Pas encore inscrit ?

Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs !

Se connecter

ou

S’inscrire

Rapport HijackThis suspect

Par azzar0
le 16 mai 2011 dans Analyses et éradication malwares

https://forum.zebulon.fr/topic/185409-rapport-hijackthis-suspect/

Abonnés 0

Messages recommandés

azzar0

Posté(e) le 16 mai 2011

- Signaler

Posté(e) le 16 mai 2011 (modifié)

Bonjour,

Je viens de scanner mon pc avec HijackThis, suite à ce scan, j'ai analysé le rapport sur http://www.hijackthis.de/fr. Il semblerait qu'il y a pas mal de choses anormales. J'ai pour environ une centaine de ligne cet avertissement "Méchant, cette tâche devrait se trouver dans le répertoire System32. Ce service (svchost.exe) semble être méchant.

Tâche ne se trouve pas dans le répertoire System32 !"

Auriez-vous l'amabilité d'analyser mon rapport pour enlever toute ambiguïté ? Merci par avance ! Pourquoi ai-je autant de service activé ? Je ne me rappelle d'avoir eu une seule fois autant de ligne 023.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:21:03, on 16/05/2011

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe

C:\Program Files\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtblfs.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Windows Defender\MSASCui.exe

C:\Program Files\WinHex\winhex.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [service Scheduler2 Acronis] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe"

O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"

O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"

O4 - HKCU\..\Run: [iDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: Clavier &virtuel - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Analyse des &liens - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll,C:\PROGRA~1\KASPER~1\KASPER~1\kloehk.dll

O22 - SharedTaskScheduler: FencesShellExt - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files\Stardock\Fences\FencesMenu.dll

O23 - Service: Service Scheduler2 Acronis (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: lxecCATSCustConnectService - Lexmark International, Inc. - C:\Windows\system32\spool\DRIVERS\W32X86\3\\lxecserv.exe

O23 - Service: lxec_device - - C:\Windows\system32\lxeccoms.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Secunia PSI Agent - Secunia - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: Secunia Update Agent - Secunia - C:\Program Files\Secunia\PSI\sua.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (StiSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\uxtuneup.dll,-4096 (UxTuneUp) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: Windows Update (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

End of file - 23751 bytes

Modifié le 16 mai 2011 par azzar0

Citer

tomtom95

Posté(e) le 19 mai 2011

- Signaler

Posté(e) le 19 mai 2011

Bonjour azzar0 et bienvenue sur ZEB

Pour une analyse un peu plus détailler de ton ordinateur, applique cette procédure stp.

Télécharge ZHPDiag de Nicolas Coolman [/b]sur ton Bureau

Lance l'outil : double-clique sur ZHPDiag pour XP
Pour Vista et seven
fais un clique droit sur l'icône et exécute en tant qu'administrateur.

Clique sur le Tournevis a droit en haut

Coche toutes les cases .
Puis Clique sur la petite loupe en haut à gauche pour débuter l'analyse :
L'analyse peut durer une dizaine de minutes.
Le rapport généré par l'outil se nomme ZHPDiag.txt
Clique sur le bouton avec l'appareil photo pour copier le contenu intégral du rapport généré par l'outil dans le presse-papier :
Dans ta prochaine réponse
clique sur les touches CTRL+V pour coller ce rapport.
Si tu rencontres un message d'erreur
cela signifie que le rapport est trop long. Il faut donc l'éditer en plusieurs parties en veillant bien à ne rien oublier
Tu peux aussi héberger le fichier contenant ce rapport ici
http://cjoint.com/
Indique ensuite dans ta prochaine réponse l'adresse d'hébergement de ce rapport pour que je puisse le télécharger et l'analyser.

A+

Citer

azzar0

Posté(e) le 27 mai 2011

Auteur

- Signaler

Posté(e) le 27 mai 2011 (modifié)

Bonjour,

Merci à toi ! Je m'excuse de ne pas avoir répondu plus tôt. Je le fais de suite...

Voici le rapport demandé :

Rapport de ZHPDiag v1.27.214 par Nicolas Coolman, Update du 25/05/2011

Run by 3xP3rT at 27/05/2011 17:49:46

Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

OPIE: Opera v11.11 (Defaut)

MFIE: Mozilla Firefox 4.0.1 v4.0.1

GCIE: Google Chrome v12.0.742.60

---\\ System Information

Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

Processor: x86 Family 6 Model 15 Stepping 7, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3071 MB (64% free)

System Restore: Désactivé (Disabled)

System drive C: has 254 GB (90%) free of 279 GB

---\\ Logged in mode

Computer Name: 3XP3RT-PC

User Name: 3xP3rT

All Users Names: ZaHia, UpdatusUser, HomeGroupUser$, Administrateur, 3xP3rT,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

---\\ Environnement Variables

%AppData%=C:\Users\3xP3rT\AppData\Roaming

%LocalAppData%=C:\Users\3xP3rT\AppData\Local

%StartMenu%=C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 254 Go of 279 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 16 Go of 22 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 16 Go)

F:\ Hard drive, Flash drive, Thumb drive (Free 34 Go of 60 Go)

G:\ Hard drive, Flash drive, Thumb drive (Free 4 Go of 10 Go)

H:\ Hard drive, Flash drive, Thumb drive (Free 177 Go of 300 Go)

I:\ Hard drive, Flash drive, Thumb drive (Free 155 Go of 223 Go)

J:\ Hard drive, Flash drive, Thumb drive (Free 192 Go of 200 Go)

K:\ Hard drive, Flash drive, Thumb drive (Free 11 Go of 100 Go)

L:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] DisableRegistryTools: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] NoDispScrSavPage: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

---\\ Search Generic System Files

[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 06:30:54.) -- C:\Windows\Explorer.exe [2616320]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.A1236375B74EA63C75657D564890C436] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.05/05/2011 09:29:04.) -- C:\Windows\system32\wininet.dll [1126912]

[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 13:17:54.) -- C:\Windows\system32\Winlogon.exe [286720]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 02:26:15.) -- C:\Windows\system32\drivers\atapi.sys [21584]

[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 06:39:00.) -- C:\Windows\system32\drivers\ntfs.sys [1211264]

---\\ Running Processes

[MD5.AF47A890B4EC09F3D8A356FA947DE54D] - (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe [671552]

[MD5.12288E0368EE972CAFA422999F73D3A8] - (.PC Tools - SSDMonit Application.) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [112600]

[MD5.0ACEA00EABCA445D0FC68A12BC8A7335] - (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe [3298712]

[MD5.387FD826630C57270A42EC070F70F420] - (.matt.malensek.net - 3RVX.) -- C:\Program Files\3RVX\3RVX.exe [159232]

[MD5.C83B89C432E5CCC6BD3040EB0A6645A5] - (.NVIDIA Corporation - NVIDIA Settings.) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [373864]

[MD5.207B16FA69F61D1895F8D8532F587E4B] - (.Tonec Inc. - Internet Download Manager agent for click m.) -- C:\Program Files\Internet Download Manager\IEMonitor.exe [263600]

[MD5.E83508D9A0F0D0D8449317DC6A4C5E02] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [924632]

[MD5.A588671AF9BE28C22B4BEDE74F60DEE9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [657408]

---\\ Opera, Plugins,Start,Search (P1,B0,B1)

B0 - SPO: operaprefs.ini [3xP3rT] Home URL=http://www.google.fr

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Opera\Program\Plugins\nppl3260.dll

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Opera\Program\Plugins\nprjplug.dll

P1 - OPN:Opera Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files\Opera\Program\Plugins\nprpjplug.dll

---\\ Mozilla Firefox,Plugins,Start,Search,Extensions (P2,M0,M1,M2,M3)

M3 - MFPP: Plugins - [3xP3rT] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [3xP3rT] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [3xP3rT] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

P2 - FPN: [HKLM] [@adobe.com/ShockwavePlayer] - (.Adobe Systems, Inc. - Adobe Shockwave for Director Netscape plug-in, version 11.5.9.620.) -- C:\Windows\system32\Adobe\Director\np32dsw.dll

P2 - FPN: [HKLM] [@google.com/npPicasa3,version=3.0.0] - (.Google, Inc. - Picasa plugin.) -- C:\Program Files\Google\Picasa3\npPicasa3.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_25 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60310.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.dll

P2 - FPN: [HKLM] [@microsoft.com/SharePoint,version=14.0] - (.Microsoft Corporation - The plug-in allows you to open and edit files using Microsoft Office a.) -- C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3508.1109] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.647] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.647] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre

P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.647] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.647] - (.RealNetworks, Inc. - 12.0.1.647.) -- C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.53\npGoogleUpdate3.dll

M0 - MFSP: prefs.js [3xP3rT - icsk1fmf.default] http://www.google.fr/

M2 - MFEP: prefs.js [3xP3rT - icsk1fmf.default\piclens@cooliris.com] [] Cooliris v1.12.2.44172 (.Cooliris Inc..)

---\\ Google Chrome, Start,Search,Extensions (G0,G1,G2)

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] http://www.google.com'>http://www.google.com'>http://www.google.com'>http://www.google.com

G0 - GCSP: Preference [user Data\Default] http://www.google.fr

G2 - GCE: Preference [user Data\Default] [bkeidgmehkdjmpjodpjkepolokanalkm] AT_JamesWhite v.3 (Activé)

G2 - GCE: Preference [user Data\Default] [bmagokdooijbeehmkpknfglimnifench] Firebug Lite for Google Chrome\u2122 v.1.3.2.9761 (Activé)

G2 - GCE: Preference [user Data\Default] [elncikmfipkphghakkmemnlnahadedno] D\u00E9tection de dispositifs Logitech v.1.21.0.11 (Activé)

G2 - GCE: Preference [user Data\Default] [lifbcibllhkdhoafpjfnlhfpfgnpldfl] Skype Extension v.5.5.0.7280 (Activé)

---\\ Internet Explorer Extensions, Start, Search (R4,R3,R0,R1)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr'>http://google.fr

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R0 - HKUS\S-1-5-21-1745842280-4210890144-1528467641-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.msn.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com'>http://go.microsoft.com'>http://go.microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com

R1 - HKUS\S-1-5-21-1745842280-4210890144-1528467641-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

---\\ ---\\ Changed inifile Value, Mapped to Registry (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

---\\ Browser Helper Objects (O2)

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} . (.Internet Download Manager, Tonec Inc. - IDM Browser Helper Object.) -- C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: Lync add-on BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync 2010.) -- C:\Program Files\Microsoft Lync\OCHelper.dll

O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} . (.Kaspersky Lab ZAO - IE Virtual Keyboard.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} . (.Kaspersky Lab ZAO - WebToolBar component.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll

O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

---\\ Internet Explorer toolbars (O3)

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (.Unknown owner - No comment.) -- (.not file.)

---\\ ---\\ Auto loading programs from Registry and folders (O4)

O4 - HKLM\..\Run: [AVP] . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

O4 - HKLM\..\Run: [sSDMonitor] . (.PC Tools - SSDMonit Application.) -- C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe

O4 - HKCU\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe

O4 - HKCU\..\Run: [3RVX] . (.matt.malensek.net - 3RVX.) -- C:\Program Files\3RVX\3RVX.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-1745842280-4210890144-1528467641-1001\..\Run: [iDMan] . (.Tonec Inc. - Internet Download Manager (IDM).) -- C:\Program Files\Internet Download Manager\IDMan.exe

O4 - HKUS\S-1-5-21-1745842280-4210890144-1528467641-1001\..\Run: [3RVX] . (.matt.malensek.net - 3RVX.) -- C:\Program Files\3RVX\3RVX.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

---\\ ---\\ Other User Links (O4)

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3RVX.lnk . (.matt.malensek.net.) -- C:\Program Files\3RVX\3RVX.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update Checker.lnk . (.FileHippo.com.) -- C:\Program Files\FileHippo.com\UpdateChecker.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk . (...) -- C:\Users\3xP3rT\AppData\Roaming\Microsoft\Installer\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}\Icon386ED4E3.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinHex.lnk . (.X-Ways Software Technology AG.) -- C:\Program Files\WinHex\WinHex.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\AVG PC Tuneup 2011.lnk . (.AVG.) -- C:\Program Files\AVG\AVG PC Tuneup 2011\BoostSpeed.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free Audio Extractor.lnk . (.Gik Soft.) -- C:\Program Files\Free Audio Extractor\FreeAudioExtractor.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes' Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\NoVirusThanks Malware Remover Free.lnk . (.NoVirusThanks Company Srl.) -- C:\Program Files\NoVirusThanks\Malware Remover Free\NMR.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files\Google\Picasa3\Picasa3.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Revo Uninstaller Pro.lnk . (.VS Revo Group.) -- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\SUMo.lnk . (.KC Softwares.) -- C:\Program Files\KC Softwares\SUMo\SUMo.exe

O4 - Global Startup: C:\Users\3xP3rT\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk . (.BitTorrent, Inc..) -- C:\Program Files\uTorrent\uTorrent.exe

---\\ Extra items in the IE right-click menu (O8)

O8 - Extra context menu item: Télécharger avec IDM . (.Unknown owner - No comment.) -- C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: Télécharger tous les liens avec IDM . (.Unknown owner - No comment.) -- C:\Program Files\Internet Download Manager\IEGetAll.htm

---\\ Extra buttons on main IE button toolbar, or extra items in IE 'Tools' menu (O9)

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion

O9 - Extra button: Module complémentaire Lync - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} . (.Microsoft Corporation - Microsoft Lync 2010.) -- C:\Program Files\Microsoft Lync\communicator.exe

O9 - Extra button: Module complémentaire Lync - {4248FE82-7FCB-46AC-B270-339F08212110} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\kbrd.ico

O9 - Extra button: Module complémentaire Lync - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} . (.AVM Software Inc. - Paltalk Messenger.) -- C:\Program Files\Paltalk Messenger\Paltalk.exe

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} . (...) -- C:\Program Files\Skype\Toolbars\Internet Explorer\icon.ico

O9 - Extra button: Skype Plug-In - {CCF151D8-D089-449F-A5A4-D9909053F20F} . (...) -- C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\logo.ico

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

---\\ ActiveX Objects (Downloaded Program Files) (O16)

O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Détection de dispositifs) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

---\\ Lop.com/Domain Hijackers (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CS2\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpNameServer = 192.168.1.254

O17 - HKLM\System\CCS\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpDomain = lan

O17 - HKLM\System\CS1\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpDomain = lan

O17 - HKLM\System\CS2\Services\Tcpip\..\{5906FB2E-C262-4527-801F-C2A62DDDAE40}: DhcpDomain = lan

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254

---\\ Extra protocols and protocol Hijackers (O18)

O18 - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype add-on for IE.) -- C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

---\\ AppInit_DLLs Registry value Autorun (O20)

O20 - Winlogon Notify: klogon . (.Kaspersky Lab ZAO - Logon Visualizer.) -- C:\Windows\system32\klogon.dll

O20 - Winlogon Notify: LBTWlgn . (.Logitech, Inc. - Logitech Bluetooth Service.) -- c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll

---\\ ShellServiceObjectDelayLoad (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

---\\ SharedTaskScheduler (O22)

O22 - SharedTaskScheduler: (no name) - {1984DD45-52CF-49cd-AB77-18F378FEA264} . (.Stardock - Stardock Fences Shell Extension.) -- C:\Program Files\Stardock\Fences\FencesMenu.dll

---\\ non Microsoft non disabled Windows XP/NT/2000 Services (O23)

O23 - Service: (AcrSch2Svc) . (.Acronis - Acronis Scheduler 2.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: (afcdpsrv) . (.Acronis - File Level CDP Manager Service.) - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: (AVP) . (.Kaspersky Lab ZAO - Kaspersky Anti-Virus.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

O23 - Service: (Diskeeper) . (.Diskeeper Corporation - Diskeeper Service.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

O23 - Service: (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (gupdatem) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: (gusvc) . (.Google - gusvc.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: (LBTServ) . (.Logitech, Inc. - Logitech Bluetooth Service.) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

O23 - Service: (lxecCATSCustConnectService) . (.Lexmark International, Inc. - Lexmark Connect Service Executable.) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxecserv.exe

O23 - Service: (lxec_device) . (.Unknown owner - Printer Communication System.) - C:\Windows\system32\lxeccoms.exe

O23 - Service: C:\Program Files\Microsoft Fix it Center\MatsRes.dll (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: (Microsoft SharePoint Workspace Audit Service) - Orphean Key

O23 - Service: (msoidsvc) . (.Microsoft Corp. - Microsoft® Microsoft Online Services ID Ser.) - C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.exe

O23 - Service: (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 270.6.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: (OS Selector) . (...) - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe

O23 - Service: (PCKeeperService) . (.ZeoBIT LLC - PCKeeper Service.) - C:\Program Files\ZeoBIT\PCKeeper\ZeoService.exe

O23 - Service: (PCToolsSSDMonitorSvc) . (.PC Tools - StartMan Application.) - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: (Secunia PSI Agent) . (.Secunia - Secunia PSI Agent.) - C:\Program Files\Secunia\PSI\PSIA.exe

O23 - Service: (Secunia Update Agent) . (.Secunia - Secunia Update Agent.) - C:\Program Files\Secunia\PSI\sua.exe

O23 - Service: (TeamViewer6) . (.TeamViewer GmbH - TeamViewer Remote Control Application.) - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

O23 - Service: (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

O23 - Service: C:\Windows\system32\umrdp.dll (UMVPFSrv) . (.Logitech Inc. - Logitech User mode UMVPF service.) - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: (wlidsvc) . (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.exe

---\\ Windows Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

---\\ Task Planned Automatically(039)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [Programme de mise … jour en ligne de FileHippo.com] (.Unknown owner.) -- C:\Program âiles\âileHippo.com\UpdateChecker.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1001] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1004] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1001] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1004] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RMSmartUpdate] (.Unknown owner.) -- C:\Program âiles\Registry Mechanic\update.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [sidebarExecute] (.Unknown owner.) -- C:\Program âiles\Windows Sidebar\sidebar.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.Unknown owner.) -- C:\Program âiles\TuneUp Utilities 2011\OneClick.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Unknown owner.) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [MP Scheduled Scan] (.Unknown owner.) -- c:\program âiles\windows deâender\MpCmdRun.exe (.not file.)

---\\ Drivers launched at startup (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft Corporation - Windows Client Side Caching Driver.) - C:\Windows\System32\drivers\csc.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys

O41 - Driver: (kl2) . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - C:\Windows\System32\DRIVERS\kl2.sys

O41 - Driver: (KLIF) . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - C:\Windows\System32\DRIVERS\klif.sys

O41 - Driver: (KLIM6) . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - C:\Windows\System32\DRIVERS\klim6.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\System32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

---\\ Software installed (O42)

O42 - Logiciel: 3RVX - (.matt.malensek.net.) [HKLM] -- {66BB5D8F-D9BD-4799-A9FA-5731B3B7839A}

O42 - Logiciel: AVG PC Tuneup 2011 10.0.0.24 - (.Unknown owner.) [HKLM] -- AVG PC Tuneup 2011_is1

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Acronis Disk Director Home - (.Acronis.) [HKLM] -- {9CCC78EF-027E-40E0-9B61-39932C65E3FE}

O42 - Logiciel: Acronis True Image Home 2011 - (.Acronis.) [HKLM] -- {04A3A6B0-8E19-49BB-82FF-65C5A55F917D}

O42 - Logiciel: Adebis Photo Sorter 1.0 - (.Unknown owner.) [HKLM] -- Adebis Photo Sorter_is1

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- {A2BCA9F1-566C-4805-97D1-7FDC93386723}

O42 - Logiciel: Adobe Acrobat X Pro - English, Français, Deutsch - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-F400-7760-000000000005}

O42 - Logiciel: Adobe Captivate 5 - (.Adobe Systems Incorporated.) [HKLM] -- {8E355243-1A34-4EE8-A743-C166E68CF5C0}

O42 - Logiciel: Adobe Captivate Quiz Results Analyzer - (.Adobe Systems Incorporated.) [HKLM] -- QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

O42 - Logiciel: Adobe Captivate Quiz Results Analyzer - (.Adobe Systems Incorporated.) [HKLM] -- {69B6B9E1-A5DF-3177-2B1D-3B672F29EF86}

O42 - Logiciel: Adobe Captivate Reviewer - (.Adobe Systems Incorporated.) [HKLM] -- AdobeCaptivateReviewer2.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

O42 - Logiciel: Adobe Captivate Reviewer - (.Adobe Systems Incorporated.) [HKLM] -- {8432FFD1-6F4D-F9B8-D641-5932E60359A2}

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {EE6097DD-05F4-4178-9719-D3170BF098E8}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {6956856F-B6B3-4BE0-BA0B-8F495BE32033}

O42 - Logiciel: Assistant de connexion Microsoft Online Services - (.Microsoft Corporation.) [HKLM] -- {9520DDEB-237A-41DB-AA20-F2EF2360DCEB}

O42 - Logiciel: Audacity 1.3.13 (Unicode) - (.Unknown owner.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CameraHelperMsi - (.Logitech.) [HKLM] -- {15634701-BACE-4449-8B25-1567DA8C9FD3}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CustoPackTools - (.neOceane.) [HKLM] -- CustoPackTools

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2FD3FD50-4D6B-433B-9AB8-83F04675DA44}

O42 - Logiciel: Diskeeper 2011 - (.Diskeeper Corporation.) [HKLM] -- {E23818A9-8AC1-4967-8455-1D8B9F7318D9}

O42 - Logiciel: Eraser 6.0.8.2273 - (.The Eraser Project.) [HKLM] -- {392A74D0-4DFE-49F7-87C3-8A61708F8856}

O42 - Logiciel: Fences - (.Stardock Corporation.) [HKLM] -- Fences

O42 - Logiciel: Fences - (.Stardock Corporation.) [HKLM] -- {10CD364B-FFCC-48BE-B469-B9622A033075}

O42 - Logiciel: FileHippo.com Update Checker - (.Unknown owner.) [HKLM] -- FileHippo.com

O42 - Logiciel: FileZilla Client 3.4.0 - (.Unknown owner.) [HKLM] -- FileZilla Client

O42 - Logiciel: Free Audio Extractor V1.3 - (.Unknown owner.) [HKLM] -- Free Audio Extractor_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Hotfix for Microsoft Outlook 2010 (KB2516474) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{63B27C98-FA97-46BA-B312-B682547ED597}

O42 - Logiciel: IObit Unlocker - (.IObit.) [HKLM] -- IObit Unlocker_is1

O42 - Logiciel: ISO Workshop 1.2 - (.Glorylogic.) [HKLM] -- ISO Workshop_is1

O42 - Logiciel: Internet Download Manager - (.Unknown owner.) [HKLM] -- Internet Download Manager

O42 - Logiciel: Java 6 Update 25 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216025FF}

O42 - Logiciel: KC Softwares SUMo - (.KC Softwares.) [HKLM] -- KC Softwares SUMo_is1

O42 - Logiciel: Kaspersky Internet Security 2011 - (.Kaspersky Lab.) [HKLM] -- InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}

O42 - Logiciel: Kaspersky Internet Security 2011 - (.Kaspersky Lab.) [HKLM] -- {66F1F013-008F-4875-B283-5A814B820347}

O42 - Logiciel: LWS Facebook - (.Logitech.) [HKLM] -- {FF167195-9EE4-46C0-8CD7-FBA3457E88AB}

O42 - Logiciel: LWS Gallery - (.Logitech.) [HKLM] -- {6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}

O42 - Logiciel: LWS Help_main - (.Logitech.) [HKLM] -- {1651216E-E7AD-4250-92A1-FB8ED61391C9}

O42 - Logiciel: LWS Launcher - (.Logitech.) [HKLM] -- {83C8FA3C-F4EA-46C4-8392-D3CE353738D6}

O42 - Logiciel: LWS Motion Detection - (.Logitech.) [HKLM] -- {71E66D3F-A009-44AB-8784-75E2819BA4BA}

O42 - Logiciel: LWS Pictures And Video - (.Logitech.) [HKLM] -- {08610298-29AE-445B-B37D-EFBE05802967}

O42 - Logiciel: LWS Twitter - (.Logitech.) [HKLM] -- {174A3B31-4C43-43DD-866F-73C9DB887B48}

O42 - Logiciel: LWS Video Mask Maker - (.Logitech.) [HKLM] -- {EED027B7-0DB6-404B-8F45-6DFEE34A0441}

O42 - Logiciel: LWS VideoEffects - (.Logitech.) [HKLM] -- {138A4072-9E64-46BD-B5F9-DB2BB395391F}

O42 - Logiciel: LWS WLM Plugin - (.Logitech.) [HKLM] -- {9DAEA76B-E50F-4272-A595-0124E826553D}

O42 - Logiciel: LWS Webcam Software - (.Logitech.) [HKLM] -- {8937D274-C281-42E4-8CDB-A0B2DF979189}

O42 - Logiciel: LWS YouTube Plugin - (.Logitech.) [HKLM] -- {21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}

O42 - Logiciel: Lexmark Pro800-Pro900 Series - (.Lexmark International, Inc..) [HKLM] -- Lexmark Pro800-Pro900 Series

O42 - Logiciel: Lexmark Tools for Office - (.Unknown owner.) [HKLM] -- {10812DE7-2E57-4740-B226-6B3BE34AF9D7}

O42 - Logiciel: Logitech SetPoint 6.22 - (.Logitech.) [HKLM] -- sp6

O42 - Logiciel: Logitech Webcam Software - (.Logitech Inc..) [HKLM] -- {D40EB009-0499-459c-A8AF-C9C110766215}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Unknown owner.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Messenger Plus! 5 - (.Yuna Software.) [HKLM] -- Messenger Plus!

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Fix it Center - (.Microsoft Corporation.) [HKLM] -- {B7588D45-AFDC-4C93-9E2E-A100F3554B64}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF}

O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}

O42 - Logiciel: Microsoft Lync 2010 - (.Microsoft Corporation.) [HKLM] -- {7023C711-0E65-471E-8048-12C455968841}

O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS

O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Research AutoCollage 2008 version 1.1 - (.Microsoft Research.) [HKLM] -- {423D8FBE-EC52-40FD-B2A0-8C9C8F973FD7}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - KB2467175 - (.Microsoft Corporation.) [HKLM] -- {a0fe116e-9a8a-466f-aee0-625cb7c207e3}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}

O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}

O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}

O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}

O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}

O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

O42 - Logiciel: Mises à jour NVIDIA 1.1.34 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.10.0514 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}

O42 - Logiciel: NVIDIA Pilote graphique 270.61 - (.NVIDIA Corporation.) [HKLM] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: NoVirusThanks Malware Remover Free 3.1 - (.Unknown owner.) [HKLM] -- NoVirusThanks Malware Remover Free_is1

O42 - Logiciel: OpenAL - (.Unknown owner.) [HKLM] -- OpenAL

O42 - Logiciel: Opera 11.11 - (.Opera Software ASA.) [HKLM] -- Opera 11.11.2109

O42 - Logiciel: PCKeeper - (.ZeoBIT LLC.) [HKLM] -- {D6903415-3A03-41BA-9F0D-B08CC047C155}

O42 - Logiciel: Pack de traduction (www.toutfr.com) - (.Unknown owner.) [HKLM] -- ToutFr.com

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: Plus Pack for Acronis True Image Home 2011 - (.Acronis.) [HKLM] -- {F1ED5BD7-4770-4037-9CBD-5DF9A5BEC408}

O42 - Logiciel: PowerISO - (.PowerISO Computing, Inc..) [HKLM] -- PowerISO

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02-856B-FBB27AC4E02C}

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

O42 - Logiciel: Registry Mechanic 10.0 - (.PC Tools.) [HKLM] -- Registry Mechanic_is1

O42 - Logiciel: Revo Uninstaller Pro 2.5.3 - (.VS Revo Group, Ltd..) [HKLM] -- {67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1

O42 - Logiciel: Secunia PSI (2.0.0.3003) - (.Unknown owner.) [HKLM] -- Secunia PSI

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft Excel 2010 (KB2466146) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4D3B2D30-46D3-4DC0-BA73-85306B10E0AE}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289078) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{1D1A4F08-2F17-475B-BA72-476CE5992FEE}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2289161) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F134C2C6-30B3-4169-A325-58482B4CE6FC}

O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2519975) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{45D7C5CD-B967-44AF-9DAB-E5C8545558AD}

O42 - Logiciel: Security Update for Microsoft Publisher 2010 (KB2409055) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{C3C277D5-36E3-4B1A-926A-175B2BC019CF}

O42 - Logiciel: Security Update for Microsoft Word 2010 (KB2345000) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A6D422EE-1196-45EE-B9AE-6B5B64975E8B}

O42 - Logiciel: Sendoid - (.Caffeinated Mind, Inc..) [HKLM] -- com.caffeinatedmind.Sendoid

O42 - Logiciel: Sendoid - (.Caffeinated Mind, Inc..) [HKLM] -- {ABD45A2C-0F28-8760-0F42-3AEB7AC03A1B}

O42 - Logiciel: Skype Toolbars - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}

O42 - Logiciel: Skype™ 5.3 - (.Skype Technologies S.A..) [HKLM] -- {5335DADB-34BA-4AE8-A519-648D78498846}

O42 - Logiciel: SpeedFan (remove only) - (.Unknown owner.) [HKLM] -- SpeedFan

O42 - Logiciel: SpywareBlaster 4.4 - (.Unknown owner.) [HKLM] -- SpywareBlaster_is1

O42 - Logiciel: TeamViewer 6 - (.TeamViewer GmbH.) [HKLM] -- TeamViewer 6

O42 - Logiciel: TeraCopy 2.12 - (.Code Sector Inc..) [HKLM] -- TeraCopy_is1

O42 - Logiciel: TuneUp Utilities 2011 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2011

O42 - Logiciel: UltraISO Premium V9.36 - (.Unknown owner.) [HKLM] -- UltraISO_is1

O42 - Logiciel: Universal Extractor 1.6.1 - (.Jared Breland.) [HKLM] -- Universal Extractor_is1

O42 - Logiciel: Update for Microsoft Office 2010 (KB2202188) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{86B7A074-265D-420C-9E1E-7A920EF0ECA7}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{556146F7-74AE-4E0A-B64F-5B8B93469F61}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B5516874-E926-4BFD-B412-D0E70112F244}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2413186) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D6CE7280-6EE3-419A-8F47-DB111C040B1B}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2493983) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{309EEC22-83CE-4109-B019-BA9392FAA322}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2441641) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{A10DC2B7-6FDA-4C17-9DF0-6A834CAC4306}

O42 - Logiciel: VLC media player 1.1.9 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: VirusTotal Uploader 2.0 - (.Unknown owner.) [HKLM] -- VirusTotalUploader2.0

O42 - Logiciel: Wikikou Messenger Cleaner - (.Unknown owner.) [HKLM] -- Wikikou Messenger Cleaner

O42 - Logiciel: WinAVI All in One Converter - (.ZJMedia Digital Technology Ltd..) [HKLM] -- WinAVI All in One Converter

O42 - Logiciel: WinHex - (.Unknown owner.) [HKLM] -- WinHex

O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: WinZip 15.0 - (.WinZip Computing, S.L. .) [HKLM] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}

O42 - Logiciel: Windows 7 Manager - (.Yamicsoft.) [HKLM] -- {C758EB4B-911F-446B-87A8-E4D8165FC349}

O42 - Logiciel: Windows Installer Clean Up - (.Microsoft Corporation.) [HKLM] -- {121634B0-2F4B-11D3-ADA3-00C04F52DD52}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {6057E21C-ABE9-4059-AE3E-3BEB9925E660}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {EB4DF488-AAEF-406F-A341-CB2AAA315B90}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Your Uninstaller! 7 - (.URSoft, Inc..) [HKLM] -- YU2010_is1

O42 - Logiciel: erLT - (.Logitech, Inc..) [HKLM] -- {3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}

O42 - Logiciel: µTorrent - (.Unknown owner.) [HKLM] -- uTorrent

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ASProtect]

[HKCU\Software\AVG]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Acronis]

[HKCU\Software\Adebis]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\RealNetworks]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\AskToolbar]

[HKCU\Software\AppDataLow\Software\Macromedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Ask.com]

[HKCU\Software\Audacity]

[HKCU\Software\BitTorrent]

[HKCU\Software\Caphyon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Code Sector]

[HKCU\Software\Corel]

[HKCU\Software\DSS]

[HKCU\Software\Digital River]

[HKCU\Software\DownloadManager]

[HKCU\Software\ESET]

[HKCU\Software\EasyBoot Systems]

[HKCU\Software\Eraser]

[HKCU\Software\FileHippo.com]

[HKCU\Software\FreeTime]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\Intel]

[HKCU\Software\InterVideo]

[HKCU\Software\JavaSoft]

[HKCU\Software\Jordan Russell]

[HKCU\Software\KC Softwares]

[HKCU\Software\KasperskyLab]

[HKCU\Software\Leadertech]

[HKCU\Software\LexmarkInkjet]

[HKCU\Software\LexmarkPhoto]

[HKCU\Software\Lexmark]

[HKCU\Software\LogiShrd]

[HKCU\Software\Logitech]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\NewBlue]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\NoVirusThanks]

[HKCU\Software\ODBC]

[HKCU\Software\Opera Software]

[HKCU\Software\PCTools]

[HKCU\Software\PEiD]

[HKCU\Software\PTP]

[HKCU\Software\Paltalk]

[HKCU\Software\Policies]

[HKCU\Software\PowerISO]

[HKCU\Software\RealNetworks]

[HKCU\Software\RedGiantSoftware]

[HKCU\Software\RegisteredApplications]

[HKCU\Software\RocketDock]

[HKCU\Software\SecuROM]

[HKCU\Software\Secunia]

[HKCU\Software\Skype]

[HKCU\Software\SpeedFan]

[HKCU\Software\Stardock]

[HKCU\Software\Sysinternals]

[HKCU\Software\TeamViewer]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\URSoft]

[HKCU\Software\UniExtract]

[HKCU\Software\VS Revo Group]

[HKCU\Software\Valve]

[HKCU\Software\WinAVI]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\X-Ways AG]

[HKCU\Software\Yamicsoft]

[HKCU\Software\Yuna Software]

[HKCU\Software\ZeoBIT]

[HKCU\Software\pth264]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Acronis]

[HKLM\Software\Adebis]

[HKLM\Software\Adobe]

[HKLM\Software\Alienware]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Code Sector]

[HKLM\Software\Digital River]

[HKLM\Software\Diskeeper Corporation]

[HKLM\Software\DivXNetworks]

[HKLM\Software\EasyBoot Systems]

[HKLM\Software\Eset]

[HKLM\Software\FileZilla 3]

[HKLM\Software\GNU]

[HKLM\Software\Glorylogic]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hispasec]

[HKLM\Software\IM Providers]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KasperskyLab]

[HKLM\Software\Khronos]

[HKLM\Software\LexmarkInkjet]

[HKLM\Software\Lexmark]

[HKLM\Software\Licenses]

[HKLM\Software\Logitech]

[HKLM\Software\MAGIX]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Netscape]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\ODBC]

[HKLM\Software\Opera Software]

[HKLM\Software\PCTools]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Protexis]

[HKLM\Software\RealNetworks]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Reviversoft]

[HKLM\Software\Secunia]

[HKLM\Software\Sensible Vision]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\SpywareBlaster]

[HKLM\Software\Stardock]

[HKLM\Software\TeamViewer]

[HKLM\Software\TrendMicro]

[HKLM\Software\Trolltech]

[HKLM\Software\TuneUp]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\WideStep]

[HKLM\Software\WinRAR]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yuna Software]

[HKLM\Software\ZeoBIT]

[HKLM\Software\logishrd]

[HKLM\Software\mozilla.org]

[HKLM\Software\neOceane]

---\\ Contents of the Common Files folders (O43)

O43 - CFD: 19/05/2011 - 06:46:20 - [2101445] ----D- C:\Program Files\3RVX

O43 - CFD: 05/05/2011 - 22:43:40 - [292047011] ----D- C:\Program Files\Acronis

O43 - CFD: 16/05/2011 - 05:17:34 - [1115054] ----D- C:\Program Files\Adebis Photo Sorter

O43 - CFD: 06/05/2011 - 03:45:18 - [2537139661] ----D- C:\Program Files\Adobe

O43 - CFD: 05/05/2011 - 10:46:10 - [2221118] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 05/05/2011 - 10:51:40 - [41556268] ----D- C:\Program Files\Audacity 1.3 Beta (Unicode)

O43 - CFD: 14/04/2011 - 20:48:50 - [2104519] ----D- C:\Program Files\Autoruns

O43 - CFD: 05/05/2011 - 10:31:28 - [35110142] ----D- C:\Program Files\AVG

O43 - CFD: 06/05/2011 - 01:05:26 - [64876030] ----D- C:\Program Files\AVS4YOU

O43 - CFD: 05/05/2011 - 10:34:00 - [133771] ----D- C:\Program Files\BlueScreenView

O43 - CFD: 06/05/2011 - 02:34:00 - [4108810] ----D- C:\Program Files\CCleaner

O43 - CFD: 22/05/2011 - 22:37:12 - [1423608665] ----D- C:\Program Files\Common Files

O43 - CFD: 05/05/2011 - 10:03:22 - [1061653] ----D- C:\Program Files\cust

O43 - CFD: 07/05/2011 - 04:57:16 - [78006477] ----D- C:\Program Files\CustoPackTools

O43 - CFD: 06/05/2011 - 01:32:56 - [32340572] ----D- C:\Program Files\Diskeeper Corporation

O43 - CFD: 06/05/2011 - 07:14:54 - [83226644] ----D- C:\Program Files\DVD Maker

O43 - CFD: 20/05/2011 - 23:14:20 - [3751626] ----D- C:\Program Files\Elite Keylogger

O43 - CFD: 06/05/2011 - 04:32:42 - [2402549] ----D- C:\Program Files\Eraser

O43 - CFD: 06/05/2011 - 03:07:32 - [144481065] ----D- C:\Program Files\ESET

O43 - CFD: 05/05/2011 - 09:40:18 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 06/05/2011 - 03:08:46 - [381086] ----D- C:\Program Files\FileHippo.com

O43 - CFD: 06/05/2011 - 04:33:40 - [16450755] ----D- C:\Program Files\FileZilla FTP Client

O43 - CFD: 06/05/2011 - 04:24:46 - [5639427] ----D- C:\Program Files\Free Audio Extractor

O43 - CFD: 22/05/2011 - 23:24:32 - [65536] ----D- C:\Program Files\FreeTime

O43 - CFD: 16/05/2011 - 05:19:08 - [4580160] ----D- C:\Program Files\Glorylogic

O43 - CFD: 06/05/2011 - 01:20:22 - [78818421] ----D- C:\Program Files\Google

O43 - CFD: 17/05/2011 - 21:53:20 - [0] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 08/05/2011 - 20:27:30 - [8734501] ----D- C:\Program Files\Internet Download Manager

O43 - CFD: 15/05/2011 - 06:08:00 - [6337382] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 06/05/2011 - 03:16:14 - [3837982] ----D- C:\Program Files\IObit

O43 - CFD: 06/05/2011 - 03:14:08 - [3885071] ----D- C:\Program Files\isetup-5.4.2

O43 - CFD: 05/05/2011 - 09:54:10 - [91500915] ----D- C:\Program Files\Java

O43 - CFD: 15/05/2011 - 21:46:14 - [62145894] ----D- C:\Program Files\Kaspersky Lab

O43 - CFD: 06/05/2011 - 03:38:40 - [2915406] ----D- C:\Program Files\KC Softwares

O43 - CFD: 07/05/2011 - 03:12:34 - [4359462] ----D- C:\Program Files\Lexmark

O43 - CFD: 07/05/2011 - 03:13:06 - [115195981] ----D- C:\Program Files\Lexmark Pro800-Pro900 Series

O43 - CFD: 07/05/2011 - 03:12:20 - [2315014] ----D- C:\Program Files\Lexmark Toolbar

O43 - CFD: 07/05/2011 - 15:38:38 - [511133] ----D- C:\Program Files\Lexmark Tools For Office

O43 - CFD: 19/05/2011 - 20:23:22 - [102702049] ----D- C:\Program Files\Logitech

O43 - CFD: 15/05/2011 - 02:44:54 - [5071064] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 06/05/2011 - 04:29:22 - [6166114] ----D- C:\Program Files\Microsoft

O43 - CFD: 06/05/2011 - 02:06:52 - [39848379] ----D- C:\Program Files\Microsoft Analysis Services

O43 - CFD: 06/05/2011 - 07:06:30 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 15/05/2011 - 04:36:26 - [33479920] ----D- C:\Program Files\Microsoft Fix it Center

O43 - CFD: 14/07/2009 - 11:01:22 - [147813426] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 09/05/2011 - 21:20:52 - [9362570] ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD: 17/05/2011 - 08:42:24 - [76709804] ----D- C:\Program Files\Microsoft Lync

O43 - CFD: 06/05/2011 - 02:07:50 - [695399925] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 06/05/2011 - 06:21:20 - [38388859] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 06/05/2011 - 02:07:50 - [3635637] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 06/05/2011 - 02:07:50 - [793991] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 06/05/2011 - 02:08:00 - [326800] ----D- C:\Program Files\Microsoft Synchronization Services

O43 - CFD: 06/05/2011 - 07:25:10 - [8167779] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 25/05/2011 - 04:41:02 - [32633713] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 14/07/2009 - 06:52:32 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 06/05/2011 - 12:37:10 - [6394415] ----D- C:\Program Files\MSECACHE

O43 - CFD: 06/05/2011 - 07:06:08 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 06/05/2011 - 03:17:22 - [3802875] ----D- C:\Program Files\NoVirusThanks

O43 - CFD: 05/05/2011 - 10:02:36 - [302759037] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 17/05/2011 - 08:35:20 - [67132083] ----D- C:\Program Files\OCSetup

O43 - CFD: 12/05/2011 - 23:14:20 - [785464] ----D- C:\Program Files\OpenAL

O43 - CFD: 23/05/2011 - 02:08:48 - [30234830] ----D- C:\Program Files\Opera

O43 - CFD: 23/05/2011 - 05:10:04 - [34591921] ----D- C:\Program Files\Paltalk Messenger

O43 - CFD: 06/05/2011 - 13:28:44 - [0] ----D- C:\Program Files\Paragon Software

O43 - CFD: 05/05/2011 - 10:45:30 - [4022452] ----D- C:\Program Files\PowerISO

O43 - CFD: 05/05/2011 - 10:46:48 - [76322555] ----D- C:\Program Files\QuickTime

O43 - CFD: 22/05/2011 - 22:37:14 - [95907786] ----D- C:\Program Files\Real

O43 - CFD: 14/07/2009 - 06:52:32 - [39159041] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 20/05/2011 - 22:32:02 - [39642533] ----D- C:\Program Files\Registry Mechanic

O43 - CFD: 06/05/2011 - 00:44:34 - [0] ----D- C:\Program Files\Reviversoft

O43 - CFD: 06/05/2011 - 03:30:40 - [4682480] ----D- C:\Program Files\Secunia

O43 - CFD: 16/05/2011 - 05:19:34 - [1591496] ----D- C:\Program Files\Sendoid

O43 - CFD: 06/05/2011 - 03:38:28 - [28811274] R---D- C:\Program Files\Skype

O43 - CFD: 10/05/2011 - 05:24:30 - [5707679] ----D- C:\Program Files\SpeedFan

O43 - CFD: 05/05/2011 - 10:53:34 - [5601490] ----D- C:\Program Files\SpywareBlaster

O43 - CFD: 07/05/2011 - 03:08:00 - [9490343] ----D- C:\Program Files\Stardock

O43 - CFD: 06/05/2011 - 02:43:22 - [0] ----D- C:\Program Files\Sunbelt Software

O43 - CFD: 15/05/2011 - 06:33:32 - [23868825] ----D- C:\Program Files\TeamViewer

O43 - CFD: 06/05/2011 - 01:02:26 - [4251087] ----D- C:\Program Files\TeraCopy

O43 - CFD: 05/05/2011 - 10:00:26 - [2593883] ----D- C:\Program Files\ToutFr.com

O43 - CFD: 16/05/2011 - 22:20:36 - [419852] ----D- C:\Program Files\Trend Micro

O43 - CFD: 14/05/2011 - 21:47:48 - [59972222] ----D- C:\Program Files\TuneUp Utilities 2011

O43 - CFD: 06/05/2011 - 03:36:58 - [5963525] ----D- C:\Program Files\UltraISO

O43 - CFD: 14/07/2009 - 06:53:24 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 05/05/2011 - 10:54:02 - [12593708] ----D- C:\Program Files\Universal Extractor

O43 - CFD: 05/05/2011 - 22:17:22 - [399736] ----D- C:\Program Files\uTorrent

O43 - CFD: 06/05/2011 - 01:20:48 - [82838218] ----D- C:\Program Files\VideoLAN

O43 - CFD: 15/05/2011 - 10:42:04 - [360582] ----D- C:\Program Files\VirusTotalUploader2

O43 - CFD: 06/05/2011 - 02:08:02 - [40712593] ----D- C:\Program Files\VS Revo Group

O43 - CFD: 05/05/2011 - 22:56:48 - [647249] ----D- C:\Program Files\Wikikou

O43 - CFD: 06/05/2011 - 03:04:30 - [55078120] ----D- C:\Program Files\WinAVI

O43 - CFD: 06/05/2011 - 07:14:54 - [3050496] ----D- C:\Program Files\Windows Defender

O43 - CFD: 06/05/2011 - 01:32:56 - [0] ----D- C:\Program Files\Windows Home Server

O43 - CFD: 06/05/2011 - 00:48:56 - [127894] ----D- C:\Program Files\Windows Installer Clean Up

O43 - CFD: 06/05/2011 - 07:14:54 - [7013496] ----D- C:\Program Files\Windows Journal

O43 - CFD: 10/05/2011 - 10:35:06 - [146542721] ----D- C:\Program Files\Windows Live

O43 - CFD: 06/05/2011 - 07:14:54 - [6181376] ----D- C:\Program Files\Windows Mail

O43 - CFD: 06/05/2011 - 07:14:54 - [6604034] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 05/05/2011 - 09:40:18 - [12197556] ----D- C:\Program Files\Windows NT

O43 - CFD: 06/05/2011 - 07:14:54 - [4417800] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 06/05/2011 - 07:14:54 - [189952] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 06/05/2011 - 07:14:54 - [9028365] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 06/05/2011 - 04:12:48 - [3278109] ----D- C:\Program Files\WinHex

O43 - CFD: 20/05/2011 - 23:26:32 - [4056289] ----D- C:\Program Files\WinRAR

O43 - CFD: 06/05/2011 - 04:34:54 - [37360083] ----D- C:\Program Files\WinZip

O43 - CFD: 06/05/2011 - 03:51:26 - [13939067] ----D- C:\Program Files\Yamicsoft

O43 - CFD: 20/05/2011 - 23:11:08 - [18288140] ----D- C:\Program Files\Your Uninstaller! 7

O43 - CFD: 06/05/2011 - 01:07:02 - [17766508] ----D- C:\Program Files\Yuna Software

O43 - CFD: 06/05/2011 - 04:26:40 - [6959476] ----D- C:\Program Files\ZeoBIT

O43 - CFD: 27/05/2011 - 17:49:52 - [4013880] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 05/05/2011 - 10:01:14 - [19961896] ----D- C:\Program Files\[Portable] Norton Utilities v14.5.0.118 [PL]

O43 - CFD: 05/05/2011 - 22:43:40 - [266127416] ----D- C:\Program Files\Common Files\Acronis

O43 - CFD: 13/05/2011 - 03:24:16 - [225610329] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 06/05/2011 - 03:47:58 - [31516546] ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD: 05/05/2011 - 10:46:14 - [54774793] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 06/05/2011 - 01:05:24 - [92624896] ----D- C:\Program Files\Common Files\AVSMedia

O43 - CFD: 06/05/2011 - 02:08:00 - [99136] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 06/05/2011 - 01:32:56 - [179040] ----D- C:\Program Files\Common Files\Diskeeper Corporation

O43 - CFD: 06/05/2011 - 03:36:58 - [262144] ----D- C:\Program Files\Common Files\EZB Systems

O43 - CFD: 07/05/2011 - 04:33:30 - [1142674] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 05/05/2011 - 09:54:18 - [1252295] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 19/05/2011 - 20:23:52 - [87940603] ----D- C:\Program Files\Common Files\LogiShrd

O43 - CFD: 19/05/2011 - 20:22:40 - [5241923] ----D- C:\Program Files\Common Files\LWS

O43 - CFD: 17/05/2011 - 08:46:24 - [255225426] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 06/05/2011 - 03:31:56 - [66575897] ----D- C:\Program Files\Common Files\PC Tools

O43 - CFD: 14/07/2009 - 04:37:06 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 06/05/2011 - 03:38:12 - [2254216] ----D- C:\Program Files\Common Files\Skype

O43 - CFD: 14/07/2009 - 04:37:06 - [41103783] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 08/05/2011 - 23:10:48 - [316664] ----D- C:\Program Files\Common Files\Steam

O43 - CFD: 06/05/2011 - 02:07:00 - [14401385] ----D- C:\Program Files\Common Files\System

O43 - CFD: 05/05/2011 - 22:59:08 - [220600957] ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD: 09/05/2011 - 21:20:18 - [56003584] ----D- C:\Program Files\Common Files\Wise Installation Wizard

O43 - CFD: 22/05/2011 - 22:37:12 - [352256] ----D- C:\Program Files\Common Files\xing shared

O43 - CFD: 07/05/2011 - 03:40:20 - [94043] ----D- C:\ProgramData\Acronis

O43 - CFD: 14/05/2011 - 14:26:52 - [242881444] ----D- C:\ProgramData\Adobe

O43 - CFD: 05/05/2011 - 10:46:10 - [20614656] ----D- C:\ProgramData\Apple

O43 - CFD: 05/05/2011 - 10:46:36 - [26896384] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 06/05/2011 - 01:05:38 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 05/05/2011 - 09:40:18 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 07/05/2011 - 05:02:36 - [394774] ----D- C:\ProgramData\CustoPackTools

O43 - CFD: 06/05/2011 - 13:35:38 - [0] ----D- C:\ProgramData\deletepart

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 06/05/2011 - 01:32:56 - [8966] ----D- C:\ProgramData\Diskeeper Corporation

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 06/05/2011 - 13:32:28 - [0] ----D- C:\ProgramData\explauncher

O43 - CFD: 07/05/2011 - 03:29:04 - [212] ----D- C:\ProgramData\Ezprint

O43 - CFD: 05/05/2011 - 09:40:18 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 05/05/2011 - 23:26:26 - [12722] ----D- C:\ProgramData\Google

O43 - CFD: 06/05/2011 - 03:16:16 - [141] ----D- C:\ProgramData\IObit

O43 - CFD: 27/05/2011 - 17:27:30 - [752329994] ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD: 06/05/2011 - 13:32:24 - [0] ----D- C:\ProgramData\launcher

O43 - CFD: 10/05/2011 - 05:30:54 - [0] ----D- C:\ProgramData\Lexmark Pro800-Pro900 Series

O43 - CFD: 06/05/2011 - 01:57:00 - [3911335] ----D- C:\ProgramData\Logishrd

O43 - CFD: 19/05/2011 - 20:22:42 - [15742290] ----D- C:\ProgramData\Logitech

O43 - CFD: 16/05/2011 - 15:08:26 - [15064] ----D- C:\ProgramData\Lx_cats

O43 - CFD: 05/05/2011 - 10:42:48 - [6752065] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 05/05/2011 - 09:40:18 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 06/05/2011 - 01:20:00 - [10136] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 17/05/2011 - 08:46:24 - [1077256683] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 17/05/2011 - 09:01:26 - [58634] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 05/05/2011 - 09:40:18 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 05/05/2011 - 10:02:34 - [198123] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 05/05/2011 - 10:01:58 - [580177] ----D- C:\ProgramData\NVIDIA Corporation

O43 - CFD: 06/05/2011 - 04:19:38 - [2186] ----D- C:\ProgramData\Protexis

O43 - CFD: 22/05/2011 - 22:37:28 - [1473036] ----D- C:\ProgramData\Real

O43 - CFD: 06/05/2011 - 13:32:50 - [0] ----D- C:\ProgramData\redistpart

O43 - CFD: 10/05/2011 - 18:45:40 - [5093] ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 06/05/2011 - 03:38:12 - [23148556] ----D- C:\ProgramData\Skype

O43 - CFD: 12/05/2011 - 00:08:36 - [1303515] ----D- C:\ProgramData\Skype Extras

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 05/05/2011 - 09:54:18 - [119] ----D- C:\ProgramData\Sun

O43 - CFD: 06/05/2011 - 02:43:26 - [796144] ----D- C:\ProgramData\Sunbelt

O43 - CFD: 27/05/2011 - 15:22:04 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 06:53:56 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 14/05/2011 - 21:40:58 - [4891253] ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 06/05/2011 - 04:36:22 - [119] ----D- C:\ProgramData\WinZip

O43 - CFD: 06/05/2011 - 04:28:36 - [92] ----D- C:\ProgramData\ZeoBIT

O43 - CFD: 05/05/2011 - 10:38:34 - [367] ----D- C:\Users\3xP3rT\AppData\Roaming\Acronis

O43 - CFD: 06/05/2011 - 03:41:30 - [1121709] ----D- C:\Users\3xP3rT\AppData\Roaming\Adobe

O43 - CFD: 23/05/2011 - 02:45:42 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\Apple Computer

O43 - CFD: 05/05/2011 - 10:51:46 - [1183] ----D- C:\Users\3xP3rT\AppData\Roaming\Audacity

O43 - CFD: 07/05/2011 - 01:31:52 - [707435764] ----D- C:\Users\3xP3rT\AppData\Roaming\AVG

O43 - CFD: 06/05/2011 - 01:05:38 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\AVS4YOU

O43 - CFD: 16/05/2011 - 05:19:36 - [2917] ----D- C:\Users\3xP3rT\AppData\Roaming\com.caffeinatedmind.Sendoid

O43 - CFD: 27/05/2011 - 07:08:38 - [20480] ----D- C:\Users\3xP3rT\AppData\Roaming\DMCache

O43 - CFD: 06/05/2011 - 04:24:46 - [485035] ----D- C:\Users\3xP3rT\AppData\Roaming\FreeAudioExtractor

O43 - CFD: 05/05/2011 - 09:40:36 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\Identities

O43 - CFD: 25/05/2011 - 18:15:56 - [30546558] ----D- C:\Users\3xP3rT\AppData\Roaming\IDM

O43 - CFD: 06/05/2011 - 03:38:46 - [55802] ----D- C:\Users\3xP3rT\AppData\Roaming\KC Softwares

O43 - CFD: 06/05/2011 - 01:46:26 - [355] ----D- C:\Users\3xP3rT\AppData\Roaming\Leadertech

O43 - CFD: 06/05/2011 - 01:43:36 - [119244] ----D- C:\Users\3xP3rT\AppData\Roaming\Logishrd

O43 - CFD: 19/05/2011 - 20:04:26 - [35069] ----D- C:\Users\3xP3rT\AppData\Roaming\Logitech

O43 - CFD: 05/05/2011 - 10:35:52 - [64797] ----D- C:\Users\3xP3rT\AppData\Roaming\Macromedia

O43 - CFD: 05/05/2011 - 10:42:50 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 11:00:34 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\Media Center Programs

O43 - CFD: 17/05/2011 - 08:57:50 - [19025227] -S--D- C:\Users\3xP3rT\AppData\Roaming\Microsoft

O43 - CFD: 25/05/2011 - 04:41:12 - [35166226] ----D- C:\Users\3xP3rT\AppData\Roaming\Mozilla

O43 - CFD: 06/05/2011 - 04:19:48 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\NVIDIA

O43 - CFD: 06/05/2011 - 03:22:22 - [292219] ----D- C:\Users\3xP3rT\AppData\Roaming\Opera

O43 - CFD: 23/05/2011 - 05:12:04 - [258304] ----D- C:\Users\3xP3rT\AppData\Roaming\Paltalk

O43 - CFD: 23/05/2011 - 08:02:38 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\QuickStoresToolbar

O43 - CFD: 13/05/2011 - 14:49:34 - [1255] ----D- C:\Users\3xP3rT\AppData\Roaming\QuizResultsAnalyzer.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

O43 - CFD: 22/05/2011 - 22:37:28 - [1354416] ----D- C:\Users\3xP3rT\AppData\Roaming\Real

O43 - CFD: 20/05/2011 - 18:23:46 - [927249] ----D- C:\Users\3xP3rT\AppData\Roaming\Registry Mechanic

O43 - CFD: 05/05/2011 - 10:46:32 - [49554] ----D- C:\Users\3xP3rT\AppData\Roaming\Reviversoft

O43 - CFD: 18/05/2011 - 23:48:28 - [1347777] ----D- C:\Users\3xP3rT\AppData\Roaming\Skype

O43 - CFD: 12/05/2011 - 00:08:30 - [31040] ----D- C:\Users\3xP3rT\AppData\Roaming\skypePM

O43 - CFD: 06/05/2011 - 06:39:12 - [4371105] ----D- C:\Users\3xP3rT\AppData\Roaming\Stardock

O43 - CFD: 06/05/2011 - 02:43:28 - [89772] ----D- C:\Users\3xP3rT\AppData\Roaming\Sunbelt

O43 - CFD: 18/05/2011 - 23:48:30 - [139] ----D- C:\Users\3xP3rT\AppData\Roaming\TeamViewer

O43 - CFD: 27/05/2011 - 15:47:50 - [1410] ----D- C:\Users\3xP3rT\AppData\Roaming\TeraCopy

O43 - CFD: 14/05/2011 - 21:40:46 - [8230] ----D- C:\Users\3xP3rT\AppData\Roaming\TuneUp Software

O43 - CFD: 20/05/2011 - 22:02:52 - [7579] ----D- C:\Users\3xP3rT\AppData\Roaming\URSoft

O43 - CFD: 27/05/2011 - 15:12:02 - [4284959] ----D- C:\Users\3xP3rT\AppData\Roaming\uTorrent

O43 - CFD: 23/05/2011 - 05:17:00 - [1546763] ----D- C:\Users\3xP3rT\AppData\Roaming\vlc

O43 - CFD: 06/05/2011 - 03:04:34 - [488] ----D- C:\Users\3xP3rT\AppData\Roaming\WinAVI

O43 - CFD: 06/05/2011 - 12:39:04 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\Windows Live Writer

O43 - CFD: 05/05/2011 - 10:16:54 - [12] ----D- C:\Users\3xP3rT\AppData\Roaming\WinRAR

O43 - CFD: 19/05/2011 - 20:08:16 - [15805310] ----D- C:\Users\3xP3rT\Appdata\Local\Adobe

O43 - CFD: 05/05/2011 - 09:40:30 - [0] -SH-D- C:\Users\3xP3rT\Appdata\Local\Application Data

O43 - CFD: 17/05/2011 - 08:33:22 - [4086486] ----D- C:\Users\3xP3rT\Appdata\Local\Apps

O43 - CFD: 26/05/2011 - 17:26:18 - [15864] ----D- C:\Users\3xP3rT\Appdata\Local\Cooliris

O43 - CFD: 17/05/2011 - 08:57:54 - [0] ----D- C:\Users\3xP3rT\Appdata\Local\Deployment

O43 - CFD: 25/05/2011 - 04:13:32 - [194947] ----D- C:\Users\3xP3rT\Appdata\Local\ElevatedDiagnostics

O43 - CFD: 06/05/2011 - 06:40:00 - [366] ----D- C:\Users\3xP3rT\Appdata\Local\Eraser 6

O43 - CFD: 15/05/2011 - 04:38:16 - [1055248] ----D- C:\Users\3xP3rT\Appdata\Local\FixItCenter

O43 - CFD: 10/05/2011 - 05:20:48 - [13699] ----D- C:\Users\3xP3rT\Appdata\Local\GmailNotifierPro

O43 - CFD: 06/05/2011 - 13:39:08 - [458188609] ----D- C:\Users\3xP3rT\Appdata\Local\Google

O43 - CFD: 05/05/2011 - 09:40:30 - [0] -SH-D- C:\Users\3xP3rT\Appdata\Local\Historique

O43 - CFD: 06/05/2011 - 04:30:22 - [12327] ----D- C:\Users\3xP3rT\Appdata\Local\IsolatedStorage

O43 - CFD: 06/05/2011 - 02:40:26 - [0] ----D- C:\Users\3xP3rT\Appdata\Local\LogiShrd

O43 - CFD: 19/05/2011 - 06:46:40 - [3340] ----D- C:\Users\3xP3rT\Appdata\Local\matt.malensek.net

O43 - CFD: 23/05/2011 - 05:08:52 - [807770743] ----D- C:\Users\3xP3rT\Appdata\Local\Microsoft

O43 - CFD: 06/05/2011 - 02:06:32 - [0] ----D- C:\Users\3xP3rT\Appdata\Local\Microsoft Help

O43 - CFD: 10/05/2011 - 10:43:16 - [187368] ----D- C:\Users\3xP3rT\Appdata\Local\MigWiz

O43 - CFD: 05/05/2011 - 21:55:44 - [54270689] ----D- C:\Users\3xP3rT\Appdata\Local\Mozilla

O43 - CFD: 06/05/2011 - 03:22:22 - [14162356] ----D- C:\Users\3xP3rT\Appdata\Local\Opera

O43 - CFD: 06/05/2011 - 06:38:48 - [0] ----D- C:\Users\3xP3rT\Appdata\Local\PackageAware

O43 - CFD: 06/05/2011 - 06:42:44 - [0] ----D- C:\Users\3xP3rT\Appdata\Local\Secunia PSI

O43 - CFD: 14/05/2011 - 22:04:48 - [9723] ----D- C:\Users\3xP3rT\Appdata\Local\SKIDROW

O43 - CFD: 27/05/2011 - 17:48:56 - [2685513] ----D- C:\Users\3xP3rT\Appdata\Local\Temp

O43 - CFD: 05/05/2011 - 09:50:50 - [9377] ----D- C:\Users\3xP3rT\Appdata\Local\VirtualStore

O43 - CFD: 06/05/2011 - 02:08:06 - [70962832] ----D- C:\Users\3xP3rT\Appdata\Local\VS Revo Group

O43 - CFD: 06/05/2011 - 03:04:34 - [17644] ----D- C:\Users\3xP3rT\Appdata\Local\WinAVI

O43 - CFD: 15/05/2011 - 05:55:24 - [122880] ----D- C:\Users\3xP3rT\Appdata\Local\Windows Live

O43 - CFD: 06/05/2011 - 12:39:10 - [372494] ----D- C:\Users\3xP3rT\Appdata\Local\Windows Live Writer

O43 - CFD: 13/05/2011 - 02:49:48 - [2344422] ----D- C:\Users\3xP3rT\Appdata\Local\Xenocode

---\\ Last modified or created files under Windows and System32 (O44)

O44 - LFC:[MD5.9314692B07BBA7C8D46A336014A6316B] - 27/05/2011 - 14:20:37 ---A- . (...) -- C:\Windows\System32\opt.ini [52]

O44 - LFC:[MD5.97000000000000000000000064EF1200] - 27/05/2011 - 14:19:48 ---A- . (...) -- C:\Windows\WindowsUpdate.log [752746]

O44 - LFC:[MD5.761C8C6ADDCA9329FBF85E2B23F19F4F] - 27/05/2011 - 14:16:07 ---A- . (...) -- C:\Windows\setupact.log [65240]

O44 - LFC:[MD5.43218F4A71018A5552CCCC6E3FD2C52C] - 27/05/2011 - 14:16:07 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\AdmList.txt [0]

O44 - LFC:[MD5.14DC732BDB44CE43E456B799F40D7E77] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{2390D237-7FE3-11E0-9B65-001BFC0171F9}.dat [358]

O44 - LFC:[MD5.94A472DFF2AA0CC54194CC6B4FB64111] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{2390D23B-7FE3-11E0-9B65-001BFC0171F9}.dat [12]

O44 - LFC:[MD5.88E3352108CEE9552BA9DFF8BC424A9B] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A1-76E8-11E0-A897-806E6F6E6963}.dat [13088]

O44 - LFC:[MD5.94A472DFF2AA0CC54194CC6B4FB64111] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A4-76E8-11E0-A897-806E6F6E6963}.dat [12]

O44 - LFC:[MD5.3DB99E8AD632AFC0706B6FACAC8858FE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A5-76E8-11E0-A897-806E6F6E6963}.dat [606]

O44 - LFC:[MD5.94A472DFF2AA0CC54194CC6B4FB64111] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A6-76E8-11E0-A897-806E6F6E6963}.dat [12]

O44 - LFC:[MD5.94A472DFF2AA0CC54194CC6B4FB64111] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A7-76E8-11E0-A897-806E6F6E6963}.dat [12]

O44 - LFC:[MD5.8B14DB1F1672CC8C06DF74ABC236F70C] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\EvGr_Data{554228A8-76E8-11E0-A897-806E6F6E6963}.dat [41058]

O44 - LFC:[MD5.B25BB3E7EC4A36787AA6FD1F4A9E4571] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_AppData.dat [108494]

O44 - LFC:[MD5.D32F764773769B7F3E10DDD8C614D21A] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_FileFlag.dat [624]

O44 - LFC:[MD5.A247954EE97DA76B545A91113CFD7954] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_FileType.dat [70048]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{2390D237-7FE3-11E0-9B65-001BFC0171F9}.dat [56]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{2390D23B-7FE3-11E0-9B65-001BFC0171F9}.dat [56]

O44 - LFC:[MD5.812EB7B98B5DADB8C4B3D7646883E0C6] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A1-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A4-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A5-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A6-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.25362DA4F0B7725518A79C0385C5F0EE] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A7-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.E67E9EB56CB4466E380AF090B21E034D] - 26/05/2011 - 06:50:53 ---A- . (...) -- C:\Windows\System32\RW_{554228A8-76E8-11E0-A897-806E6F6E6963}.dat [56]

O44 - LFC:[MD5.334A3C20A65A5714F0F88DCB5A33A76C] - 23/05/2011 - 20:36:28 ---A- . (...) -- C:\Windows\PFRO.log [3116]

O44 - LFC:[MD5.6307CD66CB3F4C4A13D0FF5995872E1F] - 23/05/2011 - 16:40:23 ---A- . (...) -- C:\Windows\System32\drivers\klin.dat [115369]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/05/2011 - 09:32:29 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.E9E1BDA354DD4CB06E721041F6266D92] - 22/05/2011 - 21:37:07 ---A- . (.RealNetworks, Inc. - Real Player ActiveX Control.) -- C:\Windows\System32\rmoc3260.dll [198848]

O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 22/05/2011 - 21:37:02 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\Windows\System32\pndx5032.dll [5632]

O44 - LFC:[MD5.B4EB68502E52EBDC0B2C55EA3445284C] - 22/05/2011 - 21:37:01 ---A- . (.Progressive Networks - No comment.) -- C:\Windows\System32\pncrt.dll [272896]

O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 22/05/2011 - 21:37:01 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\Windows\System32\pndx5016.dll [6656]

O44 - LFC:[MD5.DD615FC10AA87EDF160C8DBBA7AC135C] - 22/05/2011 - 18:06:35 ---A- . (...) -- C:\Windows\System32\FNTCACHE.DAT [3692064]

O44 - LFC:[MD5.D9690B9A93BEAD17E865A64B8E67D37F] - 20/05/2011 - 21:04:39 --HA- . (...) -- C:\Windows\System32\v3shrtkgn.dll [81920]

O44 - LFC:[MD5.5FA859B6B568CAC1B817016709454B33] - 19/05/2011 - 19:23:18 ---A- . (...) -- C:\Windows\System32\lvcoinst.log [23417]

O44 - LFC:[MD5.67D725D717DD713D80FCD12BA04B52CB] - 19/05/2011 - 19:21:07 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1557414]

O44 - LFC:[MD5.ACBFBFE60232682F83D4F31454983F3F] - 19/05/2011 - 19:21:07 ---A- . (...) -- C:\Windows\System32\perfc009.dat [107034]

O44 - LFC:[MD5.0AEA436DFAA3C3A7E7F838AD2B6DC451] - 19/05/2011 - 19:21:07 ---A- . (...) -- C:\Windows\System32\perfc00C.dat [131426]

O44 - LFC:[MD5.93DD3EBE46B870A62A69AE487AAFF5BB] - 19/05/2011 - 19:21:07 ---A- . (...) -- C:\Windows\System32\perfh009.dat [618714]

O44 - LFC:[MD5.DB5E31DA812929EC3FA9A982B6C4710A] - 19/05/2011 - 19:21:07 ---A- . (...) -- C:\Windows\System32\perfh00C.dat [706998]

O44 - LFC:[MD5.3D1667B8DE369527A6F00A77B229E6C1] - 16/05/2011 - 22:09:16 --HA- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.465C52BB968818BF9DEAFD406463BCE7] - 15/05/2011 - 06:39:09 ---A- . (...) -- C:\Windows\System32\drivers\klick.dat [97859]

O44 - LFC:[MD5.39920D69EAEDB51757527AA54FE25216] - 15/05/2011 - 06:27:39 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\System32\drivers\klif.sys [488536]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 15/05/2011 - 05:51:01 ---A- . (...) -- C:\Windows\System32\config.nt [2577]

O44 - LFC:[MD5.0EDB06A9B7C527CE9EC749D6F49BAFAC] - 14/05/2011 - 20:40:53 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\System32\TURegOpt.exe [31552]

O44 - LFC:[MD5.CFCB3D9F47C6754A4190C4DFBCCF1B91] - 14/05/2011 - 20:40:52 ---A- . (.TuneUp Software - TuneUp Theme Extension.) -- C:\Windows\System32\uxtuneup.dll [29504]

O44 - LFC:[MD5.FC409AEA95EDEE4C434672DA61AA844B] - 14/05/2011 - 20:40:52 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\System32\authuitu.dll [21312]

O44 - LFC:[MD5.D0290FDA5CF264F5FB0DFF846AC24487] - 12/05/2011 - 22:23:33 ---A- . (.Sony DADC Austria AG. - SecuROM context menu for Explorer..) -- C:\Windows\System32\CmdLineExt.dll [107888]

O44 - LFC:[MD5.6DED3E81D8524F8D466A6A8C5273D0DE] - 12/05/2011 - 22:14:17 ---A- . (.Creative Labs - OpenAL32.) -- C:\Windows\System32\wrap_oal.dll [409600]

O44 - LFC:[MD5.F961A671738EE369C96ABCF8BDE9A613] - 12/05/2011 - 22:14:17 ---A- . (.Portions © Creative Labs Inc. and NVIDIA - Standard OpenAL Implementation.) -- C:\Windows\System32\OpenAL32.dll [114688]

O44 - LFC:[MD5.F89B8ECFB0A3746F9130ADBCCCF4CCD4] - 11/05/2011 - 23:08:34 --HA- . (...) -- C:\Windows\System32\ezsidmv.dat [56]

O44 - LFC:[MD5.93D114C892F3C0EA4A312BDAA6525A06] - 10/05/2011 - 08:27:37 ---A- . (.Acronis - AutoReactivate.) -- C:\Windows\System32\auto_reactivate.exe [1876304]

O44 - LFC:[MD5.38482A5013D8AB40DF0FB15EAE022C57] - 10/05/2011 - 08:24:45 ---A- . (...) -- C:\Windows\System32\slmgr.vbs.disabled [113629]

O44 - LFC:[MD5.2BCC8E130E52F2242A3D1E387512D562] - 08/05/2011 - 20:50:33 ---A- . (...) -- C:\Windows\System32\ucsvcsvr.exe [3162112]

O44 - LFC:[MD5.18DFAC17494D910263482AEF1F8D859A] - 07/05/2011 - 02:28:23 ---A- . (...) -- C:\Windows\System32\LexFiles.ulf [211549]

O44 - LFC:[MD5.B17956B916EDCD1450CEA530F550DA6B] - 07/05/2011 - 02:12:37 ---A- . (.Unknown owner - Generic CoInstaller.) -- C:\Windows\System32\lxeccoin.dll [442368]

O44 - LFC:[MD5.CAC98A91AFEF8168178E96CE4C782C35] - 07/05/2011 - 02:12:36 ---A- . (.Unknown owner - CommonUI DLL.) -- C:\Windows\System32\lxeccui.dll [294912]

O44 - LFC:[MD5.0F16AA21A6C91FD3AB6C5F5B4040C68A] - 07/05/2011 - 02:12:36 ---A- . (.Unknown owner - CommonUIStringResource DLL.) -- C:\Windows\System32\lxeccuir.dll [110592]

O44 - LFC:[MD5.DC9AB9F08F1A424E6494F52BFEAEBEA5] - 07/05/2011 - 02:12:29 ---A- . (.Lexmark International, Inc. - Lexmark WebUpdater Dynamic Link Library.) -- C:\Windows\System32\LXECwupd.dll [372736]

O44 - LFC:[MD5.8C2AB4D1503E9032B5376C419A2B0066] - 07/05/2011 - 02:12:29 ---A- . (.Lexmark International, Inc. - Lexmark WebUpdater Executable.) -- C:\Windows\System32\LXECwupd.exe [213672]

O44 - LFC:[MD5.B481F9B36F94A1D105498A38703C011C] - 07/05/2011 - 02:12:17 ---A- . (.eaio - NativeCall native library.) -- C:\Windows\System32\NativeCall.dll [7680]

O44 - LFC:[MD5.54CEDB3800BA79FC77B2D9CE3671CFB4] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - CU bitmap resource DLL.) -- C:\Windows\System32\lxeccub.dll [90112]

O44 - LFC:[MD5.E64D28F4F9AF510BAA88F9AC9FB03D38] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Cu DLL.) -- C:\Windows\System32\lxeccu.dll [253952]

O44 - LFC:[MD5.86AC153E879B480872CDF43867DAB6E2] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Cu resource DLL.) -- C:\Windows\System32\lxeccur.dll [36864]

O44 - LFC:[MD5.99DB8BA86FAFB4AE9E506E2B7EB7D65C] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - INS bitmap resource DLL.) -- C:\Windows\System32\lxecinsb.dll [262144]

O44 - LFC:[MD5.4B2C5E34E8ED6AEF4395D48B6D35EBAD] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Ins resource DLL.) -- C:\Windows\System32\lxecinsr.dll [114688]

O44 - LFC:[MD5.8329D9C2F3DA123E64258483D1831153] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Jsw resource DLL.) -- C:\Windows\System32\lxecjswr.dll [57344]

O44 - LFC:[MD5.1A43B16FE11B3B4C2A69777A25D7F876] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\LXEChcp.dll [356352]

O44 - LFC:[MD5.2DBAD1C00A95674AA34BAE88C3B66DDD] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxechbn3.dll [688128]

O44 - LFC:[MD5.478B2775651ECB9425E7501DFC109278] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeciesc.dll [344064]

O44 - LFC:[MD5.F224869D10DA26D5E1C90BFA1EEB531B] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxecih.exe [324264]

O44 - LFC:[MD5.018FE7935604F87605026B2448E2722D] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxecinpa.dll [364544]

O44 - LFC:[MD5.6D615EF27B40EA511FEE7109C00828D1] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeclmpm.dll [577536]

O44 - LFC:[MD5.D5F54F4B1CA51664E9B200463FF3CD5D] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxecpmui.dll [643072]

O44 - LFC:[MD5.5F380A33FE12E6ECF932C2B0366069FC] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxecserv.dll [1048576]

O44 - LFC:[MD5.7E9A589A73E89332B3F2D801A0B1B7F6] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxecusb1.dll [847872]

O44 - LFC:[MD5.2934E1252F62AA6CAC935BCA2BF93B2D] - 07/05/2011 - 02:12:05 ---A- . (.Unknown owner - ins DLL.) -- C:\Windows\System32\lxecins.dll [323584]

O44 - LFC:[MD5.052CEC6162BF99225EB3AE889ED56B60] - 07/05/2011 - 02:12:04 ---A- . (.Lexmark International - config.) -- C:\Windows\System32\LXECcfg.dll [86184]

O44 - LFC:[MD5.E230D59702ACF88B9727EF14961CC61B] - 07/05/2011 - 02:12:04 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeccfg.exe [373416]

O44 - LFC:[MD5.0F544B46F9966F29D05E0F998297C7E7] - 07/05/2011 - 02:12:04 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeccomc.dll [802816]

O44 - LFC:[MD5.B66B9471E1399F126A40081E9CF0654F] - 07/05/2011 - 02:12:04 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeccomm.dll [372736]

O44 - LFC:[MD5.3772AA6C3C1599BC60FBA1D83B540A4C] - 07/05/2011 - 02:12:04 ---A- . (.Unknown owner - Printer Communication System.) -- C:\Windows\System32\lxeccoms.exe [598696]

O44 - LFC:[MD5.C39A98ED2AC51DEA729EC7256035FE9B] - 07/05/2011 - 02:11:57 ---A- . (.Unknown owner - SecMgr.) -- C:\Windows\System32\LXECsm.dll [299008]

O44 - LFC:[MD5.6CEF7ED5B288CCAEFA02A752EE23A8F5] - 07/05/2011 - 02:11:57 ---A- . (.Unknown owner - SecMgr.) -- C:\Windows\System32\LXECsmr.dll [24064]

O44 - LFC:[MD5.48ED16C0C98C950843E673EEEE02AC94] - 06/05/2011 - 12:28:55 ---A- . (.Paragon Software Group - A part of Paragon System Utilities.) -- C:\Windows\System32\drivers\hotcore3.sys [40560]

O44 - LFC:[MD5.518318A103C888001054EFA1236E5033] - 06/05/2011 - 06:04:47 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\System32\dfshim.dll [1130824]

O44 - LFC:[MD5.A04C06A2142226D79DDA75920A496243] - 06/05/2011 - 06:04:42 ---A- . (.Unknown owner - RemoteFX Helper.) -- C:\Windows\System32\RDVGHelper.exe [80896]

O44 - LFC:[MD5.C9FB8C3D650EF8BD76865EC20A19A5BC] - 06/05/2011 - 06:04:25 ---A- . (.Microsoft - Filtre du convertisseur RDP (redirecteur).) -- C:\Windows\System32\DShowRdpFilter.dll [252928]

O44 - LFC:[MD5.39B9273CA01364E115B464416CFB729B] - 06/05/2011 - 06:04:09 ---A- . (.Microsoft - robocopy.) -- C:\Windows\System32\Robocopy.exe [98816]

O44 - LFC:[MD5.737AFC772243C75E6AD17A7A8E8E23F9] - 06/05/2011 - 06:03:59 ---A- . (.Windows ® Codename Longhorn DDK provider - Services de gestion des polices.) -- C:\Windows\System32\fms.dll [93696]

O44 - LFC:[MD5.163A95975E1D8819E653AA3E961371CA] - 06/05/2011 - 06:03:58 ---A- . (.Twain Working Group - Gestionnaire de sources Twain_32 (Image Acq.) -- C:\Windows\twain_32.dll [51200]

O44 - LFC:[MD5.1DE21EC4A2232FF4F5298ADCAE7B3690] - 06/05/2011 - 06:03:54 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [82944]

O44 - LFC:[MD5.EB6C16CE0163AD282E95FCE5EE9BA518] - 06/05/2011 - 06:03:54 ---A- . (.Unknown owner - Application PrintBrm.) -- C:\Windows\System32\PrintBrmUi.exe [66048]

O44 - LFC:[MD5.59D87C673B8589D5F2622884E128C882] - 06/05/2011 - 02:31:55 ---A- . (.Unknown owner - readmft.) -- C:\Windows\System32\CleanMFT32.exe [37336]

O44 - LFC:[MD5.ECC0B4DC8D1B15DA901EBA5F09CA5037] - 06/05/2011 - 02:31:55 ---A- . (.Woodbury Associates Limited - UniToolbox Controls.) -- C:\Windows\System32\UniBox10.ocx [880640]

O44 - LFC:[MD5.5D2A12A554889B7378977B229B11130E] - 06/05/2011 - 02:31:55 ---A- . (.Woodbury Associates Limited - UniToolbox VB.) -- C:\Windows\System32\UniBoxVB12.ocx [212992]

O44 - LFC:[MD5.AD0EAC85ABC25B2E3C81C3AD41C10C42] - 06/05/2011 - 02:31:55 ---A- . (.Woodbury Associates Limited - UniToolbox-2 Controls.) -- C:\Windows\System32\UniBox210.ocx [1101824]

O44 - LFC:[MD5.C5ACDBF61DF211BDCC2B5021B1405BB0] - 06/05/2011 - 02:15:03 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [34304]

O44 - LFC:[MD5.ED4649A28AFE0B3DB93C3198BA48E34E] - 06/05/2011 - 02:15:03 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [294912]

O44 - LFC:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 06/05/2011 - 02:14:43 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\System32\drivers\nvstor.sys [143744]

O44 - LFC:[MD5.D320BF87125326F996D4904FE24300FC] - 06/05/2011 - 02:14:42 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\System32\drivers\amdsata.sys [80256]

O44 - LFC:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 06/05/2011 - 02:14:42 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\System32\drivers\amdxata.sys [22400]

O44 - LFC:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 06/05/2011 - 02:14:42 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\System32\drivers\iaStorV.sys [332160]

O44 - LFC:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 06/05/2011 - 02:14:42 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\System32\drivers\nvraid.sys [117120]

O44 - LFC:[MD5.A4001C78F2806662B3BD91ACB44E6330] - 06/05/2011 - 02:07:41 ---A- . (...) -- C:\Windows\System32\initdebug.nfo [45]

O44 - LFC:[MD5.B9BB8E2093C1615AD6EA55AD96214354] - 06/05/2011 - 01:08:01 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\System32\drivers\revoflt.sys [27192]

O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 06/05/2011 - 01:07:00 ---A- . (...) -- C:\Windows\win.ini [478]

O44 - LFC:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 06/05/2011 - 00:46:19 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\System32\drivers\LNonPnP.sys [16400]

O44 - LFC:[MD5.AB24EE68FF85A592586C03A3F339FCD5] - 06/05/2011 - 00:32:56 ---A- . (.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) -- C:\Windows\System32\drivers\DKRtWrt.sys [38608]

O44 - LFC:[MD5.5729C2AE40AC6008FB30FF6F58357CC6] - 06/05/2011 - 00:05:05 ---A- . (.Intel Corporation - Intel® Media SDK library.) -- C:\Windows\System32\libmfxsw32.dll [10833920]

O44 - LFC:[MD5.2BB9560D32114A98097000E42D3C6EBF] - 06/05/2011 - 00:05:04 ---A- . (.Intel Corporation - Intel® Media SDK library.) -- C:\Windows\System32\libmfxhw32.dll [10915840]

O44 - LFC:[MD5.3D1A3E356DCB43A36C92D99C245A142A] - 05/05/2011 - 23:39:42 ---A- . (.ReviverSoft - ReviverSoft Registry Reviver.) -- C:\Windows\System32\roboot.exe [16704]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/05/2011 - 20:55:44 ---A- . (...) -- C:\Windows\nsreg.dat [0]

O44 - LFC:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 05/05/2011 - 09:42:47 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\System32\drivers\mbamswissarmy.sys [38224]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 05/05/2011 - 09:29:04 ---A- . (...) -- C:\Windows\System32\ieuinit.inf [72822]

O44 - LFC:[MD5.53696AD8FFC5FAC51949A525FF65A689] - 05/05/2011 - 09:07:57 ---A- . (.Acronis - File Level CDP Kernel Helper.) -- C:\Windows\System32\drivers\afcdp.sys [167968]

O44 - LFC:[MD5.431801FCC97034E04A6EFF81136578D7] - 05/05/2011 - 09:07:55 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\System32\drivers\tdrpm273.sys [752128]

O44 - LFC:[MD5.A34D7024BB7140EC785C86BC065D4F60] - 05/05/2011 - 09:07:54 ---A- . (.Acronis - Acronis Backup Archive Explorer.) -- C:\Windows\System32\drivers\timntr.sys [600928]

O44 - LFC:[MD5.EB49860E776CE860DC3CFB9EDB1BA517] - 05/05/2011 - 09:07:52 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\System32\drivers\snapman.sys [170528]

O44 - LFC:[MD5.58CE5703F481BF3EE288A5F064E8A51B] - 05/05/2011 - 09:01:45 ---A- . (.Khronos Group - OpenCL Client DLL.) -- C:\Windows\System32\OpenCL.dll [57960]

O44 - LFC:[MD5.8BA6BE80BA5FAA297DD716AF08B0DE2F] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - Display Driver Coinstaller.) -- C:\Windows\System32\nvdispco3220140.dll [944232]

O44 - LFC:[MD5.3FF7E319D12D827554A470E127E7FEB6] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - Generic Coinstaller.) -- C:\Windows\System32\nvgenco322060.dll [855656]

O44 - LFC:[MD5.F45DAD8A9CEB83B3D2E0F594580E89D9] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Driver, Version 270.61.) -- C:\Windows\System32\nvcuda.dll [5180824]

O44 - LFC:[MD5.E743CF97A615B8E81A29E94619892CDE] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Decode API, Version 270.6.) -- C:\Windows\System32\nvcuvid.dll [2765928]

O44 - LFC:[MD5.2A46BF6D1F317B8648B37DB4C659F407] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA CUDA Video Encoder, Version 270.61.) -- C:\Windows\System32\nvcuvenc.dll [2074216]

O44 - LFC:[MD5.13798B453CF134EE0431B272A6BFD31C] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA Compatible OpenGL ICD.) -- C:\Windows\System32\nvoglv32.dll [15227496]

O44 - LFC:[MD5.7B0FB70FAAAE1B4DCA54C5A3B510D281] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Vista WDDM D3D Driver, Ve.) -- C:\Windows\System32\nvd3dum.dll [10071656]

O44 - LFC:[MD5.1F144BD1FECB52FE4DC18FAFE70FF7AF] - 05/05/2011 - 09:01:45 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version.) -- C:\Windows\System32\drivers\nvlddmkm.sys [10690024]

O44 - LFC:[MD5.A7E208039CBBD32AD7F487F5D787DB41] - 05/05/2011 - 09:01:44 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode.) -- C:\Windows\System32\drivers\nvBridge.kmd [10920]

O44 - LFC:[MD5.4BBF9429189BC4D246EC86828937500A] - 05/05/2011 - 09:01:44 ---A- . (.NVIDIA Corporation - NVIDIA Compiler, Version 270.61.) -- C:\Windows\System32\nvcompiler.dll [13007464]

O44 - LFC:[MD5.0D5ECAD48501A84C8C57FCF63C57DEBE] - 05/05/2011 - 09:01:44 ---A- . (.NVIDIA Corporation - NVIDIA NVAPI Library, Version 270.61.) -- C:\Windows\System32\nvapi.dll [2034280]

O44 - LFC:[MD5.C88C969B8E477E4297E4A65D66852BF3] - 05/05/2011 - 08:54:09 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [472808]

O44 - LFC:[MD5.B157E305260FF2A607591F33DE41BFCA] - 05/05/2011 - 08:54:09 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.364F7A2B4B535659F3B50DE5E5C20123] - 05/05/2011 - 08:54:09 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.A0AC7907D47B54238CA60FC47807F119] - 05/05/2011 - 08:54:09 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [157472]

O44 - LFC:[MD5.DB097FD75000C02C5E8171909A63314A] - 05/05/2011 - 08:25:09 ---A- . (...) -- C:\Windows\System32\license.rtf [30646]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 05/05/2011 - 08:23:48 --HA- . (...) -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf [0]

O44 - LFC:[MD5.AEE5DD2A29BBF02398B2DB70CE1EB989] - 08/04/2011 - 06:14:00 ---A- . (...) -- C:\Windows\System32\nvinfo.pb [4755]

O44 - LFC:[MD5.03783D0840B2C54D7665248425C74417] - 20/11/2010 - 06:23:54 ---A- . (...) -- C:\Windows\System32\dosx.exe [53600]

O44 - LFC:[MD5.C5DEA5B95AF9AA981C88CAB94A58213E] - 20/11/2010 - 04:52:32 ---A- . (...) -- C:\Windows\System32\locale.nls [419880]

O44 - LFC:[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - 10/11/2010 - 02:45:49 ---A- . (...) -- C:\Windows\System32\ScavengeSpace.xml [10429]

O44 - LFC:[MD5.B8CBB46B42570D373C9933FBDF25EBCE] - 05/11/2010 - 03:20:53 ---A- . (...) -- C:\Windows\System32\systemsf.ebd [146852]

O44 - LFC:[MD5.C236A8735A48B165A2A7724357DBE332] - 05/11/2010 - 03:20:45 ---A- . (...) -- C:\Windows\System32\RacRules.xml [105559]

O44 - LFC:[MD5.3CB26E2F818D2E48D607EAAF9E67FE51] - 14/04/2010 - 12:37:05 ---A- . (...) -- C:\Windows\System32\lxec.loc [2059]

O44 - LFC:[MD5.4754359579B3B98D108A1AD54CD0D0C9] - 09/12/2009 - 13:34:06 ---A- . (...) -- C:\Windows\System32\LXECinst.dll [331776]

O44 - LFC:[MD5.971EAAF6EA633BDC99C4C7F58E4F2659] - 26/11/2009 - 02:47:09 ---A- . (...) -- C:\Windows\System32\lxeccommuilogo.bmp [8694]

O44 - LFC:[MD5.E3A78F8D7292209C08D358020E6C1222] - 26/11/2009 - 02:47:08 ---A- . (...) -- C:\Windows\System32\lxeccommuilogo_rtl.bmp [8694]

O44 - LFC:[MD5.5852F1AE85F597E769DB75EF7CF4A912] - 09/11/2009 - 01:59:57 ---A- . (...) -- C:\Windows\System32\lxecgcfg.dll [86016]

O44 - LFC:[MD5.7A20A652E82142C3D4762774E3F45236] - 07/06/2009 - 18:36:14 ---A- . (...) -- C:\Windows\System32\lxecgrd.dll [208896]

O44 - LFC:[MD5.C3EC8B614C77DDF888084F9B78641BCE] - 20/01/2009 - 03:32:01 ---A- . (...) -- C:\Windows\System32\lxecprpr.chm [68527]

O44 - LFC:[MD5.D06A088218F88C5D2D77FAC1765E47BA] - 24/09/2008 - 19:33:44 ---A- . (...) -- C:\Windows\System32\lame_enc.dll [484352]

O44 - LFC:[MD5.C0CC3CADF562952665625FC11FBCBF1E] - 04/03/2008 - 20:55:35 ---A- . (...) -- C:\Windows\System32\lxecvs.dll [40960]

---\\ Operations and functions at Windows Explorer startup (O46)

O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~4\Office14\GROOVEEX.DLL

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - fixitcenter.exe - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

O50 - IFEO:Image File Execution Options - instgui.exe - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

O50 - IFEO:Image File Execution Options - pckeeper.exe - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

O50 - IFEO:Image File Execution Options - skype.exe - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

O50 - IFEO:Image File Execution Options - teamviewer.exe - "C:\Program Files\TuneUp Utilities 2011\TUAutoReactivator32.exe"

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"vidc.i420"="lvcodec2.dll" . (.Logitech Inc. - Video Codec.) -- C:\Windows\System32\lvcodec2.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=60

---\\ System Drivers List (SDL) (O58)

O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422976]

O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 14/07/2009 - 02:26:17 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [297552]

O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [146512]

O58 - SDL:[MD5.53696AD8FFC5FAC51949A525FF65A689] - 05/05/2011 - 09:07:57 ---A- . (.Acronis - File Level CDP Kernel Helper.) -- C:\Windows\system32\drivers\afcdp.sys [167968]

O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [14400]

O58 - SDL:[MD5.D320BF87125326F996D4904FE24300FC] - 11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [80256]

O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 14/07/2009 - 02:26:15 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\Windows\system32\drivers\amdsbs.sys [159312]

O58 - SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 11/03/2011 - 06:38:37 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [22400]

O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [76368]

O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 14/07/2009 - 02:26:15 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [86608]

O58 - SDL:[MD5.D48659BB24C48345D926ECB45C1EBDF5] - 13/08/2004 - 08:56:20 ---A- . (.Unknown owner - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [5810]

O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 14/07/2009 - 23:02:49 ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\Windows\system32\drivers\b57nd60x.sys [229888]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [272128]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbdx.sys [430080]

O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [15952]

O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 14/07/2009 - 02:20:28 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [70720]

O58 - SDL:[MD5.AB24EE68FF85A592586C03A3F339FCD5] - 14/02/2011 - 02:04:30 ---A- . (.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) -- C:\Windows\system32\drivers\DKRtWrt.sys [38608]

O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 14/07/2009 - 02:20:28 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [453712]

O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 14/07/2009 - 23:02:48 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbdx.sys [3100160]

O58 - SDL:[MD5.B169DDE98A7200AD63A9F67517C75DDB] - 26/04/2011 - 11:22:24 ---A- . (...) -- C:\Windows\system32\drivers\fileHiders.sys [27712]

O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 14/07/2009 - 23:54:14 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [26624]

O58 - SDL:[MD5.48ED16C0C98C950843E673EEEE02AC94] - 20/01/2011 - 14:22:40 ---A- . (.Paragon Software Group - A part of Paragon System Utilities.) -- C:\Windows\system32\drivers\hotcore3.sys [40560]

O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 14/07/2009 - 02:20:28 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [67152]

O58 - SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 11/03/2011 - 06:38:51 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStorV.sys [332160]

O58 - SDL:[MD5.E7E1C00A45E188FB1A3745DDD991FFFA] - 28/03/2011 - 18:46:40 ---A- . (.Tonec Inc. - Internet Download Manager WFP Driver.) -- C:\Windows\system32\drivers\idmwfp.sys [86792]

O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 14/07/2009 - 02:20:36 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41040]

O58 - SDL:[MD5.94D67D49BD9503BB1D838405D80F2058] - 09/06/2010 - 15:43:50 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl1.sys [132184]

O58 - SDL:[MD5.713576569667AC9E0F8556076004A96B] - 09/06/2010 - 15:43:52 ---A- . (.Kaspersky Lab ZAO - Kaspersky Unified Driver.) -- C:\Windows\system32\drivers\kl2.sys [11352]

O58 - SDL:[MD5.39920D69EAEDB51757527AA54FE25216] - 15/05/2011 - 06:27:39 ---A- . (.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klif.sys [488536]

O58 - SDL:[MD5.6295A19003F935ECC6CCBE9E2376427B] - 10/03/2011 - 17:36:18 ---A- . (.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) -- C:\Windows\system32\drivers\klim6.sys [23856]

O58 - SDL:[MD5.3DE1771C135328420315E21DDE229BBA] - 02/11/2009 - 18:27:16 ---A- . (.Kaspersky Lab - KLMOUFLT Mouse Device Filter [fre_wlh_x86].) -- C:\Windows\system32\drivers\klmouflt.sys [19984]

O58 - SDL:[MD5.EEE5A87EC378C9AD7CE91073FBD63465] - 24/08/2010 - 18:30:40 ---A- . (.Logitech, Inc. - Logitech Equad USB Driver..) -- C:\Windows\system32\drivers\LEqdUsb.sys [40912]

O58 - SDL:[MD5.62663B385087F5977D8EBD1FDC67B639] - 24/08/2010 - 18:30:40 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidEqd.sys [10448]

O58 - SDL:[MD5.318B3D608FBEC44B7E0C23BF759DCED5] - 24/08/2010 - 18:30:52 ---A- . (.Logitech, Inc. - Logitech HID Filter Driver..) -- C:\Windows\system32\drivers\LHidFilt.Sys [38864]

O58 - SDL:[MD5.84AF069D219DF3C43DC6792B2BBD7BED] - 24/08/2010 - 18:31:02 ---A- . (.Logitech, Inc. - Logitech Mouse Filter Driver..) -- C:\Windows\system32\drivers\LMouFilt.Sys [37328]

O58 - SDL:[MD5.C0382C12B784394BF16C2D8F0F1F17DC] - 06/05/2011 - 00:46:19 ---A- . (.Logitech, Inc. - Logitech Non-Plug and Play Driver..) -- C:\Windows\system32\drivers\LNonPnP.sys [16400]

O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [95824]

O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 14/07/2009 - 02:20:37 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89168]

O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [54864]

O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96848]

O58 - SDL:[MD5.F77390678B3C2FA7ED82EA034D582355] - 01/04/2011 - 04:07:52 ---A- . (.Logitech Inc. - Logitech USB Video Class Filter Driver.) -- C:\Windows\system32\drivers\lvbusflt.sys [20448]

O58 - SDL:[MD5.B6E1CCD6572984ADCAE68439AFD07011] - 01/04/2011 - 04:09:48 ---A- . (.Logitech Inc. - Logitech Kernel Audio Improvement Filter Driver.) -- C:\Windows\system32\drivers\lvrs.sys [291424]

O58 - SDL:[MD5.6C42815DD57E397F0CD988304B5EB4B3] - 01/04/2011 - 04:11:10 ---A- . (.Logitech Inc. - Logitech USB Video Class Driver.) -- C:\Windows\system32\drivers\lvuvc.sys [4333280]

O58 - SDL:[MD5.D68E165C3123ABA3B1282EDDB4213BD8] - 20/12/2010 - 17:09:00 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys [38224]

O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\Windows\system32\drivers\megasas.sys [30800]

O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 14/07/2009 - 02:20:36 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [235584]

O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 14/07/2009 - 02:20:44 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [44624]

O58 - SDL:[MD5.1F144BD1FECB52FE4DC18FAFE70FF7AF] - 08/04/2011 - 06:14:00 ---A- . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 270.61.) -- C:\Windows\system32\drivers\nvlddmkm.sys [10690024]

O58 - SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [117120]

O58 - SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 11/03/2011 - 06:39:00 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [143744]

O58 - SDL:[MD5.D24DFD16A1E2A76034DF5AA18125C35D] - 01/09/2010 - 09:30:58 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys [15544]

O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1383488]

O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 14/07/2009 - 02:19:04 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106064]

O58 - SDL:[MD5.B9BB8E2093C1615AD6EA55AD96214354] - 30/12/2009 - 10:21:18 ---A- . (.VS Revo Group - Revo Uninstaller Minifilter.) -- C:\Windows\system32\drivers\revoflt.sys [27192]

O58 - SDL:[MD5.325590E7E9587459643BA24D2CF73BF2] - 07/01/2010 - 02:20:22 ---A- . (.Realtek Semiconductor Corporation - Realtek RTL8187 NDIS Driver.) -- C:\Windows\system32\drivers\RTL8187.sys [375808]

O58 - SDL:[MD5.20B2751CD4C8F3FD989739CA661B9F30] - 12/04/2010 - 09:44:34 ---A- . (.PowerISO Computing, Inc. - PowerISO Virtual Drive.) -- C:\Windows\system32\drivers\scdemu.sys [59388]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 13/07/2009 - 21:50:20 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.5FB7FCEA0490D821F26F39CC5EA3D1E2] - 14/07/2009 - 00:45:33 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\serial.sys [83456]

O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [40016]

O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 14/07/2009 - 02:19:04 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [77888]

O58 - SDL:[MD5.EB49860E776CE860DC3CFB9EDB1BA517] - 05/05/2011 - 09:07:52 ---A- . (.Acronis - Acronis Snapshot API.) -- C:\Windows\system32\drivers\snapman.sys [170528]

O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 14/07/2009 - 02:19:04 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [21072]

O58 - SDL:[MD5.431801FCC97034E04A6EFF81136578D7] - 05/05/2011 - 09:07:55 ---A- . (.Acronis - Acronis Try&Decide Volume Filter Driver.) -- C:\Windows\system32\drivers\tdrpm273.sys [752128]

O58 - SDL:[MD5.A34D7024BB7140EC785C86BC065D4F60] - 05/05/2011 - 09:07:54 ---A- . (.Acronis - Acronis Backup Archive Explorer.) -- C:\Windows\system32\drivers\timntr.sys [600928]

O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [16976]

O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 14/07/2009 - 02:19:11 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [141904]

O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 28/09/2009 - 08:22:00 ---A- . (...) -- C:\Windows\system32\drivers\yk62x86.sys [315392]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 03/04/1996 - 20:33:26 ---A- . (...) -- C:\Windows\system32\giveio.sys [5248]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

O58 - SDL:[MD5.9F70CD5EDCC4EFC48AE21E04FB03BE9D] - 18/12/2010 - 12:03:56 ---A- . (.Almico Software - Speed Fan x32 Driver.) -- C:\Windows\system32\speedfan.sys [21696]

---\\ List all tools cleaner (LATC) (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

---\\ List all legacy services(LALS) (O64)

O64 - Services: CurCS - 05/05/2011 - C:\Windows\System32\DRIVERS\afcdp.sys - afcdp(afcdp) .(.Acronis - File Level CDP Kernel Helper.) - LEGACY_AFCDP

O64 - Services: CurCS - (.not file.) - amdex (amdex) .(...) - LEGACY_AMDEX

O64 - Services: CurCS - (.not file.) - avgntflt (avgntflt) .(...) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\Drivers\BEEP.sys - (.not file.) - Beep (Beep) .(...) - LEGACY_BEEP

O64 - Services: CurCS - 14/02/2011 - C:\Windows\System32\DRIVERS\DKRtWrt.sys - DKRtWrt(DKRtWrt) .(.Diskeeper Corporation - Diskeeper IntelliWrite Mini-Filter Driver.) - LEGACY_DKRTWRT

O64 - Services: CurCS - C:\Windows\system32\Drivers\FS_REC.sys - Fs_Rec (Fs_Rec) .(...) - LEGACY_FS_REC

O64 - Services: CurCS - C:\Windows\System32\giveio.sys - giveio (giveio) .(...) - LEGACY_GIVEIO

O64 - Services: CurCS - C:\Windows\system32\Drivers\HOTCORE3.sys - hc3ServiceName (hotcore3) .(...) - LEGACY_HOTCORE3

O64 - Services: CurCS - 28/03/2011 - C:\Windows\System32\DRIVERS\idmwfp.sys - IDMWFP(IDMWFP) .(.Tonec Inc. - Internet Download Manager WFP Driver.) - LEGACY_IDMWFP

O64 - Services: CurCS - C:\Program Files\IObit\IObit Unlocker\IObitUnlocker.sys - IObitUnlocker (IObitUnlocker) .(...) - LEGACY_IOBITUNLOCKER

O64 - Services: CurCS - 29/01/2010 - C:\Program Files\UltraISO\drivers\ISODrive.sys - ISO DVD/CD-ROM Device Driver(ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE

O64 - Services: CurCS - 09/06/2010 - C:\Windows\System32\DRIVERS\kl1.sys - kl1(KL1) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL1

O64 - Services: CurCS - 09/06/2010 - C:\Windows\System32\DRIVERS\kl2.sys - kl2(kl2) .(.Kaspersky Lab ZAO - Kaspersky Unified Driver.) - LEGACY_KL2

O64 - Services: CurCS - 15/05/2011 - C:\Windows\System32\DRIVERS\klif.sys - Kaspersky Lab Driver(KLIF) .(.Kaspersky Lab - Klif Mini-Filter [fre_wlh_x86].) - LEGACY_KLIF

O64 - Services: CurCS - 10/03/2011 - C:\Windows\System32\DRIVERS\klim6.sys - Kaspersky Anti-Virus NDIS 6 Filter(KLIM6) .(.Kaspersky Lab ZAO - Kaspersky Lab Intermediate Network Driver.) - LEGACY_KLIM6

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(...) - LEGACY_MBR

O64 - Services: CurCS - C:\Windows\system32\Drivers\MSFS.sys - Msfs (Msfs) .(...) - LEGACY_MSFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NDPROXY.sys - NDProxy (NDProxy) .(...) - LEGACY_NDPROXY

O64 - Services: CurCS - C:\Windows\system32\Drivers\NPFS.sys - Npfs (Npfs) .(...) - LEGACY_NPFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NTFS.sys - Ntfs (Ntfs) .(...) - LEGACY_NTFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\NULL.sys - Null (Null) .(...) - LEGACY_NULL

O64 - Services: CurCS - 01/09/2010 - C:\Windows\System32\DRIVERS\psi_mf.sys - PSI(PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI

O64 - Services: CurCS - (.not file.) - sbapifs (sbapifs) .(...) - LEGACY_SBAPIFS

O64 - Services: CurCS - C:\Windows\system32\Drivers\SCDEMU.sys - SCDEmu (SCDEmu) .(...) - LEGACY_SCDEMU

O64 - Services: CurCS - C:\Windows\system32\Drivers\SECDRV.sys - (.not file.) - Security Driver (secdrv) .(...) - LEGACY_SECDRV

O64 - Services: CurCS - 18/12/2010 - C:\Windows\System32\speedfan.sys - speedfan(speedfan) .(.Almico Software - Speed Fan x32 Driver.) - LEGACY_SPEEDFAN

O64 - Services: CurCS - C:\Windows\system32\Drivers\SPLDR.sys - (.not file.) - Security Processor Loader Driver (spldr) .(...) - LEGACY_SPLDR

O64 - Services: CurCS - (.not file.) - tdrpm2nt (tdrpm2nt) .(...) - LEGACY_TDRPM2NT

O64 - Services: CurCS - 10/02/2011 - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys - TuneUpUtilitiesDrv(TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <Opera.HTML>[HKLM\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <Opera.HTML>[HKCR\..\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Editeur du Registre.) -- C:\Windows\regedit.exe

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\3xP3rT\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <Opera.exe> <Opera>[HKLM\..\Shell\open\Command] (.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\Opera.exe

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes [HKCU] {478F73EC-3F27-4FC6-8A0F-1DC7A929D8B5} [DefaultScope] - (Bing) - http://www.bing.com'>http://www.bing.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Bing) - http://www.bing.com

---\\ Search Particular Root Folder (SPRF) (O84)

[MD5.D9DE89F0FAF18019BC9595F0F47BCA61] [sPRF] (.Atribune.org - ATF Cleaner.exe.) -- C:\Program Files\ATF-Cleaner.exe [50688]

[MD5.20006A45B3E5A73DB48BC0160B6C2E58] [sPRF] (.famille - WindowsApplication1.) -- C:\Program Files\logiciel conjugaison arabe.exe [200704]

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "FPS-SpoolSvc-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" | Out - Domain - P6 - TRUE | .(.Microsoft Corporation - Local Security Authority Process.) -- C:\Windows\system32\lsass.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "RemoteSvcAdmin-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Applications Services et Contrôleur.) -- C:\Windows\system32\services.exe

O87 - FAEL: "NetPres-In-TCP-NoScope" | In - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP-NoScope" | Out - Domain - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-In-UDP" | In - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-WSD-Out-UDP" | Out - None - P17 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-In-TCP" | In - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "NetPres-Out-TCP" | Out - Public - P6 - FALSE | .(.Microsoft Corporation - Connect to a Network Projector.) -- C:\Windows\system32\netproj.exe

O87 - FAEL: "{901B3156-868E-43CB-98E8-2F2C75578272}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Application sous-système spouleur.) -- C:\Windows\system32\spoolsv.exe

O87 - FAEL: "{B0D832F8-C2C8-4189-B38D-F515B66D7D58}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{CC443B7F-B1C5-4362-A430-04D102A0DC6D}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{540730F4-FA82-4A00-9FA6-9A8EB809F36E}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe

O87 - FAEL: "{CC26C804-B30D-434F-9E42-CC4FF1314228}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - µTorrent.) -- C:\Program Files\uTorrent\uTorrent.exe

O87 - FAEL: "{EC45F1F8-F8BA-4866-95C5-D7C490B696AA}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{5B695E74-1402-43AE-B000-B8B239696A5F}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Mesh Operating Environment.) -- C:\Program Files\Windows Live\Mesh\MOE.exe

O87 - FAEL: "{54AEA158-81DC-4836-A133-2347B3D592D3}" | In - Private - P6 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe

O87 - FAEL: "{4AC9FAC4-FBEA-4A10-A488-3ED059D9962C}" | In - Private - P17 - TRUE | .(.Opera Software - Opera Internet Browser.) -- C:\Program Files\Opera\opera.exe

O87 - FAEL: "{C5384240-FD76-4FB2-8D05-25B33C55AEFF}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "{538D1E42-88EC-49C6-A89A-EFD09DF4D33E}" | In - None - P6 - TRUE | .(.Unknown owner - Printer Communication System.) -- C:\Windows\system32\lxeccoms.exe

O87 - FAEL: "{001EA3FE-9DF6-4137-BDD2-C227E32265B9}" | In - None - P6 - TRUE | .(.Unknown owner - Printer Communication System.) -- C:\Windows\system32\LXECcoms.exe

O87 - FAEL: "{0912969B-D6FF-429F-BC55-59FB102817DB}" | In - None - P6 - TRUE | .(.Unknown owner - Printer Communication System.) -- C:\Windows\system32\LXECcoms.exe

O87 - FAEL: "{7685B734-BB6A-463C-B251-8240179D44A3}" | In - None - P6 - TRUE | .(.Unknown owner - Printer Communication System.) -- C:\Windows\system32\LXECcoms.exe

O87 - FAEL: "TCP Query User{C27DC4C0-EE53-426F-886F-991A177CE58D}C:\program files\paltalk messenger\paltalk.exe" | In - Private - P6 - TRUE | .(.AVM Software Inc. - Paltalk Messenger.) -- C:\program files\paltalk messenger\paltalk.exe

O87 - FAEL: "UDP Query User{8B8E9CC2-E6F1-4EEA-BA6E-0D426AFE40BA}C:\program files\paltalk messenger\paltalk.exe" | In - Private - P17 - TRUE | .(.AVM Software Inc. - Paltalk Messenger.) -- C:\program files\paltalk messenger\paltalk.exe

O87 - FAEL: "{30D2003C-5FD3-4477-AB67-7418A2A75458}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe

O87 - FAEL: "{1E3408FC-A3AB-4C07-89E2-E53A2228D1C2}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version6\TeamViewer.exe

O87 - FAEL: "{BEF3B9EB-8061-4E78-8C3D-CB6ED587F881}" | In - Private - P6 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

O87 - FAEL: "{DBF7D20D-41E1-4626-AA91-55FE304A7B87}" | In - Private - P17 - TRUE | .(.TeamViewer GmbH - TeamViewer Remote Control Application.) -- C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

O87 - FAEL: "{801F10CE-3248-4264-8DEA-27864A7ADFCF}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync 2010.) -- C:\Program Files\Microsoft Lync\communicator.exe

O87 - FAEL: "{8DD65888-5657-4B6F-A8CE-5A0BEF29EA14}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync 2010 MAPI COM Server.) -- C:\Program Files\Microsoft Lync\UcMapi.exe

O87 - FAEL: "{CCD1A70E-7C4D-4561-9B0A-9E29FBAFF1A9}" | In - Private - P6 - TRUE | .(.Microsoft Corporation - Microsoft Lync 2010.) -- C:\Program Files\Microsoft Lync\communicator.exe

O87 - FAEL: "{9038A3AD-603C-4FC3-913A-FBEA6CA9250D}" | In - Private - P17 - TRUE | .(.Microsoft Corporation - Microsoft Lync 2010.) -- C:\Program Files\Microsoft Lync\communicator.exe

---\\ General States of Services not Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 01/02/2011 804928 | (AcrSch2Svc) . (.Acronis.) - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe

SR - | Auto 05/05/2011 3246040 | (afcdpsrv) . (.Acronis.) - C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe

SS - | Auto 02/11/2010 365336 | (AVP) . (.Kaspersky Lab ZAO.) - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe

SR - | Auto 01/04/2011 2153808 | (Diskeeper) . (.Diskeeper Corporation.) - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe

SS - | Auto 05/05/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 05/05/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 05/05/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 28/10/2010 293456 | (LBTServ) . (.Logitech, Inc..) - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

SS - | Auto 14/04/2010 193192 | (lxecCATSCustConnectService) . (.Lexmark International, Inc..) - C:\Windows\system32\spool\DRIVERS\W32X86\3\lxecserv.exe

SR - | Auto 14/04/2010 598696 | (lxec_device) . (...) - C:\Windows\system32\lxeccoms.exe

SS - | Auto 20/12/2010 363344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 07/04/2011 612456 | (NVSvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Disabled 08/04/2011 2218600 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SR - | Auto 25/05/2010 2159352 | (OS Selector) . (...) - C:\Program Files\Acronis\DiskDirector\OSS\reinstall_svc.exe

SS - | Disabled 26/04/2011 587256 | (PCKeeperService) . (.ZeoBIT LLC.) - C:\Program Files\ZeoBIT\PCKeeper\ZeoService.exe

SR - | Auto 28/01/2011 632792 | (PCToolsSSDMonitorSvc) . (.PC Tools.) - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

SS - | Demand 19/04/2011 993848 | (Secunia PSI Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\PSIA.exe

SR - | Auto 19/04/2011 399416 | (Secunia Update Agent) . (.Secunia.) - C:\Program Files\Secunia\PSI\sua.exe

SS - | Disabled 15/04/2011 2280312 | (TeamViewer6) . (.TeamViewer GmbH.) - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe

SR - | Auto 30/03/2011 1523008 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe

SR - | Auto 01/04/2011 428640 | (UMVPFSrv) . (.Logitech Inc..) - C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\System32\uxtuneup.dll (UxTuneUp) . (.TuneUp Software.) - C:\Windows\System32\svchost.exe

---\\ Search Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

---\\ Search Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by 3xP3rT at 27/05/2011 17:51:11

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

End of the scan (1478 lines in 01mn 25s)(0)

Modifié le 27 mai 2011 par azzar0

Citer

tomtom95

Posté(e) le 27 mai 2011

- Signaler

Posté(e) le 27 mai 2011 (modifié)

Bonsoir azzar0

Houlàààà! Il serai bon de faire un peu de ménage sur ton pc (cela concerne optimisation)

il y a beaucoups de logiciels inutile ou pas compatible avec W7

Attention Le téléchargement P2P sont sources d'infections.

uTorrent

Bittorent

Sendoid

Tu as pas mal de logiciels pas trés clean.....

Des protections en pagailles ou mal désinstaller (ok pour Kaspersky,et Malwarebytes)(Windows Defender)

Norton Utilities

Grisoft AVG

PCTools

ESET

SpywareBlaster

NoVirusThanks

Sunbelt

Avira AntiVir

Bien applique cette procédure stp

Ferme toutes les applications ouvertes
Désactive tes défenses (anti-virus,anti-spyware)
Double-clique sur ZHPFix
Pour Vista et seven
fais un clique droit sur l'icône et exécute en tant qu'administrateur

Un raccourci installé par ZHPDiag sur le Bureau

Sélectionne et surligne correctement avec la souris et "Clique droit > "Copier" ou "Ctrl+C"
ces lignes ci dessous :
O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (.Unknown owner - No comment.) -- (.not file.)
[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskMachineUA] (.Unknown owner.) -- C:\Program âiles\Google\Update\GoogleUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [Programme de mise … jour en ligne de FileHippo.com] (.Unknown owner.) -- C:\Program âiles\âileHippo.com\UpdateChecker.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1001] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1004] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1001] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1004] (.Unknown owner.) -- C:\Program âiles\Real\RealUpgrade\RealUpgrade.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [RMSmartUpdate] (.Unknown owner.) -- C:\Program âiles\Registry Mechanic\update.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [sidebarExecute] (.Unknown owner.) -- C:\Program âiles\Windows Sidebar\sidebar.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance2011] (.Unknown owner.) -- C:\Program âiles\TuneUp Utilities 2011\OneClick.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [AppleSoftwareUpdate] (.Unknown owner.) -- C:\Program âiles\Apple Soâtware Update\SoâtwareUpdate.exe (.not file.)
[MD5.00000000000000000000000000000000] [APT] [MP Scheduled Scan] (.Unknown owner.) -- c:\program âiles\windows deâender\MpCmdRun.exe (.not file.)
[HKCU\Software\AppDataLow\Software\AskToolbar]
[HKCU\Software\Ask.com]
[HKCU\Software\pth264]
O43 - CFD: 10/05/2011 - 18:45:40 - [5093] ----D- C:\ProgramData\regid.1986-12.com.adobe
O43 - CFD: 23/05/2011 - 08:02:38 - [0] ----D- C:\Users\3xP3rT\AppData\Roaming\QuickStoresToolbar

EmptyTemp
Clique successivement sur l'icône H (pour effacer le rapport qui s'est affiché) puis sur l'icône de la "malette cachée par la feuille" .
Vérifie que toutes les lignes que je t'ai demandé de copier sont dans la fenêtre.
Et seulement ces lignes
Puis clique sur le bouton [OK]
A ce moment apparaîtra au début de chaque ligne
une petite case vide. [ ]
Ensuite clique sur Tous puis sur Nettoyer
Valide par Oui la désinstallation des programmes si demandé
Laisse l'outil travailler. Si un redémarrage est demandé accepte et redémarre le PC
Le rapport ZHPFixReport.txt s'affiche. Copie-colle le contenu de ce rapport dans ta réponse.

Le rapport ZHPFixReport.txt est enregistré sous C:\Program files\ZHPFix\ZHPFixReport.txt

Télécharge sur le site AD-R (de C_XX) sur ton Bureau.

/!\ Déconnecte-toi et ferme toutes applications en cours /!\
Double-clique sur le raccourci AD-R.exe (clique droit -> lancer en tant qu'administrateur sous Vista) qui est sur ton bureau pour lancer l'outil .
Choisit ta langue
Au menu principal choisis l'option "Nettoyer" et tape sur [entrée] .

/!\ Laisse travailler l'outil et ne touche à rien /!\

Poste le rapport qui apparait à la fin .

( Le rapport est sauvegardé sous C:\Ad-report-clean-(date).log )

Ensuite fait la mise a jours de malwarebytes Aprés :
Branche tes supports externes sur le pc (Clé USB,Disque Dur,etc..)
Sans les ouvrirs
Exécute maintenant MalwareByte's Anti-Malware.Clique droit sur l'icône et "Exécuter en tant qu'administrateur"
sélectionne "Exécuter un examen complet".
Coche toutes les cases des lecteurs
Afin de lancer la recherche clique sur"Rechercher".
Coche toutes les cases de tes lecteurs
Une fois le scan terminé une fenêtre s'ouvre clique sur OK.
Si des infections sont présentes
clique sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression accepte en cliquant sur Ok.

A+

Modifié le 27 mai 2011 par tomtom95

Citer

azzar0

Posté(e) le 28 mai 2011

Auteur

- Signaler

Posté(e) le 28 mai 2011

Bonjour,

Merci pour ton retour TomTom,

Voilà les rapports demandés:

Rapport de ZHPFix 1.12.3286 par Nicolas Coolman, Update du 23/05/2011

Fichier d'export Registre :

Run by 3xP3rT at 28/05/2011 02:06:05

Windows 7 Ultimate Edition, 32-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

========== Registry Key ==========

HKCU\Software\AppDataLow\Software\AskToolbar => Registry Key removed successfully

HKCU\Software\Ask.com => Registry Key removed successfully

HKCU\Software\pth264 => Registry Key removed successfully

========== Registry Value ==========

O3 - Toolbar: (no name) - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} . (.Unknown owner - No comment.) -- (.not file.) => Registry key value not found

========== Repertory ==========

C:\ProgramData\regid.1986-12.com.adobe => Quarantined and Deleted successfully

C:\Users\3xP3rT\AppData\Roaming\QuickStoresToolbar => Quarantined and Deleted successfully

Dossiers temporaires Windows supprimés: 1

========== File ==========

Fichiers temporaires Windows supprimés : 6

========== Task ==========

Task : GoogleUpdateTaskMachineUA => Task deleted successfully

Task : Programme de mise … jour en ligne de FileHippo.com => Task deleted successfully

Task : RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1001 => Task deleted successfully

Task : RealUpgradeLogonTaskS-1-5-21-1745842280-4210890144-1528467641-1004 => Task deleted successfully

Task : RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1001 => Task deleted successfully

Task : RealUpgradeScheduledTaskS-1-5-21-1745842280-4210890144-1528467641-1004 => Task deleted successfully

Task : RMSmartUpdate => Task deleted successfully

Task : SidebarExecute => Task deleted successfully

Task : TuneUpUtilities_Task_BkGndMaintenance2011 => Task deleted successfully

Task : AppleSoftwareUpdate => Task deleted successfully

Task : MP Scheduled Scan => Task deleted successfully

========== Summary ==========

3 : Registry Key

1 : Registry Value

3 : Repertory

1 : File

11 : Task

End of the scan

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: http://www.teamxscript.org

C:\Program Files\Ad-Remover\main.exe (CLEAN [1]) -> Lancé à 02:17:52 le 28/05/2011, Mode normal

Microsoft Windows 7 Edition Intégrale Service Pack 1 (X86)

3xP3rT@3XP3RT-PC (ASUSTEK COMPUTER INC P5W DH Deluxe)

============== ACTION(S) ==============

(!) -- Fichiers temporaires supprimés.

Clé supprimée: HKLM\Software\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

============== SCAN ADDITIONNEL ==============

**** Mozilla Firefox Version [4.0.1 (fr)] ****

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|web2pdfextension@web2pdf.adobedotcom - C:\Program Files\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn

HKCU_Extensions|mozilla_cc@internetdownloadmanager.com - C:\Users\3xP3rT\AppData\Roaming\IDM\idmmzcc3

-- C:\Users\3xP3rT\AppData\Roaming\Mozilla\FireFox\Profiles\icsk1fmf.default --

Extensions\piclens@cooliris.com (Cooliris)

Prefs.js - browser.download.dir, C:\\Users\\3xP3rT\\Desktop

Prefs.js - browser.startup.homepage, hxxp://www.google.fr/

Prefs.js - browser.startup.homepage_override.buildID, 20110413222027

Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

-- C:\Users\Invité\AppData\Roaming\Mozilla\FireFox\Profiles\ygu9rxwq.default --

Prefs.js - browser.startup.homepage, hxxp://www.google.fr/

Prefs.js - browser.startup.homepage_override.buildID, 20110413222027

Prefs.js - browser.startup.homepage_override.mstone, rv:2.0.1

========================================

**** Google Chrome Version [12.0.742.60] ****

Extension - dchlnpcodkpfdpacogkljefecpegganj (x)

Extension - jagncdcchgajhfhijbbhecadmaiegcmh (x)

Extension\jfmjfhklogoienhpfnppmbcbjfjnkonk (C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx) (?)

Extension\lifbcibllhkdhoafpjfnlhfpfgnpldfl (C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx) (?)

Extension - pjldcfjmnllhmgjclecdnfampinooman (x)

-- C:\Users\3xP3rT\AppData\Local\Google\Chrome\User Data\Default --

Preferences - default_search_provider: "Google" (Activé: true) (?)

Preferences - homepage: hxxp://www.google.com/

Preferences - homepage_is_newtabpage: false

Preferences - urls_to_restore_on_startup: hxxp://www.google.fr/

========================================

**** Internet Explorer Version [9.0.8112.16421] ****

HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome

HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896

HKCU_Main|Start Page - hxxp://fr.msn.com/

HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm

HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKLM_Main|Start Page - hxxp://fr.msn.com/

HKCU_Toolbar\WebBrowser|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)

HKLM_Toolbar|{47833539-D0C5-4125-9FA8-0819E2EAAC93} (C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll)

HKCU_ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)

HKCU_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\System32\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\System32\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)

HKLM_Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - "Module complémentaire Lync" (C:\Program Files\Microsoft Lync\communicator.exe,1)

HKLM_Extensions\{4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - "PalTalk" (C:\Program Files\Paltalk Messenger\Paltalk.exe,476)

BHO\{0055C089-8582-441B-A0BF-17B458C2A3A8} - "IDM integration (IDMIEHlprObj Class)" (C:\Program Files\Internet Download Manager\IDMIECC.dll)

BHO\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - "Lync Browser Helper" (C:\Program Files\Microsoft Lync\OCHelper.dll)

========================================

C:\Program Files\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files\Ad-Remover\Backup: 15 Fichier(s)

C:\Ad-Report-CLEAN[1].txt - 28/05/2011 02:17:55 (4888 Octet(s))

C:\Ad-Report-SCAN[1].txt - 28/05/2011 02:15:58 (4766 Octet(s))

Fin à: 02:18:47, 28/05/2011

============== E.O.F ==============

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Version de la base de données: 6696

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

28/05/2011 03:25:39

mbam-log-2011-05-28 (03-25-39).txt

Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)

Elément(s) analysé(s): 402944

Temps écoulé: 38 minute(s), 2 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 3

Processus mémoire infecté(s):