Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés

Posté(e) (modifié)



Voici brièvement mon problème. A des fins professionnelles je dois utiliser un lecteur de carte d'identité (Belgique). Sur 2 PC la mise à jour du software (imposé par de nouvelles carte d'identité) n'a pas posé problème sauf sur mon portable. Après de maintes recherches je trouve un soft d'aide sur le site de l'éditeur du logiciel en question. Celui-ci analyse la config et m'annonce que des fichiers sont manquants et attire mon attention sur la possible présence de malware.

Je tente de lancer mon antivirus (McAfee) et là surprise: le soft se lance puis se bloque avant que le PC ne s'éteigne. Je redémarre le Portable et toute la procédure et rebelotte. J'ai tenté le soft Malware bytes: idem - blocage du pc et même antivirus qui se désactive. De plus, depuis quelques jours des maj windows refusent de s'installer. Je me dis que réellement un soucis !


J'ai lancé Hijackthis et voici le rapport qui s'en suit:


Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:55:06, on 31/08/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal


Running processes:











C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe




c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe


C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSVC.EXE



C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLIDSvcM.exe




C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Launch Manager\HotkeyApp.exe

C:\Program Files\Launch Manager\WisLMSvc.exe


C:\Program Files\\Agent\mcagent.exe

C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe

C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe


C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Windows Desktop Search\WindowsSearch.exe


C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe

C:\Program Files\totalcmd\TOTALCMD.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe



R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =     

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =     

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =     

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =     

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =     

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\pchealth\helpctr\System\panels\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} - C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll


O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [HotkeyApp] "C:\Program Files\Launch Manager\HotkeyApp.exe"

O4 - HKLM\..\Run: [iTSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START

O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [standby] "c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe" -START

O4 - HKLM\..\Run: [mcui_exe] "C:\Program Files\\Agent\mcagent.exe" /runkey

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [MacDrive 8 application] "C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe"

O4 - HKLM\..\Run: [Getting started with MacDrive 8] "C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe" /auto

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe

O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe

O4 - HKLM\..\Run: [beidsystemtray] C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: TClock2.lnk = D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe

O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\progra~1\mcafee\msc\mcsniepl.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: eID CRL Service - Zetes - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service - Zetes - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: MacDrive 8 service (MacDrive8Service) - Mediafour Corporation - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan\mcods.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, Inc. - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) - Nitro PDF Software - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe

O23 - Service: NLS Service (nlsX86cc) - Nalpeiron Ltd. - C:\WINDOWS\system32\NLSSRV32.EXE

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: WisLMSvc - Wistron Corp. - C:\Program Files\Launch Manager\WisLMSvc.exe



End of file - 14024 bytes




Merci pour votre aide.

Modifié par stadeverois




Télécharger TDSSKILLER

- Télécharger le .zip sur le Bureau.

- Extraire son contenu (clic droit >> "Extraire tout...") et valider ;

- Un dossier tdsskiller sera créé sur le Bureau.


Cliquer surStart scan pour lancer l'analyse.

Lorsque l'outil a terminé son travail d'inspection

,TDSSKillerMal-1.png ("Malicious objects")

si des fichiers infectés sont détectés,l'action par défaut est"Nettoyer"(Cure) .

Cliquer sur"Continue"




Si c'est un fichier suspect, l'action par défaut est Skip( sauter)

Cliquer sur"Continue"


S'il vous est demandé de redémarrer:

Cliquer Reboot Now

Sinon cliquer sur Report

Envoyer en réponse:

*- le rapport de TDSSKiller (contenu du fichier SystemDrive\TDSSKiller.Version_Date_Heure_log.txt)

[systemDrive représente la partition sur laquelle est installé le système, généralement C:]


Hijackthis ne vaut plus guère!


Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Décompresser le fichier ZHPDiag.fix sur le bureau

puis double-cliquer sur le fichier ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icôneszhp0710.png


Sous XP, double clic sur ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur


Clic sur la Loupe pour lancer le scan

En cas de blocage sur O80, cliquez sur le tournevis pour le décocher

Postez en le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Jointicne2cjoint.png

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.



Merci pour votre réponse :)

Voici déjà le rapport TDSSkiller:



2011/09/01 18:23:49.0703 3224 TDSS rootkit removing tool Aug 22 2011 15:46:57

2011/09/01 18:23:50.0609 3224 ================================================================================

2011/09/01 18:23:50.0609 3224 SystemInfo:

2011/09/01 18:23:50.0609 3224

2011/09/01 18:23:50.0609 3224 OS Version: 5.1.2600 ServicePack: 3.0

2011/09/01 18:23:50.0609 3224 Product type: Workstation

2011/09/01 18:23:50.0609 3224 ComputerName: POR-MVH

2011/09/01 18:23:50.0609 3224 UserName: mvh

2011/09/01 18:23:50.0609 3224 Windows directory: C:\WINDOWS

2011/09/01 18:23:50.0609 3224 System windows directory: C:\WINDOWS

2011/09/01 18:23:50.0609 3224 Processor architecture: Intel x86

2011/09/01 18:23:50.0609 3224 Number of processors: 2

2011/09/01 18:23:50.0609 3224 Page size: 0x1000

2011/09/01 18:23:50.0609 3224 Boot type: Normal boot

2011/09/01 18:23:50.0609 3224 ================================================================================

2011/09/01 18:23:51.0171 3224 Initialize success

2011/09/01 18:23:58.0531 1456 ================================================================================

2011/09/01 18:23:58.0531 1456 Scan started

2011/09/01 18:23:58.0531 1456 Mode: Manual;

2011/09/01 18:23:58.0531 1456 ================================================================================

2011/09/01 18:23:59.0015 1456 abp480n5 (6abb91494fe6c59089b9336452ab2ea3) C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

2011/09/01 18:23:59.0046 1456 ACPI (e5e6dbfc41ea8aad005cb9a57a96b43b) C:\WINDOWS\system32\DRIVERS\ACPI.sys

2011/09/01 18:23:59.0078 1456 ACPIEC (e4abc1212b70bb03d35e60681c447210) C:\WINDOWS\system32\DRIVERS\ACPIEC.sys

2011/09/01 18:23:59.0140 1456 ACSSCR (b6a0f723a54884e77fce0f69083f90c9) C:\WINDOWS\system32\DRIVERS\a38usb.sys

2011/09/01 18:23:59.0171 1456 adfs (73685e15ef8b0bd9c30f1af413f13d49) C:\WINDOWS\system32\drivers\adfs.sys

2011/09/01 18:23:59.0265 1456 adpu160m (9a11864873da202c996558b2106b0bbc) C:\WINDOWS\system32\DRIVERS\adpu160m.sys

2011/09/01 18:23:59.0312 1456 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys

2011/09/01 18:23:59.0343 1456 AFD (355556d9e580915118cd7ef736653a89) C:\WINDOWS\System32\drivers\afd.sys

2011/09/01 18:23:59.0390 1456 agp440 (08fd04aa961bdc77fb983f328334e3d7) C:\WINDOWS\system32\DRIVERS\agp440.sys

2011/09/01 18:23:59.0406 1456 agpCPQ (03a7e0922acfe1b07d5db2eeb0773063) C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

2011/09/01 18:23:59.0437 1456 Aha154x (c23ea9b5f46c7f7910db3eab648ff013) C:\WINDOWS\system32\DRIVERS\aha154x.sys

2011/09/01 18:23:59.0468 1456 aic78u2 (19dd0fb48b0c18892f70e2e7d61a1529) C:\WINDOWS\system32\DRIVERS\aic78u2.sys

2011/09/01 18:23:59.0500 1456 aic78xx (b7fe594a7468aa0132deb03fb8e34326) C:\WINDOWS\system32\DRIVERS\aic78xx.sys

2011/09/01 18:23:59.0546 1456 AliIde (1140ab9938809700b46bb88e46d72a96) C:\WINDOWS\system32\DRIVERS\aliide.sys

2011/09/01 18:23:59.0562 1456 alim1541 (cb08aed0de2dd889a8a820cd8082d83c) C:\WINDOWS\system32\DRIVERS\alim1541.sys

2011/09/01 18:23:59.0578 1456 amdagp (95b4fb835e28aa1336ceeb07fd5b9398) C:\WINDOWS\system32\DRIVERS\amdagp.sys

2011/09/01 18:23:59.0609 1456 AmdK7 (d3dabc57be6d456dfd4bc026cfa582ff) C:\WINDOWS\system32\DRIVERS\amdk7.sys

2011/09/01 18:23:59.0640 1456 amsint (79f5add8d24bd6893f2903a3e2f3fad6) C:\WINDOWS\system32\DRIVERS\amsint.sys

2011/09/01 18:23:59.0687 1456 Arp1394 (b5b8a80875c1dededa8b02765642c32f) C:\WINDOWS\system32\DRIVERS\arp1394.sys

2011/09/01 18:23:59.0687 1456 asc (62d318e9a0c8fc9b780008e724283707) C:\WINDOWS\system32\DRIVERS\asc.sys

2011/09/01 18:23:59.0703 1456 asc3350p (69eb0cc7714b32896ccbfd5edcbea447) C:\WINDOWS\system32\DRIVERS\asc3350p.sys

2011/09/01 18:23:59.0718 1456 asc3550 (5d8de112aa0254b907861e9e9c31d597) C:\WINDOWS\system32\DRIVERS\asc3550.sys

2011/09/01 18:23:59.0828 1456 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys

2011/09/01 18:23:59.0843 1456 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys

2011/09/01 18:23:59.0984 1456 ati2mtag (a4d1c3cd20c8c595af1817bb5352ecd6) C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

2011/09/01 18:24:00.0046 1456 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys

2011/09/01 18:24:00.0078 1456 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys

2011/09/01 18:24:00.0093 1456 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys

2011/09/01 18:24:00.0156 1456 BthEnum (b279426e3c0c344893ed78a613a73bde) C:\WINDOWS\system32\DRIVERS\BthEnum.sys

2011/09/01 18:24:00.0187 1456 BTHMODEM (fca6f069597b62d42495191ace3fc6c1) C:\WINDOWS\system32\DRIVERS\bthmodem.sys

2011/09/01 18:24:00.0234 1456 BthPan (80602b8746d3738f5886ce3d67ef06b6) C:\WINDOWS\system32\DRIVERS\bthpan.sys

2011/09/01 18:24:00.0265 1456 BTHPORT (ef26202fee56f7607c6b794059df347a) C:\WINDOWS\system32\Drivers\BTHport.sys

2011/09/01 18:24:00.0312 1456 BTHUSB (61364cd71ef63b0f038b7e9df00f1efa) C:\WINDOWS\system32\Drivers\BTHUSB.sys

2011/09/01 18:24:00.0343 1456 CBDisk (93c568904e116607df2389907a9d8899) C:\WINDOWS\system32\drivers\CBDisk.sys

2011/09/01 18:24:00.0437 1456 cbidf (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

2011/09/01 18:24:00.0453 1456 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys

2011/09/01 18:24:00.0484 1456 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys

2011/09/01 18:24:00.0515 1456 cd20xrnt (f3ec03299634490e97bbce94cd2954c7) C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

2011/09/01 18:24:00.0531 1456 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys

2011/09/01 18:24:00.0578 1456 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys

2011/09/01 18:24:00.0609 1456 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys

2011/09/01 18:24:00.0656 1456 cfwids (ecaf4a51580244fef1aa32cb984f13bf) C:\WINDOWS\system32\drivers\cfwids.sys

2011/09/01 18:24:00.0734 1456 CmBatt (0f6c187d38d98f8df904589a5f94d411) C:\WINDOWS\system32\DRIVERS\CmBatt.sys

2011/09/01 18:24:00.0750 1456 CmdIde (e3726ad522d0bdae090671048c991ab3) C:\WINDOWS\system32\DRIVERS\cmdide.sys

2011/09/01 18:24:00.0765 1456 Compbatt (6e4c9f21f0fae8940661144f41b13203) C:\WINDOWS\system32\DRIVERS\compbatt.sys

2011/09/01 18:24:00.0796 1456 Cpqarray (3ee529119eed34cd212a215e8c40d4b6) C:\WINDOWS\system32\DRIVERS\cpqarray.sys

2011/09/01 18:24:00.0828 1456 dac2w2k (e550e7418984b65a78299d248f0a7f36) C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

2011/09/01 18:24:00.0843 1456 dac960nt (683789caa3864eb46125ae86ff677d34) C:\WINDOWS\system32\DRIVERS\dac960nt.sys

2011/09/01 18:24:00.0859 1456 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys

2011/09/01 18:24:00.0906 1456 dmboot (f5deadd42335fb33edca74ecb2f36cba) C:\WINDOWS\system32\drivers\dmboot.sys

2011/09/01 18:24:00.0937 1456 dmio (5a7c47c9b3f9fb92a66410a7509f0c71) C:\WINDOWS\system32\drivers\dmio.sys

2011/09/01 18:24:00.0953 1456 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys

2011/09/01 18:24:01.0000 1456 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys

2011/09/01 18:24:01.0031 1456 dpti2o (40f3b93b4e5b0126f2f5c0a7a5e22660) C:\WINDOWS\system32\DRIVERS\dpti2o.sys

2011/09/01 18:24:01.0078 1456 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys

2011/09/01 18:24:01.0125 1456 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys

2011/09/01 18:24:01.0156 1456 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys

2011/09/01 18:24:01.0171 1456 FETNDIS (e9648254056bce81a85380c0c3647dc4) C:\WINDOWS\system32\DRIVERS\fetnd5.sys

2011/09/01 18:24:01.0187 1456 Fips (31f923eb2170fc172c81abda0045d18c) C:\WINDOWS\system32\drivers\Fips.sys

2011/09/01 18:24:01.0359 1456 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys

2011/09/01 18:24:01.0375 1456 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys

2011/09/01 18:24:01.0390 1456 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys

2011/09/01 18:24:01.0421 1456 Ftdisk (a86859b77b908c18c2657f284aa29fe3) C:\WINDOWS\system32\DRIVERS\ftdisk.sys

2011/09/01 18:24:01.0453 1456 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys

2011/09/01 18:24:01.0468 1456 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

2011/09/01 18:24:01.0515 1456 HidUsb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys

2011/09/01 18:24:01.0578 1456 Hotkey (8b566ea71d5b76157a9cdb78f25a5731) C:\WINDOWS\system32\drivers\Hotkey.sys

2011/09/01 18:24:01.0656 1456 hpn (b028377dea0546a5fcfba928a8aefae0) C:\WINDOWS\system32\DRIVERS\hpn.sys

2011/09/01 18:24:01.0703 1456 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys

2011/09/01 18:24:01.0734 1456 i2omgmt (9368670bd426ebea5e8b18a62416ec28) C:\WINDOWS\system32\drivers\i2omgmt.sys

2011/09/01 18:24:01.0765 1456 i2omp (f10863bf1ccc290babd1a09188ae49e0) C:\WINDOWS\system32\DRIVERS\i2omp.sys

2011/09/01 18:24:01.0812 1456 i8042prt (a09bdc4ed10e3b2e0ec27bb94af32516) C:\WINDOWS\system32\DRIVERS\i8042prt.sys

2011/09/01 18:24:01.0859 1456 iaStor (80c633722da72e97f3f5b3b11325696d) C:\WINDOWS\system32\DRIVERS\iaStor.sys

2011/09/01 18:24:01.0890 1456 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys

2011/09/01 18:24:01.0921 1456 ini910u (4a40e045faee58631fd8d91afc620719) C:\WINDOWS\system32\DRIVERS\ini910u.sys

2011/09/01 18:24:02.0078 1456 IntcAzAudAddService (1824c4894aa438cd06c976e44b9e7353) C:\WINDOWS\system32\drivers\RtkHDAud.sys

2011/09/01 18:24:02.0140 1456 IntelIde (4b6da2f0a4095857a9e3f3697399d575) C:\WINDOWS\system32\DRIVERS\intelide.sys

2011/09/01 18:24:02.0171 1456 intelppm (ad340800c35a42d4de1641a37feea34c) C:\WINDOWS\system32\DRIVERS\intelppm.sys

2011/09/01 18:24:02.0218 1456 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

2011/09/01 18:24:02.0250 1456 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

2011/09/01 18:24:02.0265 1456 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys

2011/09/01 18:24:02.0296 1456 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys

2011/09/01 18:24:02.0312 1456 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys

2011/09/01 18:24:02.0328 1456 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys

2011/09/01 18:24:02.0359 1456 isapnp (355836975a67b6554bca60328cd6cb74) C:\WINDOWS\system32\DRIVERS\isapnp.sys

2011/09/01 18:24:02.0453 1456 ISODrive (bf71a06ff065e3fd7e32ea67dca34885) C:\Program Files\UltraISO\drivers\ISODrive.sys

2011/09/01 18:24:02.0546 1456 JMCR (dedb6cc1b166928a8f3f68def1766db0) C:\WINDOWS\system32\DRIVERS\jmcr.sys

2011/09/01 18:24:02.0562 1456 Kbdclass (16813155807c6881f4bfbf6657424659) C:\WINDOWS\system32\DRIVERS\kbdclass.sys

2011/09/01 18:24:02.0593 1456 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys

2011/09/01 18:24:02.0609 1456 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys

2011/09/01 18:24:02.0671 1456 Lbd (336abe8721cbc3110f1c6426da633417) C:\WINDOWS\system32\DRIVERS\Lbd.sys

2011/09/01 18:24:02.0750 1456 MBAMProtector (eca00eed9ab95489007b0ef84c7149de) C:\WINDOWS\system32\drivers\mbam.sys

2011/09/01 18:24:02.0984 1456 MDFSYSNT (958b893eb11586b4ed1301ba067abc94) C:\WINDOWS\system32\drivers\MDFSYSNT.sys

2011/09/01 18:24:03.0078 1456 MDPMGRNT (9f06ca581cce21fc72a946487aa243e9) C:\WINDOWS\system32\drivers\MDPMGRNT.sys

2011/09/01 18:24:03.0171 1456 mfeapfk (688b626fca708ee9eb161cad1f7363a9) C:\WINDOWS\system32\drivers\mfeapfk.sys

2011/09/01 18:24:03.0203 1456 mfeavfk (693a8d924b640223974e0a88f2baf0f4) C:\WINDOWS\system32\drivers\mfeavfk.sys

2011/09/01 18:24:03.0234 1456 mfebopk (52c40d19873528bd15823c969d3ad227) C:\WINDOWS\system32\drivers\mfebopk.sys

2011/09/01 18:24:03.0265 1456 mfefirek (e37b98d49df546f4059483d49e349a53) C:\WINDOWS\system32\drivers\mfefirek.sys

2011/09/01 18:24:03.0312 1456 mfehidk (44184f32392fa2e94d08d056ce750d56) C:\WINDOWS\system32\drivers\mfehidk.sys

2011/09/01 18:24:03.0343 1456 mfendisk (8c434d77c7a8cd97f8f4c2b0be19d541) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

2011/09/01 18:24:03.0359 1456 mfendiskmp (8c434d77c7a8cd97f8f4c2b0be19d541) C:\WINDOWS\system32\DRIVERS\mfendisk.sys

2011/09/01 18:24:03.0390 1456 mferkdet (5f5313bfd1e73233885a26ab77488f6f) C:\WINDOWS\system32\drivers\mferkdet.sys

2011/09/01 18:24:03.0437 1456 mferkdk (41fe2f288e05a6c8ab85dd56770ffbad) C:\WINDOWS\system32\drivers\mferkdk.sys

2011/09/01 18:24:03.0484 1456 mfetdi2k (8d1a44e1f46bcf4acfe9c701edd340e3) C:\WINDOWS\system32\drivers\mfetdi2k.sys

2011/09/01 18:24:03.0531 1456 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys

2011/09/01 18:24:03.0562 1456 Modem (510ade9327fe84c10254e1902697e25f) C:\WINDOWS\system32\drivers\Modem.sys

2011/09/01 18:24:03.0656 1456 Mouclass (027c01bd7ef3349aaebc883d8a799efb) C:\WINDOWS\system32\DRIVERS\mouclass.sys

2011/09/01 18:24:03.0687 1456 mouhid (124d6846040c79b9c997f78ef4b2a4e5) C:\WINDOWS\system32\DRIVERS\mouhid.sys

2011/09/01 18:24:03.0718 1456 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys

2011/09/01 18:24:03.0750 1456 mraid35x (3f4bb95e5a44f3be34824e8e7caf0737) C:\WINDOWS\system32\DRIVERS\mraid35x.sys

2011/09/01 18:24:03.0765 1456 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys

2011/09/01 18:24:03.0828 1456 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

2011/09/01 18:24:03.0875 1456 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys

2011/09/01 18:24:03.0921 1456 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys

2011/09/01 18:24:03.0953 1456 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys

2011/09/01 18:24:03.0984 1456 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys

2011/09/01 18:24:04.0000 1456 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys

2011/09/01 18:24:04.0031 1456 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys

2011/09/01 18:24:04.0093 1456 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys

2011/09/01 18:24:04.0109 1456 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys

2011/09/01 18:24:04.0156 1456 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys

2011/09/01 18:24:04.0203 1456 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys

2011/09/01 18:24:04.0250 1456 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys

2011/09/01 18:24:04.0265 1456 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys

2011/09/01 18:24:04.0296 1456 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys

2011/09/01 18:24:04.0343 1456 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys

2011/09/01 18:24:04.0390 1456 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys

2011/09/01 18:24:04.0468 1456 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys

2011/09/01 18:24:04.0671 1456 NETw5x32 (05743fffc2bc88cc8e426321bc6a762e) C:\WINDOWS\system32\DRIVERS\NETw5x32.sys

2011/09/01 18:24:04.0812 1456 NIC1394 (e9e47cfb2d461fa0fc75b7a74c6383ea) C:\WINDOWS\system32\DRIVERS\nic1394.sys

2011/09/01 18:24:04.0921 1456 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys

2011/09/01 18:24:04.0953 1456 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys

2011/09/01 18:24:05.0015 1456 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys

2011/09/01 18:24:05.0031 1456 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

2011/09/01 18:24:05.0062 1456 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

2011/09/01 18:24:05.0093 1456 ohci1394 (ca33832df41afb202ee7aeb05145922f) C:\WINDOWS\system32\DRIVERS\ohci1394.sys

2011/09/01 18:24:05.0125 1456 Parport (8fd0bdbea875d06ccf6c945ca9abaf75) C:\WINDOWS\system32\drivers\Parport.sys

2011/09/01 18:24:05.0218 1456 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys

2011/09/01 18:24:05.0250 1456 ParVdm (9575c5630db8fb804649a6959737154c) C:\WINDOWS\system32\drivers\ParVdm.sys

2011/09/01 18:24:05.0359 1456 pccsmcfd (fd2041e9ba03db7764b2248f02475079) C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys

2011/09/01 18:24:05.0390 1456 PCI (043410877bda580c528f45165f7125bc) C:\WINDOWS\system32\DRIVERS\pci.sys

2011/09/01 18:24:05.0421 1456 PCIIde (f4bfde7209c14a07aaa61e4d6ae69eac) C:\WINDOWS\system32\DRIVERS\pciide.sys

2011/09/01 18:24:05.0421 1456 Pcmcia (f0406cbc60bdb0394a0e17ffb04cdd3d) C:\WINDOWS\system32\DRIVERS\pcmcia.sys

2011/09/01 18:24:05.0531 1456 perc2 (6c14b9c19ba84f73d3a86dba11133101) C:\WINDOWS\system32\DRIVERS\perc2.sys

2011/09/01 18:24:05.0546 1456 perc2hib (f50f7c27f131afe7beba13e14a3b9416) C:\WINDOWS\system32\DRIVERS\perc2hib.sys

2011/09/01 18:24:05.0593 1456 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys

2011/09/01 18:24:05.0625 1456 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys

2011/09/01 18:24:05.0640 1456 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys

2011/09/01 18:24:05.0687 1456 PxHelp20 (49452bfcec22f36a7a9b9c2181bc3042) C:\WINDOWS\system32\Drivers\PxHelp20.sys

2011/09/01 18:24:05.0718 1456 ql1080 (0a63fb54039eb5662433caba3b26dba7) C:\WINDOWS\system32\DRIVERS\ql1080.sys

2011/09/01 18:24:05.0734 1456 Ql10wnt (6503449e1d43a0ff0201ad5cb1b8c706) C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

2011/09/01 18:24:05.0750 1456 ql12160 (156ed0ef20c15114ca097a34a30d8a01) C:\WINDOWS\system32\DRIVERS\ql12160.sys

2011/09/01 18:24:05.0781 1456 ql1240 (70f016bebde6d29e864c1230a07cc5e6) C:\WINDOWS\system32\DRIVERS\ql1240.sys

2011/09/01 18:24:05.0812 1456 ql1280 (907f0aeea6bc451011611e732bd31fcf) C:\WINDOWS\system32\DRIVERS\ql1280.sys

2011/09/01 18:24:05.0843 1456 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys

2011/09/01 18:24:05.0890 1456 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

2011/09/01 18:24:05.0921 1456 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys

2011/09/01 18:24:05.0968 1456 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys

2011/09/01 18:24:06.0015 1456 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys

2011/09/01 18:24:06.0046 1456 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

2011/09/01 18:24:06.0093 1456 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys

2011/09/01 18:24:06.0171 1456 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys

2011/09/01 18:24:06.0203 1456 redbook (d8eb2a7904db6c916eb5361878ddcbae) C:\WINDOWS\system32\DRIVERS\redbook.sys

2011/09/01 18:24:06.0250 1456 RFCOMM (851c30df2807fcfa21e4c681a7d6440e) C:\WINDOWS\system32\DRIVERS\rfcomm.sys

2011/09/01 18:24:06.0312 1456 RTLE8023xp (c6d34a1874cd2b212dc3e788091c64b4) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys

2011/09/01 18:24:06.0328 1456 S3SavageNB (0dbcc071a268e0340a2ba6bdd98bace4) C:\WINDOWS\system32\DRIVERS\s3gnbm.sys

2011/09/01 18:24:06.0359 1456 sdbus (8d04819a3ce51b9eb47e5689b44d43c4) C:\WINDOWS\system32\DRIVERS\sdbus.sys

2011/09/01 18:24:06.0390 1456 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys

2011/09/01 18:24:06.0421 1456 Serial (93d313c31f7ad9ea2b75f26075413c7c) C:\WINDOWS\system32\drivers\Serial.sys

2011/09/01 18:24:06.0578 1456 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\DRIVERS\sfloppy.sys

2011/09/01 18:24:06.0609 1456 sisagp (6b33d0ebd30db32e27d1d78fe946a754) C:\WINDOWS\system32\DRIVERS\sisagp.sys

2011/09/01 18:24:06.0656 1456 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys

2011/09/01 18:24:06.0687 1456 Sparrow (83c0f71f86d3bdaf915685f3d568b20e) C:\WINDOWS\system32\DRIVERS\sparrow.sys

2011/09/01 18:24:06.0765 1456 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys

2011/09/01 18:24:06.0859 1456 sr (39626e6dc1fb39434ec40c42722b660a) C:\WINDOWS\system32\DRIVERS\sr.sys

2011/09/01 18:24:06.0953 1456 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys

2011/09/01 18:24:07.0000 1456 sscdbus (d6870895fe46a464a19141440eb6cc1e) C:\WINDOWS\system32\DRIVERS\sscdbus.sys

2011/09/01 18:24:07.0078 1456 sscdmdfl (0fe167362e4689b716cdc8d93adedda8) C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys

2011/09/01 18:24:07.0109 1456 sscdmdm (55a15707e32b6709242ad127e62ca55a) C:\WINDOWS\system32\DRIVERS\sscdmdm.sys

2011/09/01 18:24:07.0171 1456 StarOpen (306521935042fc0a6988d528643619b3) C:\WINDOWS\system32\drivers\StarOpen.sys

2011/09/01 18:24:07.0312 1456 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys

2011/09/01 18:24:07.0390 1456 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys

2011/09/01 18:24:07.0437 1456 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys

2011/09/01 18:24:07.0468 1456 symc810 (1ff3217614018630d0a6758630fc698c) C:\WINDOWS\system32\DRIVERS\symc810.sys

2011/09/01 18:24:07.0515 1456 symc8xx (070e001d95cf725186ef8b20335f933c) C:\WINDOWS\system32\DRIVERS\symc8xx.sys

2011/09/01 18:24:07.0531 1456 sym_hi (80ac1c4abbe2df3b738bf15517a51f2c) C:\WINDOWS\system32\DRIVERS\sym_hi.sys

2011/09/01 18:24:07.0562 1456 sym_u3 (bf4fab949a382a8e105f46ebb4937058) C:\WINDOWS\system32\DRIVERS\sym_u3.sys

2011/09/01 18:24:07.0609 1456 SynTP (86692a9116559222bd2d62633ddc352d) C:\WINDOWS\system32\DRIVERS\SynTP.sys

2011/09/01 18:24:07.0656 1456 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys

2011/09/01 18:24:07.0703 1456 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys

2011/09/01 18:24:07.0765 1456 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys

2011/09/01 18:24:07.0781 1456 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys

2011/09/01 18:24:07.0828 1456 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys

2011/09/01 18:24:07.0875 1456 TosIde (b411668322c3bf4e690888706b999679) C:\WINDOWS\system32\DRIVERS\toside.sys

2011/09/01 18:24:07.0937 1456 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys

2011/09/01 18:24:07.0953 1456 ultra (1b698a51cd528d8da4ffaed66dfc51b9) C:\WINDOWS\system32\DRIVERS\ultra.sys

2011/09/01 18:24:07.0984 1456 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys

2011/09/01 18:24:08.0031 1456 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys

2011/09/01 18:24:08.0062 1456 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys

2011/09/01 18:24:08.0093 1456 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys

2011/09/01 18:24:08.0125 1456 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

2011/09/01 18:24:08.0140 1456 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys

2011/09/01 18:24:08.0171 1456 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys

2011/09/01 18:24:08.0187 1456 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys

2011/09/01 18:24:08.0218 1456 viaagp (754292ce5848b3738281b4f3607eaef4) C:\WINDOWS\system32\DRIVERS\viaagp.sys

2011/09/01 18:24:08.0234 1456 ViaIde (3b3efcda263b8ac14fdf9cbdd0791b2e) C:\WINDOWS\system32\DRIVERS\viaide.sys

2011/09/01 18:24:08.0265 1456 VolSnap (46de1126684369bace4849e4fc8c43ca) C:\WINDOWS\system32\drivers\VolSnap.sys

2011/09/01 18:24:08.0359 1456 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys

2011/09/01 18:24:08.0406 1456 Wdf01000 (60d2787958b46595d62237ed15b91e94) C:\WINDOWS\system32\DRIVERS\Wdf01000.sys

2011/09/01 18:24:08.0468 1456 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys

2011/09/01 18:24:08.0546 1456 WmiAcpi (c42584fd66ce9e17403aebca199f7bdb) C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

2011/09/01 18:24:08.0578 1456 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS

2011/09/01 18:24:08.0609 1456 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys

2011/09/01 18:24:08.0625 1456 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys

2011/09/01 18:24:08.0687 1456 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0

2011/09/01 18:24:08.0968 1456 Boot (0x1200) (f761105a5e315ed81d26a71829958f50) \Device\Harddisk0\DR0\Partition0

2011/09/01 18:24:09.0046 1456 Boot (0x1200) (9222db61d7f6b9571925c36bd095f379) \Device\Harddisk0\DR0\Partition1

2011/09/01 18:24:09.0062 1456 ================================================================================

2011/09/01 18:24:09.0062 1456 Scan finished

2011/09/01 18:24:09.0062 1456 ================================================================================

2011/09/01 18:24:09.0093 3720 Detected object count: 0

2011/09/01 18:24:09.0093 3720 Actual detected object count: 0


J'obtiens une alerte "indice de liste hors limites" avec ZHPDiag

Voici la fenêtre jusqu'au blocage du soft:



Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011

Run by mvh at 1/09/2011 18:39:48

Web site : ZHPDiag Outil de diagnostic



---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

MFIE: Mozilla Firefox 4.0.1 v4.0.1


---\\ Windows Product Information

Windows XP Professional Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : OK


---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3066 MB (71% free)

System Restore: Activé (Enable)

System drive C: has 5 GB (10%) free of 49 GB


---\\ Logged in mode

~ Computer Name: POR-MVH

~ User Name: mvh

~ All Users Names: SUPPORT_388945a0, mvh, mcu, HelpAssistant, ASPNET, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator


---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Documents and Settings\mvh\Application Data\

~ %Desktop% : C:\Documents and Settings\mvh\Bureau\

~ %Favorites% : C:\Documents and Settings\mvh\Favoris\

~ %LocalAppData% : C:\Documents and Settings\mvh\Local Settings\Application Data\

~ %StartMenu% : C:\Documents and Settings\mvh\Menu Démarrer\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\


---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 49 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 56 Go of 249 Go)

E:\ CD-ROM drive (Not Inserted)

Z:\ CD-ROM drive (Not Inserted)




---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s




---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]

[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.1/09/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

~ Scan Generic Processes in 00mn 00s




---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 9/553

~ Mes musiques (My Musics) : 1/2

~ Mes Videos (My Videos) : 2/22

~ Mes Favoris (My Favorites) : 3/414

~ Mes Documents (My Documents) : 52/3964

~ Mon Bureau (My Desktop) : 1/120

~ Menu demarrer (Programs) : 5/92

~ Scan Hidden Files in 00mn 00s




---\\ Processus lancés

[MD5.AB6A44C8A3C64AC89567784145910F49] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [532480] [PID.]

[MD5.2CCCD74F69473B60CB904DC466077AC0] - (.Zetes - Belgium Identity Card Service.) -- C:\WINDOWS\system32\beidservicepcsc.exe [331776] [PID.]

[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]

[MD5.0EA695F38FD27DBE53F3D88C3A0F88DC] - (.Mediafour Corporation - MacDrive service.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [131584] [PID.]

[MD5.37036C07983EF1024B2FF3C28AAE5700] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640] [PID.]

[MD5.7E6932EEDA54C8EAF7DC6C2225261B85] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe [214904] [PID.]

[MD5.6991A9EA5E74E6035B8DAB17A7572CF3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [148520] [PID.]

[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.]

[MD5.F1519E42A9CBAC4638CF6C1BFBBD367E] - (.Nitro PDF Software - Solid Spool Service.) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928] [PID.]

[MD5.1E38790BDEA07472C4B16ADD469E9912] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\WINDOWS\system32\NLSSRV32.EXE [68928] [PID.]

[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.]

[MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propriétaire - nTitles PSIService.) -- C:\WINDOWS\system32\PSIService.exe [174656] [PID.]

[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.]

[MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.]

[MD5.29C45F29E6B60BBF554DD89E499D384E] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [165000] [PID.]

[MD5.A2E16406728BE43076473A99C2F13678] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [159832] [PID.]

[MD5.FEAE215A64318D84A2077E105D27DC0B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16859136] [PID.3564]

[MD5.0D034E8C4F88C5B2B0C1AF3CF438CC4F] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [86016] [PID.3576]

[MD5.10BAE7A1B4027833428220391EACAE49] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1105920] [PID.3616]

[MD5.A528A87BF0CFF1BCA1AD2AB70B4B5CFD] - (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe [192512] [PID.3624]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.3672]

[MD5.02095B7B324A2D19AF30A23796E2A13F] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\\Agent\mcagent.exe [1312384] [PID.3688]

[MD5.CDE36A1A95BB1F9CF77C03B9E01EDE8B] - (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [167936] [PID.3804]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.3924]

[MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584] [PID.3932]

[MD5.EB2CC7A2441AA4477BCE761800168CCC] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.3956]

[MD5.B0E6FAA0F0EAD4772C545A3737EFB47F] - (.Wistron Corp. - Pas de description.) -- C:\Program Files\Launch Manager\WisLMSvc.exe [118784] [PID.]

[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3976]

[MD5.62F68443D244024845B875B44D76A92F] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [537896] [PID.]

[MD5.469922A70BA4F71F7D7582ED1E58ED80] - (.Two_toNe - Customize Taskbar Ver1.2.0.) -- D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe [90624] [PID.2908]

[MD5.BE11DA966D6FC74F2137306FB260F6A4] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1017912] [PID.412]

[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.1772]

[MD5.A1F15ABE56BE5B7D7778221A1567231B] - (.Corel - Standby service.) -- C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe [105632] [PID.1792]

[MD5.8038AC11981949FCF4BA7269B0215977] - (.Ghisler Software GmbH - Total Commander 32 bit.) -- C:\Program Files\totalcmd\TOTALCMD.EXE [3520256] [PID.248]

[MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.]

[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]

~ Scan Processes Running in 00mn 00s




---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

~ Scan Google Browser in 00mn 00s




---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\prefs.js

C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\user.js (.not file.)

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [mvh - tcbe9daq.default] Google

M2 - MFEP: prefs.js [mvh - tcbe9daq.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.2.2.0 (.iMacros Team, iOpus Software GmbH.)

P2 - FPN: [HKLM] [] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [ Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

P2 - FPN: [HKLM] [] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [,version=10] - (...) -- c:\progra~1\mcafee\msc\npmcsn~1.dll

P2 - FPN: [HKLM] [,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [] - (.RayV - RayV Plugin.) -- C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [ Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [ Update;version=8] - (...) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleOneClick8.dll (.not file.)

P2 - FPN: [HKCU] [ Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s




---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =     

R0 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =     

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Search Page =     

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s




---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s




---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s




---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 00s




---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\Windo

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

~ Scan BHO in 00mn 00s




---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll

~ Scan Toolbar in 00mn 00s




---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe

O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe

O4 - HKLM\..\Run: [AlcWzrd] . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- C:\WINDOWS\ALCWZRD.exe

O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [HotkeyApp] . (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl

O4 - HKLM\..\Run: [standby] . (.Corel - Standby service.) -- c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe

O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\\Agent\mcagent.exe

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [MacDrive 8 application] . (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe

O4 - HKLM\..\Run: [Getting started with MacDrive 8] . (.Mediafour Corporation - Get Started with MacDrive.) -- C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (.not file.)

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe (.not file.)

O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe (.not file.)

O4 - HKLM\..\Run: [beidsystemtray] . (.Zetes - beidsystemtray.) -- C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe

O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

~ Scan Application in 00mn 00s




---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Bridge CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Device Central CS4.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Device Central CS4\DeviceCentral.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Dreamweaver CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Drive CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ExtendScript Toolkit CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Extension Manager CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Flash CS4 Professional.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files\Adobe\Adobe Flash CS4\Flash.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Media Encoder CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Lightroom 2.7.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 2.7\lightroom.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Pixel Bender Toolkit.lnk . (...) -- C:\Program Files\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Nitro PDF Professional.lnk . (...) -- C:\WINDOWS\Installer\{19DCEAAA-AC36-4C34-B1D5-5B94BF6E4BC6}\Professional.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Open Cellar Home Edition 1.2.lnk . (...) -- C:\WINDOWS\Installer\{1F0944C8-C099-4E12-8F0C-617316731B58}\_18be6784.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Sudoku Up.lnk . (...) -- C:\Program Files\Sudoku Up\SudokuUp.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s




---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Sothink SWF Catcher . (...) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

~ Scan IE Menu Contextuel in 00mn 00s




---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} . (.Pas de propriétaire - WinHTTrackIEBar Module.) -- C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra button: Launch WinHTTrack - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

~ Scan IE Extra Buttons in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

~ Scan Winsock in 00mn 00s




---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () -

~ Scan Objets ActiveX in 00mn 00s




---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

O17 - HKLM\System\CS1\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

O17 - HKLM\System\CS3\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

~ Scan Domain in 00mn 00s




---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} . (.McAfee, Inc. - McAfee MSC IE plugin DLL.) -- c:\progra~1\mcafee\msc\mcsniepl.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s




---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (...) -- C:\WINDOWS\system32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

~ Scan Winlogon in 00mn 00s




---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

~ Scan SSODL in 00mn 00s




---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s




---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: eID CRL Service (eID CRL Service) . (. Zetes - Belgium Identity Card CRL Service.) - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service (eID Privacy Service) . (.Zetes - Belgium Identity Card Service.) - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MacDrive 8 service (MacDrive8Service) . (.Mediafour Corporation - MacDrive service.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe

O23 - Service: NLS Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\WINDOWS\system32\NLSSRV32.exe

O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ProtexisLicensing (ProtexisLicensing) . (.Pas de propriétaire - nTitles PSIService.) - C:\WINDOWS\system32\PSIService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe

O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

~ Scan Services in 00mn 00s




---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s




---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\One-Click Tweak.job

[MD5.1DDB6CA106D92FBB7E2138DF1360EC26] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [OGALogon] (...) -- C:\WINDOWS\system32\OGAexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files\Advanced PC Tweaker\OneClick.exe (.not file.)

~ Scan Scheduled Task in 00mn 00s




---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys

O41 - Driver: (CBDisk) . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - C:\WINDOWS\system32\drivers\CBDisk.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys

O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\WINDOWS\system32\drivers\mfetdi2k.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

~ Scan Drivers in 00mn 00s




---\\ Logiciels installés (O42)

O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software

O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}

O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578

O42 - Logiciel: Adobe Flash CS4 Professional - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_a68eec966ce913ddaa63251dc82ed31

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8

O42 - Logiciel: Autopano Giga - (.Kolor.) [HKLM] -- Autopano Giga

O42 - Logiciel: BIS TV Viewer - (.RayV.) [HKLM] -- RayV

O42 - Logiciel: Belgium Identity Card Run-time 2.6 - (.Fedict.) [HKLM] -- InstallShield_{EA248851-A7D5-4906-8C46-A3CA267F6A24}

O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent

O42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2

O42 - Logiciel: ColorPic - (.Iconico.) [HKLM] -- ColorPic

O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{72DB27D3-FE05-4227-AF5A-11CD101ECF09}

O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM] -- _{D1AEB5DB-04FA-489D-94EF-8600898B93EE}

O42 - Logiciel: CorelDRAW® Graphics Suite X5 - (.Corel Corporation.) [HKLM] -- _{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: DVDFab (05/01/2011) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: Deluxe Pacman (1.70) - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.) [HKLM] -- FTP Expert 3

O42 - Logiciel: GPL Ghostscript 8.64 - (.Pas de propriétaire.) [HKLM] -- GPL Ghostscript 8.64

O42 - Logiciel: GSview 4.9 - (.Pas de propriétaire.) [HKLM] -- GSview 4.9

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Hamster Free Video Convertor - (.Hamster Soft.) [HKLM] -- {7E350663-86D3-466A-AB79-28156A9ABF6E}_is1

O42 - Logiciel: HamsterFreeVideoConverter - (.HamsterSoft, Inc..) [HKLM] -- Hamster Free Video Converter_is1

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946040

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946308

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946344

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947540

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947789

O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Image Mender 1.22 - (.Phibit Software.) [HKLM] -- Image Mender

O42 - Logiciel: Image Resize Guide 1.0.1 - (.Two Pilots.) [HKLM] -- Image Resize Guide_is1

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}

O42 - Logiciel: JPEGCrops 0.7.5 beta - (.Pas de propriétaire.) [HKLM] -- {DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1

O42 - Logiciel: KeyChanger Office Edition - (.Keytech-Software.) [HKLM] -- KeyChanger Office Edition2.0

O42 - Logiciel: La cave du sommelier 2 - (.DP Software.) [HKLM] -- {8A37B952-0B30-477D-923D-15C19411F924}_is1

O42 - Logiciel: Launch Manager V1.4.9 - (.Wistron Corp..) [HKLM] -- {D0846526-66DD-4DC9-A02C-98F9A2806812}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST

O42 - Logiciel: MaCave - (.Pas de propriétaire.) [HKCU] -- MACAVEExécutable

O42 - Logiciel: Malwarebytes' Anti-Malware version - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee AntiVirus Plus - (.McAfee, Inc..) [HKLM] -- MSC

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework 1.0 - (.Microsoft Corporation.) [HKLM] -- Wdf01000

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack

O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)

O42 - Logiciel: NoWires Plugin v1.5 - (.Pavel Dovgalyuk.) [HKLM] -- {BA119399-31E4-4FEE-9DC0-D0B1E1B7364A}_is1

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: Pdf995 - (.Pas de propriétaire.) [HKLM] -- Pdf995

O42 - Logiciel: Photomatix Pro version 3.2.2 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3Betax32_is1

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Registry Healer 4.5.0 uninstall - (.KsL Software.) [HKLM] -- RegHealer_is2

O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem

O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}

O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Services Off-line de Home'Bank 5.11 - (.ING Belgium.) [HKLM] -- Services Off-line de Home'Bank_is1

O42 - Logiciel: Sothink FLV Player - (.SourceTec Software Co., LTD.) [HKLM] -- {CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1

O42 - Logiciel: Sothink SWF Decompiler - (.SourceTec Software Co., LTD.) [HKLM] -- {BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1

O42 - Logiciel: Sothink SWF Quicker - (.SourceTec Software Co., LTD.) [HKLM] -- {D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1

O42 - Logiciel: Sothink Web Video Downloader - (.SourceTec Software Co., LTD.) [HKLM] -- {8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1

O42 - Logiciel: Sudoku Up 2009 v3.0 - ( [HKLM] -- Sudoku Up_is1

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Total Commander (Remove or Repair) - (.Ghisler Software GmbH.) [HKLM] -- Totalcmd

O42 - Logiciel: TweakNow PowerPack 2010 - ( [HKLM] -- TweakNow PowerPack 2010_is1

O42 - Logiciel: UltraISO Premium V9.32 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C}

O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: WDConver - (.Pas de propriétaire.) [HKCU] -- LOGICAVE II

O42 - Logiciel: WinHTTrack Website Copier 3.43-9C - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1

O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP

O42 - Logiciel: XnView 1.97.6 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1


---\\ HKCU & HKLM Software Keys


[HKCU\Software\ATI Technologies Inc.]


[HKCU\Software\Adobe Lightroom]



[HKCU\Software\Apple Computer, Inc.]












[HKCU\Software\DVD Shrink]


[HKCU\Software\Data Dynamics]


[HKCU\Software\EasyBoot Systems]

[HKCU\Software\Eltima Software]


[HKCU\Software\Enigma Protector]

[HKCU\Software\Etab Bazile]



[HKCU\Software\GPL Ghostscript]



[HKCU\Software\Guillaume Lacasa]



[HKCU\Software\IM Providers]




[HKCU\Software\KsL Software]






[HKCU\Software\Malwarebytes' Anti-Malware]








[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Nitro PDF]




[HKCU\Software\PC SOFT]

[HKCU\Software\Pando Networks]

[HKCU\Software\Phibit Software]






[HKCU\Software\Revenger inc.]



[HKCU\Software\Samsung PC Studio]







[HKCU\Software\Tracker Software]


[HKCU\Software\TweakNow PowerPack]


[HKCU\Software\Ulead Systems]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WinHTTrack Website Copier]

[HKCU\Software\WinRAR SFX]


[HKCU\Software\WinZip Computing]









[HKLM\Software\ATI Technologies]




[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]














[HKLM\Software\EasyBoot Systems]




[HKLM\Software\GPL Ghostscript]








[HKLM\Software\Intel Corporation]





[HKLM\Software\KeyChanger Office Edition2]


[HKLM\Software\Launch Manager]


[HKLM\Software\Liant Software Corporation]






[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]










[HKLM\Software\Nico Mak Computing]

[HKLM\Software\Nitro PDF]


[HKLM\Software\PC Connectivity Solution]



[HKLM\Software\Pando Networks]



[HKLM\Software\Program Groups]











[HKLM\Software\Tracker Software]



[HKLM\Software\TweakNow PowerPack]

[HKLM\Software\Two Pilots]

[HKLM\Software\Ulead Systems]


[HKLM\Software\Visicom Media]


[HKLM\Software\WinHTTrack Website Copier]


[HKLM\Software\Windows 3.1 Migration Status]





~ Scan Softwares in 00mn 00s




---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 11/03/2011 - 22:29:36 - [2211623690] ----D- C:\Program Files\Adobe

O43 - CFD: 7/08/2009 - 21:36:56 - [2241762] ----D- C:\Program Files\Advanced DHTML Popup Pro V2

O43 - CFD: 24/01/2009 - 18:54:38 - [986508] ----D- C:\Program Files\Apex

O43 - CFD: 18/07/2011 - 14:21:10 - [2428606] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 24/01/2009 - 12:15:28 - [108224356] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 30/08/2011 - 18:26:52 - [13949430] ----D- C:\Program Files\Belgium Identity Card

O43 - CFD: 20/04/2011 - 8:33:28 - [491320] ----D- C:\Program Files\BitTorrent

O43 - CFD: 4/02/2009 - 21:51:44 - [1673938] ----D- C:\Program Files\Capturino V2

O43 - CFD: 3/08/2010 - 8:27:28 - [1367471] ----D- C:\Program Files\Ciel

O43 - CFD: 1/10/2010 - 18:53:26 - [432555] ----D- C:\Program Files\ColorPic 4.1

O43 - CFD: 25/06/2008 - 10:44:18 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 24/04/2010 - 21:01:42 - [2532179819] ----D- C:\Program Files\Corel

O43 - CFD: 20/06/2009 - 20:30:18 - [184737] ----D- C:\Program Files\DAMN NFO Viewer

O43 - CFD: 20/04/2011 - 19:59:34 - [4176624] ----D- C:\Program Files\Defraggler

O43 - CFD: 8/08/2009 - 16:24:42 - [3590022] ----D- C:\Program Files\Deluxe Pacman

O43 - CFD: 28/06/2010 - 21:52:10 - [800824] ----D- C:\Program Files\DIFX

O43 - CFD: 1/03/2009 - 0:02:12 - [826141] ----D- C:\Program Files\DivX

O43 - CFD: 28/01/2011 - 22:02:22 - [979856] ----D- C:\Program Files\DVD Shrink

O43 - CFD: 29/01/2011 - 0:47:50 - [40698919] ----D- C:\Program Files\DVDFab 8

O43 - CFD: 18/12/2009 - 18:24:04 - [745259475] ----D- C:\Program Files\eMule

O43 - CFD: 15/01/2010 - 20:05:32 - [0] ----D- C:\Program Files\EPSON

O43 - CFD: 1/03/2011 - 19:44:44 - [1726353423] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 10/06/2009 - 21:11:12 - [3555935] ----D- C:\Program Files\Ghostgum

O43 - CFD: 10/06/2009 - 21:05:58 - [22876732] ----D- C:\Program Files\gs

O43 - CFD: 28/08/2011 - 14:20:08 - [57080457] ----D- C:\Program Files\Hamster Soft

O43 - CFD: 24/12/2009 - 0:26:54 - [7255989] ----D- C:\Program Files\Image Mender

O43 - CFD: 18/09/2009 - 21:37:34 - [7408938] ----D- C:\Program Files\Image Resize Guide

O43 - CFD: 1/02/2009 - 19:01:26 - [39268220] ----D- C:\Program Files\ING

O43 - CFD: 18/05/2011 - 19:27:04 - [26856809] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 15/06/2009 - 22:04:28 - [4094125] ----D- C:\Program Files\Intel Corporation

O43 - CFD: 10/08/2011 - 21:04:16 - [6087272] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 9/07/2011 - 13:13:08 - [91938518] ----D- C:\Program Files\Java

O43 - CFD: 17/08/2009 - 21:36:48 - [2608774] ----D- C:\Program Files\JPEGCrops

O43 - CFD: 2/02/2010 - 23:48:50 - [415599] ----D- C:\Program Files\KeyChanger Office Edition

O43 - CFD: 21/06/2009 - 20:59:16 - [38285535] ----D- C:\Program Files\Kolor

O43 - CFD: 30/08/2011 - 18:18:58 - [55753617] ----D- C:\Program Files\La cave du sommelier 2

O43 - CFD: 27/01/2009 - 21:37:30 - [699097] ----D- C:\Program Files\Launch Manager

O43 - CFD: 9/06/2011 - 17:55:16 - [39552019] ----D- C:\Program Files\Lavasoft

O43 - CFD: 12/06/2011 - 21:01:20 - [32788430] ----D- C:\Program Files\Logicave II

O43 - CFD: 30/08/2011 - 18:44:40 - [6953643] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 17/06/2011 - 18:47:22 - [3818669] ----D- C:\Program Files\Matthieu DUCROCQ

O43 - CFD: 9/05/2010 - 18:14:00 - [232645437] ----D- C:\Program Files\McAfee

O43 - CFD: 10/05/2010 - 17:43:56 - [2175257] ----D- C:\Program Files\

O43 - CFD: 24/09/2009 - 22:12:02 - [74874326] ----D- C:\Program Files\Mediafour

O43 - CFD: 24/01/2009 - 17:44:26 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 28/10/2010 - 18:40:42 - [752723] ----D- C:\Program Files\Microsoft

O43 - CFD: 19/05/2011 - 18:42:22 - [800662] ----D- C:\Program Files\Microsoft CAPICOM

O43 - CFD: 25/06/2008 - 10:45:04 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 30/06/2011 - 6:56:44 - [585358876] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 3/03/2010 - 20:04:34 - [246784] ----D- C:\Program Files\Microsoft SDKs

O43 - CFD: 17/06/2011 - 13:38:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 28/01/2009 - 22:31:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 28/01/2009 - 22:28:26 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 3/03/2010 - 20:07:20 - [86607837] ----D- C:\Program Files\Microsoft Visual Studio 9.0

O43 - CFD: 23/04/2011 - 8:58:14 - [0] ----D- C:\Program Files\Microsoft Windows 7 Upgrade Advisor

O43 - CFD: 1/05/2009 - 16:59:40 - [3726168] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 16/08/2010 - 14:11:16 - [8203663] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 12/08/2010 - 22:59:02 - [10374874] ----D- C:\Program Files\Movie Maker

O43 - CFD: 28/08/2011 - 19:01:16 - [32692538] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 28/01/2009 - 23:08:10 - [26521] ----D- C:\Program Files\MSBuild

O43 - CFD: 24/01/2009 - 19:09:20 - [21471559] ----D- C:\Program Files\MSN

O43 - CFD: 25/06/2008 - 10:45:10 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 26/01/2009 - 22:04:18 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 30/01/2011 - 14:05:14 - [639766283] ----D- C:\Program Files\Nero

O43 - CFD: 24/01/2009 - 19:19:48 - [0] ----D- C:\Program Files\NeroInstall.bak

O43 - CFD: 25/06/2008 - 10:45:12 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 18/01/2011 - 22:43:44 - [125604648] ----D- C:\Program Files\Nitro PDF

O43 - CFD: 28/06/2010 - 21:52:14 - [1534] ----D- C:\Program Files\Nokia

O43 - CFD: 11/03/2010 - 0:59:28 - [704526] ----D- C:\Program Files\NoWires Plugin

O43 - CFD: 25/06/2008 - 10:47:16 - [1804] ----D- C:\Program Files\Online Services

O43 - CFD: 16/12/2010 - 23:21:48 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 16/04/2011 - 23:38:10 - [7390817] ----D- C:\Program Files\Pando Networks

O43 - CFD: 28/06/2010 - 21:52:04 - [13394442] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 22/09/2009 - 22:45:20 - [13795016] ----D- C:\Program Files\pdf995

O43 - CFD: 18/09/2009 - 20:59:12 - [10624522] ----D- C:\Program Files\PhotomatixPro3

O43 - CFD: 28/02/2011 - 19:10:34 - [76322555] ----D- C:\Program Files\QuickTime

O43 - CFD: 18/02/2010 - 23:32:26 - [13012823] ----D- C:\Program Files\RayV

O43 - CFD: 28/01/2009 - 23:08:04 - [85987492] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 1/02/2009 - 18:57:48 - [1273083] ----D- C:\Program Files\RegHealer

O43 - CFD: 29/03/2009 - 19:06:20 - [201283862] ----D- C:\Program Files\Samsung

O43 - CFD: 25/06/2008 - 10:47:16 - [1025] ----D- C:\Program Files\Services en ligne

O43 - CFD: 19/09/2010 - 0:16:00 - [61131941] ----D- C:\Program Files\SourceTec

O43 - CFD: 24/04/2010 - 19:52:08 - [0] ----D- C:\Program Files\SpeedProject

O43 - CFD: 9/10/2009 - 21:24:08 - [40051127] ----D- C:\Program Files\Sudoku Up

O43 - CFD: 24/01/2009 - 12:48:04 - [33213011] ----D- C:\Program Files\Synaptics

O43 - CFD: 24/01/2009 - 19:11:02 - [51830980] ----D- C:\Program Files\Toshiba

O43 - CFD: 16/08/2009 - 22:45:28 - [7857400] ----D- C:\Program Files\totalcmd

O43 - CFD: 16/10/2010 - 12:10:00 - [59684431] ----D- C:\Program Files\Tracker Software

O43 - CFD: 31/08/2011 - 19:53:00 - [410314] ----D- C:\Program Files\Trend Micro

O43 - CFD: 1/01/2011 - 15:09:58 - [26565543] ----D- C:\Program Files\TweakNow PowerPack 2010

O43 - CFD: 11/10/2009 - 21:21:16 - [3] ----D- C:\Program Files\TweakNow PowerPack Pro

O43 - CFD: 18/09/2009 - 21:36:16 - [32256] ----D- C:\Program Files\Two Pilots

O43 - CFD: 3/02/2009 - 1:36:36 - [6033675] ----D- C:\Program Files\UltraISO

O43 - CFD: 1/01/2011 - 15:11:30 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 5/04/2009 - 20:47:02 - [74466874] ----D- C:\Program Files\VideoLAN

O43 - CFD: 2/12/2009 - 22:13:12 - [8037977] ----D- C:\Program Files\Visicom Media

O43 - CFD: 11/06/2009 - 23:12:16 - [5418300] ----D- C:\Program Files\Windows Desktop Search

O43 - CFD: 20/01/2011 - 20:58:44 - [81920056] ----D- C:\Program Files\Windows Live

O43 - CFD: 5/04/2009 - 21:05:48 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 28/01/2010 - 22:03:36 - [14346481] ----D- C:\Program Files\Windows Media Components

O43 - CFD: 24/01/2009 - 17:42:52 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 24/01/2009 - 17:42:52 - [8278281] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 25/06/2008 - 10:47:18 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 25/06/2008 - 10:47:20 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 17/09/2010 - 18:46:16 - [12849690] ----D- C:\Program Files\WinHTTrack

O43 - CFD: 12/05/2011 - 20:31:22 - [738770532] ----D- C:\Program Files\WinRAR

O43 - CFD: 22/05/2010 - 21:57:46 - [17402572] ----D- C:\Program Files\WinZip

O43 - CFD: 7/10/2010 - 18:45:38 - [53760] ----D- C:\Program Files\Wondershare

O43 - CFD: 4/02/2010 - 23:04:38 - [51760923] ----D- C:\Program Files\WordPerfect Mail Setup

O43 - CFD: 18/09/2009 - 20:33:40 - [44032] ----D- C:\Program Files\XemiComputers

O43 - CFD: 25/06/2008 - 10:47:20 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 13/08/2010 - 17:27:00 - [9407201] ----D- C:\Program Files\XnView

O43 - CFD: 1/09/2011 - 18:39:52 - [4013778] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 11/03/2011 - 22:29:42 - [840028195] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 22/05/2010 - 9:38:22 - [32159844] ----D- C:\Program Files\Fichiers Communs\Adobe AIR

O43 - CFD: 5/04/2010 - 14:28:16 - [54774793] ----D- C:\Program Files\Fichiers Communs\Apple

O43 - CFD: 24/04/2010 - 20:57:24 - [6235983] ----D- C:\Program Files\Fichiers Communs\Corel

O43 - CFD: 28/01/2009 - 22:31:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD: 3/02/2009 - 1:35:34 - [262144] ----D- C:\Program Files\Fichiers Communs\EZB Systems

O43 - CFD: 7/08/2009 - 21:36:56 - [19215972] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 1/03/2011 - 19:44:44 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 5/02/2009 - 0:41:00 - [655885] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared

O43 - CFD: 9/05/2010 - 18:13:36 - [26574076] ----D- C:\Program Files\Fichiers Communs\McAfee

O43 - CFD: 11/11/2010 - 19:31:16 - [2368512] ----D- C:\Program Files\Fichiers Communs\Mediafour

O43 - CFD: 28/10/2010 - 18:40:58 - [301151020] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 25/06/2008 - 10:44:54 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 30/01/2011 - 14:05:30 - [153452020] ----D- C:\Program Files\Fichiers Communs\Nero

O43 - CFD: 18/01/2011 - 22:43:46 - [16539614] ----D- C:\Program Files\Fichiers Communs\Nitro PDF

O43 - CFD: 25/06/2008 - 10:44:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 23/04/2010 - 20:30:28 - [3166048] ----D- C:\Program Files\Fichiers Communs\Protexis

O43 - CFD: 24/12/2009 - 20:20:36 - [614400] ----D- C:\Program Files\Fichiers Communs\Sage

O43 - CFD: 25/06/2008 - 10:44:54 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 19/09/2010 - 0:16:04 - [6593577] ----D- C:\Program Files\Fichiers Communs\SourceTec

O43 - CFD: 25/06/2008 - 10:44:54 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 1/05/2009 - 16:58:28 - [41360630] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 24/04/2010 - 20:51:34 - [56216709] ----D- C:\Program Files\Fichiers Communs\Ulead Systems

O43 - CFD: 5/04/2009 - 21:02:00 - [141128236] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 24/01/2009 - 18:54:52 - [18424343] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

O43 - CFD: 13/03/2011 - 16:21:28 - [73435590] ----D- C:\Documents and Settings\mvh\Application Data\Adobe

O43 - CFD: 16/07/2009 - 14:54:00 - [2590] ----D- C:\Documents and Settings\mvh\Application Data\Apple Computer

O43 - CFD: 24/01/2009 - 23:06:34 - [0] ----D- C:\Documents and Settings\mvh\Application Data\ATI

O43 - CFD: 18/05/2011 - 19:29:24 - [8890] ----D- C:\Documents and Settings\mvh\Application Data\beid-cache

O43 - CFD: 24/08/2011 - 21:12:00 - [3700789] ----D- C:\Documents and Settings\mvh\Application Data\BitTorrent

O43 - CFD: 24/05/2010 - 22:11:04 - [8458] ----D- C:\Documents and Settings\mvh\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 28/04/2011 - 20:46:22 - [2560] ----D- C:\Documents and Settings\mvh\Application Data\Classes de site

O43 - CFD: 24/04/2010 - 20:24:48 - [44891668] ----D- C:\Documents and Settings\mvh\Application Data\Corel

O43 - CFD: 5/04/2009 - 20:48:30 - [0] ----D- C:\Documents and Settings\mvh\Application Data\DivX

O43 - CFD: 12/09/2009 - 14:58:02 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Download Manager

O43 - CFD: 18/01/2011 - 22:41:22 - [605446144] ----D- C:\Documents and Settings\mvh\Application Data\Downloaded Installations

O43 - CFD: 29/07/2011 - 22:23:40 - [199] ----D- C:\Documents and Settings\mvh\Application Data\dvdcss

O43 - CFD: 2/12/2009 - 22:15:22 - [109199] ----D- C:\Documents and Settings\mvh\Application Data\Dynamique

O43 - CFD: 15/02/2010 - 0:29:08 - [1806797] ----D- C:\Documents and Settings\mvh\Application Data\e

O43 - CFD: 14/01/2011 - 0:15:32 - [179] ----D- C:\Documents and Settings\mvh\Application Data\HamsterSoft

O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Identities

O43 - CFD: 18/09/2009 - 21:36:40 - [932] ----D- C:\Documents and Settings\mvh\Application Data\ImageResizeGuide

O43 - CFD: 27/01/2009 - 19:44:40 - [353953] ----D- C:\Documents and Settings\mvh\Application Data\Macromedia

O43 - CFD: 30/08/2011 - 18:44:44 - [4490] ----D- C:\Documents and Settings\mvh\Application Data\Malwarebytes

O43 - CFD: 9/07/2011 - 8:35:26 - [6477630] -S--D- C:\Documents and Settings\mvh\Application Data\Microsoft

O43 - CFD: 6/06/2011 - 18:39:54 - [17979993] ----D- C:\Documents and Settings\mvh\Application Data\Mozilla

O43 - CFD: 31/01/2011 - 19:25:08 - [2564760] ----D- C:\Documents and Settings\mvh\Application Data\Nero

O43 - CFD: 23/04/2011 - 18:53:38 - [210906] ----D- C:\Documents and Settings\mvh\Application Data\Nitro PDF

O43 - CFD: 22/09/2009 - 22:10:32 - [356] ----D- C:\Documents and Settings\mvh\Application Data\Office Genuine Advantage

O43 - CFD: 28/06/2010 - 21:54:08 - [446] ----D- C:\Documents and Settings\mvh\Application Data\PC Suite

O43 - CFD: 18/03/2009 - 23:06:28 - [28] ----D- C:\Documents and Settings\mvh\Application Data\pdf995

O43 - CFD: 14/05/2011 - 20:58:08 - [4215305] ----D- C:\Documents and Settings\mvh\Application Data\RayV

O43 - CFD: 16/04/2011 - 21:44:26 - [1507395] ----D- C:\Documents and Settings\mvh\Application Data\Reviversoft

O43 - CFD: 10/03/2009 - 22:49:50 - [21] ----D- C:\Documents and Settings\mvh\Application Data\Samsung

O43 - CFD: 28/04/2011 - 20:46:22 - [581120] ----D- C:\Documents and Settings\mvh\Application Data\Sites

O43 - CFD: 30/01/2009 - 19:42:00 - [80694482] ----D- C:\Documents and Settings\mvh\Application Data\Sun

O43 - CFD: 9/10/2009 - 21:24:10 - [57722] ----D- C:\Documents and Settings\mvh\Application Data\TreeCardGames

O43 - CFD: 11/10/2009 - 21:21:16 - [705] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack

O43 - CFD: 24/04/2010 - 19:50:50 - [3669520] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2009

O43 - CFD: 24/04/2010 - 19:39:04 - [8192] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2010

O43 - CFD: 24/04/2010 - 21:02:40 - [53000] ----D- C:\Documents and Settings\mvh\Application Data\Ulead Systems

O43 - CFD: 20/02/2010 - 11:07:02 - [230969] ----D- C:\Documents and Settings\mvh\Application Data\VitySoft

O43 - CFD: 28/08/2011 - 14:35:06 - [476426] ----D- C:\Documents and Settings\mvh\Application Data\vlc

O43 - CFD: 24/01/2009 - 23:06:30 - [196] ----D- C:\Documents and Settings\mvh\Application Data\Windows Desktop Search

O43 - CFD: 3/07/2009 - 10:00:12 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Windows Search

O43 - CFD: 1/05/2009 - 15:48:16 - [12] ----D- C:\Documents and Settings\mvh\Application Data\WinRAR

O43 - CFD: 18/09/2009 - 20:33:50 - [3124278] ----D- C:\Documents and Settings\mvh\Application Data\XemiComputers

O43 - CFD: 15/04/2011 - 20:23:34 - [115769] ----D- C:\Documents and Settings\mvh\Application Data\XnView

O43 - CFD: 23/05/2010 - 20:47:48 - [35092985] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Adobe

O43 - CFD: 19/04/2009 - 14:04:48 - [7078274] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Ahead

O43 - CFD: 16/07/2009 - 14:51:52 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple

O43 - CFD: 16/07/2009 - 14:51:02 - [96361370] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple Computer

O43 - CFD: 29/07/2011 - 18:32:50 - [11848] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 24/01/2009 - 23:06:34 - [40577] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ATI

O43 - CFD: 14/01/2011 - 23:56:20 - [146378] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Corel

O43 - CFD: 28/08/2011 - 11:00:00 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Deployment

O43 - CFD: 23/02/2010 - 22:22:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Emurasoft

O43 - CFD: 26/09/2010 - 18:30:22 - [205220] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\GHISLER

O43 - CFD: 1/06/2011 - 21:04:02 - [534573029] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Google

O43 - CFD: 24/01/2009 - 23:06:32 - [229816] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Identities

O43 - CFD: 13/03/2011 - 16:21:28 - [604778107] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft

O43 - CFD: 20/02/2010 - 11:24:54 - [4447] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Corporation

O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Help

O43 - CFD: 6/06/2011 - 18:39:38 - [301531226] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Mozilla

O43 - CFD: 28/06/2010 - 22:00:40 - [637952] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Nokia

O43 - CFD: 28/06/2010 - 21:56:16 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NokiaAccount

O43 - CFD: 24/04/2010 - 21:03:38 - [98304] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NOS

O43 - CFD: 16/04/2011 - 23:38:56 - [31114] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Pando

O43 - CFD: 4/02/2010 - 23:57:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\PCHealth

O43 - CFD: 25/06/2008 - 10:43:08 - [285696] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Seven Zip

O43 - CFD: 15/12/2009 - 21:44:16 - [59183] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\SourceTec

O43 - CFD: 4/08/2011 - 21:07:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Temp

O43 - CFD: 17/06/2011 - 18:57:44 - [177] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\WDSetup

O43 - CFD: 23/04/2011 - 9:05:04 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Yahoo!

~ Scan Program Folder in 00mn 04s




---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 1/09/2011 - 17:12:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.493625AD9FE14BECBEA24034A24A05CB] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.B099B38B0FEBD7E0E53787475DD2BFC7] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.9B9C37AE1B7B5E3E334F8D68267643E1] - 1/09/2011 - 17:15:08 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1828295]

O44 - LFC:[MD5.D4B38373FC06C070AA7D6AC5E1232FC2] - 1/09/2011 - 17:31:32 ---A- . (...) -- C:\TDSSKiller. [56134]

O44 - LFC:[MD5.43A22045C0D52393815A2A26858E05F8] - 1/09/2011 - 17:32:50 ---A- . (...) -- C:\WINDOWS\wincmd.ini [4718]

O44 - LFC:[MD5.09DA793B0CC13C79FB661D5FE871D6D7] - 1/09/2011 - 17:38:50 ---A- . (...) -- C:\WINDOWS\setupapi.log [990854]

O44 - LFC:[MD5.A4BB36C94A6F6F780D6D1C10F6B96E5E] - 1/09/2011 - 6:37:03 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32088]

O44 - LFC:[MD5.55328E4D5D0A45D78F7CF071F490405C] - 28/08/2011 - 9:39:59 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158]

O44 - LFC:[MD5.CAF61893287EC7417CA4D2D1B8FA1252] - 28/08/2011 - 9:49:35 ---A- . (...) -- C:\WINDOWS\msmqinst.log [480550]

O44 - LFC:[MD5.CCA99A05B4B5D78BB54E7F327B1389FA] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1492862]

O44 - LFC:[MD5.F14E07133B141EF16653A152D0C63770] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\KB2562937.log [12419]

O44 - LFC:[MD5.E7B491F7B7F5AD245138E47121B62BB2] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [104212]

O44 - LFC:[MD5.C712C8E03EEFDE8FFA7D5770965DE3F9] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [511643]

O44 - LFC:[MD5.79F9B1B2D64242515616C5E81E4B15A4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\iis6.log [1714486]

O44 - LFC:[MD5.B545F3BD1154D2ACBCDC697A540EDCB0] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.EB11DAC8BBE4BF2022BBBECFF69904FC] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75500]

O44 - LFC:[MD5.A19CEE3B286D84EC2F3B33BF630F764A] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\netfxocm.log [262700]

O44 - LFC:[MD5.04A8EBEF1FE5AE6FE26C450E7E6FC276] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [310103]

O44 - LFC:[MD5.6A6984B80F6F7EA35950C06FB4865A97] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [741780]

O44 - LFC:[MD5.6506C080F1C986F2D2A5D745D7DFE7F4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [83367]

O44 - LFC:[MD5.2F897C74E10567D604077E638247564F] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tabletoc.log [75574]

O44 - LFC:[MD5.F3D50B06D30DD19F86E84EFA316C584E] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [695496]

O44 - LFC:[MD5.F1C8125909F79AC37F1DCBE518113F1D] - 30/08/2011 - 20:05:42 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [366994]

O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 30/08/2011 - 17:44:39 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272]

O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 30/08/2011 - 17:44:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]

O44 - LFC:[MD5.A8E0AB52299BC87F1EB080E2A3FC9BBE] - 30/08/2011 - 17:25:54 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\ssleay32_0_9_8g.dll [200704]

O44 - LFC:[MD5.4A472B9676039C11A2A8DB93FD59B2CF] - 30/08/2011 - 17:25:32 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libeay32_0_9_8g.dll [1044480]

O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 28/08/2011 - 13:23:57 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]

O44 - LFC:[MD5.8252837BEDD4BDCA6C6F3EB53A716EB6] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\KB2570791.log [3730]

O44 - LFC:[MD5.0D01E3A81F22ED04F96D72A1D3F3E559] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [235670]

O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_rules.dat [44]

O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_stats.dat [64]

O44 - LFC:[MD5.29112307112535F9CE13D924B00994E6] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15639]

O44 - LFC:[MD5.9A465F3F504A35BECD25CAF07F73CF05] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]

O44 - LFC:[MD5.395476DBD0CD22A30CAF8A362897E860] - 10/08/2011 - 20:09:10 ---A- . (...) -- C:\WINDOWS\updspapi.log [185275]

O44 - LFC:[MD5.70718448639322BC2ACE5A42B0A46FC4] - 10/08/2011 - 20:08:33 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11055]

O44 - LFC:[MD5.D957CCDC044932A3993E89D02BF627A6] - 10/08/2011 - 20:07:50 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10922]

O44 - LFC:[MD5.7106FD5F0A7BFEF64EA395DC93C6CC81] - 10/08/2011 - 20:04:24 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14906]

O44 - LFC:[MD5.BDB7D76531D5BC9E05EACD04ED28813E] - 10/08/2011 - 20:03:56 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6931]

~ Scan Files in 00mn 00s




---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "D:\Rmcob700\RUNCOBOL.EXE" [Enabled] .(.Liant Software Corporation - RM/COBOL Runtime Executable.) -- D:\Rmcob700\RUNCOBOL.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.exe" [Enabled] .(.RayV - RayV.) -- C:\Program Files\RayV\RayV\RayV.exe

O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.dll" [Enabled] .(.RayV - RayV Viewer SDK.) -- C:\Program Files\RayV\RayV\RayV.dll

O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Pando Networks\Pando\Pando.exe" [Enabled] .(.Pando Networks - pando.) -- C:\Program Files\Pando Networks\Pando\Pando.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" [Enabled] .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

~ Scan Keys in 00mn 00s




---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\Drivers\mfehidk.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

~ Scan CSB in 00mn 00s




---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ Scan IFEO in 00mn 00s




---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.MPEGacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.ulmp3acm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm"="Ulead ACM MP3 Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s




---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

~ Scan Keys in 00mn 00s


Voici le même rapport (complet) après avoir décoché le 056



Rapport de ZHPDiag v1.28.1346 par Nicolas Coolman, Update du 29/08/2011

Run by mvh at 1/09/2011 18:44:19

Web site : ZHPDiag Outil de diagnostic



---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

MFIE: Mozilla Firefox 4.0.1 v4.0.1


---\\ Windows Product Information

Windows XP Professional Service Pack 3 (Build 2600)

Windows Automatic Updates : OK

Windows Genuine Advantage : OK


---\\ System Information

~ Processor: x86 Family 6 Model 23 Stepping 6, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3066 MB (69% free)

System Restore: Activé (Enable)

System drive C: has 5 GB (10%) free of 49 GB


---\\ Logged in mode

~ Computer Name: POR-MVH

~ User Name: mvh

~ All Users Names: SUPPORT_388945a0, mvh, mcu, HelpAssistant, ASPNET, Administrateur,

~ Unselected Option: O45,O56,O61,O62,O65,O66,O82

Logged in as Administrator


---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Documents and Settings\mvh\Application Data\

~ %Desktop% : C:\Documents and Settings\mvh\Bureau\

~ %Favorites% : C:\Documents and Settings\mvh\Favoris\

~ %LocalAppData% : C:\Documents and Settings\mvh\Local Settings\Application Data\

~ %StartMenu% : C:\Documents and Settings\mvh\Menu Démarrer\

~ %Windir% : C:\WINDOWS\

~ %System% : C:\WINDOWS\system32\


---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 5 Go of 49 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 56 Go of 249 Go)

E:\ CD-ROM drive (Not Inserted)

Z:\ CD-ROM drive (Not Inserted)




---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableTaskMgr: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] DisableRegistryTools: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s




---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (....) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\rundll32.exe [33792]

[MD5.3008D2F793F23FF0DDBC5A1FB9F8374F] - (.Microsoft Corporation - Internet Extensions for Win32.) (.1/09/2011 - 19:31:31.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.1/09/2011 - 10:40:32.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.1/09/2011 - 13:00:00.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

~ Scan Generic Processes in 00mn 00s




---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 9/553

~ Mes musiques (My Musics) : 1/2

~ Mes Videos (My Videos) : 2/11

~ Mes Favoris (My Favorites) : 3/207

~ Mes Documents (My Documents) : 52/1982

~ Mon Bureau (My Desktop) : 1/60

~ Menu demarrer (Programs) : 5/46

~ Scan Hidden Files in 00mn 00s




---\\ Processus lancés

[MD5.AB6A44C8A3C64AC89567784145910F49] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\WINDOWS\system32\Ati2evxx.exe [532480] [PID.]

[MD5.2CCCD74F69473B60CB904DC466077AC0] - (.Zetes - Belgium Identity Card Service.) -- C:\WINDOWS\system32\beidservicepcsc.exe [331776] [PID.]

[MD5.9DBA73C2F1E76EC4CB837E67C5743596] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376] [PID.]

[MD5.0EA695F38FD27DBE53F3D88C3A0F88DC] - (.Mediafour Corporation - MacDrive service.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe [131584] [PID.]

[MD5.37036C07983EF1024B2FF3C28AAE5700] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [366640] [PID.]

[MD5.7E6932EEDA54C8EAF7DC6C2225261B85] - (.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe [214904] [PID.]

[MD5.6991A9EA5E74E6035B8DAB17A7572CF3] - (.McAfee, Inc. - McAfee Process Validation Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe [148520] [PID.]

[MD5.78073F606AE3B24F6C1F555759AA8511] - (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [877864] [PID.]

[MD5.F1519E42A9CBAC4638CF6C1BFBBD367E] - (.Nitro PDF Software - Solid Spool Service.) -- C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe [196928] [PID.]

[MD5.1E38790BDEA07472C4B16ADD469E9912] - (.Nalpeiron Ltd. - This service enables products that use the.) -- C:\WINDOWS\system32\NLSSRV32.EXE [68928] [PID.]

[MD5.875E4E0661F3A5994DF9E5E3A0A4F96B] - (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) -- C:\WINDOWS\system32\IoctlSvc.exe [81920] [PID.]

[MD5.64E413BA0C529AA40C3924BBCC4153DB] - (.Pas de propriétaire - nTitles PSIService.) -- C:\WINDOWS\system32\PSIService.exe [174656] [PID.]

[MD5.543A4EF0923BF70D126625B034EF25AF] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe [189728] [PID.]

[MD5.2E7315B147E524E055026E6634B14EA6] - (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) -- C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [128360] [PID.]

[MD5.29C45F29E6B60BBF554DD89E499D384E] - (.McAfee, Inc. - McAfee On-Access Scanner service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe [165000] [PID.]

[MD5.A2E16406728BE43076473A99C2F13678] - (.McAfee, Inc. - McAfee Core Firewall Service.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe [159832] [PID.]

[MD5.FEAE215A64318D84A2077E105D27DC0B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16859136] [PID.3564]

[MD5.0D034E8C4F88C5B2B0C1AF3CF438CC4F] - (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.EXE [86016] [PID.3576]

[MD5.10BAE7A1B4027833428220391EACAE49] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1105920] [PID.3616]

[MD5.A528A87BF0CFF1BCA1AD2AB70B4B5CFD] - (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe [192512] [PID.3624]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792] [PID.3672]

[MD5.02095B7B324A2D19AF30A23796E2A13F] - (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\\Agent\mcagent.exe [1312384] [PID.3688]

[MD5.CDE36A1A95BB1F9CF77C03B9E01EDE8B] - (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe [167936] [PID.3804]

[MD5.13E7CFE8E269ED15E7FC9C3EBBCB7E2B] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [254696] [PID.3924]

[MD5.33BFCE71F407F24E5DFDB7DD46CE2D6D] - (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [449584] [PID.3932]

[MD5.EB2CC7A2441AA4477BCE761800168CCC] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [1840424] [PID.3956]

[MD5.B0E6FAA0F0EAD4772C545A3737EFB47F] - (.Wistron Corp. - Pas de description.) -- C:\Program Files\Launch Manager\WisLMSvc.exe [118784] [PID.]

[MD5.E13EA4860E8F2AA845B53BFD2B6FEC5B] - (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe [1695232] [PID.3976]

[MD5.62F68443D244024845B875B44D76A92F] - (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [537896] [PID.]

[MD5.469922A70BA4F71F7D7582ED1E58ED80] - (.Two_toNe - Customize Taskbar Ver1.2.0.) -- D:\TClock\Tclock2_120fr\Tclock2_120fr\tclock2.exe [90624] [PID.2908]

[MD5.BE11DA966D6FC74F2137306FB260F6A4] - (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe [1017912] [PID.412]

[MD5.A1F15ABE56BE5B7D7778221A1567231B] - (.Corel - Standby service.) -- C:\Program Files\Fichiers communs\Corel\Standby\Standby.exe [105632] [PID.1668]

[MD5.7914370AAC5CDE8DCAE1C674A6C90229] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [669696] [PID.2516]

[MD5.67949CC8A865296C1333C96A4E1A2D66] - (.Microsoft Corporation - Serveur de gestion de ressources des cartes.) -- C:\WINDOWS\System32\SCardSvr.exe [100352] [PID.]

[MD5.5E9A6658A2A69AE7EB195113B7A2E7A9] - (.Microsoft Corporation - Application Layer Gateway Service.) -- C:\WINDOWS\System32\alg.exe [44544] [PID.]

~ Scan Processes Running in 00mn 00s




---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

~ Scan Google Browser in 00mn 00s




---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\prefs.js

C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\user.js (.not file.)

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [mvh] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [mvh - tcbe9daq.default] Google

M2 - MFEP: prefs.js [mvh - tcbe9daq.default\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}] [] iMacros for Firefox v7.2.2.0 (.iMacros Team, iOpus Software GmbH.)

P2 - FPN: [HKLM] [] - (...) -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [ Viewer Plugin,version=1.0,application/pdf] - (.Tracker Software Products Ltd. - PDF-XChange Viewer Netscape Gecko Plugin.) -- C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll

P2 - FPN: [HKLM] [] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_26 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [,version=10] - (...) -- c:\progra~1\mcafee\msc\npmcsn~1.dll

P2 - FPN: [HKLM] [,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [,version=1.3] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [,version=1.5] - (.Microsoft Corp. - Office Live Update v1.5.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [] - (.RayV - RayV Plugin.) -- C:\Program Files\RayV\RayV\plugins\nprayvplugin.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.0.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

P2 - FPN: [HKCU] [ Update;version=3] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [ Update;version=8] - (...) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleOneClick8.dll (.not file.)

P2 - FPN: [HKCU] [ Update;version=9] - (.Google Inc. - Google Update.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s




---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =     

R0 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =     

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = Bing

R1 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\Software\Microsoft\Internet Explorer\Main,Search Page =     

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19098 (longhorn_ie8_gdr.110617-1715)) -- C:\WINDOWS\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

~ Scan IE Browser in 00mn 00s




---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s




---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s




---\\ Redirection du fichier Hosts (O1)

~ Scan Hosts File in 00mn 00s




---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} . (.McAfee, Inc. - VSCore Script Scanner.) -- C:\Program Files\Fichiers communs\McAfee\SystemCore\ScriptSn.20110721222730.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\Windo

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

~ Scan BHO in 00mn 00s




---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll

~ Scan Toolbar in 00mn 00s




---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe

O4 - HKLM\..\Run: [soundMan] . (.Realtek Semiconductor Corp. - Realtek Sound Manager.) -- C:\WINDOWS\SOUNDMAN.exe

O4 - HKLM\..\Run: [AlcWzrd] . (.RealTek Semicoductor Corp. - RealTek AlcWzrd Application.) -- C:\WINDOWS\ALCWZRD.exe

O4 - HKLM\..\Run: [Alcmtr] . (.Realtek Semiconductor Corp. - Realtek Azalia Audio - Event Monitor.) -- C:\WINDOWS\ALCMTR.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [HotkeyApp] . (.Wistron - HotkeyApp.) -- C:\Program Files\Launch Manager\HotkeyApp.exe

O4 - HKLM\..\Run: [iTSecMng] . (. TOSHIBA CORPORATION - IT Security Manager for Toshiba Stack.) -- C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe

O4 - HKLM\..\Run: [NBKeyScan] . (.Nero AG - Nero BackItUp.) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

O4 - HKLM\..\Run: [AdobeCS4ServiceManager] . (.Adobe Systems Incorporated - Adobe CS4 Service Manager.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl

O4 - HKLM\..\Run: [standby] . (.Corel - Standby service.) -- c:\Program Files\Fichiers communs\Corel\Standby\Standby.exe

O4 - HKLM\..\Run: [mcui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\\Agent\mcagent.exe

O4 - HKLM\..\Run: [NeroFilterCheck] . (.Nero AG - NeroCheck.) -- C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [MacDrive 8 application] . (.Mediafour Corporation - MacDrive application.) -- C:\Program Files\Mediafour\MacDrive 8\MacDrive.exe

O4 - HKLM\..\Run: [Getting started with MacDrive 8] . (.Mediafour Corporation - Get Started with MacDrive.) -- C:\Program Files\Mediafour\MacDrive 8\MDGetStarted.exe

O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\qttask.exe

O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe (.not file.)

O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe (.not file.)

O4 - HKLM\..\Run: [Wbutton] C:\Program Files\Launch Manager\WButton.exe (.not file.)

O4 - HKLM\..\Run: [beidsystemtray] . (.Zetes - beidsystemtray.) -- C:\Program Files\Belgium Identity Card\beidsystemtray.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe

O4 - HKCU\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] . (.Nero AG - Nero Home.) -- C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [MSMSGS] . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - HKUS\S-1-5-21-1450548496-595715333-2881210952-1006\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

~ Scan Application in 00mn 00s




---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Bridge CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Bridge CS4\Bridge.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Device Central CS4.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Device Central CS4\DeviceCentral.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Dreamweaver CS4.lnk . (.Adobe Systems, Inc..) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Drive CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\Adobe Drive CS4\ConnectUI\Adobe Drive CS4.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe ExtendScript Toolkit CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Utilities\ExtendScript Toolkit CS4\ExtendScript Toolkit.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Extension Manager CS4.lnk . (.Adobe Systems Incorporated.) -- C:\Program Files\Adobe\Adobe Extension Manager CS4\Adobe Extension Manager CS4.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Flash CS4 Professional.lnk . (.Adobe Systems Incorporated..) -- C:\Program Files\Adobe\Adobe Flash CS4\Flash.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Help.lnk . (...) -- C:\Program Files\Adobe\Adobe Help\Adobe Help.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Media Encoder CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Media Encoder CS4\Adobe Media Encoder.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop CS4.lnk . (.Adobe Systems, Incorporated.) -- C:\Program Files\Adobe\Adobe Photoshop CS4\Photoshop.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Photoshop Lightroom 2.7.lnk . (.Adobe Systems.) -- C:\Program Files\Adobe\Adobe Photoshop Lightroom 2.7\lightroom.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Pixel Bender Toolkit.lnk . (...) -- C:\Program Files\Adobe\Adobe Utilities\Pixel Bender Toolkit\pixel_bender_toolkit.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Reader X.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Apple Software Update.lnk . (...) -- C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Nitro PDF Professional.lnk . (...) -- C:\WINDOWS\Installer\{19DCEAAA-AC36-4C34-B1D5-5B94BF6E4BC6}\Professional.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Open Cellar Home Edition 1.2.lnk . (...) -- C:\WINDOWS\Installer\{1F0944C8-C099-4E12-8F0C-617316731B58}\_18be6784.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Sudoku Up.lnk . (...) -- C:\Program Files\Sudoku Up\SudokuUp.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Live ID.lnk . (.Microsoft Corporation.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\SIGNINOPTIONS.EXE

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Messenger.lnk . (.Microsoft Corporation.) -- C:\Program Files\Messenger\msmsgs.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Movie Maker.lnk . (.Microsoft Corporation.) -- C:\Program Files\Movie Maker\moviemk.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Windows Search.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Desktop Search\WindowsSearch.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Assistance à distance.lnk . (.Microsoft Corporation.) -- C:\WINDOWS\system32\rcimlby.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Outlook Express.lnk . (.Microsoft Corporation.) -- C:\Program Files\Outlook Express\msimn.exe

O4 - Global Startup: C:\Documents And Settings\mvh\Menu Démarrer\Programmes\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s




---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~1\MICROS~2\Office12\EXCEL.exe

O8 - Extra context menu item: Sothink SWF Catcher . (...) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm

~ Scan IE Menu Contextuel in 00mn 00s




---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} . (.Pas de propriétaire - WinHTTrackIEBar Module.) -- C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O9 - Extra button: Launch WinHTTrack - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\Office12\REFBARH.ICO

O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (.SourceTec - Sothink SWF Catcher.) -- C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\SWFCatcher.dll

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

~ Scan IE Extra Buttons in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

~ Scan Winsock in 00mn 00s




---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) -

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) -

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () -

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) -

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () -

~ Scan Objets ActiveX in 00mn 00s




---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

O17 - HKLM\System\CS1\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

O17 - HKLM\System\CS3\Services\Tcpip\..\{2BFC115A-F778-407D-8F9E-D8472D589D54}: DhcpNameServer =

~ Scan Domain in 00mn 00s




---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API.) -- C:\WINDOWS\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\WINDOWS\system32\itss.dll

O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: sysimage - {76E67A63-06E9-11D2-A840-006008059382} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\WINDOWS\system32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft ® HTML Viewer.) -- C:\WINDOWS\system32\mshtml.dll

O18 - Handler: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} . (.Microsoft Corporation - WIA Scripting Layer.) -- C:\WINDOWS\system32\wiascr.dll

O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} . (.McAfee, Inc. - McAfee MSC IE plugin DLL.) -- c:\progra~1\mcafee\msc\mcsniepl.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\WINDOWS\system32\mscoree.dll

O18 - Filter: Class Install Handler - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: lzdhtml - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - OLE32 Extensions for Win32.) -- C:\WINDOWS\system32\urlmon.dll

O18 - Filter: text/webviewhtml - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s




---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: AtiExtEvent . (.ATI Technologies Inc. - ATI External Event Utility DLL Module.) -- C:\WINDOWS\system32\Ati2evxx.dll

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\WINDOWS\system32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\WINDOWS\system32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\WINDOWS\system32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\WINDOWS\system32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

O20 - Winlogon Notify: WgaLogon . (...) -- C:\WINDOWS\system32\WgaLogon.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\WINDOWS\system32\wlnotify.dll

~ Scan Winlogon in 00mn 00s




---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

~ Scan SSODL in 00mn 00s




---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s




---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (Ati HotKey Poller) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: eID CRL Service (eID CRL Service) . (. Zetes - Belgium Identity Card CRL Service.) - C:\WINDOWS\system32\beidservicecrl.exe

O23 - Service: eID Privacy Service (eID Privacy Service) . (.Zetes - Belgium Identity Card Service.) - C:\WINDOWS\system32\beidservicepcsc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: MacDrive 8 service (MacDrive8Service) . (.Mediafour Corporation - MacDrive service.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Services (mcmscsvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee VirusScan Announcer (McNaiAnn) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Network Agent (McNASvc) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee Proxy Service (McProxy) . (.McAfee, Inc. - McAfee Service Host.) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O23 - Service: McAfee McShield (McShield) . (.McAfee, Inc. - McAfee On-Access Scanner service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

O23 - Service: McAfee Firewall Core Service (mfefire) . (.McAfee, Inc. - McAfee Core Firewall Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) . (.McAfee, Inc. - McAfee Process Validation Service.) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

O23 - Service: Nero BackItUp Scheduler 3 (Nero BackItUp Scheduler 3) . (.Nero AG - Nero BackItUp.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

O23 - Service: NitroPDFDriverCreatorReadSpool (NitroDriverReadSpool) . (.Nitro PDF Software - Solid Spool Service.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe

O23 - Service: NLS Service (nlsX86cc) . (.Nalpeiron Ltd. - This service enables products that use the.) - C:\WINDOWS\system32\NLSSRV32.exe

O23 - Service: PLFlash DeviceIoControl Service (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc. - PLFlash DeviceIoControl Service.) - C:\WINDOWS\system32\IoctlSvc.exe

O23 - Service: ProtexisLicensing (ProtexisLicensing) . (.Pas de propriétaire - nTitles PSIService.) - C:\WINDOWS\system32\PSIService.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe

O23 - Service: TOSHIBA Bluetooth Service (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION - TOSHIBA Bluetooth Service.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

~ Scan Services in 00mn 00s




---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s




---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\AppleSoftwareUpdate.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\OGALogon.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\One-Click Tweak.job

[MD5.1DDB6CA106D92FBB7E2138DF1360EC26] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006Core] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-1450548496-595715333-2881210952-1006UA] (.Google Inc..) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [OGALogon] (...) -- C:\WINDOWS\system32\OGAexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files\Advanced PC Tweaker\OneClick.exe (.not file.)

~ Scan Scheduled Task in 00mn 00s




---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (AmdK7) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\amdk7.sys

O41 - Driver: (CBDisk) . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - C:\WINDOWS\system32\drivers\CBDisk.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\system32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\system32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\system32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\system32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\system32\DRIVERS\ipsec.sys

O41 - Driver: (ISODrive) . (.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - C:\Program Files\UltraISO\drivers\ISODrive.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\system32\DRIVERS\kbdclass.sys

O41 - Driver: McAfee Inc. mfetdi2k (mfetdi2k) . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - C:\WINDOWS\system32\drivers\mfetdi2k.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\system32\DRIVERS\mouclass.sys

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\system32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\system32\DRIVERS\netbt.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\system32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\system32\DRIVERS\redbook.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\system32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\system32\DRIVERS\wmiacpi.sys

~ Scan Drivers in 00mn 00s




---\\ Logiciels installés (O42)

O42 - Logiciel: ATI - Utilitaire de désinstallation du logiciel - (.Pas de propriétaire.) [HKLM] -- All ATI Software

O42 - Logiciel: ATI Catalyst Control Center - (.Pas de propriétaire.) [HKLM] -- {055EE59D-217B-43A7-ABFF-507B966405D8}

O42 - Logiciel: ATI Display Driver - (.Pas de propriétaire.) [HKLM] -- ATI Display Driver

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Dreamweaver CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_acce07fd2c8fe7f9e3f26243e626578

O42 - Logiciel: Adobe Flash CS4 Professional - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_a68eec966ce913ddaa63251dc82ed31

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Photoshop CS4 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_faf656ef605427ee2f42989c3ad31b8

O42 - Logiciel: Autopano Giga - (.Kolor.) [HKLM] -- Autopano Giga

O42 - Logiciel: BIS TV Viewer - (.RayV.) [HKLM] -- RayV

O42 - Logiciel: Belgium Identity Card Run-time 2.6 - (.Fedict.) [HKLM] -- InstallShield_{EA248851-A7D5-4906-8C46-A3CA267F6A24}

O42 - Logiciel: BitTorrent - (.BitTorrent, Inc.) [HKCU] -- BitTorrent

O42 - Logiciel: Capturino V2 - (.Pas de propriétaire.) [HKCU] -- Capturino V2

O42 - Logiciel: ColorPic - (.Iconico.) [HKLM] -- ColorPic

O42 - Logiciel: Corel Graphics - Windows Shell Extension - (.Corel Corporation.) [HKLM] -- _{72DB27D3-FE05-4227-AF5A-11CD101ECF09}

O42 - Logiciel: Corel PaintShop Photo Pro X3 - (.Corel Corporation.) [HKLM] -- _{D1AEB5DB-04FA-489D-94EF-8600898B93EE}

O42 - Logiciel: CorelDRAW® Graphics Suite X5 - (.Corel Corporation.) [HKLM] -- _{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: DVDFab (05/01/2011) - (.Fengtao Software Inc..) [HKLM] -- DVDFab 8_is1

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: Deluxe Pacman (1.70) - (.Pas de propriétaire.) [HKLM] -- Deluxe Pacman_is1

O42 - Logiciel: DivX Codec - (.DivX, Inc..) [HKLM] -- {7B63B2922B174135AFC0E1377DD81EC2}

O42 - Logiciel: EPSON Logiciel imprimante - (.Pas de propriétaire.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: FTP Expert 3 - (.Pas de propriétaire.) [HKLM] -- FTP Expert 3

O42 - Logiciel: GPL Ghostscript 8.64 - (.Pas de propriétaire.) [HKLM] -- GPL Ghostscript 8.64

O42 - Logiciel: GSview 4.9 - (.Pas de propriétaire.) [HKLM] -- GSview 4.9

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Hamster Free Video Convertor - (.Hamster Soft.) [HKLM] -- {7E350663-86D3-466A-AB79-28156A9ABF6E}_is1

O42 - Logiciel: HamsterFreeVideoConverter - (.HamsterSoft, Inc..) [HKLM] -- Hamster Free Video Converter_is1

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946040

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946308

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB946344

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947540

O42 - Logiciel: Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) - (.Microsoft Corporation.) [HKLM] -- {AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}.KB947789

O42 - Logiciel: Hotfix for Windows XP (KB915800-v4) - (.Microsoft Corporation.) [HKLM] -- KB915800-v4

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: Image Mender 1.22 - (.Phibit Software.) [HKLM] -- Image Mender

O42 - Logiciel: Image Resize Guide 1.0.1 - (.Two Pilots.) [HKLM] -- Image Resize Guide_is1

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: JMicron JMB38X Flash Media Controller - (.JMicron Technology Corp..) [HKLM] -- {26604C7E-A313-4D12-867F-7C6E7820BE4C}

O42 - Logiciel: JPEGCrops 0.7.5 beta - (.Pas de propriétaire.) [HKLM] -- {DEAD07C6-D070-43AB-A60D-D9ABE55E296D}_is1

O42 - Logiciel: KeyChanger Office Edition - (.Keytech-Software.) [HKLM] -- KeyChanger Office Edition2.0

O42 - Logiciel: La cave du sommelier 2 - (.DP Software.) [HKLM] -- {8A37B952-0B30-477D-923D-15C19411F924}_is1

O42 - Logiciel: Launch Manager V1.4.9 - (.Wistron Corp..) [HKLM] -- {D0846526-66DD-4DC9-A02C-98F9A2806812}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST

O42 - Logiciel: MaCave - (.Pas de propriétaire.) [HKCU] -- MACAVEExécutable

O42 - Logiciel: Malwarebytes' Anti-Malware version - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: McAfee AntiVirus Plus - (.McAfee, Inc..) [HKLM] -- MSC

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Internationalized Domain Names Mitigation APIs - (.Microsoft Corporation.) [HKLM] -- IDNMitigationAPIs

O42 - Logiciel: Microsoft Kernel-Mode Driver Framework 1.0 - (.Microsoft Corporation.) [HKLM] -- Wdf01000

O42 - Logiciel: Microsoft National Language Support Downlevel APIs - (.Microsoft Corporation.) [HKLM] -- NLSDownlevelMapping

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Extended FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended FRA Language Pack

O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)

O42 - Logiciel: NoWires Plugin v1.5 - (.Pavel Dovgalyuk.) [HKLM] -- {BA119399-31E4-4FEE-9DC0-D0B1E1B7364A}_is1

O42 - Logiciel: Package de pilotes Windows - Nokia pccsmcfd (08/22/2008 - (.Nokia.) [HKLM] -- 504244733D18C8F63FF584AEB290E3904E791693

O42 - Logiciel: Pdf995 - (.Pas de propriétaire.) [HKLM] -- Pdf995

O42 - Logiciel: Photomatix Pro version 3.2.2 - (.HDRsoft Sarl.) [HKLM] -- PhotomatixPro3Betax32_is1

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Registry Healer 4.5.0 uninstall - (.KsL Software.) [HKLM] -- RegHealer_is2

O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem

O42 - Logiciel: SAMSUNG Mobile Composite Device Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Composite Device

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}

O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2509488) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AD0DE453-0804-4495-9C91-33D0F9AA5463}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2416472

O42 - Logiciel: Security Update for Microsoft Office 2007 System (KB2541012) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CD907315-705A-4475-A1A0-2A1245803E4D}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}

O42 - Logiciel: Security Update for Microsoft Office Access 2007 (KB979440) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A4E43D5-858F-49BD-BA72-8F30E1793060}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2541007) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0173254-F442-4D04-9154-43FA157B83D0}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2510061) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5D930261-AA5B-48D1-931F-425C9D767490}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1109D0B3-EFA3-4553-AAED-4C3E9AD130E8}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2535818) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2284697) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3A4CDE54-2403-483D-8D9A-15E3264410DF}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Services Off-line de Home'Bank 5.11 - (.ING Belgium.) [HKLM] -- Services Off-line de Home'Bank_is1

O42 - Logiciel: Sothink FLV Player - (.SourceTec Software Co., LTD.) [HKLM] -- {CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1

O42 - Logiciel: Sothink SWF Decompiler - (.SourceTec Software Co., LTD.) [HKLM] -- {BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1

O42 - Logiciel: Sothink SWF Quicker - (.SourceTec Software Co., LTD.) [HKLM] -- {D3490D20-3AE0-459D-AAD6-59195140EAC2}_is1

O42 - Logiciel: Sothink Web Video Downloader - (.SourceTec Software Co., LTD.) [HKLM] -- {8C52A46C-7961-4A81-AB4B-92CF65CB4772}_is1

O42 - Logiciel: Sudoku Up 2009 v3.0 - ( [HKLM] -- Sudoku Up_is1

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Total Commander (Remove or Repair) - (.Ghisler Software GmbH.) [HKLM] -- Totalcmd

O42 - Logiciel: TweakNow PowerPack 2010 - ( [HKLM] -- TweakNow PowerPack 2010_is1

O42 - Logiciel: UltraISO Premium V9.32 - (.Pas de propriétaire.) [HKLM] -- UltraISO_is1

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2509470) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{1365864D-4C58-489D-9982-844D75691CCC}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2553975) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{59D8F1FE-7B08-4F0E-840C-D1BF93D22A6C}

O42 - Logiciel: VLC media player 1.0.1 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: WDConver - (.Pas de propriétaire.) [HKCU] -- LOGICAVE II

O42 - Logiciel: WinHTTrack Website Copier 3.43-9C - (.HTTrack.) [HKLM] -- WinHTTrack Website Copier_is1

O42 - Logiciel: WinRAR 4.00 (32 bits) - (.win.rar GmbH.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Genuine Advantage Notifications (KB905474) - (.Microsoft Corporation.) [HKLM] -- WgaNotify

O42 - Logiciel: Windows Internet Explorer 7 - (.Microsoft Corporation.) [HKLM] -- ie7

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Media Encoder 9 Series - (.Pas de propriétaire.) [HKLM] -- Windows Media Encoder 9

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP

O42 - Logiciel: XnView 1.97.6 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1


---\\ HKCU & HKLM Software Keys


[HKCU\Software\ATI Technologies Inc.]


[HKCU\Software\Adobe Lightroom]



[HKCU\Software\Apple Computer, Inc.]












[HKCU\Software\DVD Shrink]


[HKCU\Software\Data Dynamics]


[HKCU\Software\EasyBoot Systems]

[HKCU\Software\Eltima Software]


[HKCU\Software\Enigma Protector]

[HKCU\Software\Etab Bazile]



[HKCU\Software\GPL Ghostscript]



[HKCU\Software\Guillaume Lacasa]



[HKCU\Software\IM Providers]




[HKCU\Software\KsL Software]






[HKCU\Software\Malwarebytes' Anti-Malware]








[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Nitro PDF]




[HKCU\Software\PC SOFT]

[HKCU\Software\Pando Networks]

[HKCU\Software\Phibit Software]






[HKCU\Software\Revenger inc.]



[HKCU\Software\Samsung PC Studio]







[HKCU\Software\Tracker Software]


[HKCU\Software\TweakNow PowerPack]


[HKCU\Software\Ulead Systems]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\WinHTTrack Website Copier]

[HKCU\Software\WinRAR SFX]


[HKCU\Software\WinZip Computing]









[HKLM\Software\ATI Technologies]




[HKLM\Software\America Online]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]














[HKLM\Software\EasyBoot Systems]




[HKLM\Software\GPL Ghostscript]








[HKLM\Software\Intel Corporation]





[HKLM\Software\KeyChanger Office Edition2]


[HKLM\Software\Launch Manager]


[HKLM\Software\Liant Software Corporation]






[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]










[HKLM\Software\Nico Mak Computing]

[HKLM\Software\Nitro PDF]


[HKLM\Software\PC Connectivity Solution]



[HKLM\Software\Pando Networks]



[HKLM\Software\Program Groups]











[HKLM\Software\Tracker Software]



[HKLM\Software\TweakNow PowerPack]

[HKLM\Software\Two Pilots]

[HKLM\Software\Ulead Systems]


[HKLM\Software\Visicom Media]


[HKLM\Software\WinHTTrack Website Copier]


[HKLM\Software\Windows 3.1 Migration Status]





~ Scan Softwares in 00mn 00s




---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 11/03/2011 - 22:29:36 - [2211623690] ----D- C:\Program Files\Adobe

O43 - CFD: 7/08/2009 - 21:36:56 - [2241762] ----D- C:\Program Files\Advanced DHTML Popup Pro V2

O43 - CFD: 24/01/2009 - 18:54:38 - [986508] ----D- C:\Program Files\Apex

O43 - CFD: 18/07/2011 - 14:21:10 - [2428606] ----D- C:\Program Files\Apple Software Update

O43 - CFD: 24/01/2009 - 12:15:28 - [108224356] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 30/08/2011 - 18:26:52 - [13949430] ----D- C:\Program Files\Belgium Identity Card

O43 - CFD: 20/04/2011 - 8:33:28 - [491320] ----D- C:\Program Files\BitTorrent

O43 - CFD: 4/02/2009 - 21:51:44 - [1673938] ----D- C:\Program Files\Capturino V2

O43 - CFD: 3/08/2010 - 8:27:28 - [1367471] ----D- C:\Program Files\Ciel

O43 - CFD: 1/10/2010 - 18:53:26 - [432555] ----D- C:\Program Files\ColorPic 4.1

O43 - CFD: 25/06/2008 - 10:44:18 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 24/04/2010 - 21:01:42 - [2532179819] ----D- C:\Program Files\Corel

O43 - CFD: 20/06/2009 - 20:30:18 - [184737] ----D- C:\Program Files\DAMN NFO Viewer

O43 - CFD: 20/04/2011 - 19:59:34 - [4176624] ----D- C:\Program Files\Defraggler

O43 - CFD: 8/08/2009 - 16:24:42 - [3590022] ----D- C:\Program Files\Deluxe Pacman

O43 - CFD: 28/06/2010 - 21:52:10 - [800824] ----D- C:\Program Files\DIFX

O43 - CFD: 1/03/2009 - 0:02:12 - [826141] ----D- C:\Program Files\DivX

O43 - CFD: 28/01/2011 - 22:02:22 - [979856] ----D- C:\Program Files\DVD Shrink

O43 - CFD: 29/01/2011 - 0:47:50 - [40698919] ----D- C:\Program Files\DVDFab 8

O43 - CFD: 18/12/2009 - 18:24:04 - [745259475] ----D- C:\Program Files\eMule

O43 - CFD: 15/01/2010 - 20:05:32 - [0] ----D- C:\Program Files\EPSON

O43 - CFD: 1/03/2011 - 19:44:44 - [1726353423] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 10/06/2009 - 21:11:12 - [3555935] ----D- C:\Program Files\Ghostgum

O43 - CFD: 10/06/2009 - 21:05:58 - [22876732] ----D- C:\Program Files\gs

O43 - CFD: 28/08/2011 - 14:20:08 - [57080457] ----D- C:\Program Files\Hamster Soft

O43 - CFD: 24/12/2009 - 0:26:54 - [7255989] ----D- C:\Program Files\Image Mender

O43 - CFD: 18/09/2009 - 21:37:34 - [7408938] ----D- C:\Program Files\Image Resize Guide

O43 - CFD: 1/02/2009 - 19:01:26 - [39268220] ----D- C:\Program Files\ING

O43 - CFD: 18/05/2011 - 19:27:04 - [26856809] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 15/06/2009 - 22:04:28 - [4094125] ----D- C:\Program Files\Intel Corporation

O43 - CFD: 10/08/2011 - 21:04:16 - [6087272] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 9/07/2011 - 13:13:08 - [91938518] ----D- C:\Program Files\Java

O43 - CFD: 17/08/2009 - 21:36:48 - [2608774] ----D- C:\Program Files\JPEGCrops

O43 - CFD: 2/02/2010 - 23:48:50 - [415599] ----D- C:\Program Files\KeyChanger Office Edition

O43 - CFD: 21/06/2009 - 20:59:16 - [38285535] ----D- C:\Program Files\Kolor

O43 - CFD: 30/08/2011 - 18:18:58 - [55753617] ----D- C:\Program Files\La cave du sommelier 2

O43 - CFD: 27/01/2009 - 21:37:30 - [699097] ----D- C:\Program Files\Launch Manager

O43 - CFD: 9/06/2011 - 17:55:16 - [39552019] ----D- C:\Program Files\Lavasoft

O43 - CFD: 12/06/2011 - 21:01:20 - [32788430] ----D- C:\Program Files\Logicave II

O43 - CFD: 30/08/2011 - 18:44:40 - [6953643] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 17/06/2011 - 18:47:22 - [3818669] ----D- C:\Program Files\Matthieu DUCROCQ

O43 - CFD: 9/05/2010 - 18:14:00 - [232645437] ----D- C:\Program Files\McAfee

O43 - CFD: 10/05/2010 - 17:43:56 - [2175257] ----D- C:\Program Files\

O43 - CFD: 24/09/2009 - 22:12:02 - [74874326] ----D- C:\Program Files\Mediafour

O43 - CFD: 24/01/2009 - 17:44:26 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 28/10/2010 - 18:40:42 - [752723] ----D- C:\Program Files\Microsoft

O43 - CFD: 19/05/2011 - 18:42:22 - [800662] ----D- C:\Program Files\Microsoft CAPICOM

O43 - CFD: 25/06/2008 - 10:45:04 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 30/06/2011 - 6:56:44 - [585358876] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 3/03/2010 - 20:04:34 - [246784] ----D- C:\Program Files\Microsoft SDKs

O43 - CFD: 17/06/2011 - 13:38:06 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 28/01/2009 - 22:31:38 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 28/01/2009 - 22:28:26 - [1387249] ----D- C:\Program Files\Microsoft Visual Studio 8

O43 - CFD: 3/03/2010 - 20:07:20 - [86607837] ----D- C:\Program Files\Microsoft Visual Studio 9.0

O43 - CFD: 23/04/2011 - 8:58:14 - [0] ----D- C:\Program Files\Microsoft Windows 7 Upgrade Advisor

O43 - CFD: 1/05/2009 - 16:59:40 - [3726168] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 16/08/2010 - 14:11:16 - [8203663] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 12/08/2010 - 22:59:02 - [10374874] ----D- C:\Program Files\Movie Maker

O43 - CFD: 28/08/2011 - 19:01:16 - [32692538] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 28/01/2009 - 23:08:10 - [26521] ----D- C:\Program Files\MSBuild

O43 - CFD: 24/01/2009 - 19:09:20 - [21471559] ----D- C:\Program Files\MSN

O43 - CFD: 25/06/2008 - 10:45:10 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 26/01/2009 - 22:04:18 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 30/01/2011 - 14:05:14 - [639766283] ----D- C:\Program Files\Nero

O43 - CFD: 24/01/2009 - 19:19:48 - [0] ----D- C:\Program Files\NeroInstall.bak

O43 - CFD: 25/06/2008 - 10:45:12 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 18/01/2011 - 22:43:44 - [125604648] ----D- C:\Program Files\Nitro PDF

O43 - CFD: 28/06/2010 - 21:52:14 - [1534] ----D- C:\Program Files\Nokia

O43 - CFD: 11/03/2010 - 0:59:28 - [704526] ----D- C:\Program Files\NoWires Plugin

O43 - CFD: 25/06/2008 - 10:47:16 - [1804] ----D- C:\Program Files\Online Services

O43 - CFD: 16/12/2010 - 23:21:48 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 16/04/2011 - 23:38:10 - [7390817] ----D- C:\Program Files\Pando Networks

O43 - CFD: 28/06/2010 - 21:52:04 - [13394442] ----D- C:\Program Files\PC Connectivity Solution

O43 - CFD: 22/09/2009 - 22:45:20 - [13795016] ----D- C:\Program Files\pdf995

O43 - CFD: 18/09/2009 - 20:59:12 - [10624522] ----D- C:\Program Files\PhotomatixPro3

O43 - CFD: 28/02/2011 - 19:10:34 - [76322555] ----D- C:\Program Files\QuickTime

O43 - CFD: 18/02/2010 - 23:32:26 - [13012823] ----D- C:\Program Files\RayV

O43 - CFD: 28/01/2009 - 23:08:04 - [85987492] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 1/02/2009 - 18:57:48 - [1273083] ----D- C:\Program Files\RegHealer

O43 - CFD: 29/03/2009 - 19:06:20 - [201283862] ----D- C:\Program Files\Samsung

O43 - CFD: 25/06/2008 - 10:47:16 - [1025] ----D- C:\Program Files\Services en ligne

O43 - CFD: 19/09/2010 - 0:16:00 - [61131941] ----D- C:\Program Files\SourceTec

O43 - CFD: 24/04/2010 - 19:52:08 - [0] ----D- C:\Program Files\SpeedProject

O43 - CFD: 9/10/2009 - 21:24:08 - [40051127] ----D- C:\Program Files\Sudoku Up

O43 - CFD: 24/01/2009 - 12:48:04 - [33213011] ----D- C:\Program Files\Synaptics

O43 - CFD: 24/01/2009 - 19:11:02 - [51830980] ----D- C:\Program Files\Toshiba

O43 - CFD: 16/08/2009 - 22:45:28 - [7857400] ----D- C:\Program Files\totalcmd

O43 - CFD: 16/10/2010 - 12:10:00 - [59684431] ----D- C:\Program Files\Tracker Software

O43 - CFD: 31/08/2011 - 19:53:00 - [410314] ----D- C:\Program Files\Trend Micro

O43 - CFD: 1/01/2011 - 15:09:58 - [26565543] ----D- C:\Program Files\TweakNow PowerPack 2010

O43 - CFD: 11/10/2009 - 21:21:16 - [3] ----D- C:\Program Files\TweakNow PowerPack Pro

O43 - CFD: 18/09/2009 - 21:36:16 - [32256] ----D- C:\Program Files\Two Pilots

O43 - CFD: 3/02/2009 - 1:36:36 - [6033675] ----D- C:\Program Files\UltraISO

O43 - CFD: 1/01/2011 - 15:11:30 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 5/04/2009 - 20:47:02 - [74466874] ----D- C:\Program Files\VideoLAN

O43 - CFD: 2/12/2009 - 22:13:12 - [8037977] ----D- C:\Program Files\Visicom Media

O43 - CFD: 11/06/2009 - 23:12:16 - [5418300] ----D- C:\Program Files\Windows Desktop Search

O43 - CFD: 20/01/2011 - 20:58:44 - [81920056] ----D- C:\Program Files\Windows Live

O43 - CFD: 5/04/2009 - 21:05:48 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 28/01/2010 - 22:03:36 - [14346481] ----D- C:\Program Files\Windows Media Components

O43 - CFD: 24/01/2009 - 17:42:52 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 24/01/2009 - 17:42:52 - [8278281] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 25/06/2008 - 10:47:18 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 25/06/2008 - 10:47:20 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 17/09/2010 - 18:46:16 - [12849690] ----D- C:\Program Files\WinHTTrack

O43 - CFD: 12/05/2011 - 20:31:22 - [738770532] ----D- C:\Program Files\WinRAR

O43 - CFD: 22/05/2010 - 21:57:46 - [17402572] ----D- C:\Program Files\WinZip

O43 - CFD: 7/10/2010 - 18:45:38 - [53760] ----D- C:\Program Files\Wondershare

O43 - CFD: 4/02/2010 - 23:04:38 - [51760923] ----D- C:\Program Files\WordPerfect Mail Setup

O43 - CFD: 18/09/2009 - 20:33:40 - [44032] ----D- C:\Program Files\XemiComputers

O43 - CFD: 25/06/2008 - 10:47:20 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 13/08/2010 - 17:27:00 - [9407201] ----D- C:\Program Files\XnView

O43 - CFD: 1/09/2011 - 18:44:22 - [4013882] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 11/03/2011 - 22:29:42 - [840028195] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 22/05/2010 - 9:38:22 - [32159844] ----D- C:\Program Files\Fichiers Communs\Adobe AIR

O43 - CFD: 5/04/2010 - 14:28:16 - [54774793] ----D- C:\Program Files\Fichiers Communs\Apple

O43 - CFD: 24/04/2010 - 20:57:24 - [6235983] ----D- C:\Program Files\Fichiers Communs\Corel

O43 - CFD: 28/01/2009 - 22:31:36 - [92976] ----D- C:\Program Files\Fichiers Communs\DESIGNER

O43 - CFD: 3/02/2009 - 1:35:34 - [262144] ----D- C:\Program Files\Fichiers Communs\EZB Systems

O43 - CFD: 7/08/2009 - 21:36:56 - [19215972] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 1/03/2011 - 19:44:44 - [1258951] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 5/02/2009 - 0:41:00 - [655885] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared

O43 - CFD: 9/05/2010 - 18:13:36 - [26574076] ----D- C:\Program Files\Fichiers Communs\McAfee

O43 - CFD: 11/11/2010 - 19:31:16 - [2368512] ----D- C:\Program Files\Fichiers Communs\Mediafour

O43 - CFD: 28/10/2010 - 18:40:58 - [301151020] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 25/06/2008 - 10:44:54 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 30/01/2011 - 14:05:30 - [153452020] ----D- C:\Program Files\Fichiers Communs\Nero

O43 - CFD: 18/01/2011 - 22:43:46 - [16539614] ----D- C:\Program Files\Fichiers Communs\Nitro PDF

O43 - CFD: 25/06/2008 - 10:44:54 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 23/04/2010 - 20:30:28 - [3166048] ----D- C:\Program Files\Fichiers Communs\Protexis

O43 - CFD: 24/12/2009 - 20:20:36 - [614400] ----D- C:\Program Files\Fichiers Communs\Sage

O43 - CFD: 25/06/2008 - 10:44:54 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 19/09/2010 - 0:16:04 - [6593577] ----D- C:\Program Files\Fichiers Communs\SourceTec

O43 - CFD: 25/06/2008 - 10:44:54 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 1/05/2009 - 16:58:28 - [41360630] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 24/04/2010 - 20:51:34 - [56216709] ----D- C:\Program Files\Fichiers Communs\Ulead Systems

O43 - CFD: 5/04/2009 - 21:02:00 - [141128236] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 24/01/2009 - 18:54:52 - [18424343] -SH-D- C:\Program Files\Fichiers Communs\WindowsLiveInstaller

O43 - CFD: 13/03/2011 - 16:21:28 - [73435590] ----D- C:\Documents and Settings\mvh\Application Data\Adobe

O43 - CFD: 16/07/2009 - 14:54:00 - [2590] ----D- C:\Documents and Settings\mvh\Application Data\Apple Computer

O43 - CFD: 24/01/2009 - 23:06:34 - [0] ----D- C:\Documents and Settings\mvh\Application Data\ATI

O43 - CFD: 18/05/2011 - 19:29:24 - [8890] ----D- C:\Documents and Settings\mvh\Application Data\beid-cache

O43 - CFD: 24/08/2011 - 21:12:00 - [3700789] ----D- C:\Documents and Settings\mvh\Application Data\BitTorrent

O43 - CFD: 24/05/2010 - 22:11:04 - [8458] ----D- C:\Documents and Settings\mvh\Application Data\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 28/04/2011 - 20:46:22 - [2560] ----D- C:\Documents and Settings\mvh\Application Data\Classes de site

O43 - CFD: 24/04/2010 - 20:24:48 - [44891668] ----D- C:\Documents and Settings\mvh\Application Data\Corel

O43 - CFD: 5/04/2009 - 20:48:30 - [0] ----D- C:\Documents and Settings\mvh\Application Data\DivX

O43 - CFD: 12/09/2009 - 14:58:02 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Download Manager

O43 - CFD: 18/01/2011 - 22:41:22 - [605446144] ----D- C:\Documents and Settings\mvh\Application Data\Downloaded Installations

O43 - CFD: 29/07/2011 - 22:23:40 - [199] ----D- C:\Documents and Settings\mvh\Application Data\dvdcss

O43 - CFD: 2/12/2009 - 22:15:22 - [109199] ----D- C:\Documents and Settings\mvh\Application Data\Dynamique

O43 - CFD: 15/02/2010 - 0:29:08 - [1806797] ----D- C:\Documents and Settings\mvh\Application Data\e

O43 - CFD: 14/01/2011 - 0:15:32 - [179] ----D- C:\Documents and Settings\mvh\Application Data\HamsterSoft

O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Identities

O43 - CFD: 18/09/2009 - 21:36:40 - [932] ----D- C:\Documents and Settings\mvh\Application Data\ImageResizeGuide

O43 - CFD: 27/01/2009 - 19:44:40 - [353953] ----D- C:\Documents and Settings\mvh\Application Data\Macromedia

O43 - CFD: 30/08/2011 - 18:44:44 - [4490] ----D- C:\Documents and Settings\mvh\Application Data\Malwarebytes

O43 - CFD: 9/07/2011 - 8:35:26 - [6477630] -S--D- C:\Documents and Settings\mvh\Application Data\Microsoft

O43 - CFD: 6/06/2011 - 18:39:54 - [17979993] ----D- C:\Documents and Settings\mvh\Application Data\Mozilla

O43 - CFD: 31/01/2011 - 19:25:08 - [2564760] ----D- C:\Documents and Settings\mvh\Application Data\Nero

O43 - CFD: 23/04/2011 - 18:53:38 - [210906] ----D- C:\Documents and Settings\mvh\Application Data\Nitro PDF

O43 - CFD: 22/09/2009 - 22:10:32 - [356] ----D- C:\Documents and Settings\mvh\Application Data\Office Genuine Advantage

O43 - CFD: 28/06/2010 - 21:54:08 - [446] ----D- C:\Documents and Settings\mvh\Application Data\PC Suite

O43 - CFD: 18/03/2009 - 23:06:28 - [28] ----D- C:\Documents and Settings\mvh\Application Data\pdf995

O43 - CFD: 14/05/2011 - 20:58:08 - [4215305] ----D- C:\Documents and Settings\mvh\Application Data\RayV

O43 - CFD: 16/04/2011 - 21:44:26 - [1507395] ----D- C:\Documents and Settings\mvh\Application Data\Reviversoft

O43 - CFD: 10/03/2009 - 22:49:50 - [21] ----D- C:\Documents and Settings\mvh\Application Data\Samsung

O43 - CFD: 28/04/2011 - 20:46:22 - [581120] ----D- C:\Documents and Settings\mvh\Application Data\Sites

O43 - CFD: 30/01/2009 - 19:42:00 - [80694482] ----D- C:\Documents and Settings\mvh\Application Data\Sun

O43 - CFD: 9/10/2009 - 21:24:10 - [57722] ----D- C:\Documents and Settings\mvh\Application Data\TreeCardGames

O43 - CFD: 11/10/2009 - 21:21:16 - [705] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack

O43 - CFD: 24/04/2010 - 19:50:50 - [3669520] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2009

O43 - CFD: 24/04/2010 - 19:39:04 - [8192] ----D- C:\Documents and Settings\mvh\Application Data\TweakNow PowerPack 2010

O43 - CFD: 24/04/2010 - 21:02:40 - [53000] ----D- C:\Documents and Settings\mvh\Application Data\Ulead Systems

O43 - CFD: 20/02/2010 - 11:07:02 - [230969] ----D- C:\Documents and Settings\mvh\Application Data\VitySoft

O43 - CFD: 28/08/2011 - 14:35:06 - [476426] ----D- C:\Documents and Settings\mvh\Application Data\vlc

O43 - CFD: 24/01/2009 - 23:06:30 - [196] ----D- C:\Documents and Settings\mvh\Application Data\Windows Desktop Search

O43 - CFD: 3/07/2009 - 10:00:12 - [0] ----D- C:\Documents and Settings\mvh\Application Data\Windows Search

O43 - CFD: 1/05/2009 - 15:48:16 - [12] ----D- C:\Documents and Settings\mvh\Application Data\WinRAR

O43 - CFD: 18/09/2009 - 20:33:50 - [3124278] ----D- C:\Documents and Settings\mvh\Application Data\XemiComputers

O43 - CFD: 15/04/2011 - 20:23:34 - [115769] ----D- C:\Documents and Settings\mvh\Application Data\XnView

O43 - CFD: 23/05/2010 - 20:47:48 - [35092985] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Adobe

O43 - CFD: 19/04/2009 - 14:04:48 - [7078274] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Ahead

O43 - CFD: 16/07/2009 - 14:51:52 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple

O43 - CFD: 16/07/2009 - 14:51:02 - [96361370] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Apple Computer

O43 - CFD: 29/07/2011 - 18:32:50 - [11848] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 24/01/2009 - 23:06:34 - [40577] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\ATI

O43 - CFD: 14/01/2011 - 23:56:20 - [146378] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Corel

O43 - CFD: 28/08/2011 - 11:00:00 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Deployment

O43 - CFD: 23/02/2010 - 22:22:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Emurasoft

O43 - CFD: 26/09/2010 - 18:30:22 - [205220] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\GHISLER

O43 - CFD: 1/06/2011 - 21:04:02 - [534488297] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Google

O43 - CFD: 24/01/2009 - 23:06:32 - [229816] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Identities

O43 - CFD: 13/03/2011 - 16:21:28 - [604778107] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft

O43 - CFD: 20/02/2010 - 11:24:54 - [4447] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Corporation

O43 - CFD: 25/06/2008 - 10:43:08 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Microsoft Help

O43 - CFD: 6/06/2011 - 18:39:38 - [301531226] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Mozilla

O43 - CFD: 28/06/2010 - 22:00:40 - [637952] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Nokia

O43 - CFD: 28/06/2010 - 21:56:16 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NokiaAccount

O43 - CFD: 24/04/2010 - 21:03:38 - [98304] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\NOS

O43 - CFD: 16/04/2011 - 23:38:56 - [31114] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Pando

O43 - CFD: 4/02/2010 - 23:57:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\PCHealth

O43 - CFD: 25/06/2008 - 10:43:08 - [285696] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Seven Zip

O43 - CFD: 15/12/2009 - 21:44:16 - [59183] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\SourceTec

O43 - CFD: 4/08/2011 - 21:07:20 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Temp

O43 - CFD: 17/06/2011 - 18:57:44 - [177] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\WDSetup

O43 - CFD: 23/04/2011 - 9:05:04 - [0] ----D- C:\Documents and Settings\mvh\Local Settings\Application Data\Yahoo!

~ Scan Program Folder in 00mn 04s




---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 1/09/2011 - 17:12:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.493625AD9FE14BECBEA24034A24A05CB] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.B099B38B0FEBD7E0E53787475DD2BFC7] - 1/09/2011 - 17:13:13 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.9B9C37AE1B7B5E3E334F8D68267643E1] - 1/09/2011 - 17:15:08 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1828295]

O44 - LFC:[MD5.D4B38373FC06C070AA7D6AC5E1232FC2] - 1/09/2011 - 17:31:32 ---A- . (...) -- C:\TDSSKiller. [56134]

O44 - LFC:[MD5.09DA793B0CC13C79FB661D5FE871D6D7] - 1/09/2011 - 17:38:50 ---A- . (...) -- C:\WINDOWS\setupapi.log [990854]

O44 - LFC:[MD5.8DE02308B7ECF3D1A5E4D55B6F3FE87C] - 1/09/2011 - 17:43:00 ---A- . (...) -- C:\WINDOWS\wincmd.ini [4658]

O44 - LFC:[MD5.A4BB36C94A6F6F780D6D1C10F6B96E5E] - 1/09/2011 - 6:37:03 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32088]

O44 - LFC:[MD5.55328E4D5D0A45D78F7CF071F490405C] - 28/08/2011 - 9:39:59 ---A- . (...) -- C:\WINDOWS\system32\wpa.dbl [1158]

O44 - LFC:[MD5.CAF61893287EC7417CA4D2D1B8FA1252] - 28/08/2011 - 9:49:35 ---A- . (...) -- C:\WINDOWS\msmqinst.log [480550]

O44 - LFC:[MD5.CCA99A05B4B5D78BB54E7F327B1389FA] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\FaxSetup.log [1492862]

O44 - LFC:[MD5.F14E07133B141EF16653A152D0C63770] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\KB2562937.log [12419]

O44 - LFC:[MD5.E7B491F7B7F5AD245138E47121B62BB2] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\MedCtrOC.log [104212]

O44 - LFC:[MD5.C712C8E03EEFDE8FFA7D5770965DE3F9] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\comsetup.log [511643]

O44 - LFC:[MD5.79F9B1B2D64242515616C5E81E4B15A4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\iis6.log [1714486]

O44 - LFC:[MD5.B545F3BD1154D2ACBCDC697A540EDCB0] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\imsins.log [1374]

O44 - LFC:[MD5.EB11DAC8BBE4BF2022BBBECFF69904FC] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\msgsocm.log [75500]

O44 - LFC:[MD5.A19CEE3B286D84EC2F3B33BF630F764A] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\netfxocm.log [262700]

O44 - LFC:[MD5.04A8EBEF1FE5AE6FE26C450E7E6FC276] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ntdtcsetup.log [310103]

O44 - LFC:[MD5.6A6984B80F6F7EA35950C06FB4865A97] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocgen.log [741780]

O44 - LFC:[MD5.6506C080F1C986F2D2A5D745D7DFE7F4] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\ocmsn.log [83367]

O44 - LFC:[MD5.2F897C74E10567D604077E638247564F] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tabletoc.log [75574]

O44 - LFC:[MD5.F3D50B06D30DD19F86E84EFA316C584E] - 28/08/2011 - 9:49:44 ---A- . (...) -- C:\WINDOWS\tsoc.log [695496]

O44 - LFC:[MD5.F1C8125909F79AC37F1DCBE518113F1D] - 30/08/2011 - 20:05:42 ---A- . (...) -- C:\WINDOWS\ntbtlog.txt [366994]

O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 30/08/2011 - 17:44:39 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272]

O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 30/08/2011 - 17:44:34 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]

O44 - LFC:[MD5.A8E0AB52299BC87F1EB080E2A3FC9BBE] - 30/08/2011 - 17:25:54 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\ssleay32_0_9_8g.dll [200704]

O44 - LFC:[MD5.4A472B9676039C11A2A8DB93FD59B2CF] - 30/08/2011 - 17:25:32 ---A- . (.The OpenSSL Project, OpenSSL: The Open Source toolkit for SSL/TLS - OpenSSL Shared Library.) -- C:\WINDOWS\system32\libeay32_0_9_8g.dll [1044480]

O44 - LFC:[MD5.B412A5393E9BF796D97B12E0BDD1E12A] - 28/08/2011 - 13:23:57 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\WINDOWS\system32\FlashPlayerCPLApp.cpl [404640]

O44 - LFC:[MD5.8252837BEDD4BDCA6C6F3EB53A716EB6] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\KB2570791.log [3730]

O44 - LFC:[MD5.0D01E3A81F22ED04F96D72A1D3F3E559] - 27/08/2011 - 13:29:36 ---A- . (...) -- C:\WINDOWS\system32\TZLog.log [235670]

O44 - LFC:[MD5.CB17A47D090938A02DACB066D6D5A124] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_rules.dat [44]

O44 - LFC:[MD5.8A3D5B46FF8C9CED46304F1EBB5F9AFE] - 25/08/2011 - 16:58:10 ---A- . (...) -- C:\WINDOWS\system32\rp_stats.dat [64]

O44 - LFC:[MD5.29112307112535F9CE13D924B00994E6] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\KB2567680.log [15639]

O44 - LFC:[MD5.9A465F3F504A35BECD25CAF07F73CF05] - 10/08/2011 - 20:09:11 ---A- . (...) -- C:\WINDOWS\imsins.BAK [1374]

O44 - LFC:[MD5.395476DBD0CD22A30CAF8A362897E860] - 10/08/2011 - 20:09:10 ---A- . (...) -- C:\WINDOWS\updspapi.log [185275]

O44 - LFC:[MD5.70718448639322BC2ACE5A42B0A46FC4] - 10/08/2011 - 20:08:33 ---A- . (...) -- C:\WINDOWS\KB2536276-v2.log [11055]

O44 - LFC:[MD5.D957CCDC044932A3993E89D02BF627A6] - 10/08/2011 - 20:07:50 ---A- . (...) -- C:\WINDOWS\KB2570222.log [10922]

O44 - LFC:[MD5.7106FD5F0A7BFEF64EA395DC93C6CC81] - 10/08/2011 - 20:04:24 ---A- . (...) -- C:\WINDOWS\KB2559049-IE8.log [14906]

O44 - LFC:[MD5.BDB7D76531D5BC9E05EACD04ED28813E] - 10/08/2011 - 20:03:56 ---A- . (...) -- C:\WINDOWS\KB2566454.log [6931]

~ Scan Files in 00mn 00s




---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export SP - "D:\Rmcob700\RUNCOBOL.EXE" [Enabled] .(.Liant Software Corporation - RM/COBOL Runtime Executable.) -- D:\Rmcob700\RUNCOBOL.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" [Enabled] .(.Microsoft Corporation - Microsoft Office Outlook.) -- C:\Program Files\Microsoft Office\Office12\OUTLOOK.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [Enabled] .(.Adobe Systems Incorporated.) -- C:\Program Files\Fichiers communs\Adobe\CS4ServiceManager\CS4ServiceManager.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe" [Enabled] .(...) -- C:\Program Files\Fichiers communs\McAfee\MNA\McNASvc.exe (.not file.)

O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.exe" [Enabled] .(.RayV - RayV.) -- C:\Program Files\RayV\RayV\RayV.exe

O47 - AAKE:Key Export SP - "C:\Program Files\RayV\RayV\RayV.dll" [Enabled] .(.RayV - RayV Viewer SDK.) -- C:\Program Files\RayV\RayV\RayV.dll

O47 - AAKE:Key Export SP - "C:\Program Files\BitTorrent\bittorrent.exe" [Enabled] .(.BitTorrent, Inc. - BitTorrent.) -- C:\Program Files\BitTorrent\bittorrent.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Messenger\msmsgs.exe" [Enabled] .(.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Pando Networks\Pando\Pando.exe" [Enabled] .(.Pando Networks - pando.) -- C:\Program Files\Pando Networks\Pando\Pando.exe

O47 - AAKE:Key Export SP - "C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe" [Enabled] .(.McAfee, Inc. - McAfee Service Host.) -- C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

O47 - AAKE:Key Export DP - "%windir%\Network Diagnostic\xpnetdiag.exe" [Enabled] .(.Microsoft Corporation - Network Diagnostic for Windows XP.) -- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [Enabled] .(.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

~ Scan Keys in 00mn 00s




---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\system32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\system32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\system32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\system32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfefirek.sys . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\Drivers\mfefirek.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\mfehidk.sys . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\Drivers\mfehidk.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\system32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\system32\Drivers\rdpdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\system32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (...) -- C:\WINDOWS\system32\Drivers\sermouse.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\system32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\system32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\system32\Drivers\vgasave.sys (.not file.)

~ Scan CSB in 00mn 00s




---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

~ Scan IFEO in 00mn 00s




---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\system32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\system32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\system32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\system32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.DIVX"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll

O52 - TDSD: \Drivers32\"vidc.yv12"="DivX.dll" . (.DivX, Inc. - DivX.) -- C:\WINDOWS\system32\DivX.dll

O52 - TDSD: \Drivers32\"msacm.dvacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\Vio\Dvacm.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.MPEGacm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\MPEGacm.acm" . (...) -- (.not file.)

O52 - TDSD: \Drivers32\"msacm.ulmp3acm"="c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\system32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"DivX.dll"="DivX 6.8.5 Codec" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"c:\PROGRA~1\FICHIE~1\ULEADS~1\MPEG\ulmp3acm.acm"="Ulead ACM MP3 Codec" . (...) -- (.not file.)

~ Scan Keys in 00mn 00s




---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKCU\...\Policies\System] - "DisableRegistryTools"=0

O55 - MWPS:[HKCU\...\Policies\System] - "DisableTaskMgr"=0

~ Scan Keys in 00mn 00s




---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.B6A0F723A54884E77FCE0F69083F90C9] - 1/09/2011 - 17:06:53 ---A- . (.Advanced Card Systems Ltd - PCSC/CCID IFD Handler.) -- C:\WINDOWS\system32\drivers\a38usb.sys [33536]

O58 - SDL:[MD5.73685E15EF8B0BD9C30F1AF413F13D49] - 1/09/2011 - 8:40:13 ---A- . (.Adobe Systems, Inc. - Adobe Drive File System Driver.) -- C:\WINDOWS\system32\drivers\adfs.sys [73312]

O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 1/09/2011 - 20:51:56 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248]

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 1/09/2011 - 10:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\AMDAGP.SYS [43008]

O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 1/09/2011 - 20:52:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496]

O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 1/09/2011 - 20:51:58 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848]

O58 - SDL:[MD5.A4D1C3CD20C8C595AF1817BB5352ECD6] - 1/09/2011 - 18:09:38 ---A- . (.ATI Technologies Inc. - ATI Radeon WindowsNT Miniport Driver.) -- C:\WINDOWS\system32\drivers\ati2mtag.sys [2870784]

O58 - SDL:[MD5.93C568904E116607DF2389907A9D8899] - 1/09/2011 - 11:15:52 ---A- . (.EldoS Corporation - CallbackDisk Virtual Storage Driver.) -- C:\WINDOWS\system32\drivers\CBDisk.sys [57800]

O58 - SDL:[MD5.ECAF4A51580244FEF1AA32CB984F13BF] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) -- C:\WINDOWS\system32\drivers\cfwids.sys [57432]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 1/09/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 1/09/2011 - 16:04:44 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 1/09/2011 - 13:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 1/09/2011 - 20:52:16 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584]

O58 - SDL:[MD5.E9648254056BCE81A85380C0C3647DC4] - 1/09/2011 - 21:13:08 ---A- . (.VIA Technologies, Inc. - NDIS 5.0 miniport driver.) -- C:\WINDOWS\system32\drivers\fetnd5.sys [27165]

O58 - SDL:[MD5.573C7D0A32852B48F3058CFD8026F511] - 1/09/2011 - 13:00:00 ---A- . (.Windows ® Server 2003 DDK provider - High Definition Audio Bus Driver v1.0a.) -- C:\WINDOWS\system32\drivers\hdaudbus.sys [144384]

O58 - SDL:[MD5.8B566EA71D5B76157A9CDB78F25A5731] - 1/09/2011 - 11:27:06 ---A- . (...) -- C:\WINDOWS\system32\drivers\HOTKEY.sys [9867]

O58 - SDL:[MD5.80C633722DA72E97F3F5B3B11325696D] - 1/09/2011 - 5:57:36 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\WINDOWS\system32\drivers\iaStor.sys [317976]

O58 - SDL:[MD5.E20B6650542D70ABD21281F08FB723D2] - 1/09/2011 - 7:37:46 ---A- . (.Ahead Software AG - NERO IMAGEDRIVE SCSI miniport.) -- C:\WINDOWS\system32\drivers\imagedrv.sys [11304]

O58 - SDL:[MD5.729055DF132A6ECF071E383F72F1B0C9] - 1/09/2011 - 7:37:56 ---A- . (.Ahead Software AG - Nero Image Server.) -- C:\WINDOWS\system32\drivers\imagesrv.sys [132904]

O58 - SDL:[MD5.DEDB6CC1B166928A8F3F68DEF1766DB0] - 1/09/2011 - 17:55:04 ---A- . (.JMicron Technology Corp. - JMicron JMB38X Memory Card Reader Driver.) -- C:\WINDOWS\system32\drivers\jmcr.sys [84240]

O58 - SDL:[MD5.336ABE8721CBC3110F1C6426DA633417] - 1/09/2011 - 1:00:36 ---A- . (.Lavasoft AB - Boot Driver.) -- C:\WINDOWS\system32\drivers\Lbd.sys [64512]

O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 1/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]

O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 1/09/2011 - 18:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.958B893EB11586B4ED1301BA067ABC94] - 1/09/2011 - 15:36:04 ---A- . (.Mediafour Corporation - MacDrive file system driver.) -- C:\WINDOWS\system32\drivers\MDFSYSNT.SYS [234160]

O58 - SDL:[MD5.9F06CA581CCE21FC72A946487AA243E9] - 1/09/2011 - 14:51:34 ---A- . (.Mediafour Corporation - MacDrive partition driver.) -- C:\WINDOWS\system32\drivers\MDPMGRNT.SYS [29792]

O58 - SDL:[MD5.688B626FCA708EE9EB161CAD1F7363A9] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Access Protection Filter Driver.) -- C:\WINDOWS\system32\drivers\mfeapfk.sys [118784]

O58 - SDL:[MD5.693A8D924B640223974E0A88F2BAF0F4] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Anti-Virus File System Filter Driver.) -- C:\WINDOWS\system32\drivers\mfeavfk.sys [179248]

O58 - SDL:[MD5.52C40D19873528BD15823C969D3AD227] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Buffer Overflow Protection Driver.) -- C:\WINDOWS\system32\drivers\mfebopk.sys [59288]

O58 - SDL:[MD5.BF1585AEFCE50605B7F359C1A66CDE41] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Driver Cleaning Driver.) -- C:\WINDOWS\system32\drivers\mfeclnk.sys [9344]

O58 - SDL:[MD5.E37B98D49DF546F4059483D49E349A53] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Core Firewall Engine Driver.) -- C:\WINDOWS\system32\drivers\mfefirek.sys [337912]

O58 - SDL:[MD5.44184F32392FA2E94D08D056CE750D56] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Link Driver.) -- C:\WINDOWS\system32\drivers\mfehidk.sys [459728]

O58 - SDL:[MD5.8C434D77C7A8CD97F8F4C2B0BE19D541] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee NDIS Intermediate Driver.) -- C:\WINDOWS\system32\drivers\mfendisk.sys [83688]

O58 - SDL:[MD5.5F5313BFD1E73233885A26AB77488F6F] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - McAfee Code Analysis Driver.) -- C:\WINDOWS\system32\drivers\mferkdet.sys [85984]

O58 - SDL:[MD5.41FE2F288E05A6C8AB85DD56770FFBAD] - 1/09/2011 - 9:22:14 ---A- . (.McAfee, Inc. - VSCore Code Analysis Driver.) -- C:\WINDOWS\system32\drivers\mferkdk.sys [34248]

O58 - SDL:[MD5.8D1A44E1F46BCF4ACFE9C701EDD340E3] - 1/09/2011 - 10:20:10 ---A- . (.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) -- C:\WINDOWS\system32\drivers\mfetdi2k.sys [89368]

O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 1/09/2011 - 20:52:12 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280]

O58 - SDL:[MD5.05743FFFC2BC88CC8E426321BC6A762E] - 1/09/2011 - 7:23:16 ---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -- C:\WINDOWS\system32\drivers\NETw5x32.sys [3636864]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.FD2041E9BA03DB7764B2248F02475079] - 1/09/2011 - 9:26:12 ---A- . (.Nokia - PCCS Mode Change Filter Driver.) -- C:\WINDOWS\system32\drivers\pccsmcfd.sys [18816]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 1/09/2011 - 13:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 1/09/2011 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320]

O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 1/09/2011 - 20:52:20 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312]

O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 1/09/2011 - 20:52:18 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 1/09/2011 - 13:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.C6D34A1874CD2B212DC3E788091C64B4] - 1/09/2011 - 2:13:10 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100/1000 NDIS 5.1 Driver.) -- C:\WINDOWS\system32\drivers\Rtenicxp.sys [234392]

O58 - SDL:[MD5.1824C4894AA438CD06C976E44B9E7353] - 1/09/2011 - 18:37:26 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys [4713472]

O58 - SDL:[MD5.0DBCC071A268E0340A2BA6BDD98BACE4] - 1/09/2011 - 10:34:34 ---A- . (.S3 Graphics, Inc. - S3 ProSavage(DDR) & Twister Miniport Driver.) -- C:\WINDOWS\system32\drivers\s3gnbm.sys [166912]

O58 - SDL:[MD5.0505DA5D357F18A5D42FC5DEDE6BC9A0] - 1/09/2011 - 17:03:22 ---A- . (.Sunbelt Software - Anti-Rootkit Engine.) -- C:\WINDOWS\system32\drivers\SBREDrv.sys [101720]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 1/09/2011 - 13:00:00 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 1/09/2011 - 10:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\SISAGP.SYS [40960]

O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 1/09/2011 - 21:07:44 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072]

O58 - SDL:[MD5.D6870895FE46A464A19141440EB6CC1E] - 1/09/2011 - 16:54:24 ---A- . (.MCCI Corporation - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80552]

O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 1/09/2011 - 16:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [9256]

O58 - SDL:[MD5.38BA174E60FDA4219EFC917D514C2E28] - 1/09/2011 - 16:56:00 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [9256]

O58 - SDL:[MD5.0FE167362E4689B716CDC8D93ADEDDA8] - 1/09/2011 - 16:57:24 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [11944]

O58 - SDL:[MD5.55A15707E32B6709242AD127E62CA55A] - 1/09/2011 - 16:58:20 ---A- . (.MCCI Corporation - SAMSUNG Mobile Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [106792]

O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 1/09/2011 - 17:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [9256]

O58 - SDL:[MD5.F85B5BA4753C3E6B2B5BFCA410A458A4] - 1/09/2011 - 17:00:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [9256]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 1/09/2011 - 21:42:40 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]

O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 1/09/2011 - 21:07:34 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256]

O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 1/09/2011 - 21:07:36 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640]

O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 1/09/2011 - 21:07:40 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384]

O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 1/09/2011 - 21:07:42 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688]

O58 - SDL:[MD5.86692A9116559222BD2D62633DDC352D] - 1/09/2011 - 19:04:12 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [225056]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 1/09/2011 - 13:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 1/09/2011 - 20:52:22 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 1/09/2011 - 13:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.0CE285E2D9C50E7EE9F478F081A25FB6] - 1/09/2011 - 22:17:03 RSH-- . (...) -- C:\WINDOWS\system32\7ADDAFAA03.sys [88]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.0641A46F1E58529A42EAD4573A3A0861] - 1/09/2011 - 22:45:46 RSH-- . (...) -- C:\WINDOWS\system32\D881958BB3.sys [8]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.274DF1C009AE82DAC84C01CBCFD795F6] - 1/09/2011 - 22:17:07 -SHA- . (...) -- C:\WINDOWS\system32\KGyGaAvL.sys [5172]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 1/09/2011 - 13:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

~ Scan Drivers in 00mn 01s




---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s




---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\aliide.sys - No object(No service) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\amdagp.sys - No object(No service) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\asc.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\asc3550.sys - No object(No service) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550

O64 - Services: CurCS - 13/01/2010 - C:\WINDOWS\system32\drivers\CBDisk.sys - CBDisk(CBDisk) .(.EldoS Corporation - CallbackDisk Virtual Storage Driver.) - LEGACY_CBDISK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\cfwids.sys - McAfee Inc. cfwids(cfwids) .(.McAfee, Inc. - McAfee Personal Firewall IDS Plugin.) - LEGACY_CFWIDS

O64 - Services: CurCS - 23/08/2001 - C:\WINDOWS\system32\DRIVERS\cmdide.sys - No object(No service) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\dac2w2k.sys - No object(No service) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\system32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - 3/04/2005 - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe - InstallDriver Table Manager(IDriverT) .(.Macrovision Corporation - IDriverT Module.) - LEGACY_IDRIVERT

O64 - Services: CurCS - 24/05/2008 - C:\Program Files\UltraISO\drivers\ISODrive.sys - ISO DVD/CD-ROM Device Driver(ISODrive) .(.EZB Systems, Inc. - ISO DVD/CD-ROM Device Driver.) - LEGACY_ISODRIVE

O64 - Services: CurCS - 4/05/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - 25/05/2011 - C:\WINDOWS\system32\DRIVERS\Lbd.sys - Lbd(Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD

O64 - Services: CurCS - 8/10/2010 - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe - MacDrive 8 service(MacDrive8Service) .(.Mediafour Corporation - MacDrive service.) - LEGACY_MACDRIVE8SERVICE

O64 - Services: CurCS - 6/07/2011 - C:\WINDOWS\system32\drivers\mbam.sys - MBAMProtector(MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 6/07/2011 - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - MBAMService(MBAMService) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMSERVICE

O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe - McAfee Personal Firewall(McMPFSvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMPFSVC

O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Services(mcmscsvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCMSCSVC

O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee VirusScan Announcer(McNaiAnn) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNAIANN

O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Network Agent(McNASvc) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCNASVC

O64 - Services: CurCS - 17/03/2011 - C:\Program Files\McAfee\VirusScan\mcods.exe - McAfee Scanner(McODS) .(.McAfee, Inc. - McAfee VirusScan On-Demand Scan.) - LEGACY_MCODS

O64 - Services: CurCS - 27/01/2011 - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe - McAfee Proxy Service(McProxy) .(.McAfee, Inc. - McAfee Service Host.) - LEGACY_MCPROXY

O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe - McAfee Real-time Scanner(McShield) .(.McAfee, Inc. - McAfee On-Access Scanner service.) - LEGACY_MCSHIELD

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfeapfk.sys - McAfee Inc. mfeapfk(mfeapfk) .(.McAfee, Inc. - Access Protection Filter Driver.) - LEGACY_MFEAPFK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfeavfk.sys - McAfee Inc. mfeavfk(mfeavfk) .(.McAfee, Inc. - Anti-Virus File System Filter Driver.) - LEGACY_MFEAVFK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfebopk.sys - McAfee Inc. mfebopk(mfebopk) .(.McAfee, Inc. - Buffer Overflow Protection Driver.) - LEGACY_MFEBOPK

O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe - McAfee Firewall Core Service(mfefire) .(.McAfee, Inc. - McAfee Core Firewall Service.) - LEGACY_MFEFIRE

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfefirek.sys - McAfee Inc. mfefirek(mfefirek) .(.McAfee, Inc. - McAfee Core Firewall Engine Driver.) - LEGACY_MFEFIREK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfehidk.sys - McAfee Inc. mfehidk(mfehidk) .(.McAfee, Inc. - McAfee Link Driver.) - LEGACY_MFEHIDK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mferkdet.sys - McAfee Inc. mferkdet(mferkdet) .(.McAfee, Inc. - McAfee Code Analysis Driver.) - LEGACY_MFERKDET

O64 - Services: CurCS - 16/09/2009 - C:\WINDOWS\system32\drivers\mferkdk.sys - McAfee Inc. mferkdk(mferkdk) .(.McAfee, Inc. - VSCore Code Analysis Driver.) - LEGACY_MFERKDK

O64 - Services: CurCS - 13/03/2011 - C:\WINDOWS\system32\drivers\mfetdi2k.sys - McAfee Inc. mfetdi2k(mfetdi2k) .(.McAfee, Inc. - Anti-Virus Mini-Firewall Driver.) - LEGACY_MFETDI2K

O64 - Services: CurCS - 13/03/2011 - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe - McAfee Validation Trust Protection Service(mfevtp) .(.McAfee, Inc. - McAfee Process Validation Service.) - LEGACY_MFEVTP

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\mraid35x.sys - No object(No service) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X

O64 - Services: CurCS - 12/01/2011 - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe - NitroPDFDriverCreatorReadSpool(NitroDriverReadSpool) .(.Nitro PDF Software - Solid Spool Service.) - LEGACY_NITRODRIVERREADSPOOL

O64 - Services: CurCS - 12/01/2011 - C:\WINDOWS\system32\NLSSRV32.exe - NLS Service(nlsX86cc) .(.Nalpeiron Ltd. - This service enables products that use the.) - LEGACY_NLSX86CC

O64 - Services: CurCS - 12/12/2008 - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe - NMIndexingService(NMIndexingService) .(.Nero AG - Nero Home.) - LEGACY_NMINDEXINGSERVICE

O64 - Services: CurCS - 2/11/2006 - C:\WINDOWS\system32\PSIService.exe - ProtexisLicensing(ProtexisLicensing) .(.Pas de propriétaire - nTitles PSIService.) - LEGACY_PROTEXISLICENSING

O64 - Services: CurCS - 10/03/2010 - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe - Protexis Licensing V2(PSI_SVC_2) .(.Protexis Inc. - PsiService PsiService.) - LEGACY_PSI_SVC_2

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1080.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql12160.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ql1280.sys - No object(No service) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280

O64 - Services: CurCS - 14/06/2010 - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe - ServiceLayer(ServiceLayer) .(.Nokia - ServiceLayer Module.) - LEGACY_SERVICELAYER

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\system32\DRIVERS\sisagp.sys - No object(No service) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sparrow.sys - No object(No service) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\symc810.sys - No object(No service) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\symc8xx.sys - No object(No service) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_hi.sys - No object(No service) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\sym_u3.sys - No object(No service) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3

O64 - Services: CurCS - 17/08/2001 - C:\WINDOWS\system32\DRIVERS\ultra.sys - No object(No service) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA

O64 - Services: CurCS - 17/11/2006 - C:\Program Files\Launch Manager\WisLMSvc.exe - WisLMSvc(WisLMSvc) .(.Wistron Corp. - Pas de description.) - LEGACY_WISLMSVC

~ Scan Services in 00mn 04s




---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.html> <htmlfile>[HKCU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Adobe Systems, Inc. - Adobe Dreamweaver CS4.) -- C:\Program Files\Adobe\Adobe Dreamweaver CS4\Dreamweaver.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

~ Scan Keys in 00mn 00s




---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\mvh\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s




---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {51A5A868-ADD7-A89B-8D44-D2809384E318} - (Yahoo!) - Hamstersoft Search Start

O69 - SBI: SearchScopes [HKCU] {7864BF3E-AFB2-4DD0-AB9A-BCB4D301BCEF} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {EF3CAA28-3552-495e-B4A1-3A9B039BC803} - (ASK Jeeves) -

~ Scan Keys in 00mn 00s




---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.25A8C32B4D09C742FE642E12EA2C76BD] [sPRF][1/10/2010] (...) -- C:\Documents and Settings\mvh\Bureau\colorschemer-colorpix_colorpix_1.2_anglais_122530.exe [619520]

[MD5.DD42FC432475349D5C3DFAC08ED2F173] [sPRF][22/08/2011] (.Kaspersky Lab ZAO - TDSS rootkit removing tool.) -- C:\Documents and Settings\mvh\Bureau\TDSSKiller.exe [1406768]

[MD5.5CAAFF20C5695611F08ABD954E58DEA2] [sPRF][1/09/2011] (.Nicolas Coolman - ZHPDiag.) -- C:\Documents and Settings\mvh\Bureau\ZHPDiag2.exe [2582227]

[MD5.AFEC9A861842FBD97CC26ED1B83132DB] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Setup Player Module.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.dll [24576]

[MD5.79CEC7DFDEE7B0E0F4BADA3E0FA2758C] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Setup Player.) -- C:\WINDOWS\Downloaded Program Files\dwusplay.exe [200704]

[MD5.29CFE9ED23C55E55838A789EB1182A9B] [sPRF][4/10/2008] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\WINDOWS\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1887080]

[MD5.3EB086EDD17244A4199A6C7419864CD3] [sPRF][27/09/2006] (.Macrovision Corporation - Macrovision FLEXnet Connect Web Agent.) -- C:\WINDOWS\Downloaded Program Files\isusweb.dll [479232]

[MD5.455CA248A92816766FAD91B5CE258773] [sPRF][20/05/2009] (.Akamai Technologies, Inc. - Download Manager ActiveX Control.) -- C:\WINDOWS\Downloaded Program Files\Manager.exe [689536]

~ Scan Files in 00mn 00s




---\\ Scan Additionnel (O88)

Database Version : 8618 - (29/08/2011)

Clés trouvées (Keys found) : 4

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0


[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar

[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] =>PUP.BearShare

[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] =>PUP.BearShare

~ Scan Additionnel in 00mn 08s




---\\ Recherche détournement de DNS routeur (O89)

Serveur : UnKnown


Nom :



~ Scan DNS in 00mn 03s




---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 1/09/2011 532480 | (Ati HotKey Poller) . (.ATI Technologies Inc..) - C:\WINDOWS\system32\Ati2evxx.exe

SS - | Demand 1/09/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SS - | Auto 1/09/2011 225280 | (eID CRL Service) . (. Zetes.) - C:\WINDOWS\system32\beidservicecrl.exe

SR - | Auto 1/09/2011 331776 | (eID Privacy Service) . (.Zetes.) - C:\WINDOWS\system32\beidservicepcsc.exe

SS - | Demand 1/09/2011 655624 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Demand 1/09/2011 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe

SR - | Auto 1/09/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SS - | Demand 1/09/2011 2151640 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

SR - | Auto 1/09/2011 131584 | (MacDrive8Service) . (.Mediafour Corporation.) - C:\Program Files\Mediafour\MacDrive 8\MacDrive8Service.exe

SR - | Auto 1/09/2011 366640 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Auto 1/09/2011 214904 | (McMPFSvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\Mcafee\McSvcHost\McSvHost.exe

SR - | Auto 1/09/2011 214904 | (mcmscsvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 1/09/2011 214904 | (McNaiAnn) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SR - | Auto 1/09/2011 214904 | (McNASvc) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SS - | Demand 1/09/2011 361712 | (McODS) . (.McAfee, Inc..) - C:\Program Files\McAfee\VirusScan\mcods.exe

SR - | Auto 1/09/2011 214904 | (McProxy) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\McSvcHost\McSvHost.exe

SS - | Auto 1/09/2011 165000 | (McShield) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mcshield.exe

SS - | Auto 1/09/2011 159832 | (mfefire) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfefire.exe

SS - | Auto 1/09/2011 148520 | (mfevtp) . (.McAfee, Inc..) - C:\Program Files\Fichiers communs\McAfee\SystemCore\mfevtps.exe

SR - | Auto 1/09/2011 877864 | (Nero BackItUp Scheduler 3) . (.Nero AG.) - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

SR - | Auto 1/09/2011 196928 | (NitroDriverReadSpool) . (.Nitro PDF Software.) - C:\Program Files\Nitro PDF\Professional\NitroPDFDriverService.exe

SR - | Auto 1/09/2011 68928 | (nlsX86cc) . (.Nalpeiron Ltd..) - C:\WINDOWS\system32\NLSSRV32.exe

SR - | Demand 1/09/2011 537896 | (NMIndexingService) . (.Nero AG.) - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe

SR - | Auto 1/09/2011 81920 | (PLFlash DeviceIoControl Service) . (.Prolific Technology Inc..) - C:\WINDOWS\system32\IoctlSvc.exe

SR - | Auto 174656 | (ProtexisLicensing) . (...) - C:\WINDOWS\system32\PSIService.exe

SR - | Auto 1/09/2011 189728 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files\Fichiers communs\Protexis\License Service\PsiService_2.exe

SS - | Demand 1/09/2011 615936 | (ServiceLayer) . (.Nokia.) - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 1/09/2011 128360 | (TOSHIBA Bluetooth Service) . (.TOSHIBA CORPORATION.) - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

SR - | Demand 1/09/2011 118784 | (WisLMSvc) . (.Wistron Corp..) - C:\Program Files\Launch Manager\WisLMSvc.exe

~ Scan Services in 00mn 03s




---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by mvh at 1/09/2011 18:44:51


device: opened successfully

user: MBR read successfully


Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll

C:\WINDOWS\system32\drivers\iaStor.sys Intel Corporation Intel Matrix Storage Manager driver

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x8A772678]

3 CLASSPNP[0xBA0F8FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IAAStorageDevice-1[0x8ACC9028]

kernel: MBR read successfully

user & kernel MBR OK

~ Scan MBR in 00mn 06s




---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by mvh at 1/09/2011 18:44:53


********* Dump file Name *********


~ Scan MBR in 00mn 08s




End of the scan (1499 lines in 00mn 34s)(0)

Posté(e) (modifié)

Cliquer sur l'icône Zhpfix qui est sur votre bureau

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Copiez/Collez les lignes vertes dans le cadre ci dessous:


O2 - BHO: PXCIEaddin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll => Infection BT (Possible)

O3 - Toolbar: PDFXChange 4.0 IE Plugin - {42DFA04F-0F16-418e-B80C-AB97A5AFAD39} . (.Tracker Softaware - Pas de description.) -- C:\Program Files\Tracker Software\PDF-XChange 4\PXCIEAddin4.dll => Infection BT (Possible)

[HKCU\Software\Zugo] => Infection Diverse (Adware.Zugo)

O43 - CFD: 15/02/2010 - 0:29:08 - [1806797] ----D- C:\Documents and Settings\mvh\Application Data\e => Infection Rogue (Possible)

[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] => Infection BT (Adware.Hotbar)


C:\Documents and Settings\mvh\Application Data\Mozilla\Firefox\Profiles\tcbe9daq.default\user.js (.not file.) => Fichier absent

O9 - Extra button: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} . (.Pas de propriétaire - WinHTTrackIEBar Module.) -- C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - => Akamai Download Manager ActiveX

[MD5.1DDB6CA106D92FBB7E2138DF1360EC26] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[MD5.00000000000000000000000000000000] [APT] [One-Click Tweak] (...) -- C:\Program Files\Advanced PC Tweaker\OneClick.exe (.not file.) => Fichier absent

[HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}] => PUP.BearShare

[HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}] => PUP.BearShare

[HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}] => PUP.BearShare

SS - | Demand 1/09/2011 2151640 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe => Lavasoft®Ad-Aware Service






Cliquez ensuite sur le H- PanelHelper.jpg

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.


Cliquer sur "Tous" puis sur "Nettoyer" .

Acceptez de Redémarrer pour achever le nettoyage.

Un rapport apparait:


Si le rapport n'apparait pas,cliquer surPanelRapport.jpg

Copier-coller le rapport de suppression dans la prochaine réponse.

Modifié par pear

Voici le rapport ZHPFix après nettoyage (sans redémarrage demandé):



Rapport de ZHPFix 1.12.3360 par Nicolas Coolman, Update du 29/08/2011

Fichier d'export Registre :

Run by mvh at 1/09/2011 20:29:24

Windows XP Professional Service Pack 3 (Build 2600)

Web site : ZHPFix Fix de rapport


========== Processus mémoire ==========

SUPPRIME Memory Process: C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe


========== Clé(s) du Registre ==========

SUPPRIME Key: CLSID BHO: {42DFA04F-0F16-418e-B80C-AB97A5AFAD39}

SUPPRIME Key: HKCU\Software\Zugo

SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

SUPPRIME Key: CLSID Extra Buttons: {36ECAF82-3300-8F84-092E-AFF36D6C7040}

SUPPRIME Key: CLSID DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967}

SUPPRIME Key: HKLM\Software\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}

SUPPRIME Key: HKLM\Software\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}

SUPPRIME Key: HKLM\Software\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}

SUPPRIME Key: Service: Lavasoft Ad-Aware Service


========== Valeur(s) du Registre ==========

SUPPRIME Toolbar: {42DFA04F-0F16-418e-B80C-AB97A5AFAD39}


========== Dossier(s) ==========

SUPPRIME Folder: C:\Documents and Settings\mvh\Application Data\e


========== Fichier(s) ==========

SUPPRIME File: c:\program files\tracker software\pdf-xchange 4\pxcieaddin4.dll

ABSENT File: c:\program files\tracker software\pdf-xchange 4\pxcieaddin4.dll

ABSENT Folder/File: c:\documents and settings\mvh\application data\mozilla\firefox\profiles\tcbe9daq.default\user.js (.not file.) => fichier absent

SUPPRIME File: c:\program files\winhttrack\winhttrackiebar.dll

SUPPRIME File**: c:\program files\lavasoft\ad-aware\ad-awareadmin.exe

SUPPRIME File: c:\program files\lavasoft\ad-aware\aawservice.exe


========== Tache planifiée ==========

SUPPRIME Task: Ad-Aware Update (Weekly)

SUPPRIME Task: One-Click Tweak

Posté(e) (modifié)

Merci pour votre réponse et votre aide.

La machine ne va ni mieux ni moins bien. La maj de mon soft ne va toujours pas et les maj windows update non plus (échec à l'installation dans tous les cas). Je tente en ce moment une analyse complète du pc avec McAfee afin de voir s'il bloque ou se désactive à un moment donné comme ce fut le cas avant votre "intervention". Ca sera un peu long donc je reviendrai vers vous dès que j'ai un résultat de ce côté. J'espère qu'il n'y a pas de fichiers corrompus ou manquants, voir la base de registre corrompue...

Modifié par stadeverois

Essayez ceci;


WinUpdateFix est un petit outil permettant de résoudre certains problèmes lors des mises à jour Windows Update.

WinUpdateFix est compatible avec Windows XP/Vista/7 32 et 64 bits.


Télécharger WinUpdateFix



ou là


Clliquer sur winupd10.png


Dans cette image qui apparait,les Services (Mises à jour automatiques - BITS - Service de cryptographie) doivent être en vert.

Sinon cliquer sur Automatique et sur Démarrer pour corriger.



Cliquer sur "Créer un rapport de diagnostic".

Un rapport va s'afficher à l'écran,

il est également sauvegardé à la racine du disque dur (C:\WinUpdateFix.txt)


Dans Actions, cocher les cases comme indiqué ci-dessus puis cliquer sur Exécuter.

Un Redémarrage sera demandé.

Si les mises à jours ne sont toujours pas possibles,revenez dans Sélection cocher Tous

et cliquer surExécuter


Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
  • Créer...