 10:56:13 device: opened successfully user: error reading MBR Disk trace: error: Read Descripteur non valide kernel: error reading MBR ~ Scan MBR in 00mn 06s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Hervé at 2011-11-27 10:56:15 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 08s ---\\ Liste des émulateurs de CD/DVD (Hook du MBR) O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite ~ Scan Emulateurs in 00mn 08s End of the scan (1616 lines in 00mn 21s)(0)

Bonjour Lance, Toutes mes excuses le temps de réponse une nouvelle fois mais là je suis en à la maison une semaine complète, je vais pouvoir nettoyer et surtout coder mon pc que seul moi n'y ai plus accès, je l'ai payé assez cher pour le boulot pour que mon diablotin ne me le bloque ^^ Bref, de nouveau problèmes hier je rentre, j'écris et j'ai des freeze de quelques millisecondes, si des mots sont incomplets ou incompréhensible ça vient de là mais je vérifie et c'est embêtant j'ai trouvé également ceci et n'arrive pas à le virer avec sécurity essential : - adawareWin32/Hotbar - admawareWin32/Clickpotato et je pense d'autres bien cachés Je pense qu'il faudrait reprendre depuis zéro mon nettoyage et m'en excuse, si tu le veux bien, bien entendu ?????? HH

Re Lance, ET oui je suis entièrement d'accord avec toi pour le P2P, je vais faire lire ça au fiston et le lui faire recopier 100 fois lol grrrr comme tous les jeunes il lui faut des choses et........ no comment ! c'est moi le maître lol même si j'attire ses foudres (19 ans et déjà un petit monsieur qui voudrai s'imposer et pousser papa dans les orties lolll "je plaisante") mdrrr ok et quoi qu'il en soit, non il n'abuse pas il ne s'en est servit que 3 ou 4 fois et ce fut fait en mon absence, j'ai confiance en lui mais là oui si je risque gros ça ne va pas le faire !! J'ai des documents pro etc dans la machine et ...... vrai que ça fait peur ! Je passe les outils à mon retour. J'ai vu que tu étais sur le sujet j'ai donc attendu mais il me faut aller préparer pour la Toussaint (je passe les détail). Je m'occupe de désinstaller le log de P2P en rentrant et suis tes consignes et poste les rapports une fois tout effectué. Machine toute neuve déjà infectée grrrr de plus j'ai suivi ce que l'on m'a dit (le monteur) et n'ai pas installé ni avira ni sunbelt qui tournent sur le XP car paraît il que les outils de défense win7 serai acceptables ??? Merci pour le temps que tu m'accorde et pour ton aide. Je fais ça dans la soirée si je le peux now c'est corvée nettoyage Si je ne poste pas aujourd'hui je te souhaite un bon samedi Hervé (dsl suis bavard )

Bonjour Tonton, Merci pour ton intervention , je m'excuse pour le temps de réponse mais comme tu pourras le lire dans ma réponse à Lance, j'étais absent !! Merci pour le boulot que vous effectuez, ce n'est pas la première fois que je viens vous de mander de l'aide mais j'ai perdu mes anciens pseudos et pass Bon week end et encore merci Hervé

Bonjour Lance, Tout d'abord je te prie de m'excuser pour le temps de réponse bien que j'ai bien coché la case pour le suivi du sujet, la raison est que je n'était pas à la maison durant 10 jours (déplacement) et ces derniers jours j'avoue que je n'allumais pas le pc. Quand j'ai ouvert MOzilla, une fenêtre me disant qu'un programme tentais de changer mon Browser et juste une case pour liquer oui je n'ai jamais cliquer et lorsque je ferme Mozilla cette case reste !! De ce fait j'utilise ie 64Bits... Merci d'avoir pris mon "dossier" et j'espère ne pas te faire perdre trop de temps ! Voici le lien ci-joint et encore merci pour ton aide et si tu ne peux t'occuper de mon problème ce week end pas de souci il me fallait agir avant aussi Hervé http://www.cijoint.fr/cjlink.php?file=cj201110/cijuo2bZ77.txt

Bonjour Digger, En effet, je le pense aussi et il tourne sur le px sous XP mais on m'a dit ici (dans une autre sectio) que les outils win7 étaient suffisant, j'avoue qu'il m'a trouvé une cochonerie de suite (il s'agit de microsoft security essential). j'ai cliqué sur nettoyer le pc et apparemment cela a fonctionné, il travaille un peu comme avira en silence mais je n'ai pas vraiment confiance étant habitué à avira et malwarebytes côté protection ! SImplement je me demande si il s'impose vraiment sur win7 et si oui il va me falloir désactiver l'outil Micro$ ^^ mais là ? Je te remercie pour ta réponse et te souhaite un excellent w<eek end DIgger. Hervé Ps en sous titre je vais m'excuser d'avoir remonter ce post car je pense que l'on risque de penser vu qu'au départ pour le remonter je me suis répondu à moi même !! normalement ça ne se fait pas il faut attendre mais étant déjà en seconde page...........

Bonjour à tous, Désolé de remonté ce sujet, je pense que rien ne doit être grave dans mon log hijack, néanmoins je vous serai reconnaissant d'obtenir un petit conseil. De plus ne connaissant pas Windows 7 je ne sais pas si je dois y installer (Avira - Malwarebytes - etc), ma demande concerne bien cette barre d'outil néfaste mais si quelqu'un pouvait m'aider à protéger correctement cette nouvelle machine je lui en serai très reconnaissant ! bon week end à tous HH

Bonjour Thorgal, Tout d'abord, excuse le temps de réponse, depuis le temps que je devais le faire............. [blush] POur ce souci d'affichage concernant le new pc qui maintenant fonctionne à merveille avec une rapidité qui me cloue (je bosse dans l'infographie et design 3D), enfin en formation depuis septembre pour 2 ans (licence, il m'a fallu galérer pour trouver une entreprise en contrat pro, d'où l'oubli de rponse excuse m'en) !!! Le problème venait de la carte graphique, neuve mais défectueuse, je l'ai renvoée et deux jours plus tard je recevais la nouvelle et là MIRACLE... je branche le HDMI et affichage nickel tout ok Je profite ici pour m'excuser du temps de réponse et pour te remercier pour le temps que tu m'as accordé (on ne pouvais trouver de solution et pour cause)après avoir posté dans la section analyse et éradication pour un souci de toolbar (ça ne fera pas de mal de plus je profiterai pour poser quelques questions concernant les outils de protections Win7) que la souris (Madame) à installé en téléchargeant un logiciel gratuit le temps que le chat n'était pas là (moi) mdrrrrrrrrr Enfin rien de grave, je l'ai supprimée mais il reste quelque chose car quand j'ouvre un onglet je vois son logo dans la barre d'adresse et est toujours visible (qd je fais clic droit dans la barre des menus là haut).... Bref, je te souhaite une bonne fin de semaine et un excellent week end et encore merci Cordialement, Hervé

Bonjour à tous, Suite à un téléchargement, bien que la case installer la toolbar (Babylon) ai été désactivée, celle ci fut tout de même installée, je l'ai supprimée via programme et fonctionnalité mais lorsque depuis MOzilla ou Ie je lance une page vierge, c'est l'outil de recherche de cette toolbar qui est active et non google. De plus malgré la désinstallation, je l'ai toujours en faisant un clic droit dans les barre d'outils (en heut de la fenêtre active) Ce pc est très récent mais je pense qu'il y a eu quelques téléchargement fait (dans mon dos ... ben tiens le chat est au tadf les souris dansent mdrrrr ) Enfin, je viens vers vous solliciter votre aide afin d'éradiquer définitivement ce qui cloche sur ce pc, je poste la config ne sachant pas si l'os uniquement suffit et le rapport hijackthis bien sûr !! Merci pour votre aide =============================================== OS : Windows 7 ================================================== Rapport Hijack...... Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:48:08, on 2011-10-06 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Iomega\Home Storage Manager\Iomega Discovery.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe F:\Firefox\firefox.exe F:\Firefox\plugin-container.exe E:\TomsDownloader15149.exe C:\Users\HERV~1\AppData\Local\Temp\TomsDownloader15149.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail, Messenger, Actualité, Sport, People, Femmes - MSN France R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {ba14329e-9550-4989-b3f2-9732e92d17cc} - (no file) F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" O4 - HKLM\..\Run: [RemoteControl9] "C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [iomega Home Storage Manager] C:\Program Files (x86)\Iomega\Home Storage Manager\Iomega Discovery.exe O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [QuickTime Task] "F:\Quick Time\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - Global Startup: D-Link AirPlus.lnk = ? O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll O9 - Extra button: PokerStars.fr - {90EAE591-7E7E-434a-8E28-ECFD00071806} - C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Unknown owner - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Backbone Service (BBDemon) - Dassault Systemes - F:\catia\intel_a\code\bin\CATSysDemon.exe O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files (x86)\ma-config.com\maconfservice.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe -- End of file - 24392 bytes