infection trojan

[kingleroideskong]

Bonjour,

 

Je suis infecté par un trojan

Pouvez vous m'aider ?

 

Merci

[pear]

Bonjour,

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

 

Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

Clic sur la Loupe pour lancer le scan

En cas de blocage sur O80, cliquez sur le tournevis pour le décocher

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Joint

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

[kingleroideskong]

Rapport de ZHPDiag v1.27.2346 par Nicolas Coolman, Update du 23/06/2011

Run by marion at 24/06/2011 13:15:09

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385 (Defaut)

 

---\\ System Information

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2810 MB (56% free)

System Restore: Activé (Enable)

System drive C: has 20 GB (16%) free of 116 GB

 

---\\ Logged in mode

Computer Name: PORTABLEAMARION

User Name: marion

All Users Names: marion, HomeGroupUser$, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\marion\AppData\Roaming

%LocalAppData%=C:\Users\marion\AppData\Local

%StartMenu%=C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 20 Go of 116 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 116 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/04/2011 20:31:50.) -- C:\Windows\system32\wininet.dll [981504]

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/34

~ Mes musiques (My Musics) : 1/2

~ Mes Videos (My Videos) : 1/2

~ Mes Favoris (My Favorites) : 3/129

~ Mes Documents (My Documents) : 109/2614

~ Mon Bureau (My Desktop) : 1/914

~ Menu demarrer (Programs) : 7/24

~ Dossier utilisateur (AppData) : 57/3963

 

 

 

---\\ Processus lancés

[MD5.A7E406711790197712D376B44A9FBB0B] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496]

[MD5.05973FB5F863CDB65852D88ADB383A33] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280]

[MD5.80A02F5ADDDF2D615B85A4F19424DCBB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760]

[MD5.F7E0783DA9043BC131BB37C77EDB04DF] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe [2454840]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.55B3AFC1E8C852132C27ADD96A1B6628] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [1043968]

[MD5.8CD9E7BC107216D6BB81B0799603CD93] - (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [532320]

[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848]

[MD5.5875B778B188FD9FC4B49C03DA3CF4FC] - (.Microsoft Corporation - Microsoft Search Client Server.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe [316208]

[MD5.189AD9033B6295D13352C04ECAB51555] - (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\moovida_air.exe [1281696]

[MD5.5698B99B81D3692BF9FCDEE5A07EA250] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe [231888]

[MD5.1D0344179E44945AFC3CC82F209455A1] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix.exe [499712]

[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]

[MD5.6CB68ED83F4318B185BCD941C06F7D81] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [660992]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\prefs.js

M0 - MFSP: prefs.js [marion - oqexwpxc.default] www.google.fr

M2 - MFEP: prefs.js [marion - oqexwpxc.default\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}] [] ChatZilla v0.9.86 (.The ChatZilla Team.)

M2 - MFEP: prefs.js [marion - oqexwpxc.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.8.20100408.6 (.Aaron Boodman; http://youngpup.net/.)

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Toshiba | MSN

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: pdfforge Toolbar [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) (4, 4, 0, 2) -- C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll

R3 - URLSearchHook: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 3, 2) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 2, 2) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: pdfforge Toolbar [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (.Spigot, Inc. - Widgi Toolbar for Internet Explorer.) -- C:\Program Files (x86)\pdfforge Toolbar\IE\4.4\pdfforgeToolbarIE.dll

O2 - BHO: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Interest recogniser for Moovida (powered by Spointer) [64Bits] - {E2A7BD67-0EAF-497f-B05B-748D7BF3C421} . (.Moovida - Interest Recognizer for Moovida.) -- C:\Program Files (x86)\Fluendo\Moovida\spointer\extensions\moovida_air_ie.dll

O2 - BHO: TOSHIBA Media Controller Plug-in [64Bits] - {F3C88694-EFFA-4d78-B409-54B7B2535B14} . (.<TOSHIBA> - TOSHIBA Media Controller Plug-in.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: ZoneAlarm Security Engine [64Bits] - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe

O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

O4 - HKLM\..\Run: [smoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TosReelTimeMonitor] . (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

O4 - HKLM\..\Run: [TosNC] . (.TOSHIBA Corporation - Message Center.) -- C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

O4 - HKLM\..\Run: [smartFaceVWatcher] . (.TOSHIBA Corporation - SmartFaceVWatcher.) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

O4 - HKLM\..\Run: [iSW] . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

O4 - HKCU\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Wow6432Node\Run: [searchSettings] . (.Spigot, Inc. - Search Settings.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\marion\Desktop\1 fois par mois.lnk . (...) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe (.not file.)

O4 - Global Startup: C:\Users\marion\Desktop\Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe

O4 - Global Startup: C:\Users\marion\Desktop\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files (x86)\MiPony\MiPony.exe

O4 - Global Startup: C:\Users\marion\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files (x86)\MiPony\MiPony.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - toshiba.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.exe

O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files (x86)\MiPony\Browser\IEContext.htm

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CS1\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CS2\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CCS\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AMD External Events Utility) . (...) - C:\Windows\system32\atiesrxx.exe (.not file.)

O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Application Updater (Application Updater) . (.Spigot, Inc. - Application Updater.) - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm ForceField.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

O23 - Service: lxdn_device (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe (.not file.)

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (...) - C:\Windows\system32\TODDSrv.exe (.not file.)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

[MD5.A7E406711790197712D376B44A9FBB0B] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: (klufodig) . (. - .) - C:\Windows\system32\drivers\klufodig.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}

O42 - Logiciel: AMD Media Foundation Decoders - (.ATI Technologies Inc..) [HKLM] -- {89E65E64-68E2-32A4-09E1-2606E2BEC841}

O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {B39F601A-E865-7C74-48C6-821AD1312D33}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}

O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}

O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM][64Bits] -- Avira AntiVir Desktop

O42 - Logiciel: Barre d'outils Bing - (.Microsoft Corporation.) [HKLM][64Bits] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81}

O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083929

O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {B86C9440-82D7-423C-9FEC-6CB3092D1AA4}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {0E33EC53-22CE-426C-A88B-2AAC231BAC85}

O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083877

O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA

O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT083916

O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT083945

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent toshiba Master Uninstall

O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WT083910

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM][64Bits] -- {7DB4CB30-B94A-4282-AC8A-C86F615AA45B}

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM][64Bits] -- Messenger Plus! Live

O42 - Logiciel: MiPony 1.3.0 - (.Pas de propriétaire.) [HKLM][64Bits] -- MiPony

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM][64Bits] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF}

O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {928B06E4-DDAA-476A-926A-641620326327}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Moovida - (.Fluendo.) [HKLM][64Bits] -- Moovida

O42 - Logiciel: Moovida - (.Secure Digital Services.) [HKLM][64Bits] -- {6084C211-01A1-464E-97A0-09772E122B50}

O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {e0004da2-4109-46f3-9eda-111da1cacfd7}

O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {0420F95C-11FF-4E02-B967-6CC22B188F9F}

O42 - Logiciel: Nero BackItUp and Burn - (.Nero AG.) [HKLM][64Bits] -- {E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}

O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM][64Bits] -- {397516AE-7DFE-4F90-84E0-BD616D559434}

O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM][64Bits] -- {7829DB6F-A066-4E40-8912-CB07887C20BB}

O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM][64Bits] -- {F6BDD7C5-89ED-4569-9318-469AA9732572}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}

O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}

O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}

O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}

O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}

O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}

O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}

O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}

O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}

O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}

O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348B586-C9AE-46CE-936C-A68E9426E214}

O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT083958

O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- {9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre

O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT083925

O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr

O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT083959

O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM][64Bits] -- GFWL_{4D530942-9B89-4186-98B7-F51000000100}

O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM][64Bits] -- {4D530942-9B89-4186-98B7-F51000000100}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380}

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {607BE7BF-7C28-4ADB-A4A0-385962B901C3}

O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6}

O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}

O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}

O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM][64Bits] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}

O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- {A0E99122-25C1-4CA4-9063-499A2A814EB6}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}

O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A}

O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {073B89C3-BA88-41B5-965F-B35A88EAE838}

O42 - Logiciel: TOSHIBA TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F082CB11-4794-4259-99A1-D91BA762AD15}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}

O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}

O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM][64Bits] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Todae - Live Media - (.Todae.fr.) [HKLM][64Bits] -- Live Media

O42 - Logiciel: Toshiba Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}

O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}

O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player

O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM][64Bits] -- Vuze_Remote Toolbar

O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba

O42 - Logiciel: WinZip 14.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9B48B0AC-C813-4174-9042-476A887592C7}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM][64Bits] -- ZoneAlarm

O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar

O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083890

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: pdfforge Toolbar v4.4 - (.Spigot, Inc..) [HKLM][64Bits] -- {BCB52F35-4C56-49F2-A3D6-FDED54B01847}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ATI]

[HKCU\Software\AppDataLow\IEPro]

[HKCU\Software\AppDataLow\ISWVolatile]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Search Settings]

[HKCU\Software\AppDataLow\Software\Vuze_Remote]

[HKCU\Software\AppDataLow\Software\ZoneAlarm]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow\Toolbar]

[HKCU\Software\AppDataLow]

[HKCU\Software\Avira]

[HKCU\Software\CheckPoint]

[HKCU\Software\Classes]

[HKCU\Software\Conduit]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\LexmarkInkjet]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Moovida]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\ODBC]

[HKCU\Software\PDFCreator]

[HKCU\Software\Patchou]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Spointer]

[HKCU\Software\Synaptics]

[HKCU\Software\TOSHIBA]

[HKCU\Software\Todae]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WildTangent]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Windows Live Writer]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YourCompanyName]

[HKCU\Software\Zone Labs]

[HKCU\Software\cybelsoft]

[HKCU\Software\ej-technologies]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Application Updater]

[HKLM\Software\Atheros Communications Inc.]

[HKLM\Software\Atheros]

[HKLM\Software\Audible]

[HKLM\Software\Avira]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CheckPoint]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\Conexant]

[HKLM\Software\Cyberlink]

[HKLM\Software\Digital River]

[HKLM\Software\Dofus 2]

[HKLM\Software\Google]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Khronos]

[HKLM\Software\LexmarkInkjet]

[HKLM\Software\Macromedia]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\McAfee]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\ODBC]

[HKLM\Software\PDFCreator]

[HKLM\Software\Patchou]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SOFTWARE]

[HKLM\Software\Search Settings]

[HKLM\Software\SecureDigitalServices]

[HKLM\Software\SiteAdvisor]

[HKLM\Software\Sonic]

[HKLM\Software\Synaptics]

[HKLM\Software\TOSHIBA CORPORATION]

[HKLM\Software\TOSHIBA]

[HKLM\Software\Todae]

[HKLM\Software\Toshiba Tempro]

[HKLM\Software\VideoLAN]

[HKLM\Software\Vuze_Remote]

[HKLM\Software\WildTangent]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Zone Labs]

[HKLM\Software\cybelsoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

[HKLM\Software\pdfforge]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 12/04/2010 - 08:21:46 - [23462193] ----D- C:\Program Files\ATI

O43 - CFD: 24/06/2011 - 12:38:36 - [877596] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 06/11/2010 - 20:28:52 - [6175224] ----D- C:\Program Files\CCleaner

O43 - CFD: 09/08/2010 - 22:29:02 - [43038477] ----D- C:\Program Files\CheckPoint

O43 - CFD: 24/06/2011 - 12:38:58 - [80047976] ----D- C:\Program Files\Common Files

O43 - CFD: 12/04/2010 - 08:25:02 - [31855407] ----D- C:\Program Files\CONEXANT

O43 - CFD: 14/07/2009 - 17:35:28 - [90257428] ----D- C:\Program Files\DVD Maker

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 16/06/2011 - 13:52:10 - [5174937] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 12/04/2010 - 08:52:52 - [148930098] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 11/06/2010 - 17:13:30 - [1141526] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 12/04/2010 - 08:17:36 - [2178436] ----D- C:\Program Files\PlayReady

O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 12/04/2010 - 08:30:14 - [31323877] ----D- C:\Program Files\Synaptics

O43 - CFD: 11/06/2010 - 17:10:34 - [421171892] ----D- C:\Program Files\TOSHIBA

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 14/07/2009 - 17:24:10 - [4039168] ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 17:35:28 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 16/12/2010 - 23:06:46 - [6667264] ----D- C:\Program Files\Windows Mail

O43 - CFD: 15/10/2010 - 22:27:44 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 04/08/2010 - 20:41:02 - [12624564] ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 17:24:10 - [5516568] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 17:24:10 - [8016512] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 24/06/2011 - 12:38:58 - [291840] ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD: 15/06/2011 - 22:51:16 - [67134695] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 17:24:10 - [12009971] ----D- C:\Program Files\Common Files\System

O43 - CFD: 11/03/2011 - 17:21:44 - [0] ----D- C:\ProgramData\Adobe

O43 - CFD: 24/06/2011 - 12:38:22 - [1763] ----D- C:\ProgramData\AMD

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 11/06/2010 - 17:02:48 - [10888] ----D- C:\ProgramData\Atheros

O43 - CFD: 24/06/2011 - 12:39:08 - [11] ----D- C:\ProgramData\ATI

O43 - CFD: 09/08/2010 - 22:15:26 - [46392545] ----D- C:\ProgramData\Avira

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 09/08/2010 - 22:28:06 - [4212] ----D- C:\ProgramData\CheckPoint

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 09/08/2010 - 22:52:42 - [37562] ----D- C:\ProgramData\IsolatedStorage

O43 - CFD: 06/11/2010 - 20:13:06 - [494] ----D- C:\ProgramData\lx_Cats

O43 - CFD: 24/06/2011 - 12:26:10 - [1273941] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 09/08/2010 - 22:07:34 - [14880] ----D- C:\ProgramData\McAfee

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 10/08/2010 - 18:19:34 - [49897] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 11/05/2011 - 19:10:12 - [237920660] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 15/06/2011 - 22:54:04 - [57688] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 12/04/2010 - 08:43:16 - [11750873] ----D- C:\ProgramData\Nero

O43 - CFD: 09/08/2010 - 21:11:22 - [22317208] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 11/06/2010 - 17:08:44 - [20784900] ----D- C:\ProgramData\Toshiba

O43 - CFD: 09/08/2010 - 22:52:42 - [90486] ----D- C:\ProgramData\TOSHIBA Tempro

O43 - CFD: 04/08/2010 - 20:42:22 - [1793] ----D- C:\ProgramData\ToshibaEurope

O43 - CFD: 29/01/2011 - 04:32:46 - [688983144] ----D- C:\ProgramData\WildTangent

O43 - CFD: 28/12/2010 - 23:26:06 - [28] ----D- C:\ProgramData\WinZip

O43 - CFD: 14/12/2010 - 20:40:08 - [46782618] ----D- C:\Users\marion\AppData\Roaming\.minecraft

O43 - CFD: 11/03/2011 - 17:21:02 - [17992293] ----D- C:\Users\marion\AppData\Roaming\Adobe

O43 - CFD: 11/03/2011 - 17:21:06 - [4478] ----D- C:\Users\marion\AppData\Roaming\app

O43 - CFD: 04/08/2010 - 20:44:30 - [0] ----D- C:\Users\marion\AppData\Roaming\ATI

O43 - CFD: 23/06/2011 - 12:05:56 - [17632298088] ----D- C:\Users\marion\AppData\Roaming\Azureus

O43 - CFD: 09/08/2010 - 22:29:32 - [57047] ----D- C:\Users\marion\AppData\Roaming\CheckPoint

O43 - CFD: 29/04/2011 - 02:21:18 - [59510118] ----D- C:\Users\marion\AppData\Roaming\Dofus 2

O43 - CFD: 11/03/2011 - 17:21:04 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 20/03/2011 - 19:32:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 12/03/2011 - 00:35:08 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 06/04/2011 - 18:27:50 - [199] ----D- C:\Users\marion\AppData\Roaming\dvdcss

O43 - CFD: 26/08/2010 - 01:49:08 - [0] ----D- C:\Users\marion\AppData\Roaming\GrabPro

O43 - CFD: 04/08/2010 - 20:43:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Identities

O43 - CFD: 12/04/2010 - 08:50:04 - [101401] ----D- C:\Users\marion\AppData\Roaming\Macromedia

O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\marion\AppData\Roaming\Media Center Programs

O43 - CFD: 18/05/2011 - 18:09:44 - [20476393] -S--D- C:\Users\marion\AppData\Roaming\Microsoft

O43 - CFD: 26/08/2010 - 01:54:14 - [981] ----D- C:\Users\marion\AppData\Roaming\MiniDm

O43 - CFD: 19/06/2011 - 16:19:02 - [4807] ----D- C:\Users\marion\AppData\Roaming\Mipony

O43 - CFD: 21/06/2011 - 16:13:02 - [1171982] ----D- C:\Users\marion\AppData\Roaming\moovida-1

O43 - CFD: 22/10/2010 - 08:07:46 - [7391010] ----D- C:\Users\marion\AppData\Roaming\Mozilla

O43 - CFD: 16/03/2011 - 21:59:24 - [126841556] ----D- C:\Users\marion\AppData\Roaming\Nero

O43 - CFD: 17/08/2010 - 14:57:54 - [1186] ----D- C:\Users\marion\AppData\Roaming\PhotoFiltre

O43 - CFD: 11/03/2011 - 17:21:06 - [0] ----D- C:\Users\marion\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 15/05/2011 - 16:22:18 - [13824] ----D- C:\Users\marion\AppData\Roaming\Template

O43 - CFD: 28/10/2010 - 20:18:38 - [1362863] ----D- C:\Users\marion\AppData\Roaming\Todae

O43 - CFD: 04/08/2010 - 20:59:24 - [10183925] ----D- C:\Users\marion\AppData\Roaming\Toshiba

O43 - CFD: 24/04/2011 - 02:36:10 - [1357328] ----D- C:\Users\marion\AppData\Roaming\vlc

O43 - CFD: 29/10/2010 - 09:48:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Windows Live Writer

O43 - CFD: 12/03/2011 - 00:34:40 - [21483] ----D- C:\Users\marion\Appdata\Local\Adobe

O43 - CFD: 24/06/2011 - 12:39:28 - [6] ----D- C:\Users\marion\Appdata\Local\AMD

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Application Data

O43 - CFD: 04/08/2010 - 20:44:30 - [62549] ----D- C:\Users\marion\Appdata\Local\ATI

O43 - CFD: 14/02/2011 - 22:25:28 - [0] ----D- C:\Users\marion\Appdata\Local\Diagnostics

O43 - CFD: 28/12/2010 - 23:12:10 - [10973] ----D- C:\Users\marion\Appdata\Local\DOSBox

O43 - CFD: 04/01/2011 - 00:44:28 - [0] ----D- C:\Users\marion\Appdata\Local\ElevatedDiagnostics

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Historique

O43 - CFD: 15/05/2011 - 16:22:14 - [1373108005] ----D- C:\Users\marion\Appdata\Local\Microsoft

O43 - CFD: 09/02/2011 - 23:27:10 - [607131] ----D- C:\Users\marion\Appdata\Local\Microsoft Games

O43 - CFD: 24/06/2011 - 13:13:46 - [481457] ----D- C:\Users\marion\Appdata\Local\moovida Air

O43 - CFD: 26/08/2010 - 01:55:30 - [43000758] ----D- C:\Users\marion\Appdata\Local\Mozilla

O43 - CFD: 09/08/2010 - 21:50:12 - [1075] ----D- C:\Users\marion\Appdata\Local\Nero_AG

O43 - CFD: 21/06/2011 - 22:11:40 - [2221277] ----D- C:\Users\marion\Appdata\Local\PokerStars.FR

O43 - CFD: 24/06/2011 - 13:12:16 - [124433001] ----D- C:\Users\marion\Appdata\Local\Temp

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Temporary Internet Files

O43 - CFD: 04/08/2010 - 20:44:22 - [0] ----D- C:\Users\marion\Appdata\Local\Toshiba

O43 - CFD: 04/08/2010 - 20:59:42 - [623] ----D- C:\Users\marion\Appdata\Local\TOSHIBA_Corporation

O43 - CFD: 28/09/2010 - 20:00:20 - [146142549] ----D- C:\Users\marion\Appdata\Local\VirtualStore

O43 - CFD: 29/10/2010 - 09:48:56 - [373674] ----D- C:\Users\marion\Appdata\Local\Windows Live Writer

O43 - CFD: 14/07/2009 - 06:54:34 - [14668] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 07/08/2010 - 15:45:28 - [174] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 12/03/2011 - 00:34:26 - [4400] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus 2

O43 - CFD: 29/04/2011 - 22:44:10 - [198] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

O43 - CFD: 14/07/2009 - 06:49:40 - [580] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 02/06/2011 - 18:01:46 - [0] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony

O43 - CFD: 06/12/2010 - 15:25:04 - [1230] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida

O43 - CFD: 17/08/2010 - 13:19:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre

O43 - CFD: 26/08/2010 - 01:51:38 - [174] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 12/03/2011 - 00:35:04 - [56502] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 24/06/2011 - 12:39:04 - [2451484] ----D- C:\Program Files (x86)\AMD APP

O43 - CFD: 18/05/2011 - 16:11:04 - [393197] ----D- C:\Program Files (x86)\Application Updater

O43 - CFD: 11/06/2010 - 17:02:42 - [1909043] ----D- C:\Program Files (x86)\Atheros

O43 - CFD: 24/06/2011 - 12:38:16 - [47316651] ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 09/08/2010 - 22:32:08 - [115512899] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 17/01/2011 - 04:01:58 - [1001307] ----D- C:\Program Files (x86)\Bing Bar Installer

O43 - CFD: 24/06/2011 - 12:38:58 - [893259128] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 09/08/2010 - 22:29:16 - [1059008] ----D- C:\Program Files (x86)\Conduit

O43 - CFD: 11/03/2011 - 16:25:36 - [920630850] ----D- C:\Program Files (x86)\Dofus 2

O43 - CFD: 28/12/2010 - 23:11:16 - [4507970] ----D- C:\Program Files (x86)\DOSBox-0.74

O43 - CFD: 06/12/2010 - 15:24:40 - [53219253] ----D- C:\Program Files (x86)\Fluendo

O43 - CFD: 11/06/2010 - 17:10:16 - [125887943] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 16/06/2011 - 13:52:10 - [4815785] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 12/04/2010 - 08:17:52 - [90456779] ----D- C:\Program Files (x86)\Java

O43 - CFD: 24/06/2011 - 12:26:18 - [6093848] ----D- C:\Program Files (x86)\ma-config.com

O43 - CFD: 09/08/2010 - 22:07:34 - [0] ----D- C:\Program Files (x86)\McAfee

O43 - CFD: 09/08/2010 - 19:18:52 - [13110008] ----D- C:\Program Files (x86)\Messenger Plus! Live

O43 - CFD: 12/04/2010 - 08:49:34 - [5440926] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 23/06/2011 - 22:37:52 - [2291630853] ----D- C:\Program Files (x86)\Microsoft Games

O43 - CFD: 11/05/2011 - 19:01:44 - [9362570] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

O43 - CFD: 11/06/2010 - 17:15:14 - [369741831] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 11/06/2010 - 17:16:44 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant

O43 - CFD: 15/06/2011 - 22:50:04 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 12/04/2010 - 08:55:56 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 17/12/2010 - 07:40:16 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 24/11/2010 - 23:37:22 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 02/06/2011 - 18:01:46 - [8160519] ----D- C:\Program Files (x86)\MiPony

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/01/2011 - 04:01:26 - [6837789] ----D- C:\Program Files (x86)\MSN Toolbar

O43 - CFD: 07/08/2010 - 03:27:46 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 12/04/2010 - 08:46:36 - [645639579] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 09/08/2010 - 21:10:32 - [25826295] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 18/05/2011 - 16:11:04 - [823762] ----D- C:\Program Files (x86)\pdfforge Toolbar

O43 - CFD: 12/04/2010 - 08:50:06 - [27398676] ----D- C:\Program Files (x86)\Photo-Service

O43 - CFD: 17/08/2010 - 13:19:52 - [3688689] ----D- C:\Program Files (x86)\PhotoFiltre

O43 - CFD: 17/06/2011 - 15:22:00 - [64250795] ----D- C:\Program Files (x86)\PokerStars.FR

O43 - CFD: 06/11/2010 - 21:12:58 - [1221936] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 12/04/2010 - 08:30:26 - [8537986] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 11/06/2010 - 17:05:26 - [289748977] ----D- C:\Program Files (x86)\Toshiba

O43 - CFD: 28/01/2011 - 21:14:38 - [380718513] ----D- C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 19/05/2011 - 20:22:28 - [11842668] ----D- C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 22/10/2010 - 01:56:38 - [78884139] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 23/06/2011 - 22:38:32 - [955496] ----D- C:\Program Files (x86)\Vuze

O43 - CFD: 27/08/2010 - 15:08:44 - [2935924] ----D- C:\Program Files (x86)\Vuze_Remote

O43 - CFD: 28/01/2011 - 21:13:56 - [8595336] ----D- C:\Program Files (x86)\WildTangent Games

O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 28/01/2011 - 17:40:16 - [147852588] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 12/04/2010 - 08:55:00 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 16/12/2010 - 23:06:46 - [6180864] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/10/2010 - 20:18:36 - [5693414] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12194484] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 14/07/2009 - 17:24:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 14/07/2009 - 17:24:10 - [6225319] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 28/12/2010 - 23:25:36 - [20673124] ----D- C:\Program Files (x86)\WinZip

O43 - CFD: 24/06/2011 - 13:15:34 - [3910201] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 09/08/2010 - 21:01:38 - [19526505] ----D- C:\Program Files (x86)\Zone Labs

O43 - CFD: 09/08/2010 - 22:29:16 - [2718027] ----D- C:\Program Files (x86)\ZoneAlarm

O43 - CFD: 12/03/2011 - 00:35:02 - [30826314] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 24/06/2011 - 12:38:58 - [240640] ----D- C:\Program Files (x86)\Common Files\ATI Technologies

O43 - CFD: 11/06/2010 - 17:15:14 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 12/04/2010 - 08:30:46 - [1929309] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 09/08/2010 - 22:07:34 - [820488] ----D- C:\Program Files (x86)\Common Files\mcafee

O43 - CFD: 08/11/2010 - 07:30:12 - [253708133] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 12/04/2010 - 08:46:08 - [132663862] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 18/05/2011 - 16:11:04 - [533671] ----D- C:\Program Files (x86)\Common Files\Spigot

O43 - CFD: 14/07/2009 - 17:24:10 - [44114543] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 12/04/2010 - 08:53:52 - [378102451] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 19/05/2011 - 20:22:42 - [9120256] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.E51593F12694B1C50DCB8E72DC64458B] - 24/06/2011 - 12:14:31 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16304]

O44 - LFC:[MD5.E51593F12694B1C50DCB8E72DC64458B] - 24/06/2011 - 12:14:31 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16304]

O44 - LFC:[MD5.96A60A0C6AED82CA6026E41DBBA2B716] - 24/06/2011 - 12:12:02 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1562454]

O44 - LFC:[MD5.55ED6BE105E257B6B8D73AEE5BD1425F] - 24/06/2011 - 12:12:02 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [108332]

O44 - LFC:[MD5.32FFB6654B80588A085999146757FA2F] - 24/06/2011 - 12:12:02 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132834]

O44 - LFC:[MD5.0C0B13E329265FEBB83119C338B06855] - 24/06/2011 - 12:12:02 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [620150]

O44 - LFC:[MD5.F6C66000425C1CFFCCAF80BD6BB32140] - 24/06/2011 - 12:12:02 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [708852]

O44 - LFC:[MD5.8CEE1800FEFFFFFF57494E444F577E31] - 24/06/2011 - 12:10:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1683359]

O44 - LFC:[MD5.728DE317DA14B7A5DE9DC637D6115C1D] - 24/06/2011 - 12:06:44 ---A- . (...) -- C:\Windows\setupact.log [3914]

O44 - LFC:[MD5.5448C9C63008DFC779C1FAD0889DA40B] - 24/06/2011 - 12:06:39 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.078092171C98EDFCAD253EA9A2C9CE13] - 24/06/2011 - 10:28:31 ---A- . (...) -- C:\Windows\PFRO.log [1368]

O44 - LFC:[MD5.621D75109AEA98BE8E7B507B5CEEB168] - 16/06/2011 - 12:53:32 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [343816]

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 18/02/2010 - 08:18:24 ---A- . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136]

O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.D6CAD7E5B05055BB8226BDCB1644DA27] - 06/11/2009 - 11:56:06 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1550848]

O58 - SDL:[MD5.9A4B92150A5E259A7159D914CC3A60D7] - 25/05/2011 - 05:26:56 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9359872]

O58 - SDL:[MD5.9DEB889D152F9C9DBA98BE8986084535] - 25/05/2011 - 03:25:42 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [309760]

O58 - SDL:[MD5.7C5D273E29DCC5505469B299C6F29163] - 05/05/2009 - 08:00:28 ---A- . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [16440]

O58 - SDL:[MD5.AEFAF27F1B7E52C705DF4FB6C96732F6] - 15/03/2010 - 09:06:28 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atipmdag.sys [6403072]

O58 - SDL:[MD5.C30B5FC0ADCDFBA7668E99BAF0CBF58E] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [74880]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.7247A4D0875F5F28919E0787E11B7B57] - 18/01/2010 - 16:45:50 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT64.sys [717368]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.60ACB128E64C35C2B4E4AAB1B0A5C293] - 07/07/2009 - 07:51:42 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [9216]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.48686C29856F46443952A831424F8D6F] - 04/03/2010 - 16:53:00 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\system32\drivers\L1C62x64.sys [75816]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.663962900E7FEA522126BA287715BB4A] - 22/06/2009 - 16:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\system32\drivers\PGEffect.sys [35008]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.7B04C9843921AB1F695FB395422C5360] - 14/05/2007 - 15:06:18 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb_AMD64.sys [27520]

O58 - SDL:[MD5.907C4464381B5EBDFDC60F6C7D0DEDFC] - 01/02/2010 - 09:29:48 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [232992]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.470C47DABA9CA3966F0AB3F835D7D135] - 10/03/2010 - 17:51:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [316464]

O58 - SDL:[MD5.FD542B661BD22FA69CA789AD0AC58C29] - 30/07/2009 - 18:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\system32\drivers\tdcmdpst.sys [27784]

O58 - SDL:[MD5.550B567F9364D8F7684C3FB3EA665A72] - 14/07/2009 - 15:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [26840]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\SysWOW64\drivers\ssmdrv.sys [28520]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Wim file system Driver.) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: prefs.js [marion - oqexwpxc.default] user_pref("CT2504091.SearchEngine", "Search||http://search.conduit.com/Results.aspx?

O69 - SBI: prefs.js [marion - oqexwpxc.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091

O69 - SBI: SearchScopes [HKCU] {0A805CDC-E04A-4C0E-8CEB-F47A087CD0CB} - (eBay) - eBay

O69 - SBI: SearchScopes [HKCU] {5F29118B-BA47-4535-A34E-B6D85439A0AA} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {6F741365-BA22-4BBC-B498-3DCF773C4AB5} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {afdbddaa-5d3f-42ee-b79c-185a7020515b} - ( ) - http://search.conduit.com

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.170993EF0582FF99944A6FCF1DB518BD] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\DelUS.bat [422]

[MD5.02AF9D9AC356C94347E847BFEACA6CEB] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\RMScriptTemp.dll [36864]

[MD5.29C9DEBA223C2FF85BA2170333ED7E72] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\ScriptTemp.dll [4608]

[MD5.895F8B17435EEC25ADBBF4A079CF0365] [sPRF] (.Fluendo - Pas de description.) -- C:\Users\marion\AppData\Local\Temp\Update_off_moovidaImmersed-2.1.0.2-win32.exe [39414936]

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{7DDD9F12-77C7-4815-B9F3-88EAFC72A99F}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "{D6C044C7-A83E-47C4-8E0A-79D94B0BFEE3}" | In - Public - P6 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

O87 - FAEL: "{94A582FA-58DB-41A7-A37B-F82BF6C4A6DC}" | In - Public - P17 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

O87 - FAEL: "{419F8CA6-FD97-46FD-B65E-866180088732}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{A60CC54C-1058-44A8-9145-9941899E61A1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{60EC0577-C937-46CD-95C9-69390DA67D42}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\lxdncoms.exe (.not file.)

O87 - FAEL: "{60F39321-20A6-4514-982F-B7A3F42C9F19}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\lxdncoms.exe (.not file.)

O87 - FAEL: "{E4D6947C-D927-4134-8D88-20A93FA83AE6}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{7AAAD2B5-F515-43CF-8616-E08686F73702}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe

O87 - FAEL: "{125DC614-1B82-4EB8-BBDC-F4E1EF1D35D0}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8442 - (23/06/2011)

Clés trouvées (Keys found) : 50

Valeurs trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 12

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\Toolbar.ct2504091] =>Adware.Agent

[HKLM\Software\Wow6432Node\Classes\Toolbar.ct2504091] =>Adware.Agent

[HKLM\Software\Classes\Toolbar.CT2611275] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Classes\Toolbar.CT2611275] =>Toolbar.Agent

[HKLM\Software\Classes\WlcUI.DialerWindow] =>Trojan.Rimecud

[HKLM\Software\Wow6432Node\Classes\WlcUI.DialerWindow] =>Trojan.Rimecud

[HKLM\Software\Classes\WlcUI.DialerWindow.1] =>Trojan.Rimecud

[HKLM\Software\Wow6432Node\Classes\WlcUI.DialerWindow.1] =>Trojan.Rimecud

[HKLM\Software\Classes\WlcUI.PhoneNumber] =>Trojan.Rimecud

[HKLM\Software\Wow6432Node\Classes\WlcUI.PhoneNumber] =>Trojan.Rimecud

[HKLM\Software\Classes\WlcUI.PhoneNumber.1] =>Trojan.Rimecud

[HKLM\Software\Wow6432Node\Classes\WlcUI.PhoneNumber.1] =>Trojan.Rimecud

[HKLM\Software\Classes\Wow6432Node\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox

[HKLM\Software\Classes\TypeLib\{14816CF6-426C-40D7-904C-E5600F015EC2}] =>PUP.OfferBox

[HKLM\Software\Classes\Wow6432Node\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox

[HKLM\Software\Classes\TypeLib\{282D18C0-5424-44F4-A531-55F9AC5B8FD8}] =>PUP.OfferBox

[HKLM\Software\Classes\Wow6432Node\TypeLib\{534E82CE-8042-4f98-ACD8-A3858BCBED0F}] =>Trojan.Rimecud

[HKLM\Software\Classes\TypeLib\{534E82CE-8042-4f98-ACD8-A3858BCBED0F}] =>Trojan.Rimecud

[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports

[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}] =>Adware.BHO

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}] =>PUP.OfferBox

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E2A7BD67-0EAF-497f-B05B-748D7BF3C421}] =>Adware.SPointer

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}] =>PUP.OfferBox

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKLM\Software\Classes\Wow6432Node\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox

[HKLM\Software\Classes\TypeLib\{FD06B491-1EA6-4F5C-86D2-C86D3A3A3731}] =>PUP.OfferBox

[HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO

[HKLM\Software\Classes\Installer\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO

[HKLM\SYSTEM\CurrentControlSet\Services\Application Updater] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Application Updater] =>PUP.Dealio

[HKCU\Software\Conduit] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\Conduit] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\Conduit] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\pdfforge] =>PUP.Dealio

[HKCU\Software\AppDataLow\Software\Search Settings] =>PUP.Dealio

[HKLM\Software\Wow6432Node\Search Settings] =>PUP.Dealio

[HKCU\Software\Spointer] =>Adware.SPointer

[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{B922D405-6D13-4A2B-AE89-08A030DA4402} =>PUP.Dealio

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida =>Adware.SPointer

C:\Users\marion\Appdata\Local\moovida air =>Adware.SPointer

C:\Users\marion\Appdata\LocalLow\Conduit =>Toolbar.Conduit

C:\Users\marion\Appdata\LocalLow\pdfforge =>PUP.Dealio

C:\Users\marion\Appdata\LocalLow\Search Settings =>PUP.Dealio

C:\Users\marion\Appdata\LocalLow\Vuze_Remote =>Toolbar.Conduit

C:\Documents and Settings\marion\Local Settings\Application Data\moovida air =>Adware.SPointer

C:\Program Files (x86)\Application Updater =>PUP.Dealio

C:\Program Files (x86)\Conduit =>Toolbar.Conduit

C:\Program Files (x86)\pdfforge Toolbar =>PUP.Dealio

C:\Program Files (x86)\Vuze_Remote =>Toolbar.Conduit

C:\Program Files (x86)\Common Files\Spigot =>PUP.Dealio

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 24/05/2011 365568 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

SR - | Auto 13/05/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 21/07/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 06/05/2011 393112 | (Application Updater) . (.Spigot, Inc..) - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe

SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

SR - | Auto 18/05/2010 823272 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

SR - | Auto 18/05/2010 0 | (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe

SS - | Demand 01/05/2011 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe

SR - | Auto 15/01/2010 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 10/02/2011 112080 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

SR - | Demand 06/10/2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

SR - | Auto 06/10/2009 0 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SR - | Auto 05/11/2009 489312 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

SR - | Auto 20/05/2010 2437176 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by marion at 24/06/2011 13:17:51

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by marion at 24/06/2011 13:17:53

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1127 lines in 02mn 44s)(0)

[pear]

Téléchargez AD-Remover sur le bureau

 

Déconnectez-vous et fermez toutes les applications en cours

Cliquer sur "Ad-R.exe" pour lancer l'installation et laisser les paramètres par défaut .

Une fenêtre s'affichera Vous prévenant des risques de l'utilisation de ce logiciel

Cliquez sur "OUI"

Double cliquer sur l'icône Ad-remover sur le bureau

Au menu principal choisir l'optionScanner et Validez

 

Patientez pendant le travail de l'outil.

Poster le rapport qui apparait à la fin .

Il est sauvegardé aussi sous C:\Ad-report.log

 

Ensuite

 

Relancer Ad- remover , choisir l'option Nettoyer

 

Il y aura 2 rapports à poster après :Scanner et Nettoyer

 

Pour désinstaller AD-Remover, lancez avec l'option D puis supprimer l'icône du bureau.

 

 

 

Téléchargez MBAM

 

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

 

Nettoyage

Relancez Mbam(Malewares'Bytes)

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

[kingleroideskong]

Pour les deux rapports AD-R, c'est mort parce que j'ai désinstallé AD-REMOVER avant de les poster.Ils ne sont plus sur la racine du C/ ( bizarre )

Par contre voici le rapport de MBAM:

 

 

Malwarebytes' Anti-Malware 1.51.0.1200

www.malwarebytes.org

 

Version de la base de données: 6940

 

Windows 6.1.7600

Internet Explorer 8.0.7600.16385

 

24/06/2011 23:14:30

mbam-log-2011-06-24 (23-14-29).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 327500

Temps écoulé: 37 minute(s), 21 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[pear]

Cela ne m'éclaire pas.

 

Lancez un nouveau Zhpdiag, et ne vous précipitez pas pour supprimer quoi que ce soit.

Vous aurez tout le temps pour cela, plus tard.

[kingleroideskong]

Bonjour,

 

Voici un nouveau rapport de ZHP DIAG

 

Rapport de ZHPDiag v1.27.2346 par Nicolas Coolman, Update du 23/06/2011

Run by marion at 25/06/2011 11:55:38

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7600.16385 (Defaut)

 

---\\ System Information

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Processor: AMD64 Family 16 Model 6 Stepping 3, AuthenticAMD

Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2810 MB (53% free)

System Restore: Activé (Enable)

System drive C: has 28 GB (24%) free of 116 GB

 

---\\ Logged in mode

Computer Name: PORTABLEAMARION

User Name: marion

All Users Names: marion, HomeGroupUser$, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

%AppData%=C:\Users\marion\AppData\Roaming

%LocalAppData%=C:\Users\marion\AppData\Local

%StartMenu%=C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 28 Go of 116 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 116 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.0862495E0C825893DB75EF44FAEA8E93] - (.Microsoft Corporation - Explorateur Windows.) (.26/02/2011 07:23:14.) -- C:\Windows\Explorer.exe [2870272]

[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 02:14:45.) -- C:\Windows\system32\Wininit.exe [96256]

[MD5.27CDAF355CCE3762C7F13719E814418B] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.22/04/2011 20:31:50.) -- C:\Windows\system32\wininet.dll [981504]

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/34

~ Mes musiques (My Musics) : 1/2

~ Mes Videos (My Videos) : 1/2

~ Mes Favoris (My Favorites) : 3/129

~ Mes Documents (My Documents) : 109/2614

~ Mon Bureau (My Desktop) : 1/914

~ Menu demarrer (Programs) : 6/23

~ Dossier utilisateur (AppData) : 55/4009

 

 

 

---\\ Processus lancés

[MD5.05973FB5F863CDB65852D88ADB383A33] - (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Online Product Information\TOPI.exe [4581280]

[MD5.A7E406711790197712D376B44A9FBB0B] - (.TOSHIBA CORPORATION - ConfigFree Task Tray Menu.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [304496]

[MD5.8A07221789D46B2EA7DFCA2BC807572A] - (.TOSHIBA CORPORATION - ConfigFree Switch Manager Process.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe [62848]

[MD5.80A02F5ADDDF2D615B85A4F19424DCBB] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe [1086760]

[MD5.F7E0783DA9043BC131BB37C77EDB04DF] - (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe [2454840]

[MD5.29680A793F690EEF4AAA68479D2A6DF8] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [209153]

[MD5.55B3AFC1E8C852132C27ADD96A1B6628] - (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe [1043968]

[MD5.F06CA6475B7A538DB9DC3F7B896B97E4] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe [449584]

[MD5.64EFAF916C4009F1B84153D0BB491FB0] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe [673040]

[MD5.5875B778B188FD9FC4B49C03DA3CF4FC] - (.Microsoft Corporation - Microsoft Search Client Server.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SCServer\SCServer.exe [316208]

[MD5.5698B99B81D3692BF9FCDEE5A07EA250] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10h_ActiveX.exe [231888]

[MD5.6CB68ED83F4318B185BCD941C06F7D81] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [660992]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\marion\AppData\Roaming\Mozilla\Firefox\Profiles\oqexwpxc.default\prefs.js

M0 - MFSP: prefs.js [marion - oqexwpxc.default] www.google.fr

M2 - MFEP: prefs.js [marion - oqexwpxc.default\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2}] [] ChatZilla v0.9.86 (.The ChatZilla Team.)

M2 - MFEP: prefs.js [marion - oqexwpxc.default\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] [greasemonkey] Greasemonkey v0.8.20100408.6 (.Aaron Boodman; http://youngpup.net/.)

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 3, 2) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 2, 2) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\WINDOWS\system32\SystemPropertiesPerformance.exe

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) [64Bits] - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

O2 - BHO: Search Helper [64Bits] - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: ZoneAlarm Security Engine Registrar [64Bits] - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: Bing Bar BHO [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation - Bing Bar.) -- c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: TOSHIBA Media Controller Plug-in [64Bits] - {F3C88694-EFFA-4d78-B409-54B7B2535B14} . (.<TOSHIBA> - TOSHIBA Media Controller Plug-in.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: ZoneAlarm Security Engine [64Bits] - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [smartAudio] . (.Pas de propriétaire - SAIICpl MFC Application.) -- C:\Program Files\CONEXANT\SAII\SAIICpl.exe

O4 - HKLM\..\Run: [TPwrMain] . (.TOSHIBA Corporation - TOSHIBA Power Saver.) -- C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe

O4 - HKLM\..\Run: [smoothView] . (.TOSHIBA Corporation - SmoothView.) -- C:\Program Files\Toshiba\SmoothView\SmoothView.exe

O4 - HKLM\..\Run: [00TCrdMain] . (.TOSHIBA Corporation - TOSHIBA Flash Cards.) -- C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [TosReelTimeMonitor] . (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) -- C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

O4 - HKLM\..\Run: [TosNC] . (.TOSHIBA Corporation - Message Center.) -- C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

O4 - HKLM\..\Run: [Toshiba TEMPRO] . (.Toshiba Europe GmbH - Toshiba TEMPRO.) -- C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe

O4 - HKLM\..\Run: [smartFaceVWatcher] . (.TOSHIBA Corporation - SmartFaceVWatcher.) -- C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

O4 - HKLM\..\Run: [TosSENotify] . (.TOSHIBA Corporation - Pas de description.) -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

O4 - HKLM\..\Run: [TosVolRegulator] . (.TOSHIBA Corporation - Toshiba Volume Regulator.) -- C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe

O4 - HKLM\..\Run: [Toshiba Registration] . (.Toshiba Europe GmbH - Toshiba Notebook Registration Reminder.) -- C:\Program Files\Toshiba\Registration\ToshibaReminder.exe

O4 - HKLM\..\Run: [iSW] . (.Check Point Software Technologies - ZoneAlarm ForceField.) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe

O4 - HKCU\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [NBAgent] . (.Nero AG - Nero BackItUp.) -- c:\Program Files (x86)\Nero\Nero BackItUp & Burn\Nero BackItUp\NBAgent.exe

O4 - HKLM\..\Wow6432Node\Run: [Microsoft Default Manager] . (.Microsoft Corporation - Microsoft Default Manager.) -- C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

O4 - HKLM\..\Wow6432Node\Run: [TWebCamera] . (.TOSHIBA CORPORATION. - Pas de description.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [ZoneAlarm Client] . (.Check Point Software Technologies LTD - ZoneAlarm Client.) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-18\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\..\Run: [TOSHIBA Online Product Information] . (.TOSHIBA - TOSHIBA Online Product Information.) -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe

O4 - HKUS\S-1-5-21-341993071-392051556-412356871-1001\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (.not file.)

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\marion\Desktop\1 fois par mois.lnk . (...) -- C:\Program Files (x86)\CCleaner\CCleaner64.exe (.not file.)

O4 - Global Startup: C:\Users\marion\Desktop\Dofus 2.lnk . (...) -- C:\Program Files (x86)\Dofus 2\app\UpLauncher.exe

O4 - Global Startup: C:\Users\marion\Desktop\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files (x86)\MiPony\MiPony.exe

O4 - Global Startup: C:\Users\marion\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\PhotoFiltre.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MiPony.lnk . (.www.mipony.net.) -- C:\Program Files (x86)\MiPony\MiPony.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - toshiba.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.exe

O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files (x86)\MiPony\Browser\IEContext.htm

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CS1\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CS2\Services\Tcpip\..\{8D785503-B7EE-4757-A120-AFC4950DC48D}: NameServer = 172.16.48.242,172.16.48.244

O17 - HKLM\System\CCS\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{45886379-B56F-4E06-89F9-13D2CA61B749}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AMD External Events Utility) . (...) - C:\Windows\system32\atiesrxx.exe (.not file.)

O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

O23 - Service: ConfigFree WiMAX Service (cfWiMAXService) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

O23 - Service: ConfigFree Service (ConfigFree Service) . (.TOSHIBA CORPORATION - ConfigFree Service Process.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

O23 - Service: ZoneAlarm Toolbar IswSvc (IswSvc) . (.Check Point Software Technologies - ZoneAlarm ForceField.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

O23 - Service: lxdn_device (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe (.not file.)

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) . (.Toshiba Europe GmbH - Toshiba TEMPRO.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) . (...) - C:\Windows\system32\TODDSrv.exe (.not file.)

O23 - Service: TOSHIBA Power Saver (TosCoSrv) . (.TOSHIBA Corporation - TOSHIBA Power Saver.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

O23 - Service: TrueVector Internet Monitor (vsmon) . (.Check Point Software Technologies LTD - TrueVector Service.) - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

[MD5.A7E406711790197712D376B44A9FBB0B] [APT] [ConfigFree Startup Programs] (.TOSHIBA CORPORATION.) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Vsdatant) . (.Check Point Software Technologies LTD - ZoneAlarm Firewalling Driver.) - C:\Windows\System32\DRIVERS\vsdatant.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}

O42 - Logiciel: AMD Media Foundation Decoders - (.ATI Technologies Inc..) [HKLM] -- {89E65E64-68E2-32A4-09E1-2606E2BEC841}

O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {B39F601A-E865-7C74-48C6-821AD1312D33}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM][64Bits] -- {46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM][64Bits] -- {B2EC4A38-B545-4A00-8214-13FE0E915E6D}

O42 - Logiciel: Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver - (.Atheros Communications Inc..) [HKLM][64Bits] -- {3108C217-BE83-42E4-AE9E-A56A2A92E549}

O42 - Logiciel: Atheros Driver Installation Program - (.Atheros.) [HKLM][64Bits] -- {C3A32068-8AB1-4327-BB16-BED9C6219DC7}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM][64Bits] -- Avira AntiVir Desktop

O42 - Logiciel: Barre d'outils Bing - (.Microsoft Corporation.) [HKLM][64Bits] -- {08234a0d-cf39-4dca-99f0-0c5cb496da81}

O42 - Logiciel: Bejeweled 2 Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083929

O42 - Logiciel: Bing Bar Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {B86C9440-82D7-423C-9FEC-6CB3092D1AA4}

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM][64Bits] -- {0E33EC53-22CE-426C-A88B-2AAC231BAC85}

O42 - Logiciel: Chuzzle Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083877

O42 - Logiciel: Conexant HD Audio - (.Conexant.) [HKLM] -- CNXT_AUDIO_HDA

O42 - Logiciel: Diner Dash 2 Restaurant Rescue - (.WildTangent.) [HKLM][64Bits] -- WT083916

O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT083945

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {1EE04769-91C4-4A06-92B7-FCAFE6BABDD9}

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {133742BA-6F46-4D3E-85AF-78631D9AD8B8}

O42 - Logiciel: Java 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216017FF}

O42 - Logiciel: Jeux WildTangent - (.WildTangent.) [HKLM][64Bits] -- WildTangent toshiba Master Uninstall

O42 - Logiciel: Jewel Quest II - (.WildTangent.) [HKLM][64Bits] -- WT083910

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM][64Bits] -- {8E5233E1-7495-44FB-8DEB-4BE906D59619}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Ma-Config.com - (.Cybelsoft.) [HKLM][64Bits] -- {7DB4CB30-B94A-4282-AC8A-C86F615AA45B}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.0.1200 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Messenger Plus! Live - (.Yuna Software.) [HKLM][64Bits] -- Messenger Plus! Live

O42 - Logiciel: MiPony 1.3.0 - (.Pas de propriétaire.) [HKLM][64Bits] -- MiPony

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Default Manager - (.Microsoft Corporation.) [HKLM][64Bits] -- {1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {F2508213-9989-4E85-A078-72BE483917EF}

O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM][64Bits] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM][64Bits] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM][64Bits] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM][64Bits] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM][64Bits] -- {928B06E4-DDAA-476A-926A-641620326327}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM][64Bits] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM][64Bits] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM][64Bits] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {8338783A-0968-3B85-AFC7-BAAE0A63DC50}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM][64Bits] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM][64Bits] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM][64Bits] -- {3B160861-7250-451E-B5EE-8B92BF30A710}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM][64Bits] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Moovida - (.Fluendo.) [HKLM][64Bits] -- Moovida

O42 - Logiciel: Moovida - (.Secure Digital Services.) [HKLM][64Bits] -- {6084C211-01A1-464E-97A0-09772E122B50}

O42 - Logiciel: Nero 9 Essentials - (.Nero AG.) [HKLM][64Bits] -- {e0004da2-4109-46f3-9eda-111da1cacfd7}

O42 - Logiciel: Nero BackItUp - (.Nero AG.) [HKLM][64Bits] -- {0420F95C-11FF-4E02-B967-6CC22B188F9F}

O42 - Logiciel: Nero BackItUp and Burn - (.Nero AG.) [HKLM][64Bits] -- {E08CC458-41FB-4BB5-9B08-2C83DB55A5B9}

O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM][64Bits] -- {397516AE-7DFE-4F90-84E0-BD616D559434}

O42 - Logiciel: Nero BurnRights - (.Nero AG.) [HKLM][64Bits] -- {7829DB6F-A066-4E40-8912-CB07887C20BB}

O42 - Logiciel: Nero BurnRights Help - (.Nero AG.) [HKLM][64Bits] -- {F6BDD7C5-89ED-4569-9318-469AA9732572}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM][64Bits] -- {F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM][64Bits] -- {869200DB-287A-4DC0-B02B-2B6787FBCD4C}

O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {CC019E3F-59D2-4486-8D4B-878105B62A71}

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM][64Bits] -- {33CF58F5-48D8-4575-83D6-96F574E4D83A}

O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM][64Bits] -- {E5C7D048-F9B4-4219-B323-8BDB01A2563D}

O42 - Logiciel: Nero Express - (.Nero AG.) [HKLM][64Bits] -- {6C3CF7AC-5AB0-42D9-93C0-68166A57AFB6}

O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM][64Bits] -- {83202942-84B3-4C50-8622-B8C0AA2D2885}

O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM][64Bits] -- {FBCDFD61-7DCF-4E71-9226-873BA0053139}

O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM][64Bits] -- {20400DBD-E6DB-45B8-9B6B-1DD7033818EC}

O42 - Logiciel: Nero Installer - (.Nero AG.) [HKLM][64Bits] -- {E8A80433-302B-4FF1-815D-FCC8EAC482FF}

O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM][64Bits] -- {C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}

O42 - Logiciel: Nero RescueAgent - (.Nero AG.) [HKLM][64Bits] -- {51E2F9B3-A972-4F58-B4EF-4D9676D9F5D1}

O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM][64Bits] -- {7748AC8C-18E3-43BB-959B-088FAEA16FB2}

O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM][64Bits] -- {2348B586-C9AE-46CE-936C-A68E9426E214}

O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM][64Bits] -- {595A3116-40BB-4E0F-A2E8-D7951DA56270}

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM][64Bits] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: Penguins! - (.WildTangent.) [HKLM][64Bits] -- WT083958

O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1

O42 - Logiciel: Photo Service - powered by myphotobook - (.myphotobook GmbH.) [HKLM][64Bits] -- {9DA0961E-FCFE-EEF2-04AA-32631F7CEC9E}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre

O42 - Logiciel: Plants vs. Zombies - (.WildTangent.) [HKLM][64Bits] -- WT083925

O42 - Logiciel: PlayReady PC Runtime amd64 - (.Microsoft Corporation.) [HKLM] -- {BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr

O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT083959

O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM][64Bits] -- GFWL_{4D530942-9B89-4186-98B7-F51000000100}

O42 - Logiciel: Project S - (.Microsoft Games Studios.) [HKLM][64Bits] -- {4D530942-9B89-4186-98B7-F51000000100}

O42 - Logiciel: Realtek USB 2.0 Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {96AE7E41-E34E-47D0-AC07-1091A8127911}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM] -- {C14518AF-1A0F-4D39-8011-69BAA01CD380}

O42 - Logiciel: TOSHIBA Bulletin Board - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}

O42 - Logiciel: TOSHIBA ConfigFree - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {607BE7BF-7C28-4ADB-A4A0-385962B901C3}

O42 - Logiciel: TOSHIBA Disc Creator - (.TOSHIBA Corporation.) [HKLM] -- {5DA0E02F-970B-424B-BF41-513A5018E4C0}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM] -- {F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA Face Recognition - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM] -- {D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA HDD/SSD Alert - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}

O42 - Logiciel: TOSHIBA Hardware Setup - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {8E9CEA3B-EBD1-439C-A01D-830CB39613C6}

O42 - Logiciel: TOSHIBA Media Controller - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {983CD6FE-8320-4B80-A8F6-0D0366E0AA22}

O42 - Logiciel: TOSHIBA Media Controller Plug-in - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}

O42 - Logiciel: TOSHIBA Online Product Information - (.TOSHIBA.) [HKLM][64Bits] -- {2290A680-4083-410A-ADCC-7092C67FC052}

O42 - Logiciel: TOSHIBA Recovery Media Creator - (.TOSHIBA Corporation.) [HKLM] -- {B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}

O42 - Logiciel: TOSHIBA Recovery Media Creator Reminder - (.TOSHIBA.) [HKLM][64Bits] -- InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM] -- {A0E99122-25C1-4CA4-9063-499A2A814EB6}

O42 - Logiciel: TOSHIBA ReelTime - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}

O42 - Logiciel: TOSHIBA Service Station - (.TOSHIBA.) [HKLM][64Bits] -- {AC6569FA-6919-442A-8552-073BE69E247A}

O42 - Logiciel: TOSHIBA Supervisor Password - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {073B89C3-BA88-41B5-965F-B35A88EAE838}

O42 - Logiciel: TOSHIBA TEMPRO - (.Toshiba Europe GmbH.) [HKLM][64Bits] -- {F082CB11-4794-4259-99A1-D91BA762AD15}

O42 - Logiciel: TOSHIBA Value Added Package - (.TOSHIBA Corporation.) [HKLM][64Bits] -- InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}

O42 - Logiciel: TOSHIBA Web Camera Application - (.TOSHIBA Corporation.) [HKLM][64Bits] -- {5E6F6CF3-BACC-4144-868C-E14622C658F3}

O42 - Logiciel: TRORMCLauncher - (.Pas de propriétaire.) [HKLM][64Bits] -- InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}

O42 - Logiciel: Todae - Live Media - (.Todae.fr.) [HKLM][64Bits] -- Live Media

O42 - Logiciel: Toshiba Assist - (.TOSHIBA CORPORATION.) [HKLM][64Bits] -- {1B87C40B-A60B-4EF3-9A68-706CF4B69978}

O42 - Logiciel: Toshiba Manuals - (.TOSHIBA.) [HKLM][64Bits] -- {90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}

O42 - Logiciel: Update Installer for WildTangent Games App - (.WildTangent.) [HKLM][64Bits] -- {2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM][64Bits] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM][64Bits] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: VLC media player 1.1.4 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player

O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM][64Bits] -- Vuze_Remote Toolbar

O42 - Logiciel: WildTangent Games App (Toshiba Games) - (.WildTangent.) [HKLM][64Bits] -- {70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba

O42 - Logiciel: WinZip 14.5 - (.WinZip Computing, S.L. .) [HKLM][64Bits] -- {CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM][64Bits] -- {B3B487E7-6171-4376-9074-B28082CEB504}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM][64Bits] -- {3175E049-F9A9-4A3D-8F19-AC9FB04514D1}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM][64Bits] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {9B48B0AC-C813-4174-9042-476A887592C7}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM][64Bits] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM][64Bits] -- {445B183D-F4F1-45C8-B9DB-F11355CA657B}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM][64Bits] -- {230B83A5-7D88-4B95-B71E-F44C0C78B002}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM][64Bits] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: ZoneAlarm - (.Check Point, Inc.) [HKLM][64Bits] -- ZoneAlarm

O42 - Logiciel: ZoneAlarm Toolbar - (.Check Point Software Technologies.) [HKLM] -- ZoneAlarm Toolbar

O42 - Logiciel: Zuma Deluxe - (.WildTangent.) [HKLM][64Bits] -- WT083890

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: pdfforge Toolbar v4.4 - (.Spigot, Inc..) [HKLM][64Bits] -- {BCB52F35-4C56-49F2-A3D6-FDED54B01847}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ATI]

[HKCU\Software\AppDataLow\IEPro]

[HKCU\Software\AppDataLow\ISWVolatile]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\Vuze_Remote]

[HKCU\Software\AppDataLow\Software\ZoneAlarm]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Avira]

[HKCU\Software\CheckPoint]

[HKCU\Software\Classes]

[HKCU\Software\IM Providers]

[HKCU\Software\JavaSoft]

[HKCU\Software\LexmarkInkjet]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\Moovida]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\ODBC]

[HKCU\Software\PDFCreator]

[HKCU\Software\Patchou]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Skype]

[HKCU\Software\Softonic]

[HKCU\Software\Synaptics]

[HKCU\Software\TOSHIBA]

[HKCU\Software\Todae]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WildTangent]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Windows Live Writer]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YourCompanyName]

[HKCU\Software\Zone Labs]

[HKCU\Software\cybelsoft]

[HKCU\Software\ej-technologies]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Atheros Communications Inc.]

[HKLM\Software\Atheros]

[HKLM\Software\Audible]

[HKLM\Software\Avira]

[HKLM\Software\BrowserChoice]

[HKLM\Software\CheckPoint]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conexant]

[HKLM\Software\Cyberlink]

[HKLM\Software\Digital River]

[HKLM\Software\Dofus 2]

[HKLM\Software\Google]

[HKLM\Software\InstalledOptions]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Khronos]

[HKLM\Software\LexmarkInkjet]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\McAfee.com]

[HKLM\Software\McAfeeInstaller]

[HKLM\Software\McAfee]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\Nico Mak Computing]

[HKLM\Software\ODBC]

[HKLM\Software\PDFCreator]

[HKLM\Software\Patchou]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\RtWLan]

[HKLM\Software\SOFTWARE]

[HKLM\Software\SecureDigitalServices]

[HKLM\Software\SiteAdvisor]

[HKLM\Software\Sonic]

[HKLM\Software\Synaptics]

[HKLM\Software\TOSHIBA CORPORATION]

[HKLM\Software\TOSHIBA]

[HKLM\Software\Todae]

[HKLM\Software\Toshiba Tempro]

[HKLM\Software\VideoLAN]

[HKLM\Software\Vuze_Remote]

[HKLM\Software\WildTangent]

[HKLM\Software\Wow6432Node]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Zone Labs]

[HKLM\Software\cybelsoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\mozilla.org]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 12/04/2010 - 08:21:46 - [23462193] ----D- C:\Program Files\ATI

O43 - CFD: 24/06/2011 - 12:38:36 - [877596] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 06/11/2010 - 20:28:52 - [6175224] ----D- C:\Program Files\CCleaner

O43 - CFD: 09/08/2010 - 22:29:02 - [43038523] ----D- C:\Program Files\CheckPoint

O43 - CFD: 24/06/2011 - 12:38:58 - [80047976] ----D- C:\Program Files\Common Files

O43 - CFD: 12/04/2010 - 08:25:02 - [31855407] ----D- C:\Program Files\CONEXANT

O43 - CFD: 14/07/2009 - 17:35:28 - [90257428] ----D- C:\Program Files\DVD Maker

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 16/06/2011 - 13:52:10 - [5174937] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 12/04/2010 - 08:52:52 - [148930098] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 11/06/2010 - 17:13:30 - [1141526] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 12/04/2010 - 08:17:36 - [2178436] ----D- C:\Program Files\PlayReady

O43 - CFD: 14/07/2009 - 07:32:40 - [36253865] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 12/04/2010 - 08:30:14 - [31323877] ----D- C:\Program Files\Synaptics

O43 - CFD: 11/06/2010 - 17:10:34 - [421171892] ----D- C:\Program Files\TOSHIBA

O43 - CFD: 14/07/2009 - 07:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 14/07/2009 - 17:24:10 - [4039168] ----D- C:\Program Files\Windows Defender

O43 - CFD: 14/07/2009 - 17:35:28 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 16/12/2010 - 23:06:46 - [6667264] ----D- C:\Program Files\Windows Mail

O43 - CFD: 15/10/2010 - 22:27:44 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 04/08/2010 - 20:41:02 - [12624564] ----D- C:\Program Files\Windows NT

O43 - CFD: 14/07/2009 - 17:24:10 - [5516568] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:40 - [235008] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 14/07/2009 - 17:24:10 - [8016512] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 24/06/2011 - 12:38:58 - [291840] ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD: 15/06/2011 - 22:51:16 - [67134695] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 17:24:10 - [12009971] ----D- C:\Program Files\Common Files\System

O43 - CFD: 11/03/2011 - 17:21:44 - [0] ----D- C:\ProgramData\Adobe

O43 - CFD: 24/06/2011 - 12:38:22 - [2067] ----D- C:\ProgramData\AMD

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 11/06/2010 - 17:02:48 - [10888] ----D- C:\ProgramData\Atheros

O43 - CFD: 24/06/2011 - 12:39:08 - [11] ----D- C:\ProgramData\ATI

O43 - CFD: 09/08/2010 - 22:15:26 - [234745094] ----D- C:\ProgramData\Avira

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 09/08/2010 - 22:28:06 - [4212] ----D- C:\ProgramData\CheckPoint

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 09/08/2010 - 22:52:42 - [40517] ----D- C:\ProgramData\IsolatedStorage

O43 - CFD: 06/11/2010 - 20:13:06 - [494] ----D- C:\ProgramData\lx_Cats

O43 - CFD: 24/06/2011 - 12:26:10 - [1273941] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 24/06/2011 - 22:31:46 - [6871846] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 09/08/2010 - 22:07:34 - [14880] ----D- C:\ProgramData\McAfee

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 10/08/2010 - 18:19:34 - [49897] ----D- C:\ProgramData\Messenger Plus!

O43 - CFD: 11/05/2011 - 19:10:12 - [239560955] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 15/06/2011 - 22:54:04 - [57688] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 04/08/2010 - 20:41:02 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 12/04/2010 - 08:43:16 - [11751803] ----D- C:\ProgramData\Nero

O43 - CFD: 09/08/2010 - 21:11:22 - [22317208] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 14/07/2009 - 07:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 11/06/2010 - 17:08:44 - [20784900] ----D- C:\ProgramData\Toshiba

O43 - CFD: 09/08/2010 - 22:52:42 - [2940] ----D- C:\ProgramData\TOSHIBA Tempro

O43 - CFD: 04/08/2010 - 20:42:22 - [1793] ----D- C:\ProgramData\ToshibaEurope

O43 - CFD: 29/01/2011 - 04:32:46 - [688983144] ----D- C:\ProgramData\WildTangent

O43 - CFD: 28/12/2010 - 23:26:06 - [28] ----D- C:\ProgramData\WinZip

O43 - CFD: 14/12/2010 - 20:40:08 - [46782618] ----D- C:\Users\marion\AppData\Roaming\.minecraft

O43 - CFD: 11/03/2011 - 17:21:02 - [17992293] ----D- C:\Users\marion\AppData\Roaming\Adobe

O43 - CFD: 11/03/2011 - 17:21:06 - [4478] ----D- C:\Users\marion\AppData\Roaming\app

O43 - CFD: 04/08/2010 - 20:44:30 - [0] ----D- C:\Users\marion\AppData\Roaming\ATI

O43 - CFD: 23/06/2011 - 12:05:56 - [17632298088] ----D- C:\Users\marion\AppData\Roaming\Azureus

O43 - CFD: 09/08/2010 - 22:29:32 - [57047] ----D- C:\Users\marion\AppData\Roaming\CheckPoint

O43 - CFD: 29/04/2011 - 02:21:18 - [59510118] ----D- C:\Users\marion\AppData\Roaming\Dofus 2

O43 - CFD: 11/03/2011 - 17:21:04 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus-2.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 20/03/2011 - 19:32:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus-3.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 12/03/2011 - 00:35:08 - [0] ----D- C:\Users\marion\AppData\Roaming\Dofus.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 06/04/2011 - 18:27:50 - [199] ----D- C:\Users\marion\AppData\Roaming\dvdcss

O43 - CFD: 26/08/2010 - 01:49:08 - [0] ----D- C:\Users\marion\AppData\Roaming\GrabPro

O43 - CFD: 04/08/2010 - 20:43:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Identities

O43 - CFD: 12/04/2010 - 08:50:04 - [101544] ----D- C:\Users\marion\AppData\Roaming\Macromedia

O43 - CFD: 24/06/2011 - 22:31:58 - [2091] ----D- C:\Users\marion\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 17:35:06 - [0] ----D- C:\Users\marion\AppData\Roaming\Media Center Programs

O43 - CFD: 18/05/2011 - 18:09:44 - [20523599] -S--D- C:\Users\marion\AppData\Roaming\Microsoft

O43 - CFD: 26/08/2010 - 01:54:14 - [981] ----D- C:\Users\marion\AppData\Roaming\MiniDm

O43 - CFD: 19/06/2011 - 16:19:02 - [4807] ----D- C:\Users\marion\AppData\Roaming\Mipony

O43 - CFD: 21/06/2011 - 16:13:02 - [1171982] ----D- C:\Users\marion\AppData\Roaming\moovida-1

O43 - CFD: 22/10/2010 - 08:07:46 - [7390478] ----D- C:\Users\marion\AppData\Roaming\Mozilla

O43 - CFD: 16/03/2011 - 21:59:24 - [126842300] ----D- C:\Users\marion\AppData\Roaming\Nero

O43 - CFD: 17/08/2010 - 14:57:54 - [1186] ----D- C:\Users\marion\AppData\Roaming\PhotoFiltre

O43 - CFD: 11/03/2011 - 17:21:06 - [0] ----D- C:\Users\marion\AppData\Roaming\Reg.C9ECCBDBA4E09304DEEFB106465BC17F6D6749B9.1

O43 - CFD: 15/05/2011 - 16:22:18 - [13824] ----D- C:\Users\marion\AppData\Roaming\Template

O43 - CFD: 28/10/2010 - 20:18:38 - [1362863] ----D- C:\Users\marion\AppData\Roaming\Todae

O43 - CFD: 04/08/2010 - 20:59:24 - [10244029] ----D- C:\Users\marion\AppData\Roaming\Toshiba

O43 - CFD: 24/04/2011 - 02:36:10 - [1357328] ----D- C:\Users\marion\AppData\Roaming\vlc

O43 - CFD: 29/10/2010 - 09:48:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Windows Live Writer

O43 - CFD: 12/03/2011 - 00:34:40 - [21483] ----D- C:\Users\marion\Appdata\Local\Adobe

O43 - CFD: 24/06/2011 - 12:39:28 - [8] ----D- C:\Users\marion\Appdata\Local\AMD

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Application Data

O43 - CFD: 04/08/2010 - 20:44:30 - [62549] ----D- C:\Users\marion\Appdata\Local\ATI

O43 - CFD: 14/02/2011 - 22:25:28 - [0] ----D- C:\Users\marion\Appdata\Local\Diagnostics

O43 - CFD: 28/12/2010 - 23:12:10 - [10973] ----D- C:\Users\marion\Appdata\Local\DOSBox

O43 - CFD: 04/01/2011 - 00:44:28 - [0] ----D- C:\Users\marion\Appdata\Local\ElevatedDiagnostics

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Historique

O43 - CFD: 15/05/2011 - 16:22:14 - [1307331666] ----D- C:\Users\marion\Appdata\Local\Microsoft

O43 - CFD: 09/02/2011 - 23:27:10 - [607131] ----D- C:\Users\marion\Appdata\Local\Microsoft Games

O43 - CFD: 24/06/2011 - 22:18:24 - [487601] ----D- C:\Users\marion\Appdata\Local\moovida Air

O43 - CFD: 26/08/2010 - 01:55:30 - [43000758] ----D- C:\Users\marion\Appdata\Local\Mozilla

O43 - CFD: 09/08/2010 - 21:50:12 - [1075] ----D- C:\Users\marion\Appdata\Local\Nero_AG

O43 - CFD: 21/06/2011 - 22:11:40 - [2221277] ----D- C:\Users\marion\Appdata\Local\PokerStars.FR

O43 - CFD: 25/06/2011 - 11:53:46 - [126429109] ----D- C:\Users\marion\Appdata\Local\Temp

O43 - CFD: 04/08/2010 - 20:41:16 - [0] -SH-D- C:\Users\marion\Appdata\Local\Temporary Internet Files

O43 - CFD: 04/08/2010 - 20:44:22 - [0] ----D- C:\Users\marion\Appdata\Local\Toshiba

O43 - CFD: 04/08/2010 - 20:59:42 - [623] ----D- C:\Users\marion\Appdata\Local\TOSHIBA_Corporation

O43 - CFD: 28/09/2010 - 20:00:20 - [146142549] ----D- C:\Users\marion\Appdata\Local\VirtualStore

O43 - CFD: 29/10/2010 - 09:48:56 - [373674] ----D- C:\Users\marion\Appdata\Local\Windows Live Writer

O43 - CFD: 14/07/2009 - 06:54:34 - [14668] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 07/08/2010 - 15:45:28 - [174] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 12/03/2011 - 00:34:26 - [4400] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dofus 2

O43 - CFD: 29/04/2011 - 22:44:10 - [198] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

O43 - CFD: 14/07/2009 - 06:49:40 - [580] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 02/06/2011 - 18:01:46 - [0] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MiPony

O43 - CFD: 06/12/2010 - 15:25:04 - [1230] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida

O43 - CFD: 17/08/2010 - 13:19:52 - [0] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre

O43 - CFD: 24/06/2011 - 13:21:38 - [0] R---D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 12/03/2011 - 00:35:04 - [56502] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 24/06/2011 - 12:39:04 - [2451484] ----D- C:\Program Files (x86)\AMD APP

O43 - CFD: 11/06/2010 - 17:02:42 - [1909043] ----D- C:\Program Files (x86)\Atheros

O43 - CFD: 24/06/2011 - 12:38:16 - [47316651] ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 09/08/2010 - 22:32:08 - [115655239] ----D- C:\Program Files (x86)\Avira

O43 - CFD: 17/01/2011 - 04:01:58 - [1001307] ----D- C:\Program Files (x86)\Bing Bar Installer

O43 - CFD: 24/06/2011 - 22:20:24 - [892725457] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 11/03/2011 - 16:25:36 - [920630850] ----D- C:\Program Files (x86)\Dofus 2

O43 - CFD: 28/12/2010 - 23:11:16 - [4507970] ----D- C:\Program Files (x86)\DOSBox-0.74

O43 - CFD: 11/06/2010 - 17:10:16 - [125887943] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 16/06/2011 - 13:52:10 - [4815785] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 12/04/2010 - 08:17:52 - [90456779] ----D- C:\Program Files (x86)\Java

O43 - CFD: 24/06/2011 - 12:26:18 - [6093848] ----D- C:\Program Files (x86)\ma-config.com

O43 - CFD: 24/06/2011 - 22:31:48 - [7579066] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 09/08/2010 - 22:07:34 - [0] ----D- C:\Program Files (x86)\McAfee

O43 - CFD: 09/08/2010 - 19:18:52 - [13110008] ----D- C:\Program Files (x86)\Messenger Plus! Live

O43 - CFD: 12/04/2010 - 08:49:34 - [5440926] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 23/06/2011 - 22:37:52 - [2291630853] ----D- C:\Program Files (x86)\Microsoft Games

O43 - CFD: 11/05/2011 - 19:01:44 - [9362570] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

O43 - CFD: 11/06/2010 - 17:15:14 - [369741831] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 11/06/2010 - 17:16:44 - [7791803] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant

O43 - CFD: 15/06/2011 - 22:50:04 - [38411899] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 12/04/2010 - 08:55:56 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 17/12/2010 - 07:40:16 - [145421942] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 24/11/2010 - 23:37:22 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 02/06/2011 - 18:01:46 - [8160519] ----D- C:\Program Files (x86)\MiPony

O43 - CFD: 14/07/2009 - 07:32:40 - [25757] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 17/01/2011 - 04:01:26 - [6837789] ----D- C:\Program Files (x86)\MSN Toolbar

O43 - CFD: 07/08/2010 - 03:27:46 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 12/04/2010 - 08:46:36 - [645639579] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 09/08/2010 - 21:10:32 - [25826295] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 12/04/2010 - 08:50:06 - [27398676] ----D- C:\Program Files (x86)\Photo-Service

O43 - CFD: 17/08/2010 - 13:19:52 - [3688689] ----D- C:\Program Files (x86)\PhotoFiltre

O43 - CFD: 17/06/2011 - 15:22:00 - [64250795] ----D- C:\Program Files (x86)\PokerStars.FR

O43 - CFD: 06/11/2010 - 21:12:58 - [1221936] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 12/04/2010 - 08:30:26 - [8537986] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:40 - [38597377] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 11/06/2010 - 17:05:26 - [289748977] ----D- C:\Program Files (x86)\Toshiba

O43 - CFD: 28/01/2011 - 21:14:38 - [380718513] ----D- C:\Program Files (x86)\TOSHIBA Games

O43 - CFD: 19/05/2011 - 20:22:28 - [11842668] ----D- C:\Program Files (x86)\Toshiba TEMPRO

O43 - CFD: 14/07/2009 - 06:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 22/10/2010 - 01:56:38 - [78884139] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 23/06/2011 - 22:38:32 - [955496] ----D- C:\Program Files (x86)\Vuze

O43 - CFD: 27/08/2010 - 15:08:44 - [2935924] ----D- C:\Program Files (x86)\Vuze_Remote

O43 - CFD: 28/01/2011 - 21:13:56 - [8595336] ----D- C:\Program Files (x86)\WildTangent Games

O43 - CFD: 14/07/2009 - 17:24:10 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 28/01/2011 - 17:40:16 - [147852588] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 12/04/2010 - 08:55:00 - [245112] ----D- C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 16/12/2010 - 23:06:46 - [6180864] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 28/10/2010 - 20:18:36 - [5693414] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:40 - [12194484] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 14/07/2009 - 17:24:10 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 14/07/2009 - 07:32:42 - [189440] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 14/07/2009 - 17:24:10 - [6225319] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 28/12/2010 - 23:25:36 - [20673124] ----D- C:\Program Files (x86)\WinZip

O43 - CFD: 25/06/2011 - 11:55:56 - [4018176] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 09/08/2010 - 21:01:38 - [19526505] ----D- C:\Program Files (x86)\Zone Labs

O43 - CFD: 09/08/2010 - 22:29:16 - [2718027] ----D- C:\Program Files (x86)\ZoneAlarm

O43 - CFD: 12/03/2011 - 00:35:02 - [30826314] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 24/06/2011 - 12:38:58 - [240640] ----D- C:\Program Files (x86)\Common Files\ATI Technologies

O43 - CFD: 11/06/2010 - 17:15:14 - [92976] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 12/04/2010 - 08:30:46 - [1929309] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 09/08/2010 - 22:07:34 - [820488] ----D- C:\Program Files (x86)\Common Files\mcafee

O43 - CFD: 08/11/2010 - 07:30:12 - [253708133] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 12/04/2010 - 08:46:08 - [132663862] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 14/07/2009 - 05:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 14/07/2009 - 05:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 14/07/2009 - 17:24:10 - [44114543] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 12/04/2010 - 08:53:52 - [378102451] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 19/05/2011 - 20:22:42 - [9120256] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.8CEE1800FEFFFFFF57494E444F577E31] - 25/06/2011 - 10:54:28 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1706388]

O44 - LFC:[MD5.EACF42A467125F92394A19FB11FB55EB] - 25/06/2011 - 05:01:53 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [16304]

O44 - LFC:[MD5.EACF42A467125F92394A19FB11FB55EB] - 25/06/2011 - 05:01:53 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [16304]

O44 - LFC:[MD5.96A60A0C6AED82CA6026E41DBBA2B716] - 25/06/2011 - 00:47:53 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1562454]

O44 - LFC:[MD5.55ED6BE105E257B6B8D73AEE5BD1425F] - 25/06/2011 - 00:47:53 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [108332]

O44 - LFC:[MD5.32FFB6654B80588A085999146757FA2F] - 25/06/2011 - 00:47:53 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132834]

O44 - LFC:[MD5.0C0B13E329265FEBB83119C338B06855] - 25/06/2011 - 00:47:53 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [620150]

O44 - LFC:[MD5.F6C66000425C1CFFCCAF80BD6BB32140] - 25/06/2011 - 00:47:53 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [708852]

O44 - LFC:[MD5.571E0D66685128978CEAB99113B9139B] - 25/06/2011 - 00:39:23 ---A- . (...) -- C:\Windows\setupact.log [4026]

O44 - LFC:[MD5.2C36937BC8B242D26D6378CD807470C8] - 25/06/2011 - 00:39:22 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.8FB0F5D496E2698A1E59978E49075EE8] - 24/06/2011 - 12:17:52 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.078092171C98EDFCAD253EA9A2C9CE13] - 24/06/2011 - 10:28:31 ---A- . (...) -- C:\Windows\PFRO.log [1368]

O44 - LFC:[MD5.621D75109AEA98BE8E7B507B5CEEB168] - 16/06/2011 - 12:53:32 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [343816]

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 18/02/2010 - 08:18:24 ---A- . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136]

O58 - SDL:[MD5.EC7EBAB00A4D8448BAB68D1E49B4BEB9] - 11/03/2011 - 07:22:41 ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.DB27766102C7BF7E95140A2AA81D042E] - 11/03/2011 - 07:22:40 ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.D6CAD7E5B05055BB8226BDCB1644DA27] - 06/11/2009 - 11:56:06 ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1550848]

O58 - SDL:[MD5.9A4B92150A5E259A7159D914CC3A60D7] - 25/05/2011 - 05:26:56 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9359872]

O58 - SDL:[MD5.9DEB889D152F9C9DBA98BE8986084535] - 25/05/2011 - 03:25:42 ---A- . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [309760]

O58 - SDL:[MD5.7C5D273E29DCC5505469B299C6F29163] - 05/05/2009 - 08:00:28 ---A- . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys [16440]

O58 - SDL:[MD5.AEFAF27F1B7E52C705DF4FB6C96732F6] - 15/03/2010 - 09:06:28 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atipmdag.sys [6403072]

O58 - SDL:[MD5.C30B5FC0ADCDFBA7668E99BAF0CBF58E] - 25/11/2009 - 11:19:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [74880]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 ---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.7247A4D0875F5F28919E0787E11B7B57] - 18/01/2010 - 16:45:50 ---A- . (.Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\CHDRT64.sys [717368]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.60ACB128E64C35C2B4E4AAB1B0A5C293] - 07/07/2009 - 07:51:42 ---A- . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\Windows\system32\drivers\FwLnk.sys [9216]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.0886D440058F203EBA0E1825E4355914] - 14/07/2009 - 02:47:48 ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [77888]

O58 - SDL:[MD5.B75E45C564E944A2657167D197AB29DA] - 11/03/2011 - 07:23:00 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.48686C29856F46443952A831424F8D6F] - 04/03/2010 - 16:53:00 ---A- . (.Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) -- C:\Windows\system32\drivers\L1C62x64.sys [75816]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.ED49FD1373DE93617A1F6D128D98FE4D] - 29/05/2011 - 08:11:20 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25912]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.A4D9C9A608A97F59307C2F2600EDC6A4] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.6C1D5F70E7A6A3FD1C90D840EDC048B9] - 11/03/2011 - 07:23:06 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.663962900E7FEA522126BA287715BB4A] - 22/06/2009 - 16:06:38 ---A- . (.TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver.) -- C:\Windows\system32\drivers\PGEffect.sys [35008]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.7B04C9843921AB1F695FB395422C5360] - 14/05/2007 - 15:06:18 ---A- . (.Research In Motion Limited - BlackBerry Device Driver.) -- C:\Windows\system32\drivers\RimUsb_AMD64.sys [27520]

O58 - SDL:[MD5.907C4464381B5EBDFDC60F6C7D0DEDFC] - 01/02/2010 - 09:29:48 ---A- . (.Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) -- C:\Windows\system32\drivers\RtsUStor.sys [232992]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.470C47DABA9CA3966F0AB3F835D7D135] - 10/03/2010 - 17:51:32 ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\Windows\system32\drivers\SynTP.sys [316464]

O58 - SDL:[MD5.FD542B661BD22FA69CA789AD0AC58C29] - 30/07/2009 - 18:22:04 ---A- . (.TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) -- C:\Windows\system32\drivers\tdcmdpst.sys [27784]

O58 - SDL:[MD5.550B567F9364D8F7684C3FB3EA665A72] - 14/07/2009 - 15:31:18 ---A- . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Devi.) -- C:\Windows\system32\drivers\TVALZ_O.SYS [26840]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.B309912717C29FC67E1BA4730A82B6DD] - 29/05/2011 - 08:11:30 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [39984]

O58 - SDL:[MD5.3AD0362CF68DE3AC500E981700242CCA] - 11/05/2009 - 09:11:52 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\SysWOW64\drivers\ssmdrv.sys [28520]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM][64Bits] -- ZHPDiag_is1

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (.Microsoft Corporation - Wim file system Driver.) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {0A805CDC-E04A-4C0E-8CEB-F47A087CD0CB} - (eBay) - eBay

O69 - SBI: SearchScopes [HKCU] {5F29118B-BA47-4535-A34E-B6D85439A0AA} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {6F741365-BA22-4BBC-B498-3DCF773C4AB5} [DefaultScope] - (Yahoo! Search) - Yahoo! Search - Recherche Web

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.170993EF0582FF99944A6FCF1DB518BD] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\DelUS.bat [422]

[MD5.02AF9D9AC356C94347E847BFEACA6CEB] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\RMScriptTemp.dll [36864]

[MD5.29C9DEBA223C2FF85BA2170333ED7E72] [sPRF] (...) -- C:\Users\marion\AppData\Local\Temp\ScriptTemp.dll [4608]

[MD5.895F8B17435EEC25ADBBF4A079CF0365] [sPRF] (.Fluendo - Pas de description.) -- C:\Users\marion\AppData\Local\Temp\Update_off_moovidaImmersed-2.1.0.2-win32.exe [39414936]

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "FPS-SpoolSvc-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "FPS-SpoolSvc-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "CoreNet-GP-LSASS-Out-TCP" |Out - Domain - P6 - TRUE | .(...) -- C:\Windows\system32\lsass.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "RemoteSvcAdmin-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\services.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{7DDD9F12-77C7-4815-B9F3-88EAFC72A99F}" |In - Private - P6 - TRUE | .(...) -- C:\Windows\system32\spoolsv.exe (.not file.)

O87 - FAEL: "{D6C044C7-A83E-47C4-8E0A-79D94B0BFEE3}" | In - Public - P6 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

O87 - FAEL: "{94A582FA-58DB-41A7-A37B-F82BF6C4A6DC}" | In - Public - P17 - TRUE | .(.Check Point Software Technologies LTD - TrueVector Service.) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

O87 - FAEL: "{419F8CA6-FD97-46FD-B65E-866180088732}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{A60CC54C-1058-44A8-9145-9941899E61A1}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{60EC0577-C937-46CD-95C9-69390DA67D42}" |In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\lxdncoms.exe (.not file.)

O87 - FAEL: "{60F39321-20A6-4514-982F-B7A3F42C9F19}" |In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\lxdncoms.exe (.not file.)

O87 - FAEL: "{E4D6947C-D927-4134-8D88-20A93FA83AE6}" | In - None - P17 - TRUE | .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O87 - FAEL: "{7AAAD2B5-F515-43CF-8616-E08686F73702}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe

O87 - FAEL: "{125DC614-1B82-4EB8-BBDC-F4E1EF1D35D0}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8445 - (23/06/2011)

Clés trouvées (Keys found) : 14

Valeurs trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}] =>Adware.ShopperReports

[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}] =>Adware.ShopperReports

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}] =>Adware.BHO

[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}] =>PUP.OfferBox

[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}] =>PUP.OfferBox

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}] =>Hijacker.Agent

[HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174] =>Adware.BHO

[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{B922D405-6D13-4A2B-AE89-08A030DA4402} =>PUP.Dealio

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida =>Adware.SPointer

C:\Users\marion\Appdata\Local\moovida air =>Adware.SPointer

C:\Users\marion\Appdata\LocalLow\Vuze_Remote =>Toolbar.Conduit

C:\Documents and Settings\marion\Local Settings\Application Data\moovida air =>Adware.SPointer

C:\Program Files (x86)\Vuze_Remote =>Toolbar.Conduit

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 0 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 24/05/2011 365568 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

SR - | Auto 13/05/2009 108289 | (AntiVirSchedulerService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

SR - | Auto 21/07/2009 185089 | (AntiVirService) . (.Avira GmbH.) - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

SR - | Auto 28/01/2010 249200 | (cfWiMAXService) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe

SR - | Auto 10/03/2009 46448 | (ConfigFree Service) . (.TOSHIBA CORPORATION.) - C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe

SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

SR - | Auto 18/05/2010 823272 | (IswSvc) . (.Check Point Software Technologies.) - C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe

SR - | Auto 18/05/2010 0 | (lxdn_device) . (...) - C:\Windows\system32\lxdncoms.exe

SS - | Demand 01/05/2011 311744 | (maconfservice) . (.CybelSoft.) - C:\Program Files (x86)\ma-config.com\maconfservice.exe

SR - | Auto 29/05/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 15/01/2010 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - c:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 10/02/2011 112080 | (TemproMonitoringService) . (.Toshiba Europe GmbH.) - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe

SR - | Demand 06/10/2009 51512 | (TMachInfo) . (.TOSHIBA Corporation.) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

SR - | Auto 06/10/2009 0 | (TODDSrv) . (.TOSHIBA Corporation.) - C:\Windows\system32\TODDSrv.exe

SR - | Auto 05/11/2009 489312 | (TosCoSrv) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

SR - | Demand 05/02/2010 137560 | (TOSHIBA HDD SSD Alert Service) . (.TOSHIBA Corporation.) - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe

SR - | Auto 20/05/2010 2437176 | (vsmon) . (.Check Point Software Technologies LTD.) - C:\Windows\SysWOW64\ZoneLabs\vsmon.exe

SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by marion at 25/06/2011 11:56:45

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by marion at 25/06/2011 11:56:47

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

End of the scan (1071 lines in 01mn 09s)(0)

[pear]

Sélectionner(Ctrl A et Ctrl C) toutes les lignes en vert ci dessous(et seulement elles)

 

[HKCU\Software\Moovida]

[HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}]

[HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}]

[HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}]

[HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}]

[HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}]

[HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}]

[HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}]

[HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}]

[HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174]

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174]

[HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{B922D405-6D13-4A2B-AE89-08A030DA4402}

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}]

C:\Users\marion\Appdata\LocalLow\Vuze_Remote

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida

C:\Users\marion\Appdata\Local\moovida air

C:\Documents and Settings\marion\Local Settings\Application Data\moovida air

R3 - URLSearchHook: (no name) [64Bits] - {B922D405-6D13-4A2B-AE89-08A030DA4402} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) (5, 5, 3, 2) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (5, 7, 2, 2) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: ZoneAlarm Toolbar [64Bits] - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ZoneAlarm\tbZone.dll

O2 - BHO: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O4 - HKLM\..\Wow6432Node\Run: [ToshibaServiceStation] Clé orpheline

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

O4 - Global Startup: C:\Users\marion\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - toshiba.lnk . (.WildTangent.) -- C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe

O8 - Extra context menu item: Télécharger avec Mipony - (.not file.) - file:\\C:\Program Files (x86)\MiPony\Browser\IEContext.htm

O42 - Logiciel: FATE - (.WildTangent.) [HKLM][64Bits] -- WT083945

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM][64Bits] -- PokerStars.fr

O42 - Logiciel: Polar Bowler - (.WildTangent.) [HKLM][64Bits] -- WT083959

O42 - Logiciel: Moovida - (.Fluendo.) [HKLM][64Bits] -- Moovida

O42 - Logiciel: Moovida - (.Secure Digital Services.) [HKLM][64Bits] -- {6084C211-01A1-464E-97A0-09772E122B50}

O42 - Logiciel: pdfforge Toolbar v4.4 - (.Spigot, Inc..) [HKLM][64Bits] -- {BCB52F35-4C56-49F2-A3D6-FDED54B01847}

O43 - CFD: 21/06/2011 - 16:13:02 - [1171982] ----D- C:\Users\marion\AppData\Roaming\moovida-1

O43 - CFD: 24/06/2011 - 22:18:24 - [487601] ----D- C:\Users\marion\Appdata\Local\moovida Air

O43 - CFD: 06/12/2010 - 15:25:04 - [1230] ----D- C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida

O43 - CFD: 21/06/2011 - 22:11:40 - [2221277] ----D- C:\Users\marion\Appdata\Local\PokerStars.FR

O43 - CFD: 17/06/2011 - 15:22:00 - [64250795] ----D- C:\Program Files (x86)\PokerStars.FR

O43 - CFD: 28/01/2011 - 21:13:56 - [8595336] ----D- C:\Program Files (x86)\WildTangent Games

SS - | Demand 12/10/2010 206072 | (GamesAppService) . (.WildTangent, Inc..) - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

 

Cliquer sur l'icône Zhpfix qui est sur votre bureau

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

 

Collez (Ctrl V) les lignes vertes dans le cadre Cliquez ensuite sur le H-

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

Cliquer sur "Tous" puis sur "Nettoyer" 2.

Acceptez de Redémarrer pour achever le nettoyage.

Un rapport apparait:

Si le rapport n'apparait pas,cliquer sur

Copier-coller le rapport de suppression dans la prochaine réponse.

 

Comment va la machine ?

Si vous estimez votre problème résolu, éditez l'en tête de votre premier message en choisissant l'option "utiliser l'éditeur complet" et y indiquez Résolu pour que ceux qui la recherchent y trouvent une solution.

[kingleroideskong]

Rapport de ZHPFix 1.12.3325 par Nicolas Coolman, Update du 23/06/2011

Fichier d'export Registre : C:\ZHPExportRegistry-25-06-2011-12-53-52.txt

Run by marion at 25/06/2011 12:53:52

Windows 7 Home Premium Edition, 64-bit (Build 7600)

Web site : ZHPFix Fix de rapport

 

========== Logiciel(s) ==========

ABSENT Software Key: WT083945

ABSENT Software Key: PokerStars.fr

ABSENT Software Key: WT083959

ABSENT Software Key: Moovida

ABSENT Software Key: {6084C211-01A1-464E-97A0-09772E122B50}

ABSENT Software Key: {BCB52F35-4C56-49F2-A3D6-FDED54B01847}

 

========== Processus mémoire ==========

SUPPRIME Reboot Memory Process: C:\Users\marion\Appdata\LocalLow\Vuze_Remote

SUPPRIME Reboot Memory Process: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moovida

SUPPRIME Reboot Memory Process: C:\Users\marion\Appdata\Local\moovida air

 

========== Clé(s) du Registre ==========

SUPPRIME Key*: HKCU\Software\Moovida

SUPPRIME Key*: HKLM\Software\Classes\Interface\{7935436E-8F14-4C84-9ECF-BEB791296619}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{7CF4E72E-C9C0-4CA8-A039-1F5BAD426CCE}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{81B32B9F-AFDC-4F7E-8F13-E39BB8ECF638}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{925C24DC-0C0B-4AE7-98F5-18252822C89C}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{B3DBB2D5-5F06-4EC2-904D-812ECE520509}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{CA1BC665-4B6B-435C-80C1-0E12D993ED49}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{D5AB027D-C91A-4324-8C78-12CF1A588C48}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{E5DB89B8-5BE1-461C-A7EF-89B68211889D}

ERREUR Key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}

SUPPRIME Key: HKLM\Software\Classes\Installer\Features\53F25BCB65C42F943A6DDFDE450B8174

SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\53F25BCB65C42F943A6DDFDE450B8174

ERREUR Key**: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key*: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}

ABSENT Key: CLSID BHO: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}

ABSENT Key: CLSID BHO: {ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key*: Menu Contextuel: Télécharger avec Mipony

SUPPRIME Key: Service: GamesAppService

 

========== Valeur(s) du Registre ==========

SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks]:{B922D405-6D13-4A2B-AE89-08A030DA4402}

ABSENT URLSearchHook: {B922D405-6D13-4A2B-AE89-08A030DA4402}

SUPPRIME URLSearchHook: {66f2e20d-0da8-4c11-a9c8-dd8477b88acd}

SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME RunValue: ToshibaServiceStation

 

========== Dossier(s) ==========

SUPPRIME c:\documents and settings\marion\local settings\application data\moovida air

SUPPRIME C:\Users\marion\AppData\Roaming\moovida-1

ABSENT C:\Users\marion\Appdata\Local\moovida Air

SUPPRIME C:\Users\marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Moovida

SUPPRIME C:\Users\marion\Appdata\Local\PokerStars.FR

SUPPRIME C:\Program Files (x86)\PokerStars.FR

SUPPRIME C:\Program Files (x86)\WildTangent Games

 

========== Fichier(s) ==========

SUPPRIME c:\program files (x86)\zonealarm\tbzone.dll

ABSENT File: c:\program files (x86)\zonealarm\tbzone.dll

SUPPRIME c:\users\marion\appdata\roaming\microsoft\internet explorer\quick launch\pokerstars.fr.lnk

SUPPRIME c:\users\marion\appdata\roaming\microsoft\internet explorer\quick launch\wildtangent games app - toshiba.lnk

ABSENT File: e:\\c:\program files (x86)\mipony\browser\iecontext.htm

 

 

========== Récapitulatif ==========

3 : Processus mémoire

19 : Clé(s) du Registre

5 : Valeur(s) du Registre

7 : Dossier(s)

5 : Fichier(s)

6 : Logiciel(s)

 

 

========== Chemin du fichier rapport ==========

C:\Program Files (x86)\ZHPDiag\ZHPFixReport.txt

 

 

End of the scan

[kingleroideskong]

bonjour

 

Le PC va mieux

Je ne sais pas comment cloturer le sujet