infection

[ti_youles]

Bonsoir ,sur la demande de ticlou , je poste le rapport de malwarebyte .Le problem que j ais ,est que firefox ne repond pas et ,la fenetre se grise une trentaine de secondes avant de fonctionner , c est pareil avec windows mail .D e plus ,quand je connecte mon Iphone au pc ,impossible d ouvrir Itunes ,,meme apres desinstallation et installation !qçqa me dit erreur inconnue (-50) voila

Merci à tous

Malwarebytes' Anti-Malware 1.50

www.malwarebytes.org

 

Version de la base de données: 5311

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

14/12/2010 19:24:16

mbam-log-2010-12-14 (19-24-02).txt

 

Type d'examen: Examen complet (C:\|D:\|Y:\|Z:\|)

Elément(s) analysé(s): 307582

Temps écoulé: 2 heure(s), 40 minute(s), 53 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 2

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

c:\Users\Jules\Desktop\mailpv\mailpv.exe (PUP.MailPassView) -> No action taken.

z:\#recycle\Bureau\mailpv\mailpv.exe (PUP.MailPassView) -> No action taken.

[pear]

Bonjour,

 

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

S'il y a blocage à 080:

Relancez ZhpDiag->Clic sur le tournevis

Décocher Recherche Master Boot Record(MBR)(080)

 

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[ti_youles]

Bonjour , voici le rapport ZHPD,je poste celui de MB ,des qu il sera termine

Merci beaucoup

Rapport de ZHPDiag v1.27.1420 par Nicolas Coolman, Update du 11/12/2010

Run by Jules at 15/12/2010 11:24:04

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

GCIE: Google Chrome v8.0.552.224

 

---\\ System Information

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Processor: x86 Family 6 Model 26 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3063 MB (55% free)

System drive C: has 82 GB (68%) free of 119 GB

 

---\\ Logged in mode

Computer Name: PC-DE-JULES

User Name: Jules

All Users Names: Jules, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 119 Go)

D:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 06:45:39.) -- C:\Windows\Explorer.exe [2614272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584]

[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\System32\drivers\ntfs.sys [1210432]

 

 

---\\ Processus lancés

[MD5.5E6E633874A6F3C5E21F757759B78217] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe [645952]

[MD5.642FAD18C7393E164FA871005359442F] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640]

[MD5.234051C0D242A6F4A79AE5212C1323D4] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048]

[MD5.35CE7659615EF1FCE1E94D8A2C44E515] - (.Seagate - Seagate DiscWizard Monitor.) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1192336]

[MD5.BDC182D447A2233D1F047A7BE441DB34] - (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [1966128]

[MD5.C1C9B6208D65B4D41404D2513CB6C316] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [148760]

[MD5.C09C42AD728D74F6658BB07E40D90FBE] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe [998912]

[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]

[MD5.853E84A458D4D06BFF170E24318EB6F8] - (.Logitech Inc. - Logitech GamePanel Agent.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe [358472]

[MD5.0B7EDB7D060863C0F1A65BF109C7CB30] - (.Logitech Inc. - Logitech LCD Manager.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [1809992]

[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]

[MD5.C93178333460ABD59A008F7F9215D930] - (.Logitech Inc. - Logitech G-series Profiler.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [3649096]

[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]

[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392]

[MD5.D0DD7E7AAA381672BA6BC1DB0C1093C3] - (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe [646656]

[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]

[MD5.E9B04A22EC2E9ECD4F6E0E5B10E35534] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3253656]

[MD5.D7CFC1891552F4FE81E092E0F1ECFDC4] - (.Nosibay - Bubble Dock.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe [443920]

[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360]

[MD5.B624202660474516E73AA95238FD9843] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe [813584]

[MD5.D0291BD17EDAB65C4725B0CCF0745F09] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [368640]

[MD5.E96BC31E0114F0999FB0F92FC65D61CA] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [55824]

[MD5.391475966ADA33651B1793DB3C358C99] - (.Logitech Inc. - Logitech LCD Clock/Performance Monitor.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe [676424]

[MD5.205E6E08B4921CE48B8E80A2D2FDE6F2] - (.Logitech Inc. - Logitech G-series Media Display.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe [522824]

[MD5.384C4297372229EB7FFD3799C89A87FE] - (.Logitech Inc. - Logitech G-series LCD Countdown Timer.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe [523848]

[MD5.524385F1E5F3057E65570F80FF3731E8] - (.Logitech Inc. - Logitech G-series POP3 Monitor.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe [477768]

[MD5.B77E400A3A9248C866544F09E415B3EF] - (.Logitech Inc. - Logitech G-series LCD RSS.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe [498760]

[MD5.6979904D30D8FC0F1776EAA61BEF12B8] - (.Microsoft Corporation - Gadget du Lecteur Windows Media pour des ap.) -- C:\Program Files\Windows Media Player\WMPSideShowGadget.exe [144896]

[MD5.A0F1DFC9E47B2524213AFF32E26BE92D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe [164864]

[MD5.C36C6A8B418B635F9D613D608D7ADA84] - (.Nosibay - Bubble Dock.) -- C:\Program Files\Nosibay\Bubble Dock\Bubble Dock.exe [4326928]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [263600]

[MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320]

[MD5.C2E9F997B2FEFE06C898BFEECF3B63B2] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304]

[MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [262144]

[MD5.4AD75429CE8E4F2C63F71B6774DE42D2] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe [23328]

[MD5.51A850830CB841FBE5B90142BCC6B854] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\java.exe [145184]

[MD5.B5EB5D9558DBD7C5E2AC078A5439024F] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [963976]

[MD5.9A80E1F31DDB1FE19B4E3C34773B7B57] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.PLATINUM technology, inc. - PLATINUM technology, inc. Plug-in for viewing 3D worlds authored in VR.) -- C:\Program Files\Mozilla Firefox\Plugins\npcosmop211.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

M0 - MFSP: prefs.js [Jules - 4rvcwt7b.default] iGoogle

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\capturefoxmovie@advancity.net] [] Capture Fox v0.7.0 (.Zafer Gurel.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\engine@conduit.com] [] Conduit Engine v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\fr@dictionaries.addons.mozilla.org] [] Dictionnaire français «Réforme 1990» v3.5 (.Olivier R..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\personas@christopher.beard] [personas] Personas v1.6.1 (.Chris Beard.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\tabscope@xuldev.org] [] Tab Scope v0.3.7 (.ã”ã¿ãŸ.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{346de098-61f9-4b42-89da-6dfba7091bb6}] [] IMBooster4web-en Toolbar v2.5.6.0 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Community Toolbar v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v1.5.20090525 (.Hong Jen Yee (PCMan).)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v1.3.1 (.Wladimir Palant.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{dc572301-7619-498c-a57d-39143191b318}] [tabmix] Tab Mix Plus v1.3.1 (.ONEMEN (tabmix.onemen@gmail.com).)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{e213bb8f-8ebd-11db-96b7-005056c00008}] [] myFirefox v3.0.0.91 (.FlyWorld and Merci chao , Anna .)

M2 - MFEP: prefs.js [Jules - 8v12l2ng.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] Google

G0 - GCSP: Preference [user Data\Default][HomePage] Google

 

 

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} Clé orpheline

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} Clé orpheline

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O4 - HKLM\..\Run: [LogMeIn GUI] :C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (.not file.)

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.exe

O4 - HKLM\..\Run: [DiscWizardMonitor.exe] :C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (.not file.)

O4 - HKLM\..\Run: [AcronisTimounterMonitor] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

O4 - HKLM\..\Run: [hpqSRMon] :C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (.not file.)

O4 - HKLM\..\Run: [vspdfprsrv.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe

O4 - HKLM\..\Run: [LWS] :C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (.not file.)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [Launch LgDeviceAgent] . (.Logitech Inc. - Logitech GamePanel Agent.) -- C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

O4 - HKLM\..\Run: [Launch LCDMon] . (.Logitech Inc. - Logitech LCD Manager.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

O4 - HKLM\..\Run: [Launch LGDCore] . (.Logitech Inc. - Logitech G-series Profiler.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

O4 - HKLM\..\Run: [iTunesHelper] :C:\Program Files\iTunes\iTunesHelper.exe (.not file.)

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKCU\..\Run: [superCopier2.exe] :C:\Program Files\SuperCopier2\SuperCopier2.exe (.not file.)

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [ViDesk] . (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe

O4 - HKCU\..\Run: [sidebar] :C:\Program Files\Windows Sidebar\sidebar.exe (.not file.)

O4 - HKCU\..\Run: [iDMan] :C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)

O4 - HKCU\..\Run: [PC Speed Maximizer] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PC Speed Maximizer\SPMTray.exe

O4 - HKCU\..\Run: [bubble Dock] :"C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [superCopier2.exe] :C:\Program Files\SuperCopier2\SuperCopier2.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [ViDesk] . (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [sidebar] :C:\Program Files\Windows Sidebar\sidebar.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [iDMan] :C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [PC Speed Maximizer] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PC Speed Maximizer\SPMTray.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [bubble Dock] :"C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\3GVisio.lnk . (.Pas de propriétaire.) -- C:\Program Files\3GVisio\3GVisio.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Bubble Dock.lnk . (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\ConvertMovie 4.1.lnk . (.http://movavi.com.) -- C:\Program Files\ConvertMovie 4.1\ConvertMovie.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Driver Genius Professional Edition.lnk . (.Driver-Soft Inc..) -- C:\Program Files\Driver-Soft\DriverGenius\DriverGenius.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Hijackthis Version Française.lnk . (.Soeperman Enterprises Ltd..) -- C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\IcoFX.lnk . (.Attila Kovrig.) -- C:\Program Files\IcoFX 1.6\IcoFX.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\keyfinder - Raccourci.lnk . (.Pas de propriétaire.) -- Z:\Téléchargements\keyfinder.2.0.1\Keyfinder.2.0.1\keyfinder.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\LogMeIn.lnk . (.LogMeIn, Inc..) -- C:\Program Files\LogMeIn\x86\raabout.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\SnippingTool.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\SUMo.lnk . (.KC Softwares.) -- C:\Program Files\KC Softwares\SUMo\SUMo.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer_1.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer_3.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Watermark Magick.lnk . (.ZapWallPaper.) -- C:\Program Files\ZapWallPaper\Watermark\Watermark-Magick.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\High Sign.lnk . (.Pas de propriétaire.) -- C:\Users\Jules\AppData\Roaming\Microsoft\Installer\{CE02A8CC-C4E0-4F42-8183-AD26E16C0C42}\_C71360240B8BE753C4CC69.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jules\Desktop\3GVisio.lnk . (.Pas de propriétaire.) -- C:\Program Files\3GVisio\3GVisio.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Bubble Dock.lnk . (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

O4 - Global Startup: C:\Users\Jules\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\Jules\Desktop\ConvertMovie 4.1.lnk . (.http://movavi.com.) -- C:\Program Files\ConvertMovie 4.1\ConvertMovie.exe

O4 - Global Startup: C:\Users\Jules\Desktop\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Driver Genius Professional Edition.lnk . (.Driver-Soft Inc..) -- C:\Program Files\Driver-Soft\DriverGenius\DriverGenius.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Hijackthis Version Française.lnk . (.Soeperman Enterprises Ltd..) -- C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

O4 - Global Startup: C:\Users\Jules\Desktop\IcoFX.lnk . (.Attila Kovrig.) -- C:\Program Files\IcoFX 1.6\IcoFX.exe

O4 - Global Startup: C:\Users\Jules\Desktop\keyfinder - Raccourci.lnk . (.Pas de propriétaire.) -- Z:\Téléchargements\keyfinder.2.0.1\Keyfinder.2.0.1\keyfinder.exe

O4 - Global Startup: C:\Users\Jules\Desktop\LogMeIn.lnk . (.LogMeIn, Inc..) -- C:\Program Files\LogMeIn\x86\raabout.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe

O4 - Global Startup: C:\Users\Jules\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\SnippingTool.exe

O4 - Global Startup: C:\Users\Jules\Desktop\SUMo.lnk . (.KC Softwares.) -- C:\Program Files\KC Softwares\SUMo\SUMo.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer_1.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer_3.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Watermark Magick.lnk . (.ZapWallPaper.) -- C:\Program Files\ZapWallPaper\Watermark\Watermark-Magick.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Télécharger avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetAll.htm

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: (Crypkey License) . (.Kenonic Controls Ltd. - CrypKey NT Service.) - C:\Windows\System32\crypserv.exe

O23 - Service: (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

O23 - Service: (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 258.9.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.45AD8AA455CA1535C57CC3DD71A60A7A] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[MD5.D7CFC1891552F4FE81E092E0F1ECFDC4] [APT] [RunAsStdUser Task] (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files\TuneUp Utilities 2010\OneClick.exe (.not file.)

[MD5.7F054CA4D3AFAED6DAB518EF0FDF6F1E] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2011\OneClick.exe

[MD5.1035D30CD954D62A7804785D7874D611] [APT] [{034F32AB-9885-4EA7-9963-AE2BE945B5F1}] (.Dylan Vester.) -- C:\Program Files\High Sign\HighSign.exe

[MD5.1035D30CD954D62A7804785D7874D611] [APT] [{312AB672-7374-4184-A4C1-62D8D8D44632}] (.Dylan Vester.) -- C:\Program Files\High Sign\HighSign.exe

[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe

O40 - ASIC: Bubble Dock v3.0.557.0.45821 - {9f81ae06-bf80-462a-b349-c19e50524289} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nosibay\Bubble Dock\Deploy.exeT-J8V \M=1 \W=1 \A=1

O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (NetworkX) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\ckldrv.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {09BDEEF0-5590-457D-89A9-5DB2742F9BBF}

O42 - Logiciel: 3GVisio - (.Pas de propriétaire.) [HKLM] -- 3GVisio

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: Adobe Acrobat 4.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 4.0

O42 - Logiciel: Adobe ActiveShare 1.2 - (.Pas de propriétaire.) [HKLM] -- Adobe ActiveShare

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe PhotoDeluxe Home Edition 4.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe PhotoDeluxe Home Edition 4.0

O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Advanced Audio FX Engine - (.Pas de propriétaire.) [HKLM] -- Advanced Audio FX Engine

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}

O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKLM] -- Bubble Dock

O42 - Logiciel: C-Map PCMCIA and USB drivers - (.C-Map.) [HKLM] -- InstallShield_{98C61F22-8B4F-416E-A4BF-54FCC10509E0}

O42 - Logiciel: CANAL+ pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {E2A6B1A0-C1E3-4311-BF86-EAF18841FD67}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDDRV_Installer - (.Logitech.) [HKLM] -- {0C826C5B-B131-423A-A229-C71B3CACCD6A}

O42 - Logiciel: Calendrier de photos Creative - (.Pas de propriétaire.) [HKLM] -- Creative Photo Calendar

O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: ConvertMovie 4.1 - (.MOVAVI.) [HKLM] -- ConvertMovie 4.1

O42 - Logiciel: Cosmo Player 2.1.1 - (.Pas de propriétaire.) [HKLM] -- CosmoPlayer

O42 - Logiciel: CrossLoop 2.70 - (.CrossLoop, Inc..) [HKLM] -- CrossLoop_is1

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- {4640FDE1-B83A-4376-84ED-86F86BEE2D41}

O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Gestionnaire de photos Creative - (.Pas de propriétaire.) [HKLM] -- Creative Photo Manager

O42 - Logiciel: Glary Utilities 2.30.0.1066 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}

O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart All-In-One Driver Software 10.0 Rel .2 - (.HP.) [HKLM] -- {20B30DC1-E423-4939-B51D-05C58B0F9BBB}

O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: High Sign - (.Dylan Vester.) [HKLM] -- {CE02A8CC-C4E0-4F42-8183-AD26E16C0C42}

O42 - Logiciel: IcoFX 1.6.4 - (.Pas de propriétaire.) [HKLM] -- IcoFX_is1

O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager

O42 - Logiciel: Java 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: K-Lite Codec Pack 4.5.3 (Standard) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: KC Softwares SUMo - (.KC Softwares.) [HKLM] -- KC Softwares SUMo_is1

O42 - Logiciel: Kazoo Player - (.Pas de propriétaire.) [HKLM] -- Kazoo Player

O42 - Logiciel: KeyLemon - (.KeyLemon Solutions S.A..) [HKLM] -- KeyLemon

O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM] -- {3101CB58-3482-4D21-AF1A-7057FC935355}

O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}

O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}

O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}

O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}

O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}

O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}

O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}

O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}

O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}

O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}

O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}

O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM] -- {34F93E31-E1A0-421C-8E86-BCF7C4193A91}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Logitech GamePanel Software 3.06.109 - (.Logitech Inc..) [HKLM] -- {A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}

O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM] -- {F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}

O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid

O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}

O42 - Logiciel: Ludi - (.Pas de propriétaire.) [HKLM] -- Ludi

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: My 7 Optimizer - (.Pas de propriétaire.) [HKLM] -- My 7 Optimizer

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}

O42 - Logiciel: Nero 8 Lite 8.3.2.1 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1

O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}

O42 - Logiciel: OV 1.0.7 - (.Pas de propriétaire.) [HKLM] -- OV

O42 - Logiciel: PC Speed Maximizer v2.1 - (.Smart PC Solutions.) [HKLM] -- PC Speed Maximizer_is1

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: Picture Package Music Transfer - (.Sony Corporation.) [HKLM] -- {CE2121C6-C94D-4A73-8EA4-6943F33EE335}

O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Seagate DiscWizard - (.Seagate.) [HKLM] -- {81A60A13-224D-4637-8203-3EAC03B121A4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Sentinel System Driver - (.Pas de propriétaire.) [HKLM] -- Rainbow Sentinel Driver

O42 - Logiciel: Sevens - (.Pas de propriétaire.) [HKLM] -- Sevens

O42 - Logiciel: SightSpeed (remove only) - (.SightSpeed Inc..) [HKLM] -- SightSpeed

O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM] -- {D5068583-D569-468B-9755-5FBF5848F46F}

O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2

O42 - Logiciel: Synology Assistant (remove only) - (.Pas de propriétaire.) [HKLM] -- Synology Assistant

O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011

O42 - Logiciel: Ugrib RC1 - (.GRIB.US.) [HKLM] -- Ugrib_is1

O42 - Logiciel: Unyk Syncro - (.Unyk Inc.) [HKLM] -- Unyk Syncro

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2443839) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E8CFA21A-2D44-446D-8324-ADFA3C9FCAD2}

O42 - Logiciel: VSO Image Resizer 3.0.0.101 - (.VSO-Software.) [HKLM] -- {3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1

O42 - Logiciel: ViDesk - (.Pas de propriétaire.) [HKLM] -- ViDesk

O42 - Logiciel: Visual C++ CRT 9.0 SP1 - (.Michel Kraemer.) [HKLM] -- {EC25B803-4BDB-47F7-B877-FCE7D7966C0F}

O42 - Logiciel: Vsk5Online - (.Nadeo.) [HKLM] -- Vsk5Online_is1

O42 - Logiciel: Watermark-Magick - (.Pas de propriétaire.) [HKLM] -- Watermark-Magick

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {321AC187-D400-41B4-BDEB-F3E80FFCE20F}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: eXPert PDF 4 - (.Visage Software.) [HKLM] -- {A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564}

O42 - Logiciel: ffdshow [rev 3078] [2009-09-17] - (.Pas de propriétaire.) [HKLM] -- ffdshow_is1

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\IMBooster4web-en]

[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Cazitel]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cloudmark]

[HKCU\Software\CosmoSoftware]

[HKCU\Software\Creative Tech]

[HKCU\Software\Digital River]

[HKCU\Software\DownloadManager]

[HKCU\Software\Dylan Vester]

[HKCU\Software\ESET]

[HKCU\Software\EyePower Games]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\Iminent]

[HKCU\Software\Informatique & Mer]

[HKCU\Software\Iris]

[HKCU\Software\JavaSoft]

[HKCU\Software\KC Softwares]

[HKCU\Software\KeyLemon]

[HKCU\Software\Leadertech]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogMeIn]

[HKCU\Software\LogiShrd]

[HKCU\Software\Logitech]

[HKCU\Software\Ludi]

[HKCU\Software\MOVAVI]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nadeo]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nosibay]

[HKCU\Software\ODBC]

[HKCU\Software\ORL]

[HKCU\Software\PC Speed Maximizer]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\SFX TEAM]

[HKCU\Software\Sevens]

[HKCU\Software\SightSpeed Inc]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softonic]

[HKCU\Software\Sony Corporation]

[HKCU\Software\Synology]

[HKCU\Software\Sysinternals]

[HKCU\Software\Techlogg.com ToneShop]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\UNYK]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSO]

[HKCU\Software\VirtuaMedia]

[HKCU\Software\Visage Software]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\yahooinstall]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Acronis]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\C-Map]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Cloudmark]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\CosmoPlayer ]

[HKLM\Software\CosmoSoftware]

[HKLM\Software\Creative Tech]

[HKLM\Software\Debug]

[HKLM\Software\Driver-Soft]

[HKLM\Software\ESET]

[HKLM\Software\FotoNation]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\Guliverkli]

[HKLM\Software\HP]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\I.R.I.S.]

[HKLM\Software\ICE]

[HKLM\Software\IMBooster4web-en]

[HKLM\Software\Iminent]

[HKLM\Software\Inmatrix]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Khronos]

[HKLM\Software\Kodak]

[HKLM\Software\Licenses]

[HKLM\Software\LightWork Design]

[HKLM\Software\LogMeIn, Inc.]

[HKLM\Software\LogMeIn]

[HKLM\Software\Logitech]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Seagate]

[HKLM\Software\SightSpeed Inc]

[HKLM\Software\Soeperman Enterprises Ltd.]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\USB2800]

[HKLM\Software\Unyk]

[HKLM\Software\Visage Software]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\logishrd]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\vso]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 24/05/2010 - 20:01:52 ----D- C:\Program Files\3GVisio

O43 - CFD: 26/07/2010 - 17:38:46 ----D- C:\Program Files\7-Zip

O43 - CFD: 20/10/2010 - 18:00:44 ----D- C:\Program Files\Adobe

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\AGEIA Technologies

O43 - CFD: 12/09/2010 - 13:02:18 ----D- C:\Program Files\Apple Software Update

O43 - CFD: 01/10/2009 - 16:49:28 ----D- C:\Program Files\BlueSourcesProject

O43 - CFD: 12/09/2010 - 13:02:14 ----D- C:\Program Files\Bonjour

O43 - CFD: 14/12/2009 - 17:51:48 ----D- C:\Program Files\C-Map

O43 - CFD: 06/04/2010 - 14:42:44 ----D- C:\Program Files\CCleaner

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Cloudmark

O43 - CFD: 14/12/2010 - 21:33:10 ----D- C:\Program Files\ClubDeJeux

O43 - CFD: 14/12/2009 - 18:33:26 ----D- C:\Program Files\CM93_Ed3 & S57

O43 - CFD: 26/01/2010 - 20:43:50 ----D- C:\Program Files\Combined Community Codec Pack

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files

O43 - CFD: 31/10/2009 - 17:27:38 ----D- C:\Program Files\ConvertMovie 4.1

O43 - CFD: 18/04/2010 - 10:14:56 ----D- C:\Program Files\CosmoSoftware

O43 - CFD: 27/10/2010 - 15:33:22 ----D- C:\Program Files\Creative

O43 - CFD: 06/10/2009 - 16:22:10 ----D- C:\Program Files\Driver-Soft

O43 - CFD: 14/07/2009 - 10:01:32 ----D- C:\Program Files\DVD Maker

O43 - CFD: 30/09/2009 - 20:03:00 ----D- C:\Program Files\ESET

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 09/12/2010 - 18:42:02 ----D- C:\Program Files\Glary Utilities

O43 - CFD: 13/10/2010 - 19:48:20 ----D- C:\Program Files\Google

O43 - CFD: 14/12/2009 - 18:08:56 ----D- C:\Program Files\GRIB.US

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 08/11/2009 - 15:05:44 ----D- C:\Program Files\High Sign

O43 - CFD: 14/12/2010 - 18:15:38 ----D- C:\Program Files\Hijackthis Version Française

O43 - CFD: 01/10/2009 - 14:47:38 ----D- C:\Program Files\HP

O43 - CFD: 14/12/2009 - 17:51:26 ----D- C:\Program Files\I&M

O43 - CFD: 04/10/2009 - 17:39:28 ----D- C:\Program Files\IcoFX 1.6

O43 - CFD: 25/10/2010 - 20:49:38 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 18/10/2009 - 20:50:14 ----D- C:\Program Files\Intel

O43 - CFD: 09/12/2010 - 18:14:34 ----D- C:\Program Files\Internet Download Manager

O43 - CFD: 24/11/2010 - 13:00:16 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\iPod

O43 - CFD: 25/11/2010 - 11:54:32 ----D- C:\Program Files\iTunes

O43 - CFD: 22/11/2010 - 18:33:48 ----D- C:\Program Files\Java

O43 - CFD: 26/01/2010 - 20:45:02 ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 01/11/2009 - 14:29:18 ----D- C:\Program Files\KC Softwares

O43 - CFD: 30/10/2010 - 16:55:06 ----D- C:\Program Files\KeyLemon

O43 - CFD: 21/12/2009 - 19:09:34 ----D- C:\Program Files\LightWork Design

O43 - CFD: 22/11/2010 - 18:44:06 ----D- C:\Program Files\Logitech

O43 - CFD: 21/11/2010 - 01:47:48 ----D- C:\Program Files\LogMeIn

O43 - CFD: 06/12/2009 - 13:50:26 ----D- C:\Program Files\Ludi

O43 - CFD: 14/12/2010 - 15:59:32 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 18/10/2009 - 20:51:56 ----D- C:\Program Files\Marvell

O43 - CFD: 01/10/2009 - 00:45:14 ----D- C:\Program Files\Microsoft

O43 - CFD: 28/10/2010 - 12:00:22 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 10/10/2009 - 14:50:36 ----D- C:\Program Files\Microsoft Games

O43 - CFD: 27/11/2009 - 15:43:04 ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/10/2010 - 12:11:38 ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 02/12/2010 - 11:51:04 ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 27/11/2009 - 15:41:42 ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 27/11/2009 - 15:45:18 ----D- C:\Program Files\Microsoft Works

O43 - CFD: 25/06/2010 - 12:00:30 ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 31/10/2009 - 17:27:38 ----D- C:\Program Files\MOVAVI

O43 - CFD: 10/12/2010 - 17:56:28 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 27/11/2009 - 15:43:06 ----D- C:\Program Files\MSBuild

O43 - CFD: 15/10/2009 - 02:01:06 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 01/10/2009 - 00:25:26 ----D- C:\Program Files\Nero

O43 - CFD: 28/11/2009 - 09:42:30 ----D- C:\Program Files\Nosibay

O43 - CFD: 02/12/2010 - 09:02:06 ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 17/11/2010 - 11:34:08 ----D- C:\Program Files\OV

O43 - CFD: 10/12/2009 - 21:16:08 ----D- C:\Program Files\PC Drivers HeadQuarters

O43 - CFD: 27/11/2009 - 17:59:34 ----D- C:\Program Files\PC Speed Maximizer

O43 - CFD: 05/10/2009 - 19:53:40 ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 30/09/2009 - 20:02:10 ----D- C:\Program Files\PlayReady

O43 - CFD: 08/08/2010 - 17:25:42 ----D- C:\Program Files\QUAD Utilities

O43 - CFD: 09/12/2010 - 11:47:54 ----D- C:\Program Files\QuickTime

O43 - CFD: 26/11/2010 - 10:19:58 ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 01/10/2009 - 01:01:00 ----D- C:\Program Files\Seagate

O43 - CFD: 06/11/2010 - 11:06:58 ----D- C:\Program Files\Sensible Vision

O43 - CFD: 06/12/2009 - 16:12:32 ----D- C:\Program Files\Sevens

O43 - CFD: 18/10/2009 - 16:44:16 ----D- C:\Program Files\SightSpeed

O43 - CFD: 18/10/2009 - 11:33:20 ----D- C:\Program Files\Sony

O43 - CFD: 01/10/2009 - 00:35:58 ----D- C:\Program Files\SuperCopier2

O43 - CFD: 01/10/2009 - 15:00:56 ----D- C:\Program Files\Synology

O43 - CFD: 10/09/2010 - 16:52:22 ----D- C:\Program Files\Techlogg.com ToneShop

O43 - CFD: 02/11/2010 - 17:58:04 ----D- C:\Program Files\TuneUp Utilities 2011

O43 - CFD: 14/07/2009 - 05:53:24 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 04/04/2010 - 16:51:40 ----D- C:\Program Files\Unyk Syncro

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\Program Files\Visagesoft

O43 - CFD: 04/06/2010 - 19:42:24 ----D- C:\Program Files\Vsk5Online

O43 - CFD: 01/10/2009 - 20:34:00 ----D- C:\Program Files\VSO

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 10:01:30 ----D- C:\Program Files\Windows Journal

O43 - CFD: 02/12/2010 - 11:52:56 ----D- C:\Program Files\Windows Live

O43 - CFD: 12/05/2010 - 12:16:26 ----D- C:\Program Files\Windows Mail

O43 - CFD: 14/10/2010 - 12:10:50 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 30/09/2009 - 19:38:26 ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 05:52:34 ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 01/10/2009 - 00:22:56 ----D- C:\Program Files\WinRAR

O43 - CFD: 09/10/2009 - 10:58:32 ----D- C:\Program Files\ZapWallPaper

O43 - CFD: 15/12/2010 - 11:24:10 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files\Cloudmark

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 21/12/2009 - 19:09:02 ----D- C:\Program Files\Common Files\FotoNation

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:00 ----D- C:\Program Files\Common Files\HP

O43 - CFD: 14/12/2009 - 17:50:52 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 30/01/2010 - 00:29:54 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 27/10/2010 - 15:47:40 ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD: 27/10/2010 - 15:45:32 ----D- C:\Program Files\Common Files\LWS

O43 - CFD: 20/10/2010 - 06:10:30 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 01/10/2009 - 00:25:16 ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 28/11/2009 - 09:42:34 ----D- C:\Program Files\Common Files\Nosibay

O43 - CFD: 01/10/2009 - 01:01:04 ----D- C:\Program Files\Common Files\Seagate

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 27/11/2009 - 15:46:52 ----D- C:\Program Files\Common Files\System

O43 - CFD: 01/10/2009 - 00:29:40 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\ProgramData\Adobe

O43 - CFD: 06/12/2009 - 17:48:42 ----D- C:\ProgramData\agi

O43 - CFD: 16/10/2009 - 17:23:44 ----D- C:\ProgramData\Apple

O43 - CFD: 01/10/2009 - 00:42:20 ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 20/11/2010 - 21:23:32 ----D- C:\ProgramData\Cloudmark

O43 - CFD: 18/10/2009 - 16:53:16 ----D- C:\ProgramData\Creative

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Documents

O43 - CFD: 30/09/2009 - 20:03:00 ----D- C:\ProgramData\ESET

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\ProgramData\eXPert PDF

O43 - CFD: 31/10/2009 - 09:50:22 ----D- C:\ProgramData\eXPert PDF 4

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\ProgramData\eXPert PDF Jobs

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 01/10/2009 - 14:49:30 ----D- C:\ProgramData\Google

O43 - CFD: 01/10/2009 - 14:46:14 ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:54 ----D- C:\ProgramData\HP

O43 - CFD: 17/11/2010 - 11:34:08 ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 30/10/2010 - 16:51:12 ----D- C:\ProgramData\KeyLemon

O43 - CFD: 01/10/2009 - 00:58:44 ----D- C:\ProgramData\LogiShrd

O43 - CFD: 22/11/2010 - 18:44:06 ----D- C:\ProgramData\Logitech

O43 - CFD: 01/10/2009 - 00:34:12 ----D- C:\ProgramData\LogMeIn

O43 - CFD: 14/12/2010 - 15:59:30 ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 20/10/2010 - 06:10:44 -S--D- C:\ProgramData\Microsoft

O43 - CFD: 10/11/2010 - 13:01:34 ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 18/10/2009 - 16:44:38 ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 01/10/2009 - 00:25:06 ----D- C:\ProgramData\Nero

O43 - CFD: 02/12/2010 - 09:07:24 ----D- C:\ProgramData\NVIDIA

O43 - CFD: 02/12/2010 - 09:02:10 ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 01/10/2009 - 00:49:36 ----D- C:\ProgramData\Office Genuine Advantage

O43 - CFD: 10/12/2009 - 21:16:34 ----D- C:\ProgramData\PC Drivers HeadQuarters

O43 - CFD: 16/10/2009 - 14:27:36 ----D- C:\ProgramData\Seagate

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 30/01/2010 - 00:29:56 ----D- C:\ProgramData\Sun

O43 - CFD: 01/05/2010 - 08:56:08 ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Templates

O43 - CFD: 02/11/2010 - 17:58:24 ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 10/12/2009 - 21:16:34 ----D- C:\ProgramData\UAB

O43 - CFD: 06/06/2010 - 13:29:28 ----D- C:\ProgramData\Vsk5Online

O43 - CFD: 01/10/2009 - 15:40:30 ----D- C:\ProgramData\WEBREG

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files\Cloudmark

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 21/12/2009 - 19:09:02 ----D- C:\Program Files\Common Files\FotoNation

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:00 ----D- C:\Program Files\Common Files\HP

O43 - CFD: 14/12/2009 - 17:50:52 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 30/01/2010 - 00:29:54 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 27/10/2010 - 15:47:40 ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD: 27/10/2010 - 15:45:32 ----D- C:\Program Files\Common Files\LWS

O43 - CFD: 20/10/2010 - 06:10:30 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 01/10/2009 - 00:25:16 ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 28/11/2009 - 09:42:34 ----D- C:\Program Files\Common Files\Nosibay

O43 - CFD: 01/10/2009 - 01:01:04 ----D- C:\Program Files\Common Files\Seagate

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 27/11/2009 - 15:46:52 ----D- C:\Program Files\Common Files\System

O43 - CFD: 01/10/2009 - 00:29:40 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.36676909494162E1BD38B029775290A2] - 15/12/2010 - 11:09:08 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [6384]

O44 - LFC:[MD5.6639020D4A38BC410381847ADEE3FEAF] - 15/12/2010 - 11:09:04 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.2BC8138044B6AE03989B8D0F751512B1] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1557414]

O44 - LFC:[MD5.D561CD9BED3F13E8BFACDAFEAF24C769] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [107034]

O44 - LFC:[MD5.A795B7F727DBFB3C3067DA46E4FE3019] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [131426]

O44 - LFC:[MD5.F3E7163B74FD497147F1E47B2BF9AA68] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [618714]

O44 - LFC:[MD5.92746D539E6FECE4E1D96F4C2BF24709] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [706998]

O44 - LFC:[MD5.07000000000000000000000054EE1200] - 15/12/2010 - 04:09:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [475602]

O44 - LFC:[MD5.50CB3529B582E73A78A679255F1DBCC2] - 14/12/2010 - 21:02:26 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10288]

O44 - LFC:[MD5.50CB3529B582E73A78A679255F1DBCC2] - 14/12/2010 - 21:02:26 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10288]

O44 - LFC:[MD5.72F2D357120F95C1E725C22915FE95E1] - 14/12/2010 - 19:24:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WORDPAD.INI [193]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/12/2010 - 18:42:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.5157E3140D0EEF32A5B5E5A80F73EBF2] - 09/12/2010 - 06:40:38 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [84208]

O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 01/12/2010 - 20:50:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\h÷l [20]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 29/11/2010 - 18:15:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [69]

O44 - LFC:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 17:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.FC05FDD589804A9B759859686ACCEF6A] - 29/11/2010 - 17:38:30 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632]

O44 - LFC:[MD5.1371C24B0D46535BCB727FE2B53CB1FF] - 29/11/2010 - 17:38:30 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208]

O44 - LFC:[MD5.51A850830CB841FBE5B90142BCC6B854] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.87893167C98FCEF5D14077511F219B75] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.42278A946AB729CB746AA47D48F5FCC0] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]

O44 - LFC:[MD5.D559711024AB32DA749F38D8902DE1A0] - 22/11/2010 - 18:33:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_22-b04.log [5797]

 

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\Windows\System32\snti386.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\Windows\System32\snti386.dll

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\KeyLemon LemonScreen [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\KeyLemon\KLLockEngine.exe

O53 - SMSR:HKLM\...\startupreg\KeyLemon Updater [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\KeyLemon\KLUpdater.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [79952]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [23616]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 08:56:20 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [5810]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.D4F94D45E25D764462A5B95BC426C8D0] - 19/03/2009 - 10:41:38 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys [113960]

O58 - SDL:[MD5.9456462C1425D2BBF1616EDABFABA5F4] - 19/03/2009 - 10:44:34 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys [107256]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.4438C5842CA7DBB69EE149D4820273BC] - 16/04/2009 - 14:40:34 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\system32\drivers\emBDA.sys [566528]

O58 - SDL:[MD5.1754E81CE063C6E25307666F8D6568A0] - 16/04/2009 - 14:40:40 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\system32\drivers\emOEM.sys [528256]

O58 - SDL:[MD5.32102F2C07182523B1390C2D9341E397] - 19/03/2009 - 10:45:40 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfpr.sys [93312]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332352]

O58 - SDL:[MD5.5157E3140D0EEF32A5B5E5A80F73EBF2] - 09/12/2010 - 06:40:38 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\system32\drivers\idmwfp.sys [84208]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.0C6E346CDE730CF1356DD69AD6E9BC42] - 17/06/2009 - 17:55:18 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys [20240]

O58 - SDL:[MD5.70035567754BED4E6AD353CA3F175127] - 17/06/2009 - 17:55:50 ---A- . (.Logitech, Inc. - Logitech Equad USB Driver..) -- C:\Windows\system32\drivers\LEqdUsb.sys [40720]

O58 - SDL:[MD5.170E7093A77AD586F3A012A3DB651D94] - 23/11/2009 - 17:37:08 ---A- . (.Logitech Inc. - Logitech WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\system32\drivers\LGBusEnum.sys [19720]

O58 - SDL:[MD5.D2DD04D1C8DF65EECD1F2C7FB947D43E] - 23/11/2009 - 17:37:18 ---A- . (.Logitech Inc. - Logitech GamePanel Virtual Hid Device Driver.) -- C:\Windows\system32\drivers\LGVirHid.sys [14856]

O58 - SDL:[MD5.32491B6BAE0AFAD1D7A62C0EF0AF4321] - 17/06/2009 - 17:55:58 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidEqd.sys [10384]

O58 - SDL:[MD5.7F9C7B28CF1C859E1C42619EEA946DC8] - 17/06/2009 - 17:56:06 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys [35472]

O58 - SDL:[MD5.4477689E2D8AE6B78BA34C9AF4CC1ED1] - 11/08/2008 - 11:40:34 ---A- . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) -- C:\Windows\system32\drivers\lmimirr.sys [10144]

O58 - SDL:[MD5.3FAA563DDF853320F90259D455A01D79] - 11/08/2008 - 11:41:00 ---A- . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) -- C:\Windows\system32\drivers\LMIRfsDriver.sys [47640]

O58 - SDL:[MD5.AB33792A87285344F43B5CE23421BAB0] - 17/06/2009 - 17:56:16 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys [37392]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.77030525CD86A93F1AF34FA9B96D33CE] - 17/06/2009 - 17:56:32 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\system32\drivers\LUsbFilt.sys [28560]

O58 - SDL:[MD5.13612D5107C9B65BEF347F449BCAF54D] - 14/05/2010 - 22:58:58 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\Windows\system32\drivers\lvbusflt.sys [20704]

O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 17:43:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\LVPr2Mon.sys [25824]

O58 - SDL:[MD5.E52F5A2CADCF08D07F559962F807A0A2] - 14/05/2010 - 23:02:26 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys [276448]

O58 - SDL:[MD5.D679BAC01850B70518DA1AB75E735556] - 14/05/2010 - 23:02:48 ---A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\Windows\system32\drivers\lvselsus.sys [66528]

O58 - SDL:[MD5.C3D02260BEB2B48DEA1EFDFCA91E4B69] - 14/05/2010 - 23:04:02 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys [6842592]

O58 - SDL:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 17:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.377140A534D013BD661C69F1741DE43C] - 10/07/2010 - 05:37:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 258.96.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11008040]

O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117312]

O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [142416]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.B38E89386993E69A959B941561F3E5F3] - 21/07/2010 - 00:43:14 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [194664]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.AEBBA7428A6C40CCE3C5ABDE45190B24] - 16/09/2003 - 17:25:04 ---A- . (.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\Windows\system32\drivers\SENTINEL.SYS [76288]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.B6AA9BBFF890FFEA333FFE81D0B888FF] - 01/10/2009 - 01:01:08 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys [120992]

O58 - SDL:[MD5.A1FF7D99B199CEA1F3DF371BA70D2780] - 16/09/2003 - 17:25:04 ---A- . (.Rainbow Technologies Inc. - Rainbow Technologies Sentinel Device Driver.) -- C:\Windows\system32\drivers\SNTNLUSB.SYS [26120]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.B84B82C0CBEB1B0D7EB7A946BADE5830] - 01/10/2009 - 01:01:10 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [32768]

O58 - SDL:[MD5.68B3DAA08EA06737022832FCCFFB9B75] - 01/10/2009 - 01:01:10 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [400864]

O58 - SDL:[MD5.5C2BDC152BBAB34F36473DEAF7713F22] - 28/09/2010 - 15:44:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.4E8630D1A7E15D7F9A2BC25993AE7234] - 11/12/2009 - 11:23:00 ---A- . (.Marvell - NDIS6.20 Miniport Driver for Marvell Yukon Ethernet Controller.) -- C:\Windows\system32\drivers\yk62x86.sys [316416]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.D02EFE614EB0A2A2EAC8DDB481921015] - 03/02/2000 - 20:53:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Ckldrv.sys [24608]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.EE4B203FAFF6FFEC620F755E99216DE7] - 23/11/1999 - 09:17:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\dc240u.sys [7808]

O58 - SDL:[MD5.6BDADA8549301714A96F0A11AB7E1044] - 23/11/1999 - 09:17:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Digita.sys [65864]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 1.99.1 - (.Soeperman Enterprises Ltd..) [HKLM] -- HijackThis

O63 - Logiciel: Hijackthis Version Française - (.Pc-Help-Bordeaux.) [HKLM] -- Hijackthis Version Française_is1

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG

O64 - Services: CurCS - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\eamon.sys - eamon (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ehdrv.sys - ehdrv (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\epfwwfpr.sys - epfwwfpr (epfwwfpr) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFPR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL

O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\idmwfp.sys - IDMWFP (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Program Files\LogMeIn\x86\RaInfo.sys - LogMeIn Kernel Information Provider (LMIInfo) .(.LogMeIn, Inc. - RemotelyAnywhere Kernel Information Provide.) - LEGACY_LMIINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\LMIRfsDriver.sys - LogMeIn Remote File System Driver (LMIRfsDriver) .(.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) - LEGACY_LMIRFSDRIVER

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON

O64 - Services: CurCS - C:\Windows\system32\drivers\mbamswissarmy.sys - MBAMSwissArmy (MBAMSwissArmy) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSWISSARMY

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\ckldrv.sys - NetworkX (NetworkX) .(.Pas de propriétaire - Pas de description.) - LEGACY_NETWORKX

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - (.not file.) - PROCEXP140 (PROCEXP140) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP140

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SENTINEL.sys - Sentinel (Sentinel) .(.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tifsfilt.sys - Acronis True Image FS Filter (tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER

O64 - Services: CurCS - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF

O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Logon User Interface Host.) -- C:\Windows\system32\LogonUI.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe

O66 - EventLog: ID=1000 (Application Error) - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Jules\Documents\Downloads\Programs\wlsetup-webc.exe

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: C:\Users\Jules\AppData\Roaming\Mozilla\Firefox\Profiles\\4rvcwt7b.default\searchplugins\conduit.xml

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2567681/CT2567681", "\"1292337163\"");

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {9DCB269D-7442-4D43-A027-CD932FE742E3} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (IMBooster4web-en Customized Web Search) - http://search.conduit.com

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [168448]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664]

O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [29504]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1912832]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [743424]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]

 

 

---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)

[MD5.4EC37567017BE43D908B87E0224563FB] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem1225599321674657207.reg.tmp [4893180]

[MD5.853789CF7C094F9AD1CFCA58A5A0AEEC] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem4834109198148564374.reg.tmp [4903874]

[MD5.7B610F337BB0E8FAFBD423CC080FB104] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem7733094511070819690.reg.tmp [4769186]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 20/08/2007 410904 | "C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

SR - | Auto 16/10/2010 37664 | "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 27/07/2010 345376 | "C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 29/06/2000 52224 | C:\Windows\System32\crypserv.exe (Crypkey License) . (.Kenonic Controls Ltd..) - C:\Windows\System32\crypserv.exe

SS - | Demand 19/03/2009 20680 | "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

SR - | Auto 19/03/2009 731840 | "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

SS - | Auto 08/12/2009 135664 | "C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Demand 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 05/08/2010 1809920 | "C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

SR - | Demand 17/11/2010 820008 | "C:\Program Files\iPod\bin\iPodService.exe (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 20/07/2009 121360 | C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

SR - | Auto 27/09/2010 374152 | "C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

SS - | Disabled 14/10/2010 116104 | "C:\Program Files\LogMeIn\x86\RaMaint.exe (LMIMaint) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\RaMaint.exe

SS - | Disabled 11/08/2008 63040 | "C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LogMeIn.exe

SR - | Auto 07/05/2010 162648 | "C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/07/2010 129640 | C:\Windows\system32\nvvsvc.exe (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SR - | Auto 28/10/2010 1483072 | "C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by Jules at 15/12/2010 11:25:36

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x8308F458] -> \Device\Harddisk0\DR0[0x86868AC8]

3 CLASSPNP[0x837D459E] -> ntkrnlpa!IofCallDriver[0x8308F458] -> [0x8667F918]

5 ACPI[0x8B4C73B2] -> ntkrnlpa!IofCallDriver[0x8308F458] -> \Device\Ide\IdeDeviceP3T0L0-3[0x866F8908]

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Jules at 15/12/2010 11:25:36

Use the desktop link 'MBRCheck' to have full report

 

 

 

 

End of the scan (1325 lines in 01mn 32s)(0)

[pear]

Les procédures de désinfection sont à exécuter dans l'ordre.

Donc, ici, Mbam puis Zhpdiag et pas l'inverse.

[ti_youles]

voici le rapport MB

Malwarebytes' Anti-Malware 1.50

www.malwarebytes.org

 

Version de la base de données: 5311

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

15/12/2010 14:00:33

mbam-log-2010-12-15 (14-00-33).txt

 

Type d'examen: Examen complet (C:\|D:\|Y:\|Z:\|)

Elément(s) analysé(s): 307556

Temps écoulé: 2 heure(s), 39 minute(s), 3 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

Merci de votre patience

[pear]

OK!

J'attends donc maintenant un nouveau Zhpdiag.

[ti_youles]

Rapport de ZHPDiag v1.27.1420 par Nicolas Coolman, Update du 11/12/2010

Run by Jules at 15/12/2010 15:16:50

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385

MFIE: Mozilla Firefox v3.6.13 (fr) (Defaut)

GCIE: Google Chrome v8.0.552.224

 

---\\ System Information

Windows 7 Ultimate Edition, 32-bit (Build 7600)

Processor: x86 Family 6 Model 26 Stepping 5, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3063 MB (63% free)

System drive C: has 82 GB (68%) free of 119 GB

 

---\\ Logged in mode

Computer Name: PC-DE-JULES

User Name: Jules

All Users Names: Jules, Administrateur,

Unselected Option: O1,O45,O61,O62,O65,O82

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 82 Go of 119 Go)

D:\ CD-ROM drive (Not Inserted)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.2626FC9755BE22F805D3CFA0CE3EE727] - (.Microsoft Corporation - Explorateur Windows.) (.31/10/2009 06:45:39.) -- C:\Windows\Explorer.exe [2614272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\System32\Wininit.exe [96256]

[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.28/10/2009 07:17:59.) -- C:\Windows\System32\Winlogon.exe [285696]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\System32\drivers\atapi.sys [21584]

[MD5.3795DCD21F740EE799FB7223234215AF] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.14/07/2009 02:20:44.) -- C:\Windows\System32\drivers\ntfs.sys [1210432]

 

 

---\\ Processus lancés

[MD5.5E6E633874A6F3C5E21F757759B78217] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe [645952]

[MD5.642FAD18C7393E164FA871005359442F] - (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2029640]

[MD5.234051C0D242A6F4A79AE5212C1323D4] - (.LogMeIn, Inc. - LogMeIn Desktop Application.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [63048]

[MD5.35CE7659615EF1FCE1E94D8A2C44E515] - (.Seagate - Seagate DiscWizard Monitor.) -- C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe [1192336]

[MD5.BDC182D447A2233D1F047A7BE441DB34] - (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe [1966128]

[MD5.C1C9B6208D65B4D41404D2513CB6C316] - (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe [148760]

[MD5.C09C42AD728D74F6658BB07E40D90FBE] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe [998912]

[MD5.6CBEC289086EC51A263DA1413FF4208F] - (.Logitech Inc. - Logitech Webcam Software.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [165208]

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [248552]

[MD5.853E84A458D4D06BFF170E24318EB6F8] - (.Logitech Inc. - Logitech GamePanel Agent.) -- C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe [358472]

[MD5.0B7EDB7D060863C0F1A65BF109C7CB30] - (.Logitech Inc. - Logitech LCD Manager.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [1809992]

[MD5.27F8BF031D9332C9C02AE8C1357185B3] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe [168792]

[MD5.C93178333460ABD59A008F7F9215D930] - (.Logitech Inc. - Logitech G-series Profiler.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [3649096]

[MD5.2DFCB2393528446AEB9FB861A8FC39AB] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe [421160]

[MD5.F6987FF6C6D683F79FDCE707B071A997] - (.SFX TEAM - SuperCopier 2 (explorer file copy replaceme.) -- C:\Program Files\SuperCopier2\SuperCopier2.exe [955392]

[MD5.D0DD7E7AAA381672BA6BC1DB0C1093C3] - (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe [646656]

[MD5.723FCCFC592E5A022BD7FFC87B55AE91] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe [651096]

[MD5.E9B04A22EC2E9ECD4F6E0E5B10E35534] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3253656]

[MD5.D7CFC1891552F4FE81E092E0F1ECFDC4] - (.Nosibay - Bubble Dock.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe [443920]

[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360]

[MD5.B624202660474516E73AA95238FD9843] - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe [813584]

[MD5.D0291BD17EDAB65C4725B0CCF0745F09] - (.Sony Corporation - Media Check Tool.) -- C:\Program Files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [368640]

[MD5.E96BC31E0114F0999FB0F92FC65D61CA] - (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE [55824]

[MD5.391475966ADA33651B1793DB3C358C99] - (.Logitech Inc. - Logitech LCD Clock/Performance Monitor.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe [676424]

[MD5.205E6E08B4921CE48B8E80A2D2FDE6F2] - (.Logitech Inc. - Logitech G-series Media Display.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe [522824]

[MD5.384C4297372229EB7FFD3799C89A87FE] - (.Logitech Inc. - Logitech G-series LCD Countdown Timer.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe [523848]

[MD5.524385F1E5F3057E65570F80FF3731E8] - (.Logitech Inc. - Logitech G-series POP3 Monitor.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe [477768]

[MD5.B77E400A3A9248C866544F09E415B3EF] - (.Logitech Inc. - Logitech G-series LCD RSS.) -- C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe [498760]

[MD5.6979904D30D8FC0F1776EAA61BEF12B8] - (.Microsoft Corporation - Gadget du Lecteur Windows Media pour des ap.) -- C:\Program Files\Windows Media Player\WMPSideShowGadget.exe [144896]

[MD5.A0F1DFC9E47B2524213AFF32E26BE92D] - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe [164864]

[MD5.C36C6A8B418B635F9D613D608D7ADA84] - (.Nosibay - Bubble Dock.) -- C:\Program Files\Nosibay\Bubble Dock\Bubble Dock.exe [4326928]

[MD5.0E20A3213ED010FC4997D1EF48082ABC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344]

[MD5.BA9A09CF1B9503C363617F3748F6D791] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856]

[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [263600]

[MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320]

[MD5.C2E9F997B2FEFE06C898BFEECF3B63B2] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304]

[MD5.8FC85C14B6316745670816F98693A100] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [262144]

[MD5.4AD75429CE8E4F2C63F71B6774DE42D2] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\PROGRA~1\Java\jre6\bin\jp2launcher.exe [23328]

[MD5.51A850830CB841FBE5B90142BCC6B854] - (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\java.exe [145184]

[MD5.67E683EB81D88828B8F6807E3FBAD13B] - (. Optimiseur de Voile - Pas de description.) -- C:\Program Files\OV\OV.exe [217088]

[MD5.9A80E1F31DDB1FE19B4E3C34773B7B57] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [620544]

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.PLATINUM technology, inc. - PLATINUM technology, inc. Plug-in for viewing 3D worlds authored in VR.) -- C:\Program Files\Mozilla Firefox\Plugins\npcosmop211.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.1".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.615.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (.Pas de propriétaire - Pas de description.) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_22 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50917.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.39\npGoogleOneClick8.dll

M0 - MFSP: prefs.js [Jules - 4rvcwt7b.default] iGoogle

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\capturefoxmovie@advancity.net] [] Capture Fox v0.7.0 (.Zafer Gurel.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\engine@conduit.com] [] Conduit Engine v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\fr@dictionaries.addons.mozilla.org] [] Dictionnaire français «Réforme 1990» v3.5 (.Olivier R..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\personas@christopher.beard] [personas] Personas v1.6.1 (.Chris Beard.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\tabscope@xuldev.org] [] Tab Scope v0.3.7 (.ã”ã¿ãŸ.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{346de098-61f9-4b42-89da-6dfba7091bb6}] [] IMBooster4web-en Toolbar v2.5.6.0 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Community Toolbar v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{77b819fa-95ad-4f2c-ac7c-486b356188a9}] [] IE Tab v1.5.20090525 (.Hong Jen Yee (PCMan).)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] [adblockplus] Adblock Plus v1.3.1 (.Wladimir Palant.)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{dc572301-7619-498c-a57d-39143191b318}] [tabmix] Tab Mix Plus v1.3.1 (.ONEMEN (tabmix.onemen@gmail.com).)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{e213bb8f-8ebd-11db-96b7-005056c00008}] [] myFirefox v3.0.0.91 (.FlyWorld and Merci chao , Anna .)

M2 - MFEP: prefs.js [Jules - 8v12l2ng.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.1 (.Microsoft.)

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] Google

G0 - GCSP: Preference [user Data\Default][HomePage] Google

 

 

---\\ Internet Explorer, Démarrage,Recherche,URSearchHook (R0,R1,R3)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R3 - URLSearchHook: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} Clé orpheline

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} Clé orpheline

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Tonec Inc. - IDM BHO Module.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [egui] . (.ESET - ESET GUI.) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

O4 - HKLM\..\Run: [LogMeIn GUI] :C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (.not file.)

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] . (.Logitech, Inc. - Logitech KHAL Main Process.) -- C:\Windows\KHALMNPR.exe

O4 - HKLM\..\Run: [DiscWizardMonitor.exe] :C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe (.not file.)

O4 - HKLM\..\Run: [AcronisTimounterMonitor] . (.Acronis - Monitor for Acronis True Image Backup Archi.) -- C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe

O4 - HKLM\..\Run: [Acronis Scheduler2 Service] . (.Acronis - Acronis Scheduler Helper.) -- C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe

O4 - HKLM\..\Run: [hpqSRMon] :C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe (.not file.)

O4 - HKLM\..\Run: [vspdfprsrv.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe

O4 - HKLM\..\Run: [LWS] :C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (.not file.)

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [Launch LgDeviceAgent] . (.Logitech Inc. - Logitech GamePanel Agent.) -- C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe

O4 - HKLM\..\Run: [Launch LCDMon] . (.Logitech Inc. - Logitech LCD Manager.) -- C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe

O4 - HKLM\..\Run: [Launch LGDCore] . (.Logitech Inc. - Logitech G-series Profiler.) -- C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe

O4 - HKLM\..\Run: [iTunesHelper] :C:\Program Files\iTunes\iTunesHelper.exe (.not file.)

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O4 - HKCU\..\Run: [superCopier2.exe] :C:\Program Files\SuperCopier2\SuperCopier2.exe (.not file.)

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKCU\..\Run: [ViDesk] . (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe

O4 - HKCU\..\Run: [sidebar] :C:\Program Files\Windows Sidebar\sidebar.exe (.not file.)

O4 - HKCU\..\Run: [iDMan] :C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)

O4 - HKCU\..\Run: [PC Speed Maximizer] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PC Speed Maximizer\SPMTray.exe

O4 - HKCU\..\Run: [bubble Dock] :"C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [superCopier2.exe] :C:\Program Files\SuperCopier2\SuperCopier2.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [ViDesk] . (.anarpunk - Pas de description.) -- C:\Program Files\BlueSourcesProject\ViDesk\ViDesk.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [sidebar] :C:\Program Files\Windows Sidebar\sidebar.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [iDMan] :C:\Program Files\Internet Download Manager\IDMan.exe (.not file.)

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [PC Speed Maximizer] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\PC Speed Maximizer\SPMTray.exe

O4 - HKUS\S-1-5-21-2182866855-1228362895-1267479509-1000\..\Run: [bubble Dock] :"C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe (.not file.)

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\3GVisio.lnk . (.Pas de propriétaire.) -- C:\Program Files\3GVisio\3GVisio.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Bubble Dock.lnk . (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\ConvertMovie 4.1.lnk . (.http://movavi.com.) -- C:\Program Files\ConvertMovie 4.1\ConvertMovie.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Driver Genius Professional Edition.lnk . (.Driver-Soft Inc..) -- C:\Program Files\Driver-Soft\DriverGenius\DriverGenius.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Hijackthis Version Française.lnk . (.Soeperman Enterprises Ltd..) -- C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\IcoFX.lnk . (.Attila Kovrig.) -- C:\Program Files\IcoFX 1.6\IcoFX.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\keyfinder - Raccourci.lnk . (.Pas de propriétaire.) -- Z:\Téléchargements\keyfinder.2.0.1\Keyfinder.2.0.1\keyfinder.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\LogMeIn.lnk . (.LogMeIn, Inc..) -- C:\Program Files\LogMeIn\x86\raabout.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\SnippingTool.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\SUMo.lnk . (.KC Softwares.) -- C:\Program Files\KC Softwares\SUMo\SUMo.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer_1.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\VSO Image Resizer_3.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Watermark Magick.lnk . (.ZapWallPaper.) -- C:\Program Files\ZapWallPaper\Watermark\Watermark-Magick.exe

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\High Sign.lnk . (.Pas de propriétaire.) -- C:\Users\Jules\AppData\Roaming\Microsoft\Installer\{CE02A8CC-C4E0-4F42-8183-AD26E16C0C42}\_C71360240B8BE753C4CC69.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jules\Desktop\3GVisio.lnk . (.Pas de propriétaire.) -- C:\Program Files\3GVisio\3GVisio.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Bubble Dock.lnk . (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

O4 - Global Startup: C:\Users\Jules\Desktop\CCleaner.lnk . (.Piriform Ltd.) -- C:\Program Files\CCleaner\CCleaner.exe

O4 - Global Startup: C:\Users\Jules\Desktop\ConvertMovie 4.1.lnk . (.http://movavi.com.) -- C:\Program Files\ConvertMovie 4.1\ConvertMovie.exe

O4 - Global Startup: C:\Users\Jules\Desktop\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Driver Genius Professional Edition.lnk . (.Driver-Soft Inc..) -- C:\Program Files\Driver-Soft\DriverGenius\DriverGenius.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Hijackthis Version Française.lnk . (.Soeperman Enterprises Ltd..) -- C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

O4 - Global Startup: C:\Users\Jules\Desktop\IcoFX.lnk . (.Attila Kovrig.) -- C:\Program Files\IcoFX 1.6\IcoFX.exe

O4 - Global Startup: C:\Users\Jules\Desktop\keyfinder - Raccourci.lnk . (.Pas de propriétaire.) -- Z:\Téléchargements\keyfinder.2.0.1\Keyfinder.2.0.1\keyfinder.exe

O4 - Global Startup: C:\Users\Jules\Desktop\LogMeIn.lnk . (.LogMeIn, Inc..) -- C:\Program Files\LogMeIn\x86\raabout.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Media Center.lnk . (.Microsoft Corporation.) -- C:\Windows\ehome\ehshell.exe

O4 - Global Startup: C:\Users\Jules\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Snipping Tool.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\SnippingTool.exe

O4 - Global Startup: C:\Users\Jules\Desktop\SUMo.lnk . (.KC Softwares.) -- C:\Program Files\KC Softwares\SUMo\SUMo.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer_1.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\VSO Image Resizer_3.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Watermark Magick.lnk . (.ZapWallPaper.) -- C:\Program Files\ZapWallPaper\Watermark\Watermark-Magick.exe

O4 - Global Startup: C:\Users\Jules\Desktop\Windows Explorer.lnk . (.Microsoft Corporation.) -- C:\Windows\explorer.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CrossLoop.lnk . (.CrossLoop.) -- C:\Users\Jules\AppData\Local\CrossLoop\CrossLoopConnect.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Glary Utilities.lnk . (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\Integrator.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Ugrib.lnk . (.GRIB.US.) -- C:\Program Files\GRIB.US\Ugrib.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VSO Image Resizer.lnk . (.VSO Software SARL.) -- C:\Program Files\VSO\Image Resizer\Resize.exe

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - Clé orpheline

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Télécharger avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetVL.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Internet Download Manager\IEGetAll.htm

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companionres.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (.Pas de propriétaire - Pas de description.) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{98DA9392-F3E0-44EE-8DCB-CA8D11FB0CED}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

O23 - Service: (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: (Crypkey License) . (.Kenonic Controls Ltd. - CrypKey NT Service.) - C:\Windows\System32\crypserv.exe

O23 - Service: (ekrn) . (.ESET - ESET Service.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (IconMan_R) . (.Realsil Microelectronics Inc. - Realtek Card Reader Icon Tool..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

O23 - Service: (LMIGuardianSvc) . (.LogMeIn, Inc. - LMIGuardianSvc.) - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: (LVPrcSrv) . (.Logitech Inc. - LVPrcSrv Module..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

O23 - Service: (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 258.9.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(.Pas de propriétaire - Pas de description.) - (.not file.)

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GlaryInitialize.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.45AD8AA455CA1535C57CC3DD71A60A7A] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.93DB1FF92B03D24738A71E6E4992DFD3] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

[MD5.BAD6BEA0DE1F69C82BDB74378CE0C20A] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.062F3DB9AFA9C3CE0DA52F28595C0C6D] [APT] [Programme de mise … jour en ligne de HP.] (.Hewlett-Packard.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

[MD5.D7CFC1891552F4FE81E092E0F1ECFDC4] [APT] [RunAsStdUser Task] (.Nosibay.) -- C:\Program Files\Nosibay\Bubble Dock\LBubble Dock.exe

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (.Pas de propriétaire.) -- C:\Program Files\TuneUp Utilities 2010\OneClick.exe (.not file.)

[MD5.7F054CA4D3AFAED6DAB518EF0FDF6F1E] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.TuneUp Software.) -- C:\Program Files\TuneUp Utilities 2011\OneClick.exe

[MD5.1035D30CD954D62A7804785D7874D611] [APT] [{034F32AB-9885-4EA7-9963-AE2BE945B5F1}] (.Dylan Vester.) -- C:\Program Files\High Sign\HighSign.exe

[MD5.1035D30CD954D62A7804785D7874D611] [APT] [{312AB672-7374-4184-A4C1-62D8D8D44632}] (.Dylan Vester.) -- C:\Program Files\High Sign\HighSign.exe

[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Windows Mail\WinMail.exe

O40 - ASIC: Bubble Dock v3.0.557.0.45821 - {9f81ae06-bf80-462a-b349-c19e50524289} . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Nosibay\Bubble Dock\Deploy.exeT-J8V \M=1 \W=1 \A=1

O40 - ASIC: Macromedia Shockwave Flash - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 10.1 r82.) -- C:\Windows\system32\Macromed\Flash\Flash10i.ocx

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (ehdrv) . (.ESET - ESET Helper driver.) - C:\Windows\System32\DRIVERS\ehdrv.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\System32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (NetworkX) . (.Pas de propriétaire - Pas de description.) - C:\Windows\system32\ckldrv.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\System32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {09BDEEF0-5590-457D-89A9-5DB2742F9BBF}

O42 - Logiciel: 3GVisio - (.Pas de propriétaire.) [HKLM] -- 3GVisio

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: Adobe Acrobat 4.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Acrobat 4.0

O42 - Logiciel: Adobe ActiveShare 1.2 - (.Pas de propriétaire.) [HKLM] -- Adobe ActiveShare

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe PhotoDeluxe Home Edition 4.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe PhotoDeluxe Home Edition 4.0

O42 - Logiciel: Adobe Reader 9.4.1 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Advanced Audio FX Engine - (.Pas de propriétaire.) [HKLM] -- Advanced Audio FX Engine

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {308B6AEA-DE50-4666-996D-0FA461719D6B}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}

O42 - Logiciel: Bubble Dock (remove only) - (.Nosibay.) [HKLM] -- Bubble Dock

O42 - Logiciel: C-Map PCMCIA and USB drivers - (.C-Map.) [HKLM] -- InstallShield_{98C61F22-8B4F-416E-A4BF-54FCC10509E0}

O42 - Logiciel: CANAL+ pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {E2A6B1A0-C1E3-4311-BF86-EAF18841FD67}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDDRV_Installer - (.Logitech.) [HKLM] -- {0C826C5B-B131-423A-A229-C71B3CACCD6A}

O42 - Logiciel: Calendrier de photos Creative - (.Pas de propriétaire.) [HKLM] -- Creative Photo Calendar

O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: ConvertMovie 4.1 - (.MOVAVI.) [HKLM] -- ConvertMovie 4.1

O42 - Logiciel: Cosmo Player 2.1.1 - (.Pas de propriétaire.) [HKLM] -- CosmoPlayer

O42 - Logiciel: CrossLoop 2.70 - (.CrossLoop, Inc..) [HKLM] -- CrossLoop_is1

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Driver Detective - (.PC Drivers HeadQuarters.) [HKLM] -- {4640FDE1-B83A-4376-84ED-86F86BEE2D41}

O42 - Logiciel: Driver Genius Professional Edition - (.Driver-Soft Inc..) [HKLM] -- Driver Genius Professional Edition_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Gestionnaire de photos Creative - (.Pas de propriétaire.) [HKLM] -- Creative Photo Manager

O42 - Logiciel: Glary Utilities 2.30.0.1066 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}

O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart All-In-One Driver Software 10.0 Rel .2 - (.HP.) [HKLM] -- {20B30DC1-E423-4939-B51D-05C58B0F9BBB}

O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Solution Center 10.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: High Sign - (.Dylan Vester.) [HKLM] -- {CE02A8CC-C4E0-4F42-8183-AD26E16C0C42}

O42 - Logiciel: IcoFX 1.6.4 - (.Pas de propriétaire.) [HKLM] -- IcoFX_is1

O42 - Logiciel: Internet Download Manager - (.Pas de propriétaire.) [HKLM] -- Internet Download Manager

O42 - Logiciel: Java 6 Update 22 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: K-Lite Codec Pack 4.5.3 (Standard) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: KC Softwares SUMo - (.KC Softwares.) [HKLM] -- KC Softwares SUMo_is1

O42 - Logiciel: Kazoo Player - (.Pas de propriétaire.) [HKLM] -- Kazoo Player

O42 - Logiciel: KeyLemon - (.KeyLemon Solutions S.A..) [HKLM] -- KeyLemon

O42 - Logiciel: KhalInstallWrapper - (.Logitech.) [HKLM] -- {3101CB58-3482-4D21-AF1A-7057FC935355}

O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}

O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}

O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}

O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}

O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}

O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}

O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}

O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}

O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}

O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}

O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}

O42 - Logiciel: LogMeIn - (.LogMeIn, Inc..) [HKLM] -- {34F93E31-E1A0-421C-8E86-BCF7C4193A91}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Logitech GamePanel Software 3.06.109 - (.Logitech Inc..) [HKLM] -- {A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}

O42 - Logiciel: Logitech SetPoint - (.Logitech.) [HKLM] -- {F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}

O42 - Logiciel: Logitech Vid HD - (.Logitech Inc...) [HKLM] -- Logitech Vid

O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}

O42 - Logiciel: Ludi - (.Pas de propriétaire.) [HKLM] -- Ludi

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {A49F249F-0C91-497F-86DF-B2585E8E76B7}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 - (.Microsoft Corporation.) [HKLM] -- {820B6609-4C97-3A2B-B644-573B06A0F0CC}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.13) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.13)

O42 - Logiciel: My 7 Optimizer - (.Pas de propriétaire.) [HKLM] -- My 7 Optimizer

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}

O42 - Logiciel: Nero 8 Lite 8.3.2.1 - (.Updatepack.nl.) [HKLM] -- Nero8Lite_is1

O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OGA Notifier 2.0.0048.0 - (.Microsoft Corporation.) [HKLM] -- {B2544A03-10D0-4E5E-BA69-0362FFC20D18}

O42 - Logiciel: OV 1.0.7 - (.Pas de propriétaire.) [HKLM] -- OV

O42 - Logiciel: PC Speed Maximizer v2.1 - (.Smart PC Solutions.) [HKLM] -- PC Speed Maximizer_is1

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKLM] -- PhotoFiltre

O42 - Logiciel: Picture Package Music Transfer - (.Sony Corporation.) [HKLM] -- {CE2121C6-C94D-4A73-8EA4-6943F33EE335}

O42 - Logiciel: PlayReady PC Runtime x86 - (.Microsoft Corporation.) [HKLM] -- {CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Seagate DiscWizard - (.Seagate.) [HKLM] -- {81A60A13-224D-4637-8203-3EAC03B121A4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2289158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{210B16C0-CEBD-4DE9-B474-04A7E8735E16}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2344875) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6FC5C4C1-D7AE-44C3-94B7-6424FC3E752F}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2345035) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B23002DD-34EC-4988-B810-A5E2A0BF04F1}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office Outlook 2007 (KB2288953) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B772E1C-7C05-42D2-839D-3EC2D39EFF22}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB982158) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5B70033-E79C-4569-90BF-BC9B4E4F3F46}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer (KB2413381) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3DED0A62-44C8-4E00-A785-5212F297A9D9}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB982124) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{289FA8BC-6A8E-4341-B194-EB26B49E9F5D}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Sentinel System Driver - (.Pas de propriétaire.) [HKLM] -- Rainbow Sentinel Driver

O42 - Logiciel: Sevens - (.Pas de propriétaire.) [HKLM] -- Sevens

O42 - Logiciel: SightSpeed (remove only) - (.SightSpeed Inc..) [HKLM] -- SightSpeed

O42 - Logiciel: Sony Picture Utility - (.Sony Corporation.) [HKLM] -- {D5068583-D569-468B-9755-5FBF5848F46F}

O42 - Logiciel: SuperCopier2 - (.Pas de propriétaire.) [HKLM] -- SuperCopier2

O42 - Logiciel: Synology Assistant (remove only) - (.Pas de propriétaire.) [HKLM] -- Synology Assistant

O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011

O42 - Logiciel: Ugrib RC1 - (.GRIB.US.) [HKLM] -- Ugrib_is1

O42 - Logiciel: Unyk Syncro - (.Unyk Inc.) [HKLM] -- Unyk Syncro

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2443839) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E8CFA21A-2D44-446D-8324-ADFA3C9FCAD2}

O42 - Logiciel: VSO Image Resizer 3.0.0.101 - (.VSO-Software.) [HKLM] -- {3EE51BAD-9916-49C7-90BA-3D500B031E0C}_is1

O42 - Logiciel: ViDesk - (.Pas de propriétaire.) [HKLM] -- ViDesk

O42 - Logiciel: Visual C++ CRT 9.0 SP1 - (.Michel Kraemer.) [HKLM] -- {EC25B803-4BDB-47F7-B877-FCE7D7966C0F}

O42 - Logiciel: Vsk5Online - (.Nadeo.) [HKLM] -- Vsk5Online_is1

O42 - Logiciel: Watermark-Magick - (.Pas de propriétaire.) [HKLM] -- Watermark-Magick

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {321AC187-D400-41B4-BDEB-F3E80FFCE20F}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: eXPert PDF 4 - (.Visage Software.) [HKLM] -- {A6E92CAB-9E63-46DC-8ABF-0CAFF7B7CD02}

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {A498D9EB-927B-459B-85D6-DD6EF8C2C564}

O42 - Logiciel: ffdshow [rev 3078] [2009-09-17] - (.Pas de propriétaire.) [HKLM] -- ffdshow_is1

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {FAE36873-1941-4076-A9A5-48812B5EA0B7}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\IMBooster4web-en]

[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Cazitel]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cloudmark]

[HKCU\Software\CosmoSoftware]

[HKCU\Software\Creative Tech]

[HKCU\Software\Digital River]

[HKCU\Software\DownloadManager]

[HKCU\Software\Dylan Vester]

[HKCU\Software\ESET]

[HKCU\Software\EyePower Games]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\Iminent]

[HKCU\Software\Informatique & Mer]

[HKCU\Software\Iris]

[HKCU\Software\JavaSoft]

[HKCU\Software\KC Softwares]

[HKCU\Software\KeyLemon]

[HKCU\Software\Leadertech]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogMeIn]

[HKCU\Software\LogiShrd]

[HKCU\Software\Logitech]

[HKCU\Software\Ludi]

[HKCU\Software\MOVAVI]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaInfo]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nadeo]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nosibay]

[HKCU\Software\ODBC]

[HKCU\Software\ORL]

[HKCU\Software\PC Speed Maximizer]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\SFX TEAM]

[HKCU\Software\Sevens]

[HKCU\Software\SightSpeed Inc]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softonic]

[HKCU\Software\Sony Corporation]

[HKCU\Software\Synology]

[HKCU\Software\Sysinternals]

[HKCU\Software\Techlogg.com ToneShop]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\UNYK]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSO]

[HKCU\Software\VirtuaMedia]

[HKCU\Software\Visage Software]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\yahooinstall]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Acronis]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\C-Map]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Cloudmark]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\CosmoPlayer ]

[HKLM\Software\CosmoSoftware]

[HKLM\Software\Creative Tech]

[HKLM\Software\Debug]

[HKLM\Software\Driver-Soft]

[HKLM\Software\ESET]

[HKLM\Software\FotoNation]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\Google]

[HKLM\Software\Guliverkli]

[HKLM\Software\HP]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\I.R.I.S.]

[HKLM\Software\ICE]

[HKLM\Software\IMBooster4web-en]

[HKLM\Software\Iminent]

[HKLM\Software\Inmatrix]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Khronos]

[HKLM\Software\Kodak]

[HKLM\Software\Licenses]

[HKLM\Software\LightWork Design]

[HKLM\Software\LogMeIn, Inc.]

[HKLM\Software\LogMeIn]

[HKLM\Software\Logitech]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Marvell]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Seagate]

[HKLM\Software\SightSpeed Inc]

[HKLM\Software\Soeperman Enterprises Ltd.]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\USB2800]

[HKLM\Software\Unyk]

[HKLM\Software\Visage Software]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\logishrd]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\vso]

 

 

---\\ Contenu des dossiers ProgramFiles/ProgramData (O43)

O43 - CFD: 24/05/2010 - 20:01:52 ----D- C:\Program Files\3GVisio

O43 - CFD: 26/07/2010 - 17:38:46 ----D- C:\Program Files\7-Zip

O43 - CFD: 20/10/2010 - 18:00:44 ----D- C:\Program Files\Adobe

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\AGEIA Technologies

O43 - CFD: 12/09/2010 - 13:02:18 ----D- C:\Program Files\Apple Software Update

O43 - CFD: 01/10/2009 - 16:49:28 ----D- C:\Program Files\BlueSourcesProject

O43 - CFD: 12/09/2010 - 13:02:14 ----D- C:\Program Files\Bonjour

O43 - CFD: 14/12/2009 - 17:51:48 ----D- C:\Program Files\C-Map

O43 - CFD: 06/04/2010 - 14:42:44 ----D- C:\Program Files\CCleaner

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Cloudmark

O43 - CFD: 14/12/2010 - 21:33:10 ----D- C:\Program Files\ClubDeJeux

O43 - CFD: 14/12/2009 - 18:33:26 ----D- C:\Program Files\CM93_Ed3 & S57

O43 - CFD: 26/01/2010 - 20:43:50 ----D- C:\Program Files\Combined Community Codec Pack

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files

O43 - CFD: 31/10/2009 - 17:27:38 ----D- C:\Program Files\ConvertMovie 4.1

O43 - CFD: 18/04/2010 - 10:14:56 ----D- C:\Program Files\CosmoSoftware

O43 - CFD: 27/10/2010 - 15:33:22 ----D- C:\Program Files\Creative

O43 - CFD: 06/10/2009 - 16:22:10 ----D- C:\Program Files\Driver-Soft

O43 - CFD: 14/07/2009 - 10:01:32 ----D- C:\Program Files\DVD Maker

O43 - CFD: 30/09/2009 - 20:03:00 ----D- C:\Program Files\ESET

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 09/12/2010 - 18:42:02 ----D- C:\Program Files\Glary Utilities

O43 - CFD: 13/10/2010 - 19:48:20 ----D- C:\Program Files\Google

O43 - CFD: 14/12/2009 - 18:08:56 ----D- C:\Program Files\GRIB.US

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 08/11/2009 - 15:05:44 ----D- C:\Program Files\High Sign

O43 - CFD: 14/12/2010 - 18:15:38 ----D- C:\Program Files\Hijackthis Version Française

O43 - CFD: 01/10/2009 - 14:47:38 ----D- C:\Program Files\HP

O43 - CFD: 14/12/2009 - 17:51:26 ----D- C:\Program Files\I&M

O43 - CFD: 04/10/2009 - 17:39:28 ----D- C:\Program Files\IcoFX 1.6

O43 - CFD: 25/10/2010 - 20:49:38 --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 18/10/2009 - 20:50:14 ----D- C:\Program Files\Intel

O43 - CFD: 09/12/2010 - 18:14:34 ----D- C:\Program Files\Internet Download Manager

O43 - CFD: 24/11/2010 - 13:00:16 ----D- C:\Program Files\Internet Explorer

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\iPod

O43 - CFD: 25/11/2010 - 11:54:32 ----D- C:\Program Files\iTunes

O43 - CFD: 22/11/2010 - 18:33:48 ----D- C:\Program Files\Java

O43 - CFD: 26/01/2010 - 20:45:02 ----D- C:\Program Files\K-Lite Codec Pack

O43 - CFD: 01/11/2009 - 14:29:18 ----D- C:\Program Files\KC Softwares

O43 - CFD: 30/10/2010 - 16:55:06 ----D- C:\Program Files\KeyLemon

O43 - CFD: 21/12/2009 - 19:09:34 ----D- C:\Program Files\LightWork Design

O43 - CFD: 22/11/2010 - 18:44:06 ----D- C:\Program Files\Logitech

O43 - CFD: 21/11/2010 - 01:47:48 ----D- C:\Program Files\LogMeIn

O43 - CFD: 06/12/2009 - 13:50:26 ----D- C:\Program Files\Ludi

O43 - CFD: 14/12/2010 - 15:59:32 ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 18/10/2009 - 20:51:56 ----D- C:\Program Files\Marvell

O43 - CFD: 01/10/2009 - 00:45:14 ----D- C:\Program Files\Microsoft

O43 - CFD: 28/10/2010 - 12:00:22 ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 10/10/2009 - 14:50:36 ----D- C:\Program Files\Microsoft Games

O43 - CFD: 27/11/2009 - 15:43:04 ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/10/2010 - 12:11:38 ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 02/12/2010 - 11:51:04 ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 27/11/2009 - 15:41:42 ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 27/11/2009 - 15:45:18 ----D- C:\Program Files\Microsoft Works

O43 - CFD: 25/06/2010 - 12:00:30 ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 31/10/2009 - 17:27:38 ----D- C:\Program Files\MOVAVI

O43 - CFD: 10/12/2010 - 17:56:28 ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 27/11/2009 - 15:43:06 ----D- C:\Program Files\MSBuild

O43 - CFD: 15/10/2009 - 02:01:06 ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 01/10/2009 - 00:25:26 ----D- C:\Program Files\Nero

O43 - CFD: 28/11/2009 - 09:42:30 ----D- C:\Program Files\Nosibay

O43 - CFD: 02/12/2010 - 09:02:06 ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 17/11/2010 - 11:34:08 ----D- C:\Program Files\OV

O43 - CFD: 10/12/2009 - 21:16:08 ----D- C:\Program Files\PC Drivers HeadQuarters

O43 - CFD: 27/11/2009 - 17:59:34 ----D- C:\Program Files\PC Speed Maximizer

O43 - CFD: 05/10/2009 - 19:53:40 ----D- C:\Program Files\PhotoFiltre

O43 - CFD: 30/09/2009 - 20:02:10 ----D- C:\Program Files\PlayReady

O43 - CFD: 08/08/2010 - 17:25:42 ----D- C:\Program Files\QUAD Utilities

O43 - CFD: 09/12/2010 - 11:47:54 ----D- C:\Program Files\QuickTime

O43 - CFD: 26/11/2010 - 10:19:58 ----D- C:\Program Files\Realtek

O43 - CFD: 14/07/2009 - 05:52:32 ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 01/10/2009 - 01:01:00 ----D- C:\Program Files\Seagate

O43 - CFD: 06/11/2010 - 11:06:58 ----D- C:\Program Files\Sensible Vision

O43 - CFD: 06/12/2009 - 16:12:32 ----D- C:\Program Files\Sevens

O43 - CFD: 18/10/2009 - 16:44:16 ----D- C:\Program Files\SightSpeed

O43 - CFD: 18/10/2009 - 11:33:20 ----D- C:\Program Files\Sony

O43 - CFD: 01/10/2009 - 00:35:58 ----D- C:\Program Files\SuperCopier2

O43 - CFD: 01/10/2009 - 15:00:56 ----D- C:\Program Files\Synology

O43 - CFD: 10/09/2010 - 16:52:22 ----D- C:\Program Files\Techlogg.com ToneShop

O43 - CFD: 02/11/2010 - 17:58:04 ----D- C:\Program Files\TuneUp Utilities 2011

O43 - CFD: 14/07/2009 - 05:53:24 --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 04/04/2010 - 16:51:40 ----D- C:\Program Files\Unyk Syncro

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\Program Files\Visagesoft

O43 - CFD: 04/06/2010 - 19:42:24 ----D- C:\Program Files\Vsk5Online

O43 - CFD: 01/10/2009 - 20:34:00 ----D- C:\Program Files\VSO

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 10:01:30 ----D- C:\Program Files\Windows Journal

O43 - CFD: 02/12/2010 - 11:52:56 ----D- C:\Program Files\Windows Live

O43 - CFD: 12/05/2010 - 12:16:26 ----D- C:\Program Files\Windows Mail

O43 - CFD: 14/10/2010 - 12:10:50 ----D- C:\Program Files\Windows Media Player

O43 - CFD: 30/09/2009 - 19:38:26 ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 05:52:34 ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 09:39:40 ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 01/10/2009 - 00:22:56 ----D- C:\Program Files\WinRAR

O43 - CFD: 09/10/2009 - 10:58:32 ----D- C:\Program Files\ZapWallPaper

O43 - CFD: 15/12/2010 - 15:16:56 ----D- C:\Program Files\ZHPDiag

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files\Cloudmark

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 21/12/2009 - 19:09:02 ----D- C:\Program Files\Common Files\FotoNation

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:00 ----D- C:\Program Files\Common Files\HP

O43 - CFD: 14/12/2009 - 17:50:52 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 30/01/2010 - 00:29:54 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 27/10/2010 - 15:47:40 ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD: 27/10/2010 - 15:45:32 ----D- C:\Program Files\Common Files\LWS

O43 - CFD: 20/10/2010 - 06:10:30 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 01/10/2009 - 00:25:16 ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 28/11/2009 - 09:42:34 ----D- C:\Program Files\Common Files\Nosibay

O43 - CFD: 01/10/2009 - 01:01:04 ----D- C:\Program Files\Common Files\Seagate

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 27/11/2009 - 15:46:52 ----D- C:\Program Files\Common Files\System

O43 - CFD: 01/10/2009 - 00:29:40 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\ProgramData\Adobe

O43 - CFD: 06/12/2009 - 17:48:42 ----D- C:\ProgramData\agi

O43 - CFD: 16/10/2009 - 17:23:44 ----D- C:\ProgramData\Apple

O43 - CFD: 01/10/2009 - 00:42:20 ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Application Data

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Bureau

O43 - CFD: 20/11/2010 - 21:23:32 ----D- C:\ProgramData\Cloudmark

O43 - CFD: 18/10/2009 - 16:53:16 ----D- C:\ProgramData\Creative

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Documents

O43 - CFD: 30/09/2009 - 20:03:00 ----D- C:\ProgramData\ESET

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\ProgramData\eXPert PDF

O43 - CFD: 31/10/2009 - 09:50:22 ----D- C:\ProgramData\eXPert PDF 4

O43 - CFD: 30/10/2009 - 18:05:08 ----D- C:\ProgramData\eXPert PDF Jobs

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Favorites

O43 - CFD: 01/10/2009 - 14:49:30 ----D- C:\ProgramData\Google

O43 - CFD: 01/10/2009 - 14:46:14 ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:54 ----D- C:\ProgramData\HP

O43 - CFD: 17/11/2010 - 11:34:08 ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 30/10/2010 - 16:51:12 ----D- C:\ProgramData\KeyLemon

O43 - CFD: 01/10/2009 - 00:58:44 ----D- C:\ProgramData\LogiShrd

O43 - CFD: 22/11/2010 - 18:44:06 ----D- C:\ProgramData\Logitech

O43 - CFD: 01/10/2009 - 00:34:12 ----D- C:\ProgramData\LogMeIn

O43 - CFD: 14/12/2010 - 15:59:30 ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 20/10/2010 - 06:10:44 -S--D- C:\ProgramData\Microsoft

O43 - CFD: 10/11/2010 - 13:01:34 ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 30/09/2009 - 19:38:26 -SH-D- C:\ProgramData\Modèles

O43 - CFD: 18/10/2009 - 16:44:38 ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 01/10/2009 - 00:25:06 ----D- C:\ProgramData\Nero

O43 - CFD: 02/12/2010 - 09:07:24 ----D- C:\ProgramData\NVIDIA

O43 - CFD: 02/12/2010 - 09:02:10 ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 01/10/2009 - 00:49:36 ----D- C:\ProgramData\Office Genuine Advantage

O43 - CFD: 10/12/2009 - 21:16:34 ----D- C:\ProgramData\PC Drivers HeadQuarters

O43 - CFD: 16/10/2009 - 14:27:36 ----D- C:\ProgramData\Seagate

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 30/01/2010 - 00:29:56 ----D- C:\ProgramData\Sun

O43 - CFD: 01/05/2010 - 08:56:08 ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 05:53:56 -SH-D- C:\ProgramData\Templates

O43 - CFD: 02/11/2010 - 17:58:24 ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 10/12/2009 - 21:16:34 ----D- C:\ProgramData\UAB

O43 - CFD: 06/06/2010 - 13:29:28 ----D- C:\ProgramData\Vsk5Online

O43 - CFD: 01/10/2009 - 15:40:30 ----D- C:\ProgramData\WEBREG

O43 - CFD: 20/10/2010 - 18:00:46 ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 25/11/2010 - 11:54:20 ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 20/11/2010 - 21:09:48 ----D- C:\Program Files\Common Files\Cloudmark

O43 - CFD: 27/11/2009 - 15:43:02 ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 21/12/2009 - 19:09:02 ----D- C:\Program Files\Common Files\FotoNation

O43 - CFD: 01/10/2009 - 14:47:20 ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 01/10/2009 - 14:47:00 ----D- C:\Program Files\Common Files\HP

O43 - CFD: 14/12/2009 - 17:50:52 ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 30/01/2010 - 00:29:54 ----D- C:\Program Files\Common Files\Java

O43 - CFD: 27/10/2010 - 15:47:40 ----D- C:\Program Files\Common Files\Logishrd

O43 - CFD: 27/10/2010 - 15:45:32 ----D- C:\Program Files\Common Files\LWS

O43 - CFD: 20/10/2010 - 06:10:30 ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 01/10/2009 - 00:25:16 ----D- C:\Program Files\Common Files\Nero

O43 - CFD: 28/11/2009 - 09:42:34 ----D- C:\Program Files\Common Files\Nosibay

O43 - CFD: 01/10/2009 - 01:01:04 ----D- C:\Program Files\Common Files\Seagate

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 03:37:06 ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 27/11/2009 - 15:46:52 ----D- C:\Program Files\Common Files\System

O43 - CFD: 01/10/2009 - 00:29:40 ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 08/02/2010 - 22:21:00 ----D- C:\Program Files\Common Files\Wise Installation Wizard

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.C20DE171F8642CC08717874D2395C582] - 15/12/2010 - 15:12:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setupact.log [6608]

O44 - LFC:[MD5.6639020D4A38BC410381847ADEE3FEAF] - 15/12/2010 - 15:12:52 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.2BC8138044B6AE03989B8D0F751512B1] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1557414]

O44 - LFC:[MD5.D561CD9BED3F13E8BFACDAFEAF24C769] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [107034]

O44 - LFC:[MD5.A795B7F727DBFB3C3067DA46E4FE3019] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [131426]

O44 - LFC:[MD5.F3E7163B74FD497147F1E47B2BF9AA68] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [618714]

O44 - LFC:[MD5.92746D539E6FECE4E1D96F4C2BF24709] - 15/12/2010 - 08:20:51 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [706998]

O44 - LFC:[MD5.07000000000000000000000054EE1200] - 15/12/2010 - 04:09:50 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [499164]

O44 - LFC:[MD5.50CB3529B582E73A78A679255F1DBCC2] - 14/12/2010 - 21:02:26 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [10288]

O44 - LFC:[MD5.50CB3529B582E73A78A679255F1DBCC2] - 14/12/2010 - 21:02:26 --HA- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [10288]

O44 - LFC:[MD5.72F2D357120F95C1E725C22915FE95E1] - 14/12/2010 - 19:24:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WORDPAD.INI [193]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/12/2010 - 18:42:04 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.5157E3140D0EEF32A5B5E5A80F73EBF2] - 09/12/2010 - 06:40:38 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\System32\drivers\idmwfp.sys [84208]

O44 - LFC:[MD5.F9F4905664C5B42B49E78EFA12D1A6B6] - 01/12/2010 - 20:50:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\h÷l [20]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 29/11/2010 - 18:15:28 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [69]

O44 - LFC:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 17:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbam.sys [20952]

O44 - LFC:[MD5.FC05FDD589804A9B759859686ACCEF6A] - 29/11/2010 - 17:38:30 ---A- . (.Apple Inc. - QuickTime Client DLL.) -- C:\Windows\System32\QuickTime.qts [69632]

O44 - LFC:[MD5.1371C24B0D46535BCB727FE2B53CB1FF] - 29/11/2010 - 17:38:30 ---A- . (.Apple Inc. - QuickTimeVR DLL.) -- C:\Windows\System32\QuickTimeVR.qtx [94208]

O44 - LFC:[MD5.51A850830CB841FBE5B90142BCC6B854] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.87893167C98FCEF5D14077511F219B75] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.42278A946AB729CB746AA47D48F5FCC0] - 22/11/2010 - 18:33:58 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]

O44 - LFC:[MD5.D559711024AB32DA749F38D8902DE1A0] - 22/11/2010 - 18:33:46 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_22-b04.log [5797]

 

 

---\\ Déni du service (Local Security Authority) (LSA) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\Windows\System32\snti386.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"ff_vfw.dll"="ffdshow video encoder" . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\ff_vfw.dll

O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\Windows\System32\snti386.dll

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\KeyLemon LemonScreen [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\KeyLemon\KLLockEngine.exe

O53 - SMSR:HKLM\...\startupreg\KeyLemon Updater [Key] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\KeyLemon\KLUpdater.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.2101A86C25C154F8314B24EF49D7FBC2] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [79952]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.B81C2B5616F6420A9941EA093A92B150] - 14/07/2009 - 02:26:15 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [23616]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 08:56:20 ---A- . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [5810]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 13/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 13/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 13/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 13/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.D4F94D45E25D764462A5B95BC426C8D0] - 19/03/2009 - 10:41:38 ---A- . (.ESET - Amon monitor.) -- C:\Windows\system32\drivers\eamon.sys [113960]

O58 - SDL:[MD5.9456462C1425D2BBF1616EDABFABA5F4] - 19/03/2009 - 10:44:34 ---A- . (.ESET - ESET Helper driver.) -- C:\Windows\system32\drivers\ehdrv.sys [107256]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.4438C5842CA7DBB69EE149D4820273BC] - 16/04/2009 - 14:40:34 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Driver.) -- C:\Windows\system32\drivers\emBDA.sys [566528]

O58 - SDL:[MD5.1754E81CE063C6E25307666F8D6568A0] - 16/04/2009 - 14:40:40 ---A- . (.eMPIA Technology, Inc. - USB 28xx BDA Lower filter.) -- C:\Windows\system32\drivers\emOEM.sys [528256]

O58 - SDL:[MD5.32102F2C07182523B1390C2D9341E397] - 19/03/2009 - 10:45:40 ---A- . (.ESET - ESET Personal Firewall driver.) -- C:\Windows\system32\drivers\epfwwfpr.sys [93312]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 13/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 18/05/2009 - 12:17:00 ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [26600]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.934AF4D7C5F457B9F0743F4299B77B67] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332352]

O58 - SDL:[MD5.5157E3140D0EEF32A5B5E5A80F73EBF2] - 09/12/2010 - 06:40:38 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\system32\drivers\idmwfp.sys [84208]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.0C6E346CDE730CF1356DD69AD6E9BC42] - 17/06/2009 - 17:55:18 ---A- . (.Logitech, Inc. - Logitech PS2 Keyboard Filter Driver..) -- C:\Windows\system32\drivers\L8042Kbd.sys [20240]

O58 - SDL:[MD5.70035567754BED4E6AD353CA3F175127] - 17/06/2009 - 17:55:50 ---A- . (.Logitech, Inc. - Logitech Equad USB Driver..) -- C:\Windows\system32\drivers\LEqdUsb.sys [40720]

O58 - SDL:[MD5.170E7093A77AD586F3A012A3DB651D94] - 23/11/2009 - 17:37:08 ---A- . (.Logitech Inc. - Logitech WingMan Virtual Bus Enumerator Driver.) -- C:\Windows\system32\drivers\LGBusEnum.sys [19720]

O58 - SDL:[MD5.D2DD04D1C8DF65EECD1F2C7FB947D43E] - 23/11/2009 - 17:37:18 ---A- . (.Logitech Inc. - Logitech GamePanel Virtual Hid Device Driver.) -- C:\Windows\system32\drivers\LGVirHid.sys [14856]

O58 - SDL:[MD5.32491B6BAE0AFAD1D7A62C0EF0AF4321] - 17/06/2009 - 17:55:58 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidEqd.sys [10384]

O58 - SDL:[MD5.7F9C7B28CF1C859E1C42619EEA946DC8] - 17/06/2009 - 17:56:06 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys [35472]

O58 - SDL:[MD5.4477689E2D8AE6B78BA34C9AF4CC1ED1] - 11/08/2008 - 11:40:34 ---A- . (.LogMeIn, Inc. - LogMeIn Mirror Miniport Driver.) -- C:\Windows\system32\drivers\lmimirr.sys [10144]

O58 - SDL:[MD5.3FAA563DDF853320F90259D455A01D79] - 11/08/2008 - 11:41:00 ---A- . (.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) -- C:\Windows\system32\drivers\LMIRfsDriver.sys [47640]

O58 - SDL:[MD5.AB33792A87285344F43B5CE23421BAB0] - 17/06/2009 - 17:56:16 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys [37392]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.77030525CD86A93F1AF34FA9B96D33CE] - 17/06/2009 - 17:56:32 ---A- . (.Logitech, Inc. - Logitech USB Filter Driver..) -- C:\Windows\system32\drivers\LUsbFilt.sys [28560]

O58 - SDL:[MD5.13612D5107C9B65BEF347F449BCAF54D] - 14/05/2010 - 22:58:58 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\Windows\system32\drivers\lvbusflt.sys [20704]

O58 - SDL:[MD5.8BE71D7EDB8C7494913722059F760DD0] - 07/05/2010 - 17:43:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\LVPr2Mon.sys [25824]

O58 - SDL:[MD5.E52F5A2CADCF08D07F559962F807A0A2] - 14/05/2010 - 23:02:26 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys [276448]

O58 - SDL:[MD5.D679BAC01850B70518DA1AB75E735556] - 14/05/2010 - 23:02:48 ---A- . (.Logitech Inc. - Logitech Selective Suspend filter Driver.) -- C:\Windows\system32\drivers\lvselsus.sys [66528]

O58 - SDL:[MD5.C3D02260BEB2B48DEA1EFDFCA91E4B69] - 14/05/2010 - 23:04:02 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys [6842592]

O58 - SDL:[MD5.9B5CC6C481BDD00A963829B892623247] - 29/11/2010 - 17:42:06 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [20952]

O58 - SDL:[MD5.E74DC2F3F9675A6025A4AA020EDD4341] - 29/11/2010 - 17:42:18 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.377140A534D013BD661C69F1741DE43C] - 10/07/2010 - 05:37:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 258.96.) -- C:\Windows\system32\drivers\nvlddmkm.sys [11008040]

O58 - SDL:[MD5.3F3D04B1D08D43C16EA7963954EC768D] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117312]

O58 - SDL:[MD5.C99F251A5DE63C6F129CF71933ACED0F] - 14/07/2009 - 02:20:44 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [142416]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.B38E89386993E69A959B941561F3E5F3] - 21/07/2010 - 00:43:14 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [194664]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.AEBBA7428A6C40CCE3C5ABDE45190B24] - 16/09/2003 - 17:25:04 ---A- . (.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\Windows\system32\drivers\SENTINEL.SYS [76288]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.B6AA9BBFF890FFEA333FFE81D0B888FF] - 01/10/2009 - 01:01:08 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys [120992]

O58 - SDL:[MD5.A1FF7D99B199CEA1F3DF371BA70D2780] - 16/09/2003 - 17:25:04 ---A- . (.Rainbow Technologies Inc. - Rainbow Technologies Sentinel Device Driver.) -- C:\Windows\system32\drivers\SNTNLUSB.SYS [26120]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.B84B82C0CBEB1B0D7EB7A946BADE5830] - 01/10/2009 - 01:01:10 ---A- . (.Acronis - Acronis True Image File System Filter.) -- C:\Windows\system32\drivers\tifsfilt.sys [32768]

O58 - SDL:[MD5.68B3DAA08EA06737022832FCCFFB9B75] - 01/10/2009 - 01:01:10 ---A- . (.Acronis - Acronis True Image Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [400864]

O58 - SDL:[MD5.5C2BDC152BBAB34F36473DEAF7713F22] - 28/09/2010 - 15:44:52 ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl.sys [41984]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.4E8630D1A7E15D7F9A2BC25993AE7234] - 11/12/2009 - 11:23:00 ---A- . (.Marvell - NDIS6.20 Miniport Driver for Marvell Yukon Ethernet Controller.) -- C:\Windows\system32\drivers\yk62x86.sys [316416]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.D02EFE614EB0A2A2EAC8DDB481921015] - 03/02/2000 - 20:53:12 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Ckldrv.sys [24608]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.EE4B203FAFF6FFEC620F755E99216DE7] - 23/11/1999 - 09:17:34 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\dc240u.sys [7808]

O58 - SDL:[MD5.6BDADA8549301714A96F0A11AB7E1044] - 23/11/1999 - 09:17:36 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Digita.sys [65864]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS [34672]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HijackThis 1.99.1 - (.Soeperman Enterprises Ltd..) [HKLM] -- HijackThis

O63 - Logiciel: Hijackthis Version Française - (.Pc-Help-Bordeaux.) [HKLM] -- Hijackthis Version Française_is1

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - C:\Windows\system32\browser.dll (bowser) .(.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) - LEGACY_BOWSER

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\cdfs.sys - CD/DVD File System Reader (cdfs) .(.Microsoft Corporation - CD-ROM File System Driver.) - LEGACY_CDFS

O64 - Services: CurCS - C:\Windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS

O64 - Services: CurCS - C:\Windows\System32\Drivers\cng.sys - CNG (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG

O64 - Services: CurCS - C:\Windows\system32\cscsvc.dll (CSC) .(.Microsoft Corporation - DLL du service CSC.) - LEGACY_CSC

O64 - Services: CurCS - C:\Windows\system32\drivers\dfsc.sys (DfsC) .(.Microsoft Corporation - DFS Namespace Client Driver.) - LEGACY_DFSC

O64 - Services: CurCS - C:\Windows\system32\drivers\discache.sys (discache) .(.Microsoft Corporation - System Indexer/Cache Driver.) - LEGACY_DISCACHE

O64 - Services: CurCS - C:\Windows\system32\drivers\dxgkrnl.sys - LDDM Graphics Subsystem (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\eamon.sys - eamon (eamon) .(.ESET - Amon monitor.) - LEGACY_EAMON

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\ehdrv.sys - ehdrv (ehdrv) .(.ESET - ESET Helper driver.) - LEGACY_EHDRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\epfwwfpr.sys - epfwwfpr (epfwwfpr) .(.ESET - ESET Personal Firewall driver.) - LEGACY_EPFWWFPR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FASTFAT.sys - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\drivers\fileinfo.sys (FileInfo) .(.Microsoft Corporation - FileInfo Filter Driver.) - LEGACY_FILEINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\fltmgr.sys (FltMgr) .(.Microsoft Corporation - Gestionnaire de filtres de système de fichi.) - LEGACY_FLTMGR

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(.Pas de propriétaire - Pas de description.) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL

O64 - Services: CurCS - C:\Windows\system32\drivers\http.sys (HTTP) .(.Microsoft Corporation - HTTP Pile du protocole.) - LEGACY_HTTP

O64 - Services: CurCS - C:\Windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\idmwfp.sys - IDMWFP (IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecdd.sys - KSecDD (KSecDD) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECDD

O64 - Services: CurCS - C:\Windows\System32\Drivers\ksecpkg.sys - KSecPkg (KSecPkg) .(.Microsoft Corporation - Kernel Security Support Provider Interface.) - LEGACY_KSECPKG

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\lltdio.sys - Link-Layer Topology Discovery Mapper I/O Driver (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO

O64 - Services: CurCS - C:\Program Files\LogMeIn\x86\RaInfo.sys - LogMeIn Kernel Information Provider (LMIInfo) .(.LogMeIn, Inc. - RemotelyAnywhere Kernel Information Provide.) - LEGACY_LMIINFO

O64 - Services: CurCS - C:\Windows\system32\drivers\LMIRfsDriver.sys - LogMeIn Remote File System Driver (LMIRfsDriver) .(.LogMeIn, Inc. - LogMeIn Rfs Drivemap Driver.) - LEGACY_LMIRFSDRIVER

O64 - Services: CurCS - C:\Windows\system32\drivers\luafv.sys (luafv) .(.Microsoft Corporation - Pilote de filtre de virtualisation de fichi.) - LEGACY_LUAFV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\LVPr2Mon.sys - Logitech LVPr2Mon Driver (LVPr2Mon) .(.Pas de propriétaire - Pas de description.) - LEGACY_LVPR2MON

O64 - Services: CurCS - C:\Users\Jules\AppData\Local\Temp\mbr.sys (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\Windows\system32\drivers\mountmgr.sys (mountmgr) .(.Microsoft Corporation - Gestionnaire des points de montage.) - LEGACY_MOUNTMGR

O64 - Services: CurCS - C:\Windows\system32\FirewallAPI.dll (mpsdrv) .(.Microsoft Corporation - API du Pare-feu Windows.) - LEGACY_MPSDRV

O64 - Services: CurCS - C:\Windows\system32\webclnt.dll (MRxDAV) .(.Microsoft Corporation - Fichier DLL du service DAV pour le Web.) - LEGACY_MRXDAV

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb10) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB10

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (mrxsmb20) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_MRXSMB20

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\msisadrv.sys - msisadrv (msisadrv) .(.Microsoft Corporation - ISA Driver.) - LEGACY_MSISADRV

O64 - Services: CurCS - C:\Windows\system32\drivers\mup.sys (Mup) .(.Microsoft Corporation - Multiple UNC Provider Driver.) - LEGACY_MUP

O64 - Services: CurCS - C:\Windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(.Pas de propriétaire - Pas de description.) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\netbios.sys - NetBIOS Interface (NetBIOS) .(.Microsoft Corporation - NetBIOS interface driver.) - LEGACY_NETBIOS

O64 - Services: CurCS - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - C:\Windows\system32\ckldrv.sys - NetworkX (NetworkX) .(.Pas de propriétaire - Pas de description.) - LEGACY_NETWORKX

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .(.Microsoft Corporation - NSI Proxy.) - LEGACY_NSIPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(.Pas de propriétaire - Pas de description.) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(.Pas de propriétaire - Pas de description.) - LEGACY_NULL

O64 - Services: CurCS - C:\Windows\System32\drivers\pcw.sys - Performance Counters for Windows Driver (pcw) .(.Microsoft Corporation - Performance Counters for Windows Driver.) - LEGACY_PCW

O64 - Services: CurCS - C:\Windows\System32\drivers\peauth.sys - PEAUTH (PEAUTH) .(.Microsoft Corporation - Protected Environment Authentication and Au.) - LEGACY_PEAUTH

O64 - Services: CurCS - (.not file.) - PROCEXP140 (PROCEXP140) .(.Pas de propriétaire - Pas de description.) - LEGACY_PROCEXP140

O64 - Services: CurCS - C:\Windows\system32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED

O64 - Services: CurCS - C:\Windows\system32\wkssvc.dll (rdbss) .(.Microsoft Corporation - DLL du service Station de travail.) - LEGACY_RDBSS

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .(.Microsoft Corporation - RDP Miniport.) - LEGACY_RDPCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .(.Microsoft Corporation - RDP Encoder Miniport.) - LEGACY_RDPENCDD

O64 - Services: CurCS - C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .(.Microsoft Corporation - RDP Reflector Driver Miniport.) - LEGACY_RDPREFMP

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\rspndr.sys - Link-Layer Topology Discovery Responder (rspndr) .(.Microsoft Corporation - Link-Layer Topology Responder Driver for ND.) - LEGACY_RSPNDR

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - C:\Windows\system32\Drivers\SENTINEL.sys - Sentinel (Sentinel) .(.Rainbow Technologies, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV

O64 - Services: CurCS - C:\Windows\system32\srvsvc.dll (srv2) .(.Microsoft Corporation - DLL du service Serveur.) - LEGACY_SRV2

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\srvnet.sys - srvnet (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET

O64 - Services: CurCS - C:\Windows\system32\vmstorfltres.dll (storflt) .(.Microsoft Corporation - Fichier DLL de ressources du filtre de stoc.) - LEGACY_STORFLT

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (Tcpip) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TCPIP

O64 - Services: CurCS - C:\Windows\System32\drivers\tcpipreg.sys - TCP/IP Registry Compatibility (tcpipreg) .(.Microsoft Corporation - TCP/IP Registry Compatibility Driver.) - LEGACY_TCPIPREG

O64 - Services: CurCS - C:\Windows\system32\tcpipcfg.dll (tdx) .(.Microsoft Corporation - Objets de configuration du réseau.) - LEGACY_TDX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\tifsfilt.sys - Acronis True Image FS Filter (tifsfilter) .(.Acronis - Acronis True Image File System Filter.) - LEGACY_TIFSFILTER

O64 - Services: CurCS - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\udfs.sys - udfs (udfs) .(.Microsoft Corporation - UDF File System Driver.) - LEGACY_UDFS

O64 - Services: CurCS - C:\Windows\system32\drivers\vga.sys - VgaSave (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE

O64 - Services: CurCS - C:\Windows\system32\drivers\volmgrx.sys (volmgrx) .(.Microsoft Corporation - Pilote d’extension du gestionnaire de volum.) - LEGACY_VOLMGRX

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\volsnap.sys - Volumes de stockage (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP

O64 - Services: CurCS - C:\Windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6

O64 - Services: CurCS - C:\Windows\System32\drivers\Wdf01000.sys - Kernel Mode Driver Frameworks service (Wdf01000) .(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en m.) - LEGACY_WDF01000

O64 - Services: CurCS - C:\Windows\System32\DRIVERS\wfplwf.sys - WFP Lightweight Filter (WfpLwf) .(.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - LEGACY_WFPLWF

O64 - Services: CurCS - C:\Windows\System32\drivers\WudfPf.sys - User Mode Driver Frameworks Platform Driver (WudfPf) .(.Microsoft Corporation - Windows Driver Foundation - User-mode Drive.) - LEGACY_WUDFPF

 

 

---\\ Observateur d'évènement d'application (OEA) (O66)

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Logon User Interface Host.) -- C:\Windows\system32\LogonUI.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\wlmail.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Lecteur Windows Media.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Movie Maker.) -- C:\Program Files\Windows Live\Photo Gallery\MovieMaker.exe

O66 - EventLog: ID=1000 (Application Error) - (.Logitech, Inc. - Logitech SetPoint Event Manager (UNICODE).) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe

O66 - EventLog: ID=1000 (Application Error) - (.Microsoft Corporation - Windows Live Installer.) -- C:\Users\Jules\Documents\Downloads\Programs\wlsetup-webc.exe

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Pas de propriétaire - Pas de description.) -- "C:\Program Files\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: C:\Users\Jules\AppData\Roaming\Mozilla\Firefox\Profiles\\4rvcwt7b.default\searchplugins\conduit.xml

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2567681/CT2567681", "\"1292337163\"");

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {9DCB269D-7442-4D43-A027-CD932FE742E3} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (IMBooster4web-en Customized Web Search) - http://search.conduit.com

 

 

---\\ Recherche des services démarrés par Svchost (SSS) (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [62464]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [67584]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [168448]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [591360]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [667136]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [473088]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [285184]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [75264]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [49664]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [300544]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [241664]

O83 - Search Svchost Services: UxTuneUp (UxTuneUp) . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [29504]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [543232]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [1912832]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [589312]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [328192]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [497152]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [21504]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [46592]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [114688]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [49664]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [61440]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [98304]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [162816]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [743424]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [71168]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [99328]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [102400]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [37376]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [76800]

O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft Corporation - Service Installation de logiciels.) -- C:\Windows\System32\appmgmts.dll [149504]

 

 

---\\ Recherche particuliere à la racine de certains dossiers (SPRF) (O84)

[MD5.4EC37567017BE43D908B87E0224563FB] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem1225599321674657207.reg.tmp [4893180]

[MD5.853789CF7C094F9AD1CFCA58A5A0AEEC] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem4834109198148564374.reg.tmp [4903874]

[MD5.7B610F337BB0E8FAFBD423CC080FB104] [sPRF] (.Pas de propriétaire - Pas de description.) -- C:\Users\Jules\AppData\Local\Temp\mjregmem7733094511070819690.reg.tmp [4769186]

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 20/08/2007 410904 | "C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe

SR - | Auto 16/10/2010 37664 | "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SR - | Auto 27/07/2010 345376 | "C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 29/06/2000 52224 | C:\Windows\System32\crypserv.exe (Crypkey License) . (.Kenonic Controls Ltd..) - C:\Windows\System32\crypserv.exe

SS - | Demand 19/03/2009 20680 | "C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe (EhttpSrv) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

SR - | Auto 19/03/2009 731840 | "C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (ekrn) . (.ESET.) - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

SS - | Auto 08/12/2009 135664 | "C:\Program Files\Google\Update\GoogleUpdate.exe (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Demand 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll (hpqcxs08) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll (hpqddsvc) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.dll (HPSLPSVC) . (.Hewlett-Packard Co..) - C:\Windows\system32\svchost.exe

SR - | Auto 05/08/2010 1809920 | "C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (IconMan_R) . (.Realsil Microelectronics Inc..) - C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

SR - | Demand 17/11/2010 820008 | "C:\Program Files\iPod\bin\iPodService.exe (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 20/07/2009 121360 | C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

SR - | Auto 27/09/2010 374152 | "C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe (LMIGuardianSvc) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

SS - | Disabled 14/10/2010 116104 | "C:\Program Files\LogMeIn\x86\RaMaint.exe (LMIMaint) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\RaMaint.exe

SS - | Disabled 11/08/2008 63040 | "C:\Program Files\LogMeIn\x86\LogMeIn.exe (LogMeIn) . (.LogMeIn, Inc..) - C:\Program Files\LogMeIn\x86\LogMeIn.exe

SR - | Auto 07/05/2010 162648 | "C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe (LVPrcSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZinw12.dll (Net Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/07/2010 129640 | C:\Windows\system32\nvvsvc.exe (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\HPZipm12.dll (Pml Driver HPZ12) . (.Hewlett-Packard.) - C:\Windows\System32\svchost.exe

SR - | Auto 28/10/2010 1483072 | "C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Program Files\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.1 by Gmer, GMER - Rootkit Detector and Remover

Run by Jules at 15/12/2010 15:18:20

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

1 ntkrnlpa!IofCallDriver[0x8308F458] -> \Device\Harddisk0\DR0[0x86868AC8]

3 CLASSPNP[0x837D459E] -> ntkrnlpa!IofCallDriver[0x8308F458] -> [0x8667F918]

5 ACPI[0x8B4C73B2] -> ntkrnlpa!IofCallDriver[0x8308F458] -> \Device\Ide\IdeDeviceP3T0L0-3[0x866F8908]

kernel: MBR read successfully

user & kernel MBR OK

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Jules at 15/12/2010 15:18:20

Use the desktop link 'MBRCheck' to have full report

 

 

 

 

End of the scan (1325 lines in 01mn 30s)(0)

Voici un nouveau rapport !!

Merci

[pear]

Dans ZHPDiag,vous cliquez sur l'icône

Cliquez ensuite successivement sur- ,pour effacer le rapport

et,pour coller la sélection, sur- l'icône

Vérifier que toutes les lignes en vert (et seulement elles) sont dans la fenêtre

[HKCU\Software\AppDataLow\Software\IMBooster4web-en]

[HKLM\Software\IMBooster4web-en]

[HKCU\Software\Iminent]

[HKLM\Software\Iminent]

[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]

 

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{346de098-61f9-4b42-89da-6dfba7091bb6}] [] IMBooster4web-en Toolbar v2.5.6.0 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Community Toolbar v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\engine@conduit.com] [] Conduit Engine v3.2.3.3 (.Conduit Ltd..)

R3 - URLSearchHook: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} Clé orpheline

R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} Clé orpheline

O3 - Toolbar: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline

O4 - HKLM\..\Run: [vspdfprsrv.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe

O69 - SBI: C:\Users\Jules\AppData\Roaming\Mozilla\Firefox\Profiles\\4rvcwt7b.default\searchplugins\conduit.xml

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (IMBooster4web-en Customized Web Search) - http://search.conduit.com

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2567681/CT2567681", "\"1292337163\"");

 

 

 

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer".

Acceptez de Redémarrer pour achever le nettoyage.

Copier-coller le rapport de suppression dans la prochaine réponse.

 

Si besoin(au cas où vous n'auriez pas l'icône zhpfix)

Télécharger ZHPFix de Nicolas Coolman sur le bureau.

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Suivre les instructions qui apparaissent à l'écran.

Lancer ZHPFix (laisser la case cochée)

Cliquer ensuite sur le H

Copier-coller (Ctrl C CTRL V) toutes les lignes en vert (et seulement elles) dans le cadre blanc

Cliquer sur "Tous" puis sur "Nettoyer".

[ti_youles]

Dans ZHPDiag,vous cliquez sur l'icône

Cliquez ensuite successivement sur- ,pour effacer le rapport

et,pour coller la sélection, sur- l'icône

Vérifier que toutes les lignes en vert (et seulement elles) sont dans la fenêtre

[HKCU\Software\AppDataLow\Software\IMBooster4web-en]

[HKLM\Software\IMBooster4web-en]

[HKCU\Software\Iminent]

[HKLM\Software\Iminent]

[HKCU\Software\AppDataLow\Software\Messenger_Plus_Live_France]

 

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{346de098-61f9-4b42-89da-6dfba7091bb6}] [] IMBooster4web-en Toolbar v2.5.6.0 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\{59994074-c06d-4a75-9768-49e5a8c21264}] [] Messenger Plus Live France Community Toolbar v3.2.3.3 (.Conduit Ltd..)

M2 - MFEP: prefs.js [Jules - 4rvcwt7b.default\engine@conduit.com] [] Conduit Engine v3.2.3.3 (.Conduit Ltd..)

R3 - URLSearchHook: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} Clé orpheline

R3 - URLSearchHook: (no name) - {59994074-c06d-4a75-9768-49e5a8c21264} Clé orpheline

O3 - Toolbar: (no name) - {346de098-61f9-4b42-89da-6dfba7091bb6} . (.Pas de propriétaire - Pas de description.) -- (.not file.)

 

O4 - Global Startup: C:\Documents And Settings\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\Desktop\Vos Démarches Administratives.lnk - Clé orpheline

O4 - Global Startup: C:\Users\Jules\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vos Démarches Administratives.lnk - Clé orpheline

O4 - HKLM\..\Run: [vspdfprsrv.exe] . (.Pas de propriétaire - Pas de description.) -- C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe

O69 - SBI: C:\Users\Jules\AppData\Roaming\Mozilla\Firefox\Profiles\\4rvcwt7b.default\searchplugins\conduit.xml

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CT2567681.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2567681&q=");

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - (IMBooster4web-en Customized Web Search) -

O69 - SBI: prefs.js [Jules - 4rvcwt7b.default] user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2567681/CT2567681", "\"1292337163\"");

 

 

 

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer".

Acceptez de Redémarrer pour achever le nettoyage.

Copier-coller le rapport de suppression dans la prochaine réponse.

 

Si besoin(au cas où vous n'auriez pas l'icône zhpfix)

Télécharger ZHPFix de Nicolas Coolman sur le bureau.

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Suivre les instructions qui apparaissent à l'écran.

Lancer ZHPFix (laisser la case cochée)

Cliquer ensuite sur le H

Copier-coller (Ctrl C CTRL V) toutes les lignes en vert (et seulement elles) dans le cadre blanc

Cliquer sur "Tous" puis sur "Nettoyer".

suis bloque ....j ais essayer ,le pc a arreter , puis plus rien !!!!trop c.. sans doute !!

Je vous remercie tous pour votre patience ;mais je crois que je ne suis pas a la hauteur !!

[pear]

Je vous remercie tous pour votre patience ;mais je crois que je ne suis pas a la hauteur !!

 

Les Bretons sont plus têtus que ça, malortu!

 

Télécharger OTL sur le bureau

Double cliquer sur l'icône

 

Vérifiez que toutes les autres fenêtres sont fermées afin qu'il s'exécute sans interruption.

Cochez]----------------->Tous les utilisateurs

Sous Rapport

Cliquez ----------------------------->Rapport Standard

Sous Régistre Standard cocher Tous

Cochez------------------------------> Lop et Purity

 

Recherche du MD5:

Dans Pesonnalisation copier_coller le contenu ci dessous:

netsvcs

drivers32

%SYSTEMDRIVE%\*.exe

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%appdata% *.exe /s

/md5start

userinit.exe

wininit.exe

explorer.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

sceclt.dll

ntelogon.dll

logevent.dll

iaStor.sys

nvstor.sys

atapi.sys

cdrom.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\*. /mp /s

CREATERESTOREPOINT

 

Clic sur Analyse

une fois le scan terminé , les fichiers OTL.txt et Extras.txt vont s'ouvrir

 

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.