Phileon

Bonjour, 1/ Je désire supprimer un module complémentaire de Firefox, il s'agit d'Alexa Sparkly. Comme il s'agit d'un module il n'apparait pas dans le panneau de config. Seul Firefox est des-installable. Lorsque je vais sur le site Alexa on m'indique une procédure qui me conduit sur le site Firefox pour sélectionner un module à installer. A aucun moment je ne vois l'option désinstallation. 2/ Ayant bénéficié des services des helpers en section désinfection , j'aimerai surfer en session user plutôt qu'en admin . Comment faire pour disposer du même environnement : marque page, modules complémentaires, historique quelque soit la session. Il s'agit d'un PC unique, sous seven, derrière une box avec un seul utilisateur. Merci d'avance

Bonsoir Tomtom, A 9 contre 1 les problèmes sont résolus. j'ai fait toutes les manips mais un peu dans le désordre, pour cause d'aspirateur un peu bruyant dans un environnement mal insonorisé mais très clean (pas de bruit à 7h30 le matin), j'ai commencé par l'étape 2. J'ai tout fait, on passe les détails, le PC plante au moment du test de la RAM (pour moi c'est un truc super étrange et un nouveau problème). Tout le reste est sans histoire, drivers OK (réinstallation il y a 2 semaines), test Windows 7 note 5,6 / 7 pas choquant, ménage sur les process inutiles OK (2 Go RAM libre presque tout le temps), defrag C: et D: (meilleur après defrag mais pas de quoi s'affoler). A 18h30 je reviens sur le forum pour expliquer ce qui a été fait et je me rend compte que je n'ai pas fait le nettoyage comme indiqué. Je n'y crois pas un instant car le micro est ventre à l'air depuis 2 mois et il a eut droit à l'aspirateur environ 3 fois. Je prend l'aspirateur et je me souviens que sur le tuto il parle de pinceau pour bien nettoyer. Bon, ce n'est pas la peine de demander de l'aide sur un forum pour oublier les conseils donc je trouve une brosse a poil doux pour insister en plus de l'aspirateur. Il y a plus de poussière sur la carte vidéo que je n'en attendais. Je lance le test de mémoire qui a déjà planté 2 fois, oh ça marche ! Je lance l'utilitaire pour contrôler les températures de la carte vidéo et surprise en utilisant le bureau cette température était hier environ supérieur de 20°. La scie à métaux pour permettre au ventilateur de travailler c'était une bonne idée mais maintenant qu'il est ventre à l'air il prend la poussière a vitesse grand V. :outch: :chpas: :outch: Il est très probable que mes problèmes soient terminés. Ce soir je vais essayer de faire planter ma carte vidéo mais il est probable que le sujet est a cloturer. Merci pour tout et a demain.

Exécuté en tant qu'admin ou pas, il n'y a plus rien sur le PC : recherche : search suppression : supress No comment

Un peu étonné je n'ai qu'un seul rapport : le rapport sur mon bureau je n'arriverai jamais a faire une manip sans bourde. Cordialement

Bonjour Tomtom, Le PC à toujours le même problème mais il est malheureusement insoluble. J'ai relancé un jeu pour voir, mon PC a planté à nouveau. L'outil de mesure de température m'indiquait après le redémarrage une température proche du maxi (85°) et la température baissait de 1° toute les 5 secondes, jusqu’à 75°, pour se stabiliser au bout de 5 minutes à 70°. Le ventilateur tournait au maximum de ses capacités. Comme ma carte vidéo a subit plusieurs surchauffes pour cause de mauvaise conception du matériel (le ventilateur de la carte est parallèle à la boite, avec un centimètre d'écart entre la carte vidéo et l'habillage du PC). J'ai résolu le problème avec une scie à métaux. Peut être la dizaine de surchauffe a fatigué ma carte vidéo, ou alors celle ci a un défaut de fabrication. Les solutions sont : 1/ installer le PC dans le congélateur ou lui offrir une salle informatique (le délire quoi) 2/ supprimer les jeux ou jouer en hivers (terrasse de café l'été) 3/ changer de carte Pour ce qui est de la sécurité il est clair que l'essentiel des infections étaient dues à des installations de logiciels de ma part. Il est vrai que l'utilisateur a une responsabilité faces aux spywares qu'il a l'idée géniale d'installer volontairement. Les outils que j'utilise aujourd'hui sont à peu prés stable, donc pas besoin de télécharger de nouveaux softs. Une sauvegarde de ma config désinfectée sera la meilleur protection. Néanmoins je suis maintenant plus sensible qu'hier aux multiples risques d'infections. et je vais donc faire quelques modifs : Surf en user et non pas en admin Changement du mot de passe de mon routeur (j'ai laissé admin et password). Plus de modifs de la base de registre avec Ccleaner. On apprend des trucs sur le forum zebulon. Pour les outils de sécurités Avast va probablement remplacer Antivir Malwarebyte remplace spybot Comodo reste, il est paramétré au niveau de sécurité le plus faible car j'ai peur de ne pas avoir le niveau pour répondre aux multiples questions qu'il est susceptible de me poser. De toute façon ce logiciel est chatouilleux : chaque fois qu'un logiciel s'approche de la base de registre c'est une alerte de sécurité. Je conserve Hijackthis pour lire les logs, il est toujours possible de faire une recherche sur internet pour comprendre ce qui se passe et je sais que je ne dois pas Fixer quoique ce soit, et qu'hijackthis n'est pas compatible 64 bits, que les lignes 023 type "file missing" sont des c... Il faut que je regarde plus précisément mais j'ai bien envie d'ajouter un logiciel qui surveillerai Mozilla, il est possible que spywareblaster corresponde à quelque chose qui m'intéresse, de préférence s'il y a des options de restauration spécifique au navigateur. C'est vrai que les toolbars non désirées sont pénibles. Les deux derniers éléments ou je suis plus dubitatif concerne l'usage de Comodo en serveur DNS et les outils anti keylogger. Juste un point pour t'agacer un peu. Depuis que j'ai désinstallé Vuze, j'ai écouté au moins 10 fois un morceau de Fad Gadget "Spoil the child" sortie en face B d'un maxi (vynil bien sur) en 1984 et jamais réédité. N'ayant plus de platine disque, il n'existe aucun moyen autre que torrent pour réécouter cette superbe valse. il est probable que je réinstalle un client torrent un jour ou l'autre. En terme de sécurité les fichiers exotique sont plus destiné à des amateurs de pop/rock introuvable qu'a des diffuseurs de malware. Avec beaucoup de remerciement, a bientôt

Bonjour, Toutes les manips se sont bien passées sauf que j'ai loupé le chiffre noté en rouge avec TFC. Le rapport ZHD Fix Le rapport MalewareByte's Serait il possible d'avoir un commentaire sur les points importants sur ce qui a été modifié/fixé... Je dois avouer que même en partant du rapport ZHD Fix et en faisant des recherches sur le oueb, je ne parviens pas à visualiser ce qui se passe. Je suis un utilisateur curieux mais j'ai la comprennette lente. A bientôt

j’espère que le week-end a été agréable, Voici le rapport USB Fix option recherche Mon lien Voici le rapport USB Fix option suppression antivir, comodo et spy bot en fonctionnement Mon lien Voici le rapport USB Fix option suppression protections désactivées Mon lien Enfin le rapport ZHP Diag Mon lien Une fois que la désinfection sera terminée, je supprimerai Spybot pour le remplacer par Malwarebyte + Spywareblaster. Je pense conserver USB Fix. Je contrôle la validité des liens.

Bonjour, ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 07:44:41 le 28/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Ambroise@DRAGON (Acer Aspire X1301) ============== ACTION(S) ============== Dossier supprimé: C:\Users\Ambroise\AppData\Local\Conduit Dossier supprimé: C:\Users\Ambroise\AppData\LocalLow\Conduit (!) -- Fichiers temporaires supprimés. -- Fichier ouvert: C:\Users\Ambroise\AppData\Roaming\Mozilla\FireFox\Profiles\at88vq2i.default\Prefs.js -- Ligne supprimée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2504091", ... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2504091&octid=... Ligne supprimée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne supprimée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Ambroise\\AppData\\Roaming\\Mozilla... Ligne supprimée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Ligne supprimée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.ToolbarsList4", "CT2504091"); Ligne supprimée: user_pref("CommunityToolbar.globalUserId", "0713ce6d-25ad-472b-921a-28173e233f25"); Ligne supprimée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne supprimée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Aug 23 2011 15:51:1... Ligne supprimée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 27 2011 20:57:02 GMT+0200"); Ligne supprimée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Ligne supprimée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne supprimée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne supprimée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne supprimée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne supprimée: user_pref("CommunityToolbar.notifications.userId", "7b6fa07f-4253-4e52-8931-38759e86dbeb"); -- Fichier Fermé -- Clé supprimée: HKLM\Software\Classes\Conduit.Engine Clé supprimée: HKCU\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0 (fr)] **** Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\Ambroise\AppData\Roaming\Mozilla\FireFox\Profiles\at88vq2i.default -- Extensions\[email protected] (Ghostery) Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} (Flagfox) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} (Cookies Manager+) Prefs.js - browser.download.lastDir, D: Prefs.js - browser.startup.homepage, hxxp://webmail.numericable.fr/ncn/auth/index.php Prefs.js - browser.startup.homepage_override.buildID, 20110811165603 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896 HKCU_Main|Start Page - hxxp://fr.msn.com/ HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM_Main|Start Page - hxxp://fr.msn.com/ HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{97ACFE56-2917-4410-AE14-6C8655B83BDE} - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B0BE4960-6B24-4C43-938A-5DADF92F4E51} - C:\Users\Ambroise\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (x) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) BHO\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - "Partner BHO Class" (C:\ProgramData\Partner\Partner.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 1 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 15 Fichier(s) C:\Ad-Report-CLEAN[1].txt - 28/08/2011 07:44:47 (7602 Octet(s)) C:\Ad-Report-SCAN[1].txt - 27/08/2011 21:14:03 (7604 Octet(s)) Fin à: 07:45:53, 28/08/2011 ============== E.O.F ==============

Me revoilà, Sauf erreur de ma part j'ai suivi les instructions : Désinstallation des outils PEP via revo unstaller.(azureus et conduit engine). Teatimer Décoché dans Spybot Fléche bleu pour supprimer la vaccination du PC Désactivation de toutes les icônes, en bas à droite de Windows seven, possible avant le lancement d'AD remover. Spybot n'est même plus dans les process actifs en bas à droite de seven. Les application sont toutes fermées et j'ai déconnecté internet physiquement avant de lancer AD-Remover. Le rapport AD-Remorver est le suivant : ======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 ======= Mis à jour par TeamXscript le 12/04/11 Contact: AdRemover[DOT]contact[AT]gmail[DOT]com Site web: http://www.teamxscript.org C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 21:13:57 le 27/08/2011, Mode normal Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64) Ambroise@DRAGON (Acer Aspire X1301) ============== RECHERCHE ============== Dossier trouvé: C:\Users\Ambroise\AppData\Local\Conduit Dossier trouvé: C:\Users\Ambroise\AppData\LocalLow\Conduit Dossier trouvé: C:\Program Files (x86)\Conduit -- Fichier ouvert: C:\Users\Ambroise\AppData\Roaming\Mozilla\FireFox\Profiles\at88vq2i.default\Prefs.js -- Ligne trouvée: user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2504091", ... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=ct2504091", ... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2504091",... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2504091&octid=... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=ct2504091&octid=... Ligne trouvée: user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"... Ligne trouvée: user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Ambroise\\AppData\\Roaming\\Mozilla... Ligne trouvée: user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10"); Ligne trouvée: user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", ""); Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList2", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.ToolbarsList4", "CT2504091"); Ligne trouvée: user_pref("CommunityToolbar.globalUserId", "0713ce6d-25ad-472b-921a-28173e233f25"); Ligne trouvée: user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Ligne trouvée: user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue Aug 23 2011 15:51:1... Ligne trouvée: user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.locale", "en"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 27 2011 20:57:02 GMT+0200"); Ligne trouvée: user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Ligne trouvée: user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Ligne trouvée: user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Ligne trouvée: user_pref("CommunityToolbar.notifications.showTrayIcon", false); Ligne trouvée: user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Ligne trouvée: user_pref("CommunityToolbar.notifications.userId", "7b6fa07f-4253-4e52-8931-38759e86dbeb"); -- Fichier Fermé -- Clé trouvée: HKLM\Software\Classes\Conduit.Engine Clé trouvée: HKCU\Software\Conduit ============== SCAN ADDITIONNEL ============== **** Mozilla Firefox Version [6.0 (fr)] **** Plugins\npwachk.dll (Nullsoft, Inc.) HKLM_MozillaPlugins\@nvidia.com/3DVision (x) HKLM_MozillaPlugins\@nvidia.com/3DVisionStreaming (x) HKLM_MozillaPlugins\Adobe Reader (x) Searchplugins\bing.xml ( hxxp://www.bing.com/search) Components\browsercomps.dll (Mozilla Foundation) -- C:\Users\Ambroise\AppData\Roaming\Mozilla\FireFox\Profiles\at88vq2i.default -- Extensions\[email protected] (Ghostery) Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b} (Flagfox) Extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} (Vuze Remote Community Toolbar) Extensions\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d} (Cookies Manager+) Prefs.js - browser.download.lastDir, D: Prefs.js - browser.startup.homepage, hxxp://webmail.numericable.fr/ncn/auth/index.php Prefs.js - browser.startup.homepage_override.buildID, 20110811165603 Prefs.js - browser.startup.homepage_override.mstone, rv:6.0 ======================================== **** Internet Explorer Version [9.0.8112.16421] **** HKCU_Main|Default_Page_URL - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Default_Page_URL - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896 HKLM_Main|Start Page - hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 HKCU_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_URLSearchHooks|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_Toolbar|{32099AAC-C132-4136-9E9A-4E364A424E17} (C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll) HKLM_Toolbar|{ba14329e-9550-4989-b3f2-9732e92d17cc} (x) HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x) HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x) HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x) HKLM_ElevationPolicy\{97ACFE56-2917-4410-AE14-6C8655B83BDE} - C:\Program Files (x86)\Vuze_Remote\Vuze_RemoteToolbarHelper.exe (?) HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?) HKLM_ElevationPolicy\{B0BE4960-6B24-4C43-938A-5DADF92F4E51} - C:\Users\Ambroise\AppData\Local\Conduit\CT2504091\Vuze_RemoteAutoUpdateHelper.exe (?) HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x) HKLM_Extensions\{DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - "?" (?) BHO\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - "Partner BHO Class" (C:\ProgramData\Partner\Partner.dll) ======================================== C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s) C:\Program Files (x86)\Ad-Remover\Backup: 0 Fichier(s) C:\Ad-Report-SCAN[1].txt - 27/08/2011 21:14:03 (7466 Octet(s)) Fin à: 21:14:47, 27/08/2011 ============== E.O.F =============

[Dylav] Le sujet d'origine Plantage Windows avec divers jeux [/Dylav] Merci de votre aide Voici le rapport ZHP Diag Rapport de ZHPDiag v1.28.1343 par Nicolas Coolman, Update du 24/08/2011 Run by Ambroise at 27/08/2011 14:24:24 Web site : ZHPDiag Outil de diagnostic ---\\ Web Browser MSIE: Internet Explorer v9.0.8112.16421 MFIE: Mozilla Firefox 6.0 v6.0 (Defaut) ---\\ Windows Product Information Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601) Windows Server License Manager Script : OK ~ Windows® 7, OEM_SLP channel System Locked Preinstallation (OEM_SLP) : OK Windows ID Activation : OK ~ Windows Partial Key : 7QJB7 Windows License : OK ~ Windows Remaining Initializations Number : 3 Software Protection Service (Protection logicielle) : OK Windows Automatic Updates : OK Windows Activation Technologies : OK ---\\ System Information ~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 4094 MB (67% free) System Restore: Activé (Enable) System drive C: has 342 GB (74%) free of 459 GB ---\\ Logged in mode ~ Computer Name: DRAGON ~ User Name: Ambroise ~ All Users Names: UpdatusUser, HomeGroupUser$, Ambroise, Administrateur, ~ Unselected Option: O45,O61,O62,O65,O66,O82 Logged in as Administrator ---\\ Environnement Variables ~ System Unit : C:\ ~ %AppData% : C:\Users\Ambroise\AppData\Roaming\ ~ %Desktop% : C:\Users\Ambroise\Desktop\ ~ %Favorites% : C:\Users\Ambroise\Favorites\ ~ %LocalAppData% : C:\Users\Ambroise\AppData\Local\ ~ %StartMenu% : C:\Users\Ambroise\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir% : C:\Windows\ ~ %System% : C:\Windows\system32\ ---\\ DOS/Devices C:\ Hard drive, Flash drive, Thumb drive (Free 342 Go of 459 Go) D:\ Hard drive, Flash drive, Thumb drive (Free 226 Go of 459 Go) E:\ CD-ROM drive (Free 0 Go of 0 Go) F:\ Floppy drive, Flash card reader, USB Key (Not Inserted) G:\ Floppy drive, Flash card reader, USB Key (Not Inserted) H:\ CD-ROM drive (Free 0 Go of 3 Go) I:\ CD-ROM drive (Not Inserted) ---\\ Security Center & Tools Informations [HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK ~ Scan Security Center in 00mn 00s ---\\ Recherche particulière de fichiers génériques [MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.01/07/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808] [MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568] [MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024] [MD5.0732B49B250E306F7A6591029AF9885B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.11/08/2011 - 06:36:16.) -- C:\Windows\system32\wininet.dll [1389056] [MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.01/07/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656] [MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128] [MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.13/07/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776] [MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.01/07/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448] [MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.01/07/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480] ~ Scan Generic Processes in 00mn 00s ---\\ Etat des fichiers cachés (Caché/Total) ~ Mes Favoris (My Favorites) : 3/30 ~ Mes Documents (My Documents) : 56/1862 ~ Mon Bureau (My Desktop) : 1/13 ~ Menu demarrer (Programs) : 7/27 ~ Scan Hidden Files in 00mn 01s ---\\ Processus lancés [MD5.390679F7A217A5E73D756276C40AE887] - (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480] [PID.2552] [MD5.CEA0461AAE4B8B6216F164501B1B5A10] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912] [PID.2564] [MD5.D9CB30BF12B3670650C85637EA1AB6EA] - (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888] [PID.2680] [MD5.EF533F9D1E4F51C783D4349A7C3F518F] - (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464] [PID.2768] [MD5.9D5E8B45BD348DF0882C69EED0E83111] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [281768] [PID.2820] [MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.2920] [MD5.1BEF98B2BD922836CCDD0F85620BC755] - (.Nullsoft, Inc. - Winamp Agent.) -- C:\Program Files (x86)\Winamp\winampa.exe [74752] [PID.2936] [MD5.8AF1980AD5BD21364A960299015DBEDD] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.4296] [MD5.1BF14948A57A0AF81C07F797EC0978D6] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [PID.3556] [MD5.F26208B3C13B48670E055BAD116D6438] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [669696] [PID.944] [MD5.9BF7E58D9113CE15CF4F1E1B18CEFF83] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [379496] [PID.] [MD5.A5BCBAF0477C4869B67E0195AEA4A9CD] - (.Avira GmbH - Antivirus Scheduler.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [136360] [PID.] [MD5.1CF3866E09FFE13CF280D4DDFA9F7DCF] - (.Avira GmbH - Antivirus On-Access Service.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [269480] [PID.] [MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [1150496] [PID.] [MD5.BD691091AC7D9713D8F0B07C6B099E6C] - (.NewTech Infosystems, Inc. - Backup Manager Module.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [62208] [PID.] [MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Acer\Acer Updater\UpdaterService.exe [240160] [PID.] [MD5.4E5C5D88EB0A8D21824D5A3EB7327E69] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2255464] [PID.] ~ Scan Processes Running in 00mn 35s ---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3) C:\Users\Ambroise\AppData\Roaming\Mozilla\Firefox\Profiles\at88vq2i.default\prefs.js C:\Users\Ambroise\AppData\Roaming\Mozilla\Firefox\Profiles\at88vq2i.default\user.js (.not file.) M3 - MFPP: Plugins - [Ambroise] -- C:\Users\Ambroise\AppData\Roaming\Mozilla\Firefox\Profiles\at88vq2i.default\searchplugins\daemon-search.xml M0 - MFSP: prefs.js [Ambroise - at88vq2i.default] Webmail Numericable : une messagerie à consulter sur internet ou le mobile - Espace Client M2 - MFEP: prefs.js [Ambroise - at88vq2i.default\[email protected]] [] Ghostery v2.5.3 (.Evidon, Inc..) M2 - MFEP: prefs.js [Ambroise - at88vq2i.default\{1018e4d6-728f-4b20-ad56-37578a4de76b}] [] Flagfox v4.1.5 (.Dave Garrett.) M2 - MFEP: prefs.js [Ambroise - at88vq2i.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.5 (.Michel Gutierrez.) M2 - MFEP: prefs.js [Ambroise - at88vq2i.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.6.0.10 (.Conduit Ltd..) M2 - MFEP: prefs.js [Ambroise - at88vq2i.default\{bb6bc1bb-f824-4702-90cd-35e2fb24f25d}] [] Cookies Manager+ v1.5.1 (.V@no.) P2 - FPN:Firefox Plugin Navigator . (.Nullsoft, Inc. - Winamp Application Detector.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npwachk.dll ~ Scan Firefox Browser in 00mn 00s ---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com R0 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003-4026131511-971476373-2256069414-1000\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003-4026131511-971476373-2256069414-1000\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -- C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1 ~ Scan IE Browser in 00mn 00s ---\\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Scan Proxy management in 00mn 00s ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2) F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe ~ Scan Keys in 00mn 00s ---\\ Redirection du fichier Hosts (O1) ~ Scan Hosts File in 00mn 00s ---\\ Browser Helper Objects de navigateur (O2) O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner64.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg64.dll O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer Networking Limited - SBSD IE Protection.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Partner BHO Class [64Bits] - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} . (.Google Inc. - Partner application.) -- C:\ProgramData\Partner\Partner.dll O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Vuze Remote [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll ~ Scan BHO in 00mn 00s ---\\ Internet Explorer Toolbars (O3) O3 - Toolbar: DAEMON Tools Toolbar [64Bits] - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - Toolbar Module.) -- C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll ~ Scan Toolbar in 00mn 00s ---\\ Applications démarrées par registre & par dossier (O4) O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe O4 - HKLM\..\Run: [COMODO Internet Security] . (.COMODO - COMODO Internet Security.) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKLM\..\Wow6432Node\Run: [backupManagerTray] . (.NewTech Infosystems, Inc. - Acer Backup Manager.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe O4 - HKLM\..\Wow6432Node\Run: [EgisTecLiveUpdate] . (.Egis Technology Inc. - EgisUpdate Release Application.) -- C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe O4 - HKLM\..\Wow6432Node\Run: [WinampAgent] . (.Nullsoft, Inc. - Winamp Agent.) -- C:\Program Files (x86)\Winamp\winampa.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe O4 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003-4026131511-971476373-2256069414-1000\..\Run: [spybotSD TeaTimer] . (.Safer-Networking Ltd. - System settings protector.) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003-4026131511-971476373-2256069414-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe ~ Scan Application in 00mn 00s ---\\ Autres liens utilisateurs (O4) O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\7-Zip File Manager.lnk . (...) -- C:\Program Files (x86)\7-Zip\7zFM.exe (.not file.) O4 - Global Startup: C:\Users\Ambroise\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\JDownloader.lnk . (.AppWork UG (haftungsbeschränkt).) -- C:\Program Files (x86)\JDownloader\JDownloaderD3D.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\King's Bounty.lnk . (...) -- C:\Program Files (x86)\Nobilis\King's Bounty\kb.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\Revo Uninstaller.lnk . (.VS Revo Group.) -- C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\Sid Meiers Civilization V.lnk . (.Firaxis Games.) -- C:\Program Files (x86)\Sid Meier's Civilization V\Launcher.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\SIW.lnk . (.Topala Software Solutions.) -- C:\Program Files (x86)\SIW\siw.exe O4 - Global Startup: C:\Users\Ambroise\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files (x86)\Vuze\Azureus.exe O4 - Global Startup: C:\Users\Ambroise\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Winamp.lnk . (.Nullsoft, Inc..) -- C:\Program Files (x86)\Winamp\winamp.exe ~ Scan Global Startup in 00mn 00s ---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8) O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~1\Office12\EXCEL.exe O8 - Extra context menu item: Google Sidewiki... . (.Google Inc. - Google Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll ~ Scan IE Menu Contextuel in 00mn 00s ---\\ Winsock hijacker (Layered Service Provider) (O10) O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL ~ Scan Winsock in 00mn 00s ---\\ Modification Domaine/Adresses DNS (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CCS\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS1\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CS1\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: DhcpNameServer = 89.2.0.1 89.2.0.2 O17 - HKLM\System\CS2\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CS2\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: DhcpNameServer = 89.2.0.1 89.2.0.2 ~ Scan Domain in 00mn 00s ---\\ Protocole additionnel (O18) O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL ~ Scan Protocole Additionnel in 00mn 00s ---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20) O20 - AppInit_DLLs: . (...) - C:\Windows\system32\guard64.dll (.not file.) ~ Scan AppInit DLL in 00mn 00s ---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found. ~ Scan SSODL in 00mn 00s ---\\ Liste des services NT non Microsoft et non désactivés (O23) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: COMODO Internet Security Helper Service (cmdagent) . (.COMODO - COMODO Internet Security.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: ForceWare Intelligent Application Manager (IAM) (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NTI IScheduleSvc (NTI IScheduleSvc) . (.NewTech Infosystems, Inc. - Backup Manager Module.) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe ~ Scan Services in 00mn 00s ---\\ Enumération Active Desktop & MHTML Editor (O24) O24 - Default MHTML Editor: Last - .(...) - (.not file.) ~ Scan Desktop Component in 00mn 00s ---\\ Tâches planifiées en automatique (O39) O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [MD5.7F59E4F51DA9C9C6B29B881D8DD92400] [APT] [burn Notification] (.Acer.) -- C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe ~ Scan Scheduled Task in 00mn 05s ---\\ Pilotes lancés au démarrage (O41) O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys O41 - Driver: (cmdGuard) . (.COMODO - COMODO Internet Security Sandbox Driver.) - C:\Windows\system32\DRIVERS\cmdguard.sys O41 - Driver: (cmdHlp) . (.COMODO - COMODO Internet Security Helper Driver.) - C:\Windows\system32\DRIVERS\cmdhlp.sys O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys O41 - Driver: (inspect) . (.COMODO - COMODO Internet Security Firewall Driver.) - C:\Windows\system32\DRIVERS\inspect.sys O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys O41 - Driver: (mwlPSDFilter) . (.Egis Technology Inc. - PSD Filter Driver.) - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys O41 - Driver: (mwlPSDNServ) . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys O41 - Driver: (mwlPSDVDisk) . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys ~ Scan Drivers in 00mn 00s ---\\ Logiciels installés (O42) O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2FC4457D-409E-466F-861F-FB0CB796B53E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{DE5A002D-8122-4278-A7EE-3121E7EA254E} O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B} O42 - Logiciel: Acer Backup Manager - (.NewTech Infosystems.) [HKLM] -- InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121} O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- Acer Screensaver O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA} O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9} O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop O42 - Logiciel: Backup Manager Advance - (.NewTech Infosystems.) [HKLM] -- {30075A70-B5D2-440B-AFA3-FB2021740121} O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar O42 - Logiciel: Détection de l'application Winamp - (.Nullsoft, Inc.) [HKCU] -- Winamp Detect O42 - Logiciel: Fallout 3 - (.Bethesda Softworks.) [HKLM] -- {974C4B12-4D02-4879-85E0-61C95CC63E9E} O42 - Logiciel: Fallout New Vegas version 1.2 - (.Ozer1.) [HKLM] -- {D89C9418-F38F-4F31-8FC4-D658ADB3D963}_is1 O42 - Logiciel: Fallout New Vegas version 1.3.0.452 - (.Ozer1.) [HKLM] -- {6BB06A04-06C2-4C11-B099-F1702DEE72C0}_is1 O42 - Logiciel: Fallout New Vegas version 1.3.0.452 - (.Ozer1.) [HKLM] -- {A1FDB071-F067-496E-BA95-176988796014}_is1 O42 - Logiciel: Fallout New Vegas version 1.3.0.452 - (.Ozer1.) [HKLM] -- {F8D1477A-FA7F-4C9D-8C0F-F1401C865566}_is1 O42 - Logiciel: Fallout New Vegas version 1.4.0.525 - (.Ozer1.) [HKLM] -- {1A0C2FC4-BC94-4B99-99DD-B0B17AC56E01}_is1 O42 - Logiciel: Fallout New Vegas version 1.4.0.525 - (.Ozer1.) [HKLM] -- {729FD43C-9D19-4391-B153-8473B3A9B48F}_is1 O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F} O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM] -- Identity Card O42 - Logiciel: JDownloader 0.9 - (.AppWork GmbH.) [HKLM] -- 1489-3350-5074-6281 O42 - Logiciel: King’s Bounty: The Legend (Retirer seulement) - (.Nobilis.) [HKLM] -- {E43ED0A0-C85E-40F0-807C-6A8A9D2FAEF3}_is1 O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C} O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165} O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB} O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83} O42 - Logiciel: Mises à jour NVIDIA 1.4.28 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack O42 - Logiciel: Mozilla Firefox 6.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 6.0 (x86 fr) O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIA StereoUSB Driver O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.Pas de propriétaire.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD} O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX O42 - Logiciel: NVIDIA Pilote 3D Vision 280.26 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision O42 - Logiciel: NVIDIA Pilote audio HD : 1.2.23.3 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 280.19 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB O42 - Logiciel: NVIDIA Pilote graphique 280.26 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM] -- {dcecd67a-83b9-491f-93bd-059cab7dff56} O42 - Logiciel: PNOFNV 2.9 - (.PNOteurs Wiwiland.) [HKLM] -- WiwilandPNOFNV_is1 O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller O42 - Logiciel: SIW version 2011.07.07 - (.Topala Software Solutions.) [HKLM] -- {AB67580-257C-45FF-B8F4-C8C30682091A}_is1 O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08} O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A} O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870 O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636 O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D} O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0} O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB} O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1} O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062} O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D} O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48} O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF} O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC} O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663 O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870 O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A} O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D} O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871 O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523 O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features (KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42} O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4} O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) - (.Microsoft.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9} O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF} O42 - Logiciel: Update for Microsoft Office OneNote 2007 Help (KB963670) - (.Microsoft.) [HKLM] -- {90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245} O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help (KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876} O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C} O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) - (.Microsoft.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726} O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226 O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -- Vuze_Remote Toolbar O42 - Logiciel: Winamp - (.Nullsoft, Inc.) [HKLM] -- Winamp O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -- InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA} ---\\ HKCU & HKLM Software Keys [HKCU\Software\7-Zip] [HKCU\Software\Acer] [HKCU\Software\Adobe] [HKCU\Software\AppDataLow\Software\Conduit] [HKCU\Software\AppDataLow\Software\Google] [HKCU\Software\AppDataLow\Software\Vuze_Remote] [HKCU\Software\AppDataLow\Software\conduitEngine] [HKCU\Software\AppDataLow\Software] [HKCU\Software\AppDataLow\Toolbar] [HKCU\Software\AppDataLow] [HKCU\Software\Avira] [HKCU\Software\Azureus] [HKCU\Software\CDDB] [HKCU\Software\Classes] [HKCU\Software\Clients] [HKCU\Software\ComodoGroup] [HKCU\Software\Conduit] [HKCU\Software\CrystalIdea Software] [HKCU\Software\DT Soft] [HKCU\Software\Google] [HKCU\Software\IM Providers] [HKCU\Software\JavaSoft] [HKCU\Software\Katauri Interactive] [HKCU\Software\Local AppWizard-Generated Applications] [HKCU\Software\Macromedia] [HKCU\Software\Mozilla] [HKCU\Software\NVIDIA Corporation] [HKCU\Software\Nero] [HKCU\Software\Netscape] [HKCU\Software\ODBC] [HKCU\Software\OEM] [HKCU\Software\Piriform] [HKCU\Software\Policies] [HKCU\Software\Realtek] [HKCU\Software\Safer Networking Limited] [HKCU\Software\SecuROM] [HKCU\Software\VSRevoGroup] [HKCU\Software\Valve] [HKCU\Software\Winamp] [HKCU\Software\Wow6432Node] [HKCU\Software\YahooPartnerToolbar] [HKCU\Software\ej-technologies] [HKLM\Software\7-Zip] [HKLM\Software\<company>] [HKLM\Software\AGEIA Technologies] [HKLM\Software\ATI Technologies] [HKLM\Software\Acer Incorporated] [HKLM\Software\Acer] [HKLM\Software\Adobe] [HKLM\Software\America Online] [HKLM\Software\Audible] [HKLM\Software\Avira] [HKLM\Software\Azureus] [HKLM\Software\Bethesda Softworks] [HKLM\Software\Bunndle] [HKLM\Software\CDDB] [HKLM\Software\Classes] [HKLM\Software\Clients] [HKLM\Software\ComodoGroup] [HKLM\Software\Conduit] [HKLM\Software\DT Soft] [HKLM\Software\Digital River] [HKLM\Software\EgisTec Egis Software Update] [HKLM\Software\EgisTec] [HKLM\Software\Google] [HKLM\Software\Intel] [HKLM\Software\JavaSoft] [HKLM\Software\JreMetrics] [HKLM\Software\Khronos] [HKLM\Software\Macromedia] [HKLM\Software\McAfeeInstaller] [HKLM\Software\MimarSinan] [HKLM\Software\MozillaPlugins] [HKLM\Software\Mozilla] [HKLM\Software\NVIDIA Corporation] [HKLM\Software\Nero] [HKLM\Software\NewTech Infosystems] [HKLM\Software\ODBC] [HKLM\Software\OEM] [HKLM\Software\OemSetup] [HKLM\Software\Piriform] [HKLM\Software\Policies] [HKLM\Software\Realtek Semiconductor Corp.] [HKLM\Software\Realtek] [HKLM\Software\RegisteredApplications] [HKLM\Software\SRS Labs] [HKLM\Software\Safer Networking Limited] [HKLM\Software\SiteAdvisor] [HKLM\Software\Sonic] [HKLM\Software\TrendMicro] [HKLM\Software\Uniblue] [HKLM\Software\VideoLAN] [HKLM\Software\Vuze_Remote] [HKLM\Software\Waves Audio] [HKLM\Software\Wow6432Node] [HKLM\Software\X-AVCSD] [HKLM\Software\ej-technologies] [HKLM\Software\mozilla.org] ~ Scan Softwares in 00mn 00s ---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43) O43 - CFD: 02/07/2011 - 14:09:18 - [4588532] ----D- C:\Program Files\7-Zip O43 - CFD: 14/08/2009 - 20:11:22 - [17135344] ----D- C:\Program Files\Acer O43 - CFD: 30/06/2011 - 19:06:58 - [244173] ----D- C:\Program Files\Acer Accessory Store O43 - CFD: 03/07/2011 - 09:20:14 - [0] ----D- C:\Program Files\AVAST Software O43 - CFD: 21/08/2011 - 20:30:06 - [8458144] ----D- C:\Program Files\CCleaner O43 - CFD: 30/06/2011 - 19:37:18 - [75463056] ----D- C:\Program Files\Common Files O43 - CFD: 30/06/2011 - 20:09:34 - [140588797] ----D- C:\Program Files\COMODO O43 - CFD: 03/07/2011 - 03:44:08 - [90256916] ----D- C:\Program Files\DVD Maker O43 - CFD: 30/06/2011 - 19:06:28 - [0] -SH-D- C:\Program Files\Fichiers communs O43 - CFD: 14/08/2009 - 20:12:44 - [638944] ----D- C:\Program Files\Google O43 - CFD: 11/08/2011 - 03:22:14 - [6202112] ----D- C:\Program Files\Internet Explorer O43 - CFD: 14/07/2009 - 09:45:56 - [148931122] ----D- C:\Program Files\Microsoft Games O43 - CFD: 14/08/2009 - 20:03:42 - [1141694] ----D- C:\Program Files\Microsoft Office O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild O43 - CFD: 23/08/2011 - 09:11:14 - [404434587] ----D- C:\Program Files\NVIDIA Corporation O43 - CFD: 14/08/2009 - 19:49:34 - [12164256] ----D- C:\Program Files\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information O43 - CFD: 03/07/2011 - 03:44:02 - [4039680] ----D- C:\Program Files\Windows Defender O43 - CFD: 03/07/2011 - 03:44:06 - [9224824] ----D- C:\Program Files\Windows Journal O43 - CFD: 03/07/2011 - 03:44:08 - [6667776] ----D- C:\Program Files\Windows Mail O43 - CFD: 03/07/2011 - 03:44:08 - [7687085] ----D- C:\Program Files\Windows Media Player O43 - CFD: 30/06/2011 - 19:06:28 - [12627636] ----D- C:\Program Files\Windows NT O43 - CFD: 03/07/2011 - 03:44:06 - [5516056] ----D- C:\Program Files\Windows Photo Viewer O43 - CFD: 03/07/2011 - 03:44:08 - [244736] ----D- C:\Program Files\Windows Portable Devices O43 - CFD: 03/07/2011 - 03:44:08 - [8355930] ----D- C:\Program Files\Windows Sidebar O43 - CFD: 10/07/2011 - 10:04:16 - [62657295] ----D- C:\Program Files\Common Files\Microsoft Shared O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines O43 - CFD: 01/07/2011 - 04:38:50 - [12194291] ----D- C:\Program Files\Common Files\System O43 - CFD: 14/08/2009 - 20:10:22 - [414388] ----D- C:\ProgramData\Acer O43 - CFD: 01/07/2011 - 16:19:08 - [767] ----D- C:\ProgramData\Adobe O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data O43 - CFD: 04/07/2011 - 08:24:08 - [0] ----D- C:\ProgramData\AVAST Software O43 - CFD: 30/06/2011 - 19:39:40 - [55303896] ----D- C:\ProgramData\Avira O43 - CFD: 04/07/2011 - 08:48:58 - [22886] ----D- C:\ProgramData\BackupManager O43 - CFD: 30/06/2011 - 19:06:28 - [0] -SH-D- C:\ProgramData\Bureau O43 - CFD: 27/07/2011 - 20:37:10 - [33986496] ----D- C:\ProgramData\Comodo O43 - CFD: 26/08/2011 - 16:16:22 - [2067] ----D- C:\ProgramData\DAEMON Tools Lite O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents O43 - CFD: 14/08/2009 - 20:27:32 - [0] ----D- C:\ProgramData\EgisTec O43 - CFD: 14/08/2009 - 20:25:30 - [420] ----D- C:\ProgramData\eSobi O43 - CFD: 30/06/2011 - 19:06:28 - [0] -SH-D- C:\ProgramData\Favoris O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites O43 - CFD: 14/08/2009 - 20:12:46 - [522259] ----D- C:\ProgramData\Google O43 - CFD: 30/06/2011 - 19:37:26 - [5114] ----D- C:\ProgramData\McAfee O43 - CFD: 30/06/2011 - 19:06:28 - [0] -SH-D- C:\ProgramData\Menu Démarrer O43 - CFD: 21/08/2011 - 19:42:18 - [181684413] -S--D- C:\ProgramData\Microsoft O43 - CFD: 02/07/2011 - 11:26:32 - [122008] ----D- C:\ProgramData\Microsoft Help O43 - CFD: 30/06/2011 - 19:06:28 - [0] -SH-D- C:\ProgramData\Modèles O43 - CFD: 14/08/2009 - 20:20:14 - [11378166] ----D- C:\ProgramData\Nero O43 - CFD: 27/08/2011 - 08:17:04 - [2757820] ----D- C:\ProgramData\NVIDIA O43 - CFD: 23/08/2011 - 09:10:06 - [622897] ----D- C:\ProgramData\NVIDIA Corporation O43 - CFD: 14/08/2009 - 20:27:32 - [141] ----D- C:\ProgramData\OEM O43 - CFD: 14/08/2009 - 20:12:48 - [1516372] ----D- C:\ProgramData\Partner O43 - CFD: 14/08/2009 - 20:17:46 - [36] ----D- C:\ProgramData\SiteAdvisor O43 - CFD: 26/08/2011 - 06:22:32 - [31936566] ----D- C:\ProgramData\Spybot - Search & Destroy O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu O43 - CFD: 02/07/2011 - 13:35:02 - [119] ----D- C:\ProgramData\Sun O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates O43 - CFD: 26/08/2011 - 06:24:44 - [0] ----D- C:\ProgramData\WinZip O43 - CFD: 01/07/2011 - 01:46:12 - [5931643] ----D- C:\Users\Ambroise\AppData\Roaming\Adobe O43 - CFD: 03/07/2011 - 03:33:58 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\Avira O43 - CFD: 26/08/2011 - 11:10:50 - [5037297] ----D- C:\Users\Ambroise\AppData\Roaming\Azureus O43 - CFD: 26/08/2011 - 10:21:00 - [5392] ----D- C:\Users\Ambroise\AppData\Roaming\DAEMON Tools Lite O43 - CFD: 15/07/2011 - 19:20:58 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\FreeOrion O43 - CFD: 07/08/2011 - 13:45:18 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\Google O43 - CFD: 30/06/2011 - 19:10:42 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\Identities O43 - CFD: 30/06/2011 - 19:24:58 - [3468] ----D- C:\Users\Ambroise\AppData\Roaming\Macromedia O43 - CFD: 14/07/2009 - 09:44:40 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\Media Center Programs O43 - CFD: 25/08/2011 - 17:54:40 - [1898445] -S--D- C:\Users\Ambroise\AppData\Roaming\Microsoft O43 - CFD: 30/06/2011 - 20:00:58 - [33520166] ----D- C:\Users\Ambroise\AppData\Roaming\Mozilla O43 - CFD: 09/08/2011 - 19:20:42 - [43302] ----D- C:\Users\Ambroise\AppData\Roaming\Nero O43 - CFD: 28/07/2011 - 17:01:04 - [151122] ----D- C:\Users\Ambroise\AppData\Roaming\Todae O43 - CFD: 04/08/2011 - 13:43:28 - [1336436] ----D- C:\Users\Ambroise\AppData\Roaming\vlc O43 - CFD: 25/08/2011 - 09:03:08 - [6329594] ----D- C:\Users\Ambroise\AppData\Roaming\Winamp O43 - CFD: 04/07/2011 - 11:13:48 - [0] ----D- C:\Users\Ambroise\AppData\Roaming\WinRAR O43 - CFD: 01/07/2011 - 01:46:32 - [23719424] ----D- C:\Users\Ambroise\AppData\Local\Adobe O43 - CFD: 30/06/2011 - 19:06:40 - [0] -SH-D- C:\Users\Ambroise\AppData\Local\Application Data O43 - CFD: 23/08/2011 - 14:00:30 - [38496] ----D- C:\Users\Ambroise\AppData\Local\Conduit O43 - CFD: 02/08/2011 - 13:57:18 - [1157454] ----D- C:\Users\Ambroise\AppData\Local\Diagnostics O43 - CFD: 30/06/2011 - 19:11:06 - [183] ----D- C:\Users\Ambroise\AppData\Local\EgisTec O43 - CFD: 01/08/2011 - 09:43:26 - [0] ----D- C:\Users\Ambroise\AppData\Local\ElevatedDiagnostics O43 - CFD: 10/07/2011 - 04:17:22 - [0] ----D- C:\Users\Ambroise\AppData\Local\Fallout3 O43 - CFD: 26/08/2011 - 14:39:02 - [703] ----D- C:\Users\Ambroise\AppData\Local\FalloutNV O43 - CFD: 25/08/2011 - 13:21:34 - [163289] ----D- C:\Users\Ambroise\AppData\Local\Google O43 - CFD: 30/06/2011 - 19:06:40 - [0] -SH-D- C:\Users\Ambroise\AppData\Local\Historique O43 - CFD: 21/08/2011 - 19:42:16 - [154762639] ----D- C:\Users\Ambroise\AppData\Local\Microsoft O43 - CFD: 30/06/2011 - 19:22:26 - [0] ----D- C:\Users\Ambroise\AppData\Local\Microsoft Help O43 - CFD: 30/06/2011 - 20:00:42 - [98656623] ----D- C:\Users\Ambroise\AppData\Local\Mozilla O43 - CFD: 26/08/2011 - 16:30:24 - [0] ----D- C:\Users\Ambroise\AppData\Local\My Games O43 - CFD: 03/07/2011 - 04:23:00 - [0] ----D- C:\Users\Ambroise\AppData\Local\PackageAware O43 - CFD: 27/08/2011 - 14:23:36 - [1287343] ----D- C:\Users\Ambroise\AppData\Local\Temp O43 - CFD: 30/06/2011 - 19:06:40 - [0] -SH-D- C:\Users\Ambroise\AppData\Local\Temporary Internet Files O43 - CFD: 26/07/2011 - 00:49:02 - [11560] ----D- C:\Users\Ambroise\AppData\Local\The_StealthNet_Team O43 - CFD: 03/07/2011 - 04:15:36 - [1452722] ----D- C:\Users\Ambroise\AppData\Local\VirtualStore O43 - CFD: 03/07/2011 - 07:19:54 - [37263914] ----D- C:\Program Files (x86)\Acer O43 - CFD: 14/08/2009 - 20:24:54 - [688528031] ----D- C:\Program Files (x86)\Adobe O43 - CFD: 30/06/2011 - 19:39:40 - [137856736] ----D- C:\Program Files (x86)\Avira O43 - CFD: 09/08/2011 - 19:29:02 - [5947931375] ----D- C:\Program Files (x86)\Bethesda Softworks O43 - CFD: 23/08/2011 - 09:08:22 - [545081734] ----D- C:\Program Files (x86)\Common Files O43 - CFD: 23/08/2011 - 14:00:40 - [634976] ----D- C:\Program Files (x86)\Conduit O43 - CFD: 23/08/2011 - 14:00:34 - [4468065] ----D- C:\Program Files (x86)\ConduitEngine O43 - CFD: 09/08/2011 - 08:29:16 - [25647423] ----D- C:\Program Files (x86)\DAEMON Tools Lite O43 - CFD: 09/08/2011 - 08:22:02 - [4003765] ----D- C:\Program Files (x86)\DAEMON Tools Toolbar O43 - CFD: 03/07/2011 - 07:16:34 - [0] ----D- C:\Program Files (x86)\EgisTec O43 - CFD: 14/08/2009 - 20:12:58 - [1683158] ----D- C:\Program Files (x86)\EgisTec Egis Software Update O43 - CFD: 14/08/2009 - 20:25:24 - [21920374] ----D- C:\Program Files (x86)\eSobi O43 - CFD: 26/08/2011 - 14:38:38 - [9039551871] ----D- C:\Program Files (x86)\Fallout New Vegas O43 - CFD: 20/08/2011 - 12:59:22 - [57307958] ----D- C:\Program Files (x86)\Google O43 - CFD: 23/08/2011 - 09:11:42 - [45573912] --H-D- C:\Program Files (x86)\InstallShield Installation Information O43 - CFD: 11/08/2011 - 03:22:14 - [5153441] ----D- C:\Program Files (x86)\Internet Explorer O43 - CFD: 02/07/2011 - 13:34:14 - [88550786] ----D- C:\Program Files (x86)\Java O43 - CFD: 21/08/2011 - 17:16:46 - [59035232] ----D- C:\Program Files (x86)\JDownloader O43 - CFD: 10/07/2011 - 10:04:28 - [9362570] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE O43 - CFD: 30/06/2011 - 19:22:36 - [579279220] ----D- C:\Program Files (x86)\Microsoft Office O43 - CFD: 14/08/2009 - 20:08:02 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant O43 - CFD: 01/07/2011 - 03:39:48 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight O43 - CFD: 30/06/2011 - 19:22:50 - [657681] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8 O43 - CFD: 01/07/2011 - 03:26:22 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works O43 - CFD: 03/07/2011 - 03:01:20 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET O43 - CFD: 19/08/2011 - 17:41:16 - [35681257] ----D- C:\Program Files (x86)\Mozilla Firefox O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild O43 - CFD: 01/07/2011 - 15:59:56 - [0] ----D- C:\Program Files (x86)\MSXML 4.0 O43 - CFD: 14/08/2009 - 20:21:06 - [382291613] ----D- C:\Program Files (x86)\Nero O43 - CFD: 14/08/2009 - 20:02:02 - [236029528] ----D- C:\Program Files (x86)\NewTech Infosystems O43 - CFD: 26/08/2011 - 10:48:10 - [5771751118] ----D- C:\Program Files (x86)\Nobilis O43 - CFD: 23/08/2011 - 09:11:56 - [109379626] ----D- C:\Program Files (x86)\NVIDIA Corporation O43 - CFD: 14/08/2009 - 19:49:26 - [3357289] ----D- C:\Program Files (x86)\Realtek O43 - CFD: 14/07/2009 - 07:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies O43 - CFD: 26/08/2011 - 16:29:54 - [4842073379] ----D- C:\Program Files (x86)\Sid Meier's Civilization V O43 - CFD: 25/08/2011 - 13:31:08 - [5957924] ----D- C:\Program Files (x86)\SIW O43 - CFD: 03/07/2011 - 06:51:52 - [62761088] ----D- C:\Program Files (x86)\Spybot - Search & Destroy O43 - CFD: 14/08/2009 - 19:49:38 - [0] --H-D- C:\Program Files (x86)\Temp O43 - CFD: 02/07/2011 - 19:19:00 - [420334] ----D- C:\Program Files (x86)\Trend Micro O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information O43 - CFD: 29/07/2011 - 09:50:00 - [84898038] ----D- C:\Program Files (x86)\VideoLAN O43 - CFD: 30/06/2011 - 20:07:08 - [6812742] ----D- C:\Program Files (x86)\VS Revo Group O43 - CFD: 23/08/2011 - 14:00:56 - [21653611] ----D- C:\Program Files (x86)\Vuze O43 - CFD: 23/08/2011 - 14:00:30 - [4549434] ----D- C:\Program Files (x86)\Vuze_Remote O43 - CFD: 28/07/2011 - 17:01:26 - [41022493] ----D- C:\Program Files (x86)\Winamp O43 - CFD: 28/07/2011 - 17:01:16 - [155364] ----D- C:\Program Files (x86)\Winamp Detect O43 - CFD: 01/07/2011 - 04:38:50 - [524800] ----D- C:\Program Files (x86)\Windows Defender O43 - CFD: 30/06/2011 - 19:17:06 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive O43 - CFD: 03/07/2011 - 03:44:14 - [6181376] ----D- C:\Program Files (x86)\Windows Mail O43 - CFD: 03/07/2011 - 03:44:14 - [5024017] ----D- C:\Program Files (x86)\Windows Media Player O43 - CFD: 14/07/2009 - 07:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT O43 - CFD: 03/07/2011 - 03:44:14 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer O43 - CFD: 03/07/2011 - 03:44:14 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices O43 - CFD: 03/07/2011 - 03:44:14 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar O43 - CFD: 27/08/2011 - 14:25:16 - [4013380] ----D- C:\Program Files (x86)\ZHPDiag O43 - CFD: 01/07/2011 - 15:58:36 - [16426975] ----D- C:\Program Files (x86)\Common Files\Adobe O43 - CFD: 14/08/2009 - 20:24:50 - [31787256] ----D- C:\Program Files (x86)\Common Files\Adobe AIR O43 - CFD: 14/08/2009 - 20:04:40 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER O43 - CFD: 14/08/2009 - 20:12:58 - [101672] ----D- C:\Program Files (x86)\Common Files\EgisTec O43 - CFD: 14/08/2009 - 19:49:22 - [3989920] ----D- C:\Program Files (x86)\Common Files\InstallShield O43 - CFD: 02/07/2011 - 13:35:02 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java O43 - CFD: 01/07/2011 - 16:00:28 - [270694185] ----D- C:\Program Files (x86)\Common Files\microsoft shared O43 - CFD: 14/08/2009 - 20:22:38 - [121337553] ----D- C:\Program Files (x86)\Common Files\Nero O43 - CFD: 14/08/2009 - 19:54:36 - [354896] ----D- C:\Program Files (x86)\Common Files\Oberon Media O43 - CFD: 28/07/2011 - 17:01:00 - [4780336] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines O43 - CFD: 02/07/2011 - 11:25:32 - [44924023] ----D- C:\Program Files (x86)\Common Files\System O43 - CFD: 30/06/2011 - 19:16:02 - [8226506] ----D- C:\Program Files (x86)\Common Files\Windows Live ~ Scan Program Folder in 00mn 08s ---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44) O44 - LFC:[MD5.2F177D00BAD52F98A08048DBBD625E7E] - 27/08/2011 - 13:01:34 ---A- . (...) -- C:\Windows\WindowsUpdate.log [2019589] O44 - LFC:[MD5.41821E8A098EEBD048888B760B732512] - 27/08/2011 - 07:21:26 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [106190] O44 - LFC:[MD5.21767E020C38DACF40F0754E72C6A085] - 27/08/2011 - 07:21:26 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [130548] O44 - LFC:[MD5.86BA7075C004B98145705F3054C11C43] - 27/08/2011 - 07:21:26 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [615810] O44 - LFC:[MD5.CBD06ACA8D392816E0502BFA338370FA] - 27/08/2011 - 07:21:26 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [704242] O44 - LFC:[MD5.41821E8A098EEBD048888B760B732512] - 27/08/2011 - 07:21:26 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [106190] O44 - LFC:[MD5.21767E020C38DACF40F0754E72C6A085] - 27/08/2011 - 07:21:26 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [130548] O44 - LFC:[MD5.86BA7075C004B98145705F3054C11C43] - 27/08/2011 - 07:21:26 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [615810] O44 - LFC:[MD5.CBD06ACA8D392816E0502BFA338370FA] - 27/08/2011 - 07:21:26 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [704242] O44 - LFC:[MD5.B34FBC43067BE729D6893EBE72447DA1] - 27/08/2011 - 07:21:25 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.B34FBC43067BE729D6893EBE72447DA1] - 27/08/2011 - 07:21:25 RSHAD . (...) -- C:\Windows\system32\PerfStringBackup.INI [1549700] O44 - LFC:[MD5.3FA7D1E70F8A0BF95C2629A77FE07A8F] - 27/08/2011 - 07:17:03 ---A- . (...) -- C:\Windows\setupact.log [1364] O44 - LFC:[MD5.40B23CE134EE130E19768333EF857651] - 27/08/2011 - 07:17:01 -S-A- . (...) -- C:\Windows\bootstat.dat [67584] O44 - LFC:[MD5.746EC22A0DBDE7F6A7C5CE942B0EFD54] - 26/08/2011 - 15:52:38 ---A- . (...) -- C:\Windows\MEMORY.DMP [354493127] O44 - LFC:[MD5.CD5085A61C0B21803B5D9FFD8B699901] - 26/08/2011 - 15:22:43 ---A- . (...) -- C:\Windows\DirectX.log [516915] O44 - LFC:[MD5.D055536EED50D1744078A9ADBDB681B3] - 25/08/2011 - 13:06:19 ---A- . (...) -- C:\Windows\PFRO.log [1526] O44 - LFC:[MD5.B4D96D6EA77DFD5B045ED64B006E0BC9] - 23/08/2011 - 08:08:02 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\SysNative\nvhdagenco642040.dll [1426536] O44 - LFC:[MD5.162D9085A523016919403CE49538BE7C] - 23/08/2011 - 08:08:02 ---A- . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\SysNative\nvhdap64.dll [29288] O44 - LFC:[MD5.B4D96D6EA77DFD5B045ED64B006E0BC9] - 23/08/2011 - 08:08:02 RSHAD . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\system32\nvhdagenco642040.dll [1426536] O44 - LFC:[MD5.960E39A54E525DF58CB29193147DFFA1] - 23/08/2011 - 08:08:02 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [174184] O44 - LFC:[MD5.162D9085A523016919403CE49538BE7C] - 23/08/2011 - 08:08:02 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\nvhdap64.dll [29288] O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 22/08/2011 - 07:52:54 ---A- . (...) -- C:\Windows\setuperr.log [0] O44 - LFC:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 09/08/2011 - 07:29:14 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912] O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 ---A- . (...) -- C:\Windows\SysNative\nvinfo.pb [7383] O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 03/08/2011 - 12:50:00 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\SysNative\OpenCL.dll [67176] O44 - LFC:[MD5.2D4A51E3D0137B22466472D1420846A7] - 03/08/2011 - 12:50:00 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\system32\OpenCL.dll [67176] O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\SysNative\nvdispco64.dll [1519720] O44 - LFC:[MD5.F8551FD67D84D446B6F903C5EF5BB887] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - Easy daemon API.) -- C:\Windows\SysNative\easyupdatusapiu64.dll [836200] O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\SysNative\nvgenco64.dll [1453160] O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\SysNative\nvcuda.dll [7254632] O44 - LFC:[MD5.F6A33FE1896951C81FBB06F89BB77CC8] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 280.26.) -- C:\Windows\system32\nvcuda.dll [7254632] O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\SysNative\nvcuvid.dll [2532456] O44 - LFC:[MD5.1B887B61A5E001CDC7F733EDC1327F1D] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 280.2.) -- C:\Windows\system32\nvcuvid.dll [2532456] O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\SysNative\nvcuvenc.dll [2222184] O44 - LFC:[MD5.3AF3DAC8DD7FF6B9FC90551642F46902] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 280.26.) -- C:\Windows\system32\nvcuvenc.dll [2222184] O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\SysNative\nvoglv64.dll [22470248] O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\SysNative\nvcompiler.dll [24692840] O44 - LFC:[MD5.28EB9A79B9F2E1DB6D71C6B54D4B8664] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 280.26.) -- C:\Windows\system32\nvcompiler.dll [24692840] O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\SysNative\nvwgf2umx.dll [8355944] O44 - LFC:[MD5.1E3B29FA18FF1C4BDA24F8155A2FE656] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\SysNative\nvcpl.dll [6136936] O44 - LFC:[MD5.5725A85AF50334E1A044A3A654580CED] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\SysNative\nvsvc64.dll [3021416] O44 - LFC:[MD5.BB55747DE2E82AF47DDB4F82D95647C8] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\SysNative\nvsvcr.dll [2560616] O44 - LFC:[MD5.39F933CA2798156B0B7A19D104B73B9A] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\SysNative\nvvsvc.exe [980072] O44 - LFC:[MD5.AB55A7CEBC83D501BEC77EE2DE1BBEA6] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\SysNative\nvmctray.dll [117864] O44 - LFC:[MD5.EBC20D6D895F8F3601E626B8088C93C7] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 280.26.) -- C:\Windows\SysNative\nvapi64.dll [2758760] O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\SysNative\nvd3dumx.dll [15064168] O44 - LFC:[MD5.1882C512BF636EA6F7BE424200B86B5E] - 03/08/2011 - 12:50:00 ---A- . (.NVIDIA Corporation - Pas de description.) -- C:\Windows\SysNative\nvshext.dll [61544] O44 - LFC:[MD5.71308A15265B6A89E5B51C9635085562] - 03/08/2011 - 12:50:00 RSHAD . (...) -- C:\Windows\system32\nvinfo.pb [7383] O44 - LFC:[MD5.CB0483F5C79EDA101AD603FEFADC0D78] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\system32\nvdispco64.dll [1519720] O44 - LFC:[MD5.F8551FD67D84D446B6F903C5EF5BB887] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - Easy daemon API.) -- C:\Windows\system32\easyupdatusapiu64.dll [836200] O44 - LFC:[MD5.09F7E98136C13B4C41CF0CA448B7BDAD] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\system32\nvgenco64.dll [1453160] O44 - LFC:[MD5.D332D01F8B2FD019D2C817D7A0F809C4] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\system32\nvoglv64.dll [22470248] O44 - LFC:[MD5.6B60F1B8D93EC46B022BF296068E181A] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA D3D10 Driver, Version 280.26.) -- C:\Windows\system32\nvwgf2umx.dll [8355944] O44 - LFC:[MD5.1E3B29FA18FF1C4BDA24F8155A2FE656] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\nvcpl.dll [6136936] O44 - LFC:[MD5.5725A85AF50334E1A044A3A654580CED] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\system32\nvsvc64.dll [3021416] O44 - LFC:[MD5.BB55747DE2E82AF47DDB4F82D95647C8] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\system32\nvsvcr.dll [2560616] O44 - LFC:[MD5.39F933CA2798156B0B7A19D104B73B9A] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 280.2.) -- C:\Windows\system32\nvvsvc.exe [980072] O44 - LFC:[MD5.AB55A7CEBC83D501BEC77EE2DE1BBEA6] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\nvmctray.dll [117864] O44 - LFC:[MD5.EBC20D6D895F8F3601E626B8088C93C7] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 280.26.) -- C:\Windows\system32\nvapi64.dll [2758760] O44 - LFC:[MD5.A1F2BA9CB0B251032B1FB14A2BD33440] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA WDDM D3D Driver, Version 280.26.) -- C:\Windows\system32\nvd3dumx.dll [15064168] O44 - LFC:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12909672] O44 - LFC:[MD5.1882C512BF636EA6F7BE424200B86B5E] - 03/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - Pas de description.) -- C:\Windows\system32\nvshext.dll [61544] O44 - LFC:[MD5.E15B492959DFABC12AA4CA070B38F21A] - 15/02/2010 - 12:03:04 ---A- . (...) -- C:\Windows\SysNative\binkw32.dll [286208] O44 - LFC:[MD5.E15B492959DFABC12AA4CA070B38F21A] - 15/02/2010 - 12:03:04 RSHAD . (...) -- C:\Windows\system32\binkw32.dll [286208] O44 - LFC:[MD5.E1772920AD1CCA6C6657604AF1626320] - 30/08/2006 - 23:23:02 ---A- . (...) -- C:\Windows\SysNative\hook_fo1.dll [2584] O44 - LFC:[MD5.E1772920AD1CCA6C6657604AF1626320] - 30/08/2006 - 23:23:02 RSHAD . (...) -- C:\Windows\system32\hook_fo1.dll [2584] ~ Scan Files in 00mn 42s ---\\ Contrôle du Safe Boot (CSB) (O49) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.) O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys ~ Scan CSB in 00mn 00s ---\\ MountPoints2 Shell Key (O51) O51 - MPSK:{f5e8e397-c24f-11e0-a480-001f16f9e0cf}\AutoRun\command. (.SKIDROW - Pas de description.) -- H:\Installer.exe ~ Scan Keys in 00mn 00s ---\\ Trojan Driver Search Data (HKLM) (O52) O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm ~ Scan Keys in 00mn 00s ---\\ Microsoft Control Security Providers (O54) O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies System (O55) O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5 O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3 O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1 O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0 O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1 O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1 O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0 O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0 O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"= O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"= O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0 O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1 O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0 ~ Scan Keys in 00mn 00s ---\\ Microsoft Windows Policies Explorer (O56) O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1 O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0 ~ Scan Keys in 00mn 00s ---\\ Liste des Drivers Système (O58) O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088] O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536] O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864] O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440] O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 13/07/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904] O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128] O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 13/07/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008] O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632] O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856] O58 - SDL:[MD5.39C2E2870FC0C2AE0595B883CBE716B4] - 30/06/2011 - 10:19:23 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [83120] O58 - SDL:[MD5.C98FA6E5AD0E857D22716BD2B8B1F399] - 30/06/2011 - 10:19:23 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [116568] O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848] O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432] O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704] O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720] O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104] O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976] O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720] O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480] O58 - SDL:[MD5.6BBCC68D37D9B0C09100CDC2D16C8F8F] - 30/06/2011 - 09:38:06 RSHAD . (.COMODO - COMODO Internet Security Eradication Driver.) -- C:\Windows\system32\drivers\cmderd.sys [16016] O58 - SDL:[MD5.0020E6598D80B92E4D8618554C4843AB] - 30/06/2011 - 09:38:07 RSHAD . (.COMODO - COMODO Internet Security Sandbox Driver.) -- C:\Windows\system32\drivers\cmdGuard.sys [252344] O58 - SDL:[MD5.7A2AF19B01BF433C23AC1111610ACF84] - 30/06/2011 - 09:38:08 RSHAD . (.COMODO - COMODO Internet Security Helper Driver.) -- C:\Windows\system32\drivers\cmdhlp.sys [41712] O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488] O58 - SDL:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 09/08/2011 - 07:29:14 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912] O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496] O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016] O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 14/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232] O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 01/07/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720] O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 13/07/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496] O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112] O58 - SDL:[MD5.FC863D6EC8FC977AC4BE6CA7DDC10DAE] - 30/06/2011 - 09:38:09 RSHAD . (.COMODO - COMODO Internet Security Firewall Driver.) -- C:\Windows\system32\drivers\inspect.sys [92688] O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752] O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560] O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600] O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776] O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392] O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736] O58 - SDL:[MD5.6FFECC25B39DC7652A0CEC0ADA9DB589] - 14/08/2009 - 12:15:30 RSHAD . (.Egis Technology Inc. - PSD Filter Driver.) -- C:\Windows\system32\drivers\mwlPSDFilter.sys [22576] O58 - SDL:[MD5.0BEFE32CA56D6EE89D58175725596A85] - 14/08/2009 - 12:15:30 RSHAD . (.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) -- C:\Windows\system32\drivers\mwlPSDNserv.sys [20016] O58 - SDL:[MD5.D43BC633B8660463E446E28E14A51262] - 14/08/2009 - 12:15:30 RSHAD . (.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) -- C:\Windows\system32\drivers\mwlPSDVDisk.sys [60464] O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264] O58 - SDL:[MD5.64DDD0DEE976302F4BD93E5EFCC2F013] - 14/08/2009 - 00:46:08 RSHAD . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\Windows\system32\drivers\NTIDrvr.sys [18432] O58 - SDL:[MD5.960E39A54E525DF58CB29193147DFFA1] - 23/08/2011 - 10:41:27 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [174184] O58 - SDL:[MD5.CC1EFEA1F0AB17E59BD4B5BAFF3E5CB0] - 23/08/2011 - 12:50:00 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 280.26.) -- C:\Windows\system32\drivers\nvlddmkm.sys [12909672] O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys [408960] O58 - SDL:[MD5.956A1F47826514C1EA0C295FE13C7377] - 14/08/2009 - 06:06:58 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys [339360] O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 13/07/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352] O58 - SDL:[MD5.AFDE3015BB8D76E26BEC3B287C5443A0] - 14/08/2009 - 20:07:36 RSHAD . (.NVIDIA Corporation - NVIDIA nForce SMU Microcontroller Driver.) -- C:\Windows\system32\drivers\nvsmu.sys [28704] O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 13/07/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272] O58 - SDL:[MD5.7C7EEF51979658CE15BBC04F96A77D56] - 14/08/2009 - 12:09:24 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys [239136] O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816] O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592] O58 - SDL:[MD5.BC64B75E8E0A0B8982AB773483164E72] - 14/08/2009 - 11:52:38 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1831968] O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040] O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584] O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464] O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/07/2011 - 00:00:00 RSHAD . (...) -- C:\Windows\system32\drivers\sptd.sys [513080] O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656] O58 - SDL:[MD5.2E22C1FD397A5A9FFEF55E9D1FC96C00] - 14/08/2009 - 00:46:08 RSHAD . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -- C:\Windows\system32\drivers\UBHelper.sys [16896] O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488] O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872] ~ Scan Drivers in 00mn 01s ---\\ Liste des outils de nettoyage (O63) O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1 ~ Scan ADS in 00mn 00s ---\\ Liste des services Legacy (O64) O64 - Services: CurCS - 18/04/2011 - C:\Windows\system32\DRIVERS\avgntflt.sys - No object(No service) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT O64 - Services: CurCS - 18/04/2011 - C:\Windows\system32\DRIVERS\avipbb.sys - No object(No service) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\cmdguard.sys - No object(No service) .(.COMODO - COMODO Internet Security Sandbox Driver.) - LEGACY_CMDGUARD O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\cmdhlp.sys - No object(No service) .(.COMODO - COMODO Internet Security Helper Driver.) - LEGACY_CMDHLP O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\DRIVERS\inspect.sys - No object(No service) .(.COMODO - COMODO Internet Security Firewall Driver.) - LEGACY_INSPECT O64 - Services: CurCS - 02/06/2009 - C:\Windows\system32\DRIVERS\mwlPSDFilter.sys - No object(No service) .(.Egis Technology Inc. - PSD Filter Driver.) - LEGACY_MWLPSDFILTER O64 - Services: CurCS - 02/06/2009 - C:\Windows\system32\DRIVERS\mwlPSDNServ.sys - No object(No service) .(.Egis Technology Inc. - MyWinLocker PSD Named Pipe Driver.) - LEGACY_MWLPSDNSERV O64 - Services: CurCS - 02/06/2009 - C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys - No object(No service) .(.Egis Technology Inc. - MyWinLocker PSD Virtual Disk Driver.) - LEGACY_MWLPSDVDISK O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - No object (No service) .(...) - LEGACY_SPTD ~ Scan Services in 00mn 07s ---\\ File Associations Shell Spawning (O67) O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %* O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %* O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe ~ Scan Keys in 00mn 00s ---\\ Start Menu Internet (O68) O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe ~ Scan Keys in 00mn 00s ---\\ Search Browser Infection (O69) O69 - SBI: prefs.js [Ambroise - at88vq2i.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091 O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} - (Google) - Google O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} [DefaultScope] - (DAEMON Search) - DAEMON-Search.com :: EXPLORE ~ Scan Keys in 00mn 00s ---\\ Recherche particuliere à la racine de certains dossiers (O84) [MD5.5C3EBAB9109BEFB0B769DE4D0C960601] [sPRF][26/08/2011] (.Sony DADC Austria AG - SecuROM DRM Dialog.) -- C:\Users\Ambroise\AppData\Local\Temp\drm_dialogs.dll [65536] [MD5.9E280C5414648385F90931DB4750DDD1] [sPRF][26/08/2011] (.Sony DADC Austria AG - SecuROM dynamic-data module.) -- C:\Users\Ambroise\AppData\Local\Temp\drm_dyndata_7380006.dll [204800] [MD5.3011BB10919C78C7669B0D07284BD8CB] [sPRF][17/01/2009] (.Bethesda Softworks - Fallout 3 Launcher.) -- C:\Users\Ambroise\Desktop\FalloutLauncher.exe [1546752] [MD5.11B9F1E66EE67F0C765C5895A99755DD] [sPRF][29/07/2011] (...) -- C:\Users\Ambroise\Desktop\vlc-1.1.11-win32.exe [21073936] ~ Scan Files in 00mn 00s ---\\ Firewall Active Exception List (FirewallRules) (O87) O87 - FAEL: "{43EB7B14-2AA5-4001-98CF-6E1B9FD5B9AF}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{8278FCA5-4F16-4734-B380-737795573940}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O87 - FAEL: "{CEB5E203-3633-4ECB-B5AB-1856D703F979}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe O87 - FAEL: "{03591552-B5D3-4275-AA64-2A3CB9A0C1AA}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe ~ Scan Firewall in 00mn 00s ---\\ Scan Additionnel (O88) Database Version : 8617 - (24/08/2011) Clés trouvées (Keys found) : 19 Valeurs trouvées (Values found) : 1 Dossiers trouvés (Folders found) : 9 Fichiers trouvés (Files found) : 0 [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKLM\Software\WOW6432Node\Classes\CLSID\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83ff80f4-8c74-4b80-b5ba-c8ddd434e5c4}] =>Spyware.BHO [HKLM\Software\Classes\TypeLib\{86676e13-d6d8-4652-9fcf-f2047f1fb000}] =>Trojan.BHO [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit [HKCU\Software\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\Conduit] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit [HKLM\Software\WOW6432Node\conduitEngine] =>Toolbar.Conduit [HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit [HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent C:\Users\Ambroise\AppData\Local\Conduit =>Toolbar.Conduit C:\Users\Ambroise\AppData\LocalLow\Conduit =>Toolbar.Conduit C:\Users\Ambroise\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit C:\Users\Ambroise\AppData\LocalLow\Vuze_Remote =>Toolbar.Conduit C:\Program Files (x86)\Conduit =>Toolbar.Conduit C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit C:\Program Files (x86)\DAEMON Tools Toolbar =>Toolbar.Agent C:\Program Files (x86)\Vuze_Remote =>Toolbar.Conduit ~ Scan Additionnel in 00mn 07s ---\\ Recherche détournement de DNS routeur (O89) Serveur : UnKnown Address: 156.154.70.25 Nom : www.l.google.com Addresses: 209.85.148.106 209.85.148.104 209.85.148.99 209.85.148.147 209.85.148.105 209.85.148.103 Aliases: www.google.fr www.google.com ~ Scan DNS in 00mn 05s ---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped) SR - | Auto 30/06/2011 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe SR - | Auto 30/06/2011 269480 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe SR - | Auto 04/07/2011 2528096 | C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (cmdagent) . (.COMODO.) - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe SR - | Auto 625184 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe SR - | Auto 14/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe SS - | Auto 20/08/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 20/08/2011 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe SS - | Demand 14/08/2009 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe SS - | Demand 14/08/2009 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe SR - | Auto 207904 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe SR - | Auto 14/08/2009 62208 | (NTI IScheduleSvc) . (.NewTech Infosystems, Inc..) - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe SR - | Auto 23/08/2011 980072 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe SR - | Auto 23/08/2011 2255464 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe SS - | Demand 14/08/2009 332272 | (Partner Service) . (.Google Inc..) - C:\ProgramData\Partner\Partner.exe SR - | Auto 23/08/2011 379496 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe SR - | Auto 14/08/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe ~ Scan Services in 00mn 06s ---\\ Recherche Master Boot Record Infection (MBR)(O80) Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover ~ Scan MBR in 00mn 11s ---\\ Recherche Master Boot Record Infection (MBRCheck)(O80) Written by ad13, http://ad13.geekstog Run by Ambroise at 27/08/2011 14:26:53 ********* Dump file Name ********* C:\PhysicalDisk0_MBR.bin ~ Scan MBR in 00mn 16s End of the scan (1152 lines in 02mn 29s)(0) Dire que je trouve Hijackthis trop complexe pour moi, la le rapport est franchement lourd. Merci encore

Bonjours, Mon PC m'a posé des soucis car la carte vidéo chauffait et plantait la config. Avec une scie à métaux j'ai permis au ventilateur de ladite carte (GE Force GT 220) de faire son travail et maintenant je mesure une température normale (logiciel SIW), je peux visionner un film, utiliser You Tube ... J'ai eu plusieurs plantage et je suppose que tout ou partie du système est endommagé. La commande sfc/verifyonly m'indique qu'il n'y a pas de violation d'intégrité. Ma configuration est la suivante : Windows 7 4 Go RAM 1 Go vidéo (GE Force GT 220) dual core Athlon II X 2 215 Mon PC plante sur des jeux tel que Fallout New Vegas, Civilisation alors que les performances du matériel sont suffisantes. Je n'ai pas l'impression d’être infecté par un virus ou malware. J'utilise Antivir, Spybot et Comodo. Voici le rapport Hijackthis. Pour moi la rubrique 010 correspond aux plantages liés à la surchauffe de la carte vidéo. J'ignore si je dois corriger (Fix checked?). La rubrique 017 est liée au serveur DNS Comodo. Il me semble qu'il y a beaucoup de problèmes 023 et certains sont des malwares inactifs. Comme je me trouve trop léger en informatique, je préfère m'informer avant de faire une c... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:37:02, on 26/08/2011 Platform: Unknown Windows (WinNT 6.01.3505 SP1) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\SIW\siw.exe C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = my.daemon-search.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&m=aspire_x1301&r=17360611ln07973480k05bg7012l94 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Partner BHO Class - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k O4 - HKLM\..\Run: [EgisTecLiveUpdate] "C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-4026131511-971476373-2256069414-1003\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O13 - Gopher Prefix: O17 - HKLM\System\CCS\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CS1\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O17 - HKLM\System\CS2\Services\Tcpip\..\{5B159DBA-C247-46A2-A731-21B5A9298F13}: NameServer = 156.154.70.25,156.154.71.25 O20 - AppInit_DLLs: C:\Windows\SysWOW64\guard32.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: COMODO Internet Security Helper Service (cmdagent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GregHSRW.exe O23 - Service: Service Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Service Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe O23 - Service: NTI IScheduleSvc - NewTech Infosystems, Inc. - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Partner Service - Google Inc. - C:\ProgramData\Partner\Partner.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Updater Service - Acer - C:\Program Files\Acer\Acer Updater\UpdaterService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12681 bytes Voilà, j'espère avoir été clair. Merci d'avoir eu la patience de lire.