[Résolu] Demande d'analyse HijackThis ainsi que de conseils

Acrobate · le 29 octobre 2011

Re Lance,

ET oui je suis entièrement d'accord avec toi pour le P2P, je vais faire lire ça au fiston et le lui faire recopier 100 fois lol :super: grrrr comme tous les jeunes il lui faut des choses et........ no comment ! c'est moi le maître lol même si j'attire ses foudres (19 ans et déjà un petit monsieur qui voudrai s'imposer et pousser papa dans les orties lolll "je plaisante") mdrrr ok et quoi qu'il en soit, non il n'abuse pas il ne s'en est servit que 3 ou 4 fois et ce fut fait en mon absence, j'ai confiance en lui mais là oui si je risque gros ça ne va pas le faire !!

J'ai des documents pro etc dans la machine et ...... vrai que ça fait peur !

Je passe les outils à mon retour. J'ai vu que tu étais sur le sujet j'ai donc attendu mais il me faut aller préparer pour la Toussaint (je passe les détail).

Je m'occupe de désinstaller le log de P2P en rentrant et suis tes consignes et poste les rapports une fois tout effectué.

Machine toute neuve déjà infectée grrrr :outch: de plus j'ai suivi ce que l'on m'a dit (le monteur) et n'ai pas installé ni avira ni sunbelt qui tournent sur le XP car paraît il que les outils de défense win7 serai acceptables ???

Merci pour le temps que tu m'accorde et pour ton aide. Je fais ça dans la soirée si je le peux now c'est corvée nettoyage

Si je ne poste pas aujourd'hui je te souhaite un bon samedi

Hervé (dsl suis bavard :roll: )

Acrobate · le 27 novembre 2011

Bonjour Lance,

Toutes mes excuses le temps de réponse une nouvelle fois mais là je suis en à la maison une semaine complète, je vais pouvoir nettoyer et surtout coder mon pc que seul moi n'y ai plus accès, je l'ai payé assez cher pour le boulot pour que mon diablotin ne me le bloque ^^

Bref, de nouveau problèmes hier je rentre, j'écris et j'ai des freeze de quelques millisecondes, si des mots sont incomplets ou incompréhensible ça vient de là mais je vérifie et c'est embêtant

j'ai trouvé également ceci et n'arrive pas à le virer avec sécurity essential :

- adawareWin32/Hotbar

- admawareWin32/Clickpotato

et je pense d'autres bien cachés

Je pense qu'il faudrait reprendre depuis zéro mon nettoyage et m'en excuse, si tu le veux bien, bien entendu ?????? :roll: :outch:

HH

lance_yien · le 27 novembre 2011

Bonjour Acrobate,

Exécuter les instructions dans mon message précédent (#10) et poster les rapports demandés. On verra dans quel sens on repart.

Acrobate · le 27 novembre 2011

Re Lance,

Je ne sais ce qu'il se passe avec ci-joint mais je n'arrive pas à l'ouvrir page blanche

J'ai refais un ZHPDIAG je le colle ici entier (Désolé) car je ne sais quoi copier pour le FIX

En espérant que tu pourras supprimer ce post car il risque 'être long d'où je pense l'utilisation de cijoint !!

Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011

Run by Hervé at 2011-11-27 10:55:53

Web site : ZHPDiag Outil de diagnostic

State : Nouvelle version disponible

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 5.0.1 v5.0.1 (Defaut)

MFIE: Mozilla Firefox 7.0.1 v7.0.1 (Defaut)

---\\ Windows Product Information

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_COA_NSLP channel

Windows ID Activation : OK

~ Windows Partial Key : QG8XD

Windows License : OK

~ Windows Remaining Initializations Number : 2

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

---\\ System Information

~ Processor: AMD64 Family 16 Model 10 Stepping 0, AuthenticAMD

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8188 MB (78% free)

System Restore: Activé (Enable)

System drive C: has 6 GB (9%) free of 60 GB

---\\ Logged in mode

~ Computer Name: AVALANCHE

~ User Name: Hervé

~ All Users Names: HomeGroupUser$, Hervé, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Hervé\AppData\Roaming\

~ %Desktop% : C:\Users\Hervé\Desktop\

~ %Favorites% : C:\Users\Hervé\Favorites\

~ %LocalAppData% : C:\Users\Hervé\AppData\Local\

~ %StartMenu% : C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 6 Go of 60 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ Hard drive, Flash drive, Thumb drive (Free 55 Go of 60 Go)

F:\ Hard drive, Flash drive, Thumb drive (Free 412 Go of 440 Go)

G:\ CD-ROM drive (Not Inserted)

H:\ Hard drive, Flash drive, Thumb drive (Free 188 Go of 432 Go)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-05-30 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (....) (.2009-07-14 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-14 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.271E8FB1354AA205A214F280A6766E30] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2011-10-25 - 06:17:57.) -- C:\Windows\system32\wininet.dll [1389056]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2010-11-21 - 04:24:29.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2010-11-21 - 04:24:16.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (....) (.2010-11-21 - 07:18:22.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-07-12 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-14 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-14 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2010-11-21 - 04:23:47.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2010-11-21 - 04:24:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2010-11-21 - 04:23:47.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-14 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-14 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-07-12 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2010-11-21 - 04:23:51.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2011-07-22 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-14 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2010-11-21 - 04:24:33.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-14 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.2010-11-21 - 04:24:32.) -- C:\Windows\system32\drivers\tdx.sys [119296]

~ Scan Generic Processes in 00mn 00s

---\\ Etat des fichiers cachés (Caché/Total)

Mes images (My Pictures) : 2/2 (Modified)

~ Mes musiques (My Musics) : 21/26

Mes Videos (My Videos) : 2/2 (Modified)

~ Mes Favoris (My Favorites) : 9/73

~ Mes Documents (My Documents) : 4/964

~ Mon Bureau (My Desktop) : 1/124

~ Menu demarrer (Programs) : 7/32

~ Scan Hidden Files in 00mn 00s

---\\ Processus lancés

[MD5.AE797B72D85E87D403FC11135507922C] - (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288] [PID.2996]

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.1828]

[MD5.F4D0446BA874917354801F210E66F545] - (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe [421736] [PID.2972]

[MD5.2DB55B5ED8E8CD26597FDA3455535B4B] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [408936] [PID.2884]

[MD5.4CB4054659ABEEEF925B153E2290E634] - (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe [924632] [PID.2928]

[MD5.FD67E2C52F62995C3CF1D6D720EEB66F] - (.Mozilla Corporation - Plugin Container for Firefox.) -- F:\Firefox\plugin-container.exe [16856] [PID.848]

[MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- F:\ZHPDiag\ZHPDiag.exe [696320] [PID.4088]

[MD5.10DBAA1703253FB511D0F5C5F6064B00] - (.France Telecom SA - Pas de description.) -- C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe [77824] [PID.]

[MD5.65DF135CBD6B061309D95B570B27FD10] - (.Xobni Corporation - XobniService.) -- C:\Program Files (x86)\Xobni\XobniService.exe [62184] [PID.]

~ Scan Processes Running in 00mn 00s

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Hervé\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

~ Scan Google Browser in 00mn 00s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\prefs.js

C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\user.js (.not file.)

M3 - MFPP: Plugins - [Hervé] -- C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\searchplugins\recherche-de-vidos-youtube.xml

M0 - MFSP: prefs.js [Hervé - c96ns2wb.default] http://www.youtube.com

M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\ffxtlbr@babylon.com] [] Babylon v1.1.9 (.Babylon.)

M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.8.0.8 (.Conduit Ltd..)

P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

P2 - FPN: [HKCU] [@megamedia/Megakey] - (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\npMegaPlugin.dll

~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Navigateur incompatible | Facebook

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (...) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: MegaIeHelperBHO [64Bits] - {77F4E711-789B-447F-9614-96759B2F83C6} . (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\x64\MegaIeHelper64.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems, Inc. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHT

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - GrooveShellExtensions Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: MegaIeHelperBHO [64Bits] - {77F4E711-789B-447F-9614-96759B2F83C6} . (.Megamedia Ltd. - Web browser plugin for Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegaIeHelper.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper [64Bits] - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: MegaIEMn [64Bits] - {bf00e119-21a3-4fd1-b178-3b8537e75c92} . (...) -- F:\MegaIEMn.dll (.not file.)

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Google Toolbar [64Bits] - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [NUSB3MON] . (.Renesas Electronics Corporation - USB 3.0 Monitor.) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

O4 - HKLM\..\Wow6432Node\Run: [GrooveMonitor] . (.Microsoft Corporation - GrooveMonitor Utility.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [PCTuto] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [bEWINTERNET-FR-DMGP-V2SessionManager] . (.France Telecom SA - Pas de description.) -- F:\SessionManager\SessionManager.exe

O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [AdobeBridge] Clé orpheline

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Capture Web Page . (...) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\CaptureWebPage.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\PROGRA~2\MICROS~4\Office12\EXCEL.exe

O8 - Extra context menu item: Fetch to Megaupload . (...) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegaUpload.htm

~ Scan IE Menu Contextuel in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{52215F02-8811-44C5-B116-809E399B0986}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{637787B5-201A-4C81-94A7-620DFC97C1BD}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: grooveLocalGWS [64Bits] - {88FED34C-F0CA-4636-A375-3CB6248B04CD} . (.Microsoft Corporation - GrooveSystemServices Module.) -- C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

~ Scan Protocole Additionnel in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe

O23 - Service: AMD FUEL Service (AMD FUEL Service) . (.Advanced Micro Devices, Inc. - Service Fusion Utility.) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: France Telecom Routing Table Service (FTRTSVC) . (.France Telecom SA - Pas de description.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange Upd@te.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O23 - Service: XobniService (XobniService) . (.Xobni Corporation - XobniService.) - C:\Program Files (x86)\Xobni\XobniService.exe

O23 - Service: Power Control [2011/05/30 11:12:12] ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl

~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.65EAF980F512358AD72005B0016A2E15] [APT] [DeviceDetector] (.CyberLink.) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files (x86)\BrightBreeze\bin\2.0.12.0\BrightBreezeSA.exe (.not file.)

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys

O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Microsoft Corporation - Pilote de périphérique série.) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

O41 - Driver: Environnement de prise en charge de Fournisseur de services non-IFS Windows Sockets 2.0 (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys

~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: 7-Zip 9.20 (x64 edition) - (.Igor Pavlov.) [HKLM] -- {23170F69-40C1-2702-0920-000001000000}

O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}

O42 - Logiciel: AMD Catalyst Install Manager - (.Advanced Micro Devices, Inc..) [HKLM] -- {4A35302C-A6D3-DDE5-38BA-55E7BABA9670}

O42 - Logiciel: AMD Drag and Drop Transcoding - (.ATI Technologies Inc..) [HKLM] -- {E33AC780-456C-6295-E0F3-10A8D39A09FB}

O42 - Logiciel: AMD Media Foundation Decoders - (.Advanced Micro Devices, Inc..) [HKLM] -- {C5823264-8DFC-6E63-9D69-A35B1A98B537}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {FE23D063-934D-4829-A0D8-00634CE79B4A}

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated..) [HKLM] -- {3521BDBD-D453-5D9F-AA55-44B75D214629}

O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}

O42 - Logiciel: Adobe Creative Suite 5.5 Master Collection - (.Adobe Systems Incorporated.) [HKLM] -- {D57FC112-312E-4D70-860F-2DB8FB6858F0}

O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.downloadassistant.AdobeDownloadAssistant

O42 - Logiciel: Adobe Download Assistant - (.Adobe Systems Incorporated.) [HKLM] -- {DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems, Inc..) [HKLM] -- {6E9EF98E-259E-416D-B5F8-0ABDB99942CE}

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems, Inc..) [HKLM] -- {BC41C09D-FAA9-4346-9FE6-1E0017BC551A}

O42 - Logiciel: Adobe Flash Player 11 ActiveX 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Aeon - (.SoundSpectrum.) [HKLM] -- Aeon

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {75104836-CAC7-444E-A39E-3F54151942F5}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Architecte 3D Platinium - (.Avanquest software.) [HKLM] -- {A552CCF8-51D3-49D9-AD30-A939626F2299}

O42 - Logiciel: BOINC - (.Space Sciences Laboratory, U.C. Berkeley.) [HKLM] -- {23006768-D97B-4225-B12B-7EC4A25D275C}

O42 - Logiciel: BasicScan 1.0 build 115 - (.Pas de propriétaire.) [HKLM] -- BasicScan

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {19A492A0-888F-44A0-9B21-D91700763F62}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM] -- DivX Setup

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CutePDF Writer 2.8 - (.Pas de propriétaire.) [HKLM] -- CutePDF Writer Installation

O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}

O42 - Logiciel: CyberLink MediaEspresso - (.CyberLink Corp..) [HKLM] -- {E3739848-5329-48E3-8D28-5BBD6E8BE384}

O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: CyberLink PhotoNow - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}

O42 - Logiciel: CyberLink PowerDVD 9 - (.CyberLink Corp..) [HKLM] -- {A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}

O42 - Logiciel: CyberLink WaveEditor - (.CyberLink Corp..) [HKLM] -- {324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}

O42 - Logiciel: D-Link AirPlus - (.Pas de propriétaire.) [HKLM] -- {CDC74FE6-5224-11D6-B27F-00E0181A6FA8}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: Dassault Systemes Software B14 - (.Pas de propriétaire.) [HKLM] -- Dassault Systemes B14_0

O42 - Logiciel: DealScout for FireFox - (.Pinball Corp..) [HKLM] -- DealScout

O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: French App Name - (.Adobe Systems Incorporated.) [HKLM] -- {DE3A9DC5-9A5D-6485-9662-347162C7E4CA}

O42 - Logiciel: G-Force - (.SoundSpectrum.) [HKLM] -- G-Force

O42 - Logiciel: GIMP 2.6.11 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {6994491D-D491-48F1-AE1F-E179C1FFFC2F}

O42 - Logiciel: HyperLobby client - (.Jiri Fojtasek.) [HKLM] -- {333F3B34-0374-4B2C-9A23-EA6294D82772}

O42 - Logiciel: IL-2 Sturmovik 1946 - (.Nom de votre societe.) [HKLM] -- InstallShield_{79438F1E-DEC3-443D-9DCD-FECE2D68C605}

O42 - Logiciel: IL-2 Sturmovik: Cliffs of Dover - (.1C: Maddox Games.) [HKLM] -- Steam App 63950

O42 - Logiciel: Internet Everywhere - (.Pas de propriétaire.) [HKLM] -- {BEWINTERNET-FR-DMGP-V2}.UninstallSuite

O42 - Logiciel: Internet TV pour Windows Media Center - (.Microsoft Corporation.) [HKLM] -- {9D318C86-AF4C-409F-A6AC-7183FF4CF424}

O42 - Logiciel: Iomega Home Storage Manager - (.Iomega Corporation an EMC Company.) [HKLM] -- {C08E4323-261D-4B2F-8F24-CDB26E2AA081}

O42 - Logiciel: Java 6 Update 29 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: K-Lite Codec Pack 6.9.0 (Full) - (.Pas de propriétaire.) [HKLM] -- KLiteCodecPack_is1

O42 - Logiciel: LG Tool Kit - (.Pas de propriétaire.) [HKLM] -- {6179550A-3E7C-499E-BCC9-9E8113E0A285}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Macromedia Fireworks MX - (.Macromedia.) [HKLM] -- {930B2432-43D4-11D5-9871-00C04F8EEB39}

O42 - Logiciel: Mega Manager - (.Megaupload Limited.) [HKLM] -- {3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}

O42 - Logiciel: Megakey - (.Megamedia Ltd..) [HKCU] -- Megakey

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}

O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_ENTERPRISE_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_ENTERPRISE_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_ENTERPRISE_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- ENTERPRISE

O42 - Logiciel: Microsoft Office Enterprise 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_ENTERPRISE_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_ENTERPRISE_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {42738DB0-FC3E-4672-A99B-9372F5696E30}

O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}

O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {196BB40D-1578-3D01-B289-BEFC77A11A1E}

O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}

O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM] -- {925D058B-564A-443A-B4B2-7E90C6432E55}

O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}

O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}

O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM] -- {D1A19B02-817E-4296-A45B-07853FD74D57}

O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}

O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM] -- {8557397C-A42D-486F-97B3-A2CBC2372593}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM] -- {08D2E121-7F6A-43EB-97FD-629B44903403}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Microsoft Corporation.) [HKLM] -- {DF2035BE-5820-4965-BD97-7FAF8D4A7879}

O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}

O42 - Logiciel: Microsoft_VC90_MFCLOC_x86 - (.Adobe.) [HKLM] -- {B6D38690-755E-4F40-A35A-23F8BC2B86AC}

O42 - Logiciel: Microsoft_VC90_MFCLOC_x86_x64 - (.Adobe.) [HKLM] -- {90BF0360-A1DB-4599-A643-95AB90A52C1E}

O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}

O42 - Logiciel: Mozilla Firefox 5.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 5.0.1 (x86 fr)

O42 - Logiciel: Mozilla Firefox 7.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 7.0.1 (x86 fr)

O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKCU] -- Mozilla Firefox 8.0 (x86 fr)

O42 - Logiciel: Notification Mail - (.Orange.) [HKLM] -- MailNotifier

O42 - Logiciel: Orange update - (.Orange.) [HKLM] -- OrangeUpdateManager

O42 - Logiciel: PC Wizard 2010.1.96 - (.CPUID.) [HKLM] -- PC Wizard 2010_is1

O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}

O42 - Logiciel: PMB - (.Sony Corporation.) [HKLM] -- {B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}

O42 - Logiciel: Philips ToUcam Pro Camera - (.Pas de propriétaire.) [HKLM] -- {EDAC90A7-D34A-47D2-A644-BE5356C5F409}

O42 - Logiciel: PlayerTuto.com 2.0.3 - (.Weecast SAS.) [HKLM] -- {2B7FD473-DF96-40D4-9EE3-A427B450B1BC}_is1

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr

O42 - Logiciel: PxMergeModule - (.Your Company Name.) [HKLM] -- {024521CF-C07E-4F8E-8481-0D75695E03AF}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C9E14402-3631-4182-B377-6B0DFB1C0339}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Renesas Electronics USB 3.0 Host Controller Driver - (.Renesas Electronics Corporation.) [HKLM] -- {5442DAB8-7177-49E1-8B22-09A049EA5996}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Smart Technology Programming Software 7.0.2.7 - (.Mad Catz.) [HKLM] -- {4042812A-E4A4-47D2-8953-B3930CC89539}

O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}

O42 - Logiciel: SmartSound Quicktracks 5 - (.SmartSound Software Inc..) [HKLM] -- {2F8BA3FD-1FA9-4279-B696-712ABB12F09F}

O42 - Logiciel: SpeedFan (remove only) - (.Pas de propriétaire.) [HKLM] -- SpeedFan

O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -- TeamSpeak 3 Client

O42 - Logiciel: Trapcode Particular - (.Red Giant Software.) [HKLM] -- InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}

O42 - Logiciel: Trapcode Particular - (.Red Giant Software.) [HKLM] -- {E489BCB7-D57D-4751-AAB6-589AF66E2F7F}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) - (.Microsoft.) [HKLM] -- {90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}

O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM] -- {933B4015-4618-4716-A828-5289FC03165F}

O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {449970F2-3F03-B47F-7D4C-B0A020B96EFF}

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {CEA21F20-DBF4-464C-8B81-28B8508AFDDD}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {E01819BD-709F-43A1-9600-6F5E4C584C37}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {180C8888-50F1-426B-A9DC-AB83A1989C65}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Wondershare PPT to Video 6.0.0.4 - (.Wondershare Software.) [HKLM] -- Wondershare PPT to Video_is1

O42 - Logiciel: Xobni - (.Xobni Corp..) [HKLM] -- XobniMain

O42 - Logiciel: Xobni Core - (.Xobni, Inc..) [HKLM] -- {8DC069E7-893C-41E1-9442-DE89FEC33371}

O42 - Logiciel: Xvid Video Codec - (.Xvid Team.) [HKLM] -- Xvid Video Codec 1.3.1

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6CFB1B20-ECAE-488F-9FFB-6AD420882E71}

O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\ACE Compression Software]

[HKCU\Software\ACXPROFILE]

[HKCU\Software\AMD]

[HKCU\Software\ATI]

[HKCU\Software\Acro Software Inc]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Megamedia]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Avanquest]

[HKCU\Software\BOINC]

[HKCU\Software\CPUID]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conduit]

[HKCU\Software\CyberLink]

[HKCU\Software\DT Soft]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\GLOBAL]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\IM Providers]

[HKCU\Software\Imagineer Systems Ltd]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lake]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\LogiShrd]

[HKCU\Software\MONOGRAM]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept]

[HKCU\Software\MakeMSI]

[HKCU\Software\MediaInfo]

[HKCU\Software\Megamedia]

[HKCU\Software\Megaupload]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Netscape]

[HKCU\Software\ODBC]

[HKCU\Software\PCTUTO]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Red Giant Software]

[HKCU\Software\RegisteredApplications]

[HKCU\Software\Renesas Electronics]

[HKCU\Software\Saitek]

[HKCU\Software\Seti@Home]

[HKCU\Software\Sony Corporation]

[HKCU\Software\Space Sciences Laboratory, U.C. Berkeley]

[HKCU\Software\SpeedFan]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VOB]

[HKCU\Software\Valve]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wondershare]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Xenocode]

[HKCU\Software\Xobni]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\brightbreezesa]

[HKCU\Software\ej-technologies]

[HKCU\Software\kde.org]

[HKCU\Software\madFlac]

[HKLM\Software\7-Zip]

[HKLM\Software\AMD]

[HKLM\Software\ASUS]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Acro Software Inc]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Avanquest]

[HKLM\Software\Babylon]

[HKLM\Software\BrightBreeze]

[HKLM\Software\Bunndle]

[HKLM\Software\CBSTEST]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Codec Tweak Tool]

[HKLM\Software\Conduit]

[HKLM\Software\CyberLink]

[HKLM\Software\Cyberlink]

[HKLM\Software\D-Link]

[HKLM\Software\DT Soft]

[HKLM\Software\DTS]

[HKLM\Software\Dassault Systemes]

[HKLM\Software\Debug]

[HKLM\Software\DivXNetworks]

[HKLM\Software\DivX]

[HKLM\Software\Dolby]

[HKLM\Software\FRANCE TELECOM]

[HKLM\Software\GEAR Software]

[HKLM\Software\GNU]

[HKLM\Software\GPL Ghostscript]

[HKLM\Software\Gabest]

[HKLM\Software\Google]

[HKLM\Software\Gradient]

[HKLM\Software\HaaliMkx]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\IBM]

[HKLM\Software\Imagineer Systems Ltd]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\Iomega Corp]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KLCodecPack]

[HKLM\Software\Khronos]

[HKLM\Software\LG Electronics]

[HKLM\Software\Lake]

[HKLM\Software\Logishrd]

[HKLM\Software\Macromedia]

[HKLM\Software\MakeMSI]

[HKLM\Software\Megamedia]

[HKLM\Software\Megaupload Limited]

[HKLM\Software\Megaupload]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\ODBC]

[HKLM\Software\Orange]

[HKLM\Software\PCTuto]

[HKLM\Software\PDR_Upgrade]

[HKLM\Software\PegasusImaging]

[HKLM\Software\Philips]

[HKLM\Software\Pinnacle Systems]

[HKLM\Software\Policies]

[HKLM\Software\PowerDVD9_Upgrade]

[HKLM\Software\Preview Systems]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\S3R521]

[HKLM\Software\SRS Labs]

[HKLM\Software\Saitek]

[HKLM\Software\SmartSound Software]

[HKLM\Software\SonicFocus]

[HKLM\Software\Sonic]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Space Sciences Laboratory, U.C. Berkeley]

[HKLM\Software\Synthetic Aperture]

[HKLM\Software\TrendMicro]

[HKLM\Software\Ubi Soft]

[HKLM\Software\Uniblue]

[HKLM\Software\Valve]

[HKLM\Software\Vid_0471]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wondershare]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xobni]

[HKLM\Software\Xvid Team]

[HKLM\Software\ej-technologies]

[HKLM\Software\magnet]

[HKLM\Software\mcafeeupdater]

[HKLM\Software\mozilla.org]

[HKLM\Software\webtogo]

~ Scan Softwares in 00mn 00s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 2011-03-02 - 11:51:54 - [4588532] ----D- C:\Program Files\7-Zip

O43 - CFD: 2011-11-09 - 13:57:10 - [2432885559] ----D- C:\Program Files\Adobe

O43 - CFD: 2011-05-26 - 15:51:24 - [23883157] ----D- C:\Program Files\ATI

O43 - CFD: 2011-09-12 - 20:10:02 - [5405340] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 2011-11-25 - 12:43:04 - [613967] ----D- C:\Program Files\Bonjour

O43 - CFD: 2011-09-26 - 18:07:10 - [263706721] ----D- C:\Program Files\Common Files

O43 - CFD: 2011-09-20 - 22:15:32 - [486145255] ----D- C:\Program Files\CyberLink

O43 - CFD: 2011-09-30 - 21:10:34 - [5953856] ----D- C:\Program Files\DivX

O43 - CFD: 2010-11-21 - 07:29:50 - [90256916] ----D- C:\Program Files\DVD Maker

O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 2011-07-22 - 20:49:06 - [684656] ----D- C:\Program Files\Google

O43 - CFD: 2011-10-25 - 19:35:58 - [6652928] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2011-11-25 - 12:43:22 - [2096267] ----D- C:\Program Files\iPod

O43 - CFD: 2011-11-25 - 12:43:38 - [2501704] ----D- C:\Program Files\iTunes

O43 - CFD: 2010-11-21 - 07:29:46 - [149237810] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 2011-07-23 - 19:34:58 - [1139478] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 2011-07-31 - 14:30:44 - [23595127] ----D- C:\Program Files\Microsoft Security Client

O43 - CFD: 2009-07-14 - 06:32:40 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 2011-05-27 - 06:26:12 - [18408880] ----D- C:\Program Files\Realtek

O43 - CFD: 2009-07-14 - 06:32:40 - [36813993] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 2011-09-20 - 22:19:22 - [67472185] ----D- C:\Program Files\Saitek

O43 - CFD: 2011-08-10 - 21:22:38 - [1177089080] ----D- C:\Program Files\Ubisoft

O43 - CFD: 2009-07-14 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2010-11-21 - 07:19:02 - [4039680] ----D- C:\Program Files\Windows Defender

O43 - CFD: 2010-11-21 - 07:29:48 - [9224824] ----D- C:\Program Files\Windows Journal

O43 - CFD: 2011-08-09 - 07:31:20 - [7987385] ----D- C:\Program Files\Windows Live

O43 - CFD: 2010-11-21 - 07:19:02 - [6667776] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2010-11-21 - 07:19:02 - [7687085] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 2011-07-18 - 13:18:34 - [12627636] ----D- C:\Program Files\Windows NT

O43 - CFD: 2010-11-21 - 07:19:02 - [5516056] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 2010-11-21 - 04:31:36 - [244736] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 2010-11-21 - 07:19:02 - [7044767] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 2011-10-11 - 21:56:12 - [4524560] ----D- C:\Program Files\WinRAR

O43 - CFD: 2011-11-09 - 13:57:40 - [177192284] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 2011-09-26 - 18:07:10 - [6582134] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 2011-09-12 - 19:47:32 - [413448] ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD: 2011-08-09 - 07:31:12 - [66713094] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 2009-07-14 - 04:20:10 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 2009-07-14 - 04:20:10 - [608768] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 2011-11-15 - 14:30:30 - [12194291] ----D- C:\Program Files\Common Files\System

O43 - CFD: 2011-11-23 - 17:32:50 - [0] ----D- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

O43 - CFD: 2011-11-10 - 02:00:02 - [451262301] ----D- C:\ProgramData\Adobe

O43 - CFD: 2011-11-09 - 13:55:36 - [0] ----D- C:\ProgramData\ALM

O43 - CFD: 2011-05-27 - 06:31:16 - [3634] ----D- C:\ProgramData\AMD

O43 - CFD: 2011-10-01 - 22:51:10 - [81360033] ----D- C:\ProgramData\Apple

O43 - CFD: 2011-09-26 - 18:07:20 - [71308505] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 2011-09-12 - 20:11:38 - [187] ----D- C:\ProgramData\ATI

O43 - CFD: 2011-08-18 - 18:24:38 - [2407] ----D- C:\ProgramData\Avanquest

O43 - CFD: 2011-10-02 - 12:07:46 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 2011-11-23 - 17:35:56 - [26112] ----D- C:\ProgramData\BasicScan

O43 - CFD: 2011-11-23 - 17:33:12 - [1221219] ----D- C:\ProgramData\BrightBreezeSA

O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 2011-09-20 - 22:13:12 - [0] ----D- C:\ProgramData\CLSK

O43 - CFD: 2011-09-20 - 22:29:36 - [1553146] ----D- C:\ProgramData\CyberLink

O43 - CFD: 2011-11-09 - 13:33:32 - [1368] ----D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 2011-10-03 - 17:42:50 - [0] ----D- C:\ProgramData\DassaultSystemes

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 2011-09-30 - 21:10:48 - [5112052] ----D- C:\ProgramData\DivX

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 2011-05-27 - 06:28:32 - [2576262] ----D- C:\ProgramData\Downloaded Installations

O43 - CFD: 2011-09-20 - 22:18:00 - [360580] ----D- C:\ProgramData\eSellerate

O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 2011-07-22 - 20:49:18 - [539234] ----D- C:\ProgramData\Google

O43 - CFD: 2011-09-13 - 10:32:28 - [37050] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 2011-07-22 - 21:00:00 - [81454] ----D- C:\ProgramData\McAfee

O43 - CFD: 2011-10-11 - 16:15:16 - [6557674] ----D- C:\ProgramData\Megamedia

O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 2011-07-23 - 19:36:50 - [695230163] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 2011-10-31 - 20:21:48 - [66584] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 2011-07-18 - 13:18:34 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 2011-11-21 - 08:28:30 - [10909982] ----D- C:\ProgramData\Orange

O43 - CFD: 2011-10-12 - 22:15:46 - [392635] ----D- C:\ProgramData\Pinnacle

O43 - CFD: 2011-08-09 - 06:04:56 - [36560] ----D- C:\ProgramData\Pinnacle Studio Ultimate Collection

O43 - CFD: 2011-11-09 - 14:05:58 - [6867] ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 2011-08-09 - 21:47:30 - [524282] ----D- C:\ProgramData\Saitek

O43 - CFD: 2011-09-20 - 22:18:02 - [49123277] ----D- C:\ProgramData\SmartSound Software Inc

O43 - CFD: 2011-08-13 - 18:05:44 - [93464] ----D- C:\ProgramData\Sony Corporation

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 2011-03-02 - 11:49:54 - [189] ----D- C:\ProgramData\Sun

O43 - CFD: 2011-07-27 - 17:27:16 - [1373] ----D- C:\ProgramData\Tages

O43 - CFD: 2011-09-20 - 22:20:56 - [1709867] ----D- C:\ProgramData\Temp

O43 - CFD: 2009-07-14 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 2011-07-26 - 14:35:08 - [425] ----D- C:\ProgramData\Ubisoft

O43 - CFD: 2011-11-09 - 13:36:56 - [0] ----D- C:\ProgramData\Uniblue

O43 - CFD: 2011-09-26 - 18:07:32 - [894865] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 2011-11-17 - 22:07:16 - [264285178] ----D- C:\Users\Hervé\AppData\Roaming\Adobe

O43 - CFD: 2011-10-01 - 22:51:22 - [703356] ----D- C:\Users\Hervé\AppData\Roaming\Apple Computer

O43 - CFD: 2011-07-18 - 13:18:56 - [0] ----D- C:\Users\Hervé\AppData\Roaming\ATI

O43 - CFD: 2011-11-27 - 10:45:36 - [23551830] ----D- C:\Users\Hervé\AppData\Roaming\Azureus

O43 - CFD: 2011-10-02 - 12:07:46 - [6802] ----D- C:\Users\Hervé\AppData\Roaming\Babylon

O43 - CFD: 2011-11-09 - 19:01:00 - [9157516] ----D- C:\Users\Hervé\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 2011-10-11 - 16:45:50 - [16065] ----D- C:\Users\Hervé\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

O43 - CFD: 2011-09-28 - 19:38:24 - [33808730] ----D- C:\Users\Hervé\AppData\Roaming\CyberLink

O43 - CFD: 2011-11-09 - 13:38:24 - [106] ----D- C:\Users\Hervé\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 2011-10-03 - 17:42:50 - [16509] ----D- C:\Users\Hervé\AppData\Roaming\DassaultSystemes

O43 - CFD: 2011-09-30 - 21:11:08 - [192512] ----D- C:\Users\Hervé\AppData\Roaming\DivX

O43 - CFD: 2011-07-22 - 20:51:26 - [2378] ----D- C:\Users\Hervé\AppData\Roaming\Google

O43 - CFD: 2011-11-15 - 14:20:22 - [165] ----D- C:\Users\Hervé\AppData\Roaming\gtk-2.0

O43 - CFD: 2011-08-09 - 16:23:00 - [95330] ----D- C:\Users\Hervé\AppData\Roaming\HyperLobby

O43 - CFD: 2011-07-18 - 13:18:44 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Identities

O43 - CFD: 2011-11-12 - 17:23:46 - [614664] ----D- C:\Users\Hervé\AppData\Roaming\Image Zone Express

O43 - CFD: 2011-07-23 - 00:36:22 - [1519420] ----D- C:\Users\Hervé\AppData\Roaming\LibreOffice

O43 - CFD: 2011-10-13 - 17:38:18 - [799229] ----D- C:\Users\Hervé\AppData\Roaming\Macromedia

O43 - CFD: 2010-11-21 - 07:29:26 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Media Center Programs

O43 - CFD: 2011-08-11 - 21:57:02 - [68] ----D- C:\Users\Hervé\AppData\Roaming\Media Player Classic

O43 - CFD: 2011-10-11 - 16:15:28 - [7168] ----D- C:\Users\Hervé\AppData\Roaming\Megamedia

O43 - CFD: 2011-10-11 - 16:31:44 - [454978] ----D- C:\Users\Hervé\AppData\Roaming\Megaupload

O43 - CFD: 2011-11-08 - 19:53:54 - [5541239] -S--D- C:\Users\Hervé\AppData\Roaming\Microsoft

O43 - CFD: 2011-08-01 - 03:13:28 - [39249567] ----D- C:\Users\Hervé\AppData\Roaming\Mozilla

O43 - CFD: 2011-11-09 - 13:34:56 - [5845440] ----D- C:\Users\Hervé\AppData\Roaming\OpenCandy

O43 - CFD: 2011-09-17 - 18:26:34 - [659456] ----D- C:\Users\Hervé\AppData\Roaming\PCtuto

O43 - CFD: 2011-08-13 - 18:13:30 - [1442] ----D- C:\Users\Hervé\AppData\Roaming\Sony Corporation

O43 - CFD: 2011-08-24 - 06:27:22 - [23445] ----D- C:\Users\Hervé\AppData\Roaming\SoundSpectrum

O43 - CFD: 2011-07-26 - 14:47:20 - [180201] ----D- C:\Users\Hervé\AppData\Roaming\Ubisoft

O43 - CFD: 2011-08-09 - 05:21:00 - [1992749] ----D- C:\Users\Hervé\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1

O43 - CFD: 2011-11-09 - 14:58:38 - [25891041] ----D- C:\Users\Hervé\AppData\Roaming\Weecast

O43 - CFD: 2011-08-03 - 15:37:08 - [0] ----D- C:\Users\Hervé\AppData\Roaming\Windows Live Writer

O43 - CFD: 2011-10-11 - 21:58:42 - [12] ----D- C:\Users\Hervé\AppData\Roaming\WinRAR

O43 - CFD: 2011-11-10 - 21:11:54 - [44831698] ----D- C:\Users\Hervé\AppData\Local\Adobe

O43 - CFD: 2011-07-18 - 13:19:02 - [8] ----D- C:\Users\Hervé\AppData\Local\AMD

O43 - CFD: 2011-09-20 - 22:17:04 - [0] ----D- C:\Users\Hervé\AppData\Local\Apple

O43 - CFD: 2011-11-15 - 18:43:12 - [13977570] ----D- C:\Users\Hervé\AppData\Local\Apple Computer

O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Application Data

O43 - CFD: 2011-07-18 - 13:18:56 - [68071] ----D- C:\Users\Hervé\AppData\Local\ATI

O43 - CFD: 2011-10-02 - 12:07:46 - [3700063] ----D- C:\Users\Hervé\AppData\Local\Babylon

O43 - CFD: 2011-09-02 - 02:59:10 - [0] ----D- C:\Users\Hervé\AppData\Local\Conduit

O43 - CFD: 2011-11-25 - 16:12:06 - [0] ----D- C:\Users\Hervé\AppData\Local\CutePDF Writer

O43 - CFD: 2011-09-20 - 22:22:00 - [245424] ----D- C:\Users\Hervé\AppData\Local\Cyberlink

O43 - CFD: 2011-10-03 - 18:16:30 - [37025] ----D- C:\Users\Hervé\AppData\Local\DassaultSystemes

O43 - CFD: 2011-11-18 - 05:01:14 - [392483] ----D- C:\Users\Hervé\AppData\Local\Diagnostics

O43 - CFD: 2011-08-09 - 06:05:14 - [10515968] ----D- C:\Users\Hervé\AppData\Local\Downloaded Installations

O43 - CFD: 2011-08-08 - 19:41:06 - [115741] ----D- C:\Users\Hervé\AppData\Local\Downloader

O43 - CFD: 2011-11-21 - 01:52:08 - [395064] ----D- C:\Users\Hervé\AppData\Local\ElevatedDiagnostics

O43 - CFD: 2011-11-21 - 08:46:04 - [9493371] ----D- C:\Users\Hervé\AppData\Local\Google

O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Historique

O43 - CFD: 2011-10-11 - 16:15:14 - [14292394] ----D- C:\Users\Hervé\AppData\Local\Megamedia

O43 - CFD: 2011-11-02 - 20:27:44 - [1365905411] ----D- C:\Users\Hervé\AppData\Local\Microsoft

O43 - CFD: 2011-07-26 - 03:16:32 - [355213] ----D- C:\Users\Hervé\AppData\Local\Microsoft Games

O43 - CFD: 2011-11-08 - 19:53:54 - [106180] ----D- C:\Users\Hervé\AppData\Local\Microsoft Help

O43 - CFD: 2011-08-01 - 03:13:16 - [162359548] ----D- C:\Users\Hervé\AppData\Local\Mozilla

O43 - CFD: 2011-11-21 - 08:25:22 - [141] ----D- C:\Users\Hervé\AppData\Local\Orange

O43 - CFD: 2011-08-17 - 16:09:30 - [65537662] ----D- C:\Users\Hervé\AppData\Local\Pinnacle

O43 - CFD: 2011-11-25 - 01:24:14 - [890043] ----D- C:\Users\Hervé\AppData\Local\PokerStars.FR

O43 - CFD: 2011-08-24 - 06:27:22 - [0] ----D- C:\Users\Hervé\AppData\Local\SoundSpectrum

O43 - CFD: 2011-11-27 - 10:54:44 - [160337284] ----D- C:\Users\Hervé\AppData\Local\Temp

O43 - CFD: 2011-07-18 - 13:18:36 - [0] -SH-D- C:\Users\Hervé\AppData\Local\Temporary Internet Files

O43 - CFD: 2011-07-27 - 00:18:28 - [93476] ----D- C:\Users\Hervé\AppData\Local\VirtualStore

O43 - CFD: 2011-08-10 - 01:02:54 - [902] ----D- C:\Users\Hervé\AppData\Local\Western Digital

O43 - CFD: 2011-09-21 - 01:24:38 - [86016] ----D- C:\Users\Hervé\AppData\Local\Windows Live

O43 - CFD: 2011-08-03 - 15:37:16 - [648463] ----D- C:\Users\Hervé\AppData\Local\Windows Live Writer

O43 - CFD: 2011-09-10 - 15:43:46 - [314] ----D- C:\Users\Hervé\AppData\Local\Xobni

O43 - CFD: 2011-09-17 - 08:49:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{00C6E1EE-7F12-4A1B-836A-09425AB56AC2}

O43 - CFD: 2011-09-06 - 09:31:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{02CDDC35-2C18-4685-AFEB-EA128D69A99F}

O43 - CFD: 2011-09-14 - 08:50:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{02D1880F-6D24-4757-BDC2-C7AA634A94F4}

O43 - CFD: 2011-11-18 - 15:20:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{06AE5117-6586-4180-8ED3-AF013339006B}

O43 - CFD: 2011-09-16 - 13:04:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{080536D1-B102-4B5E-A3E5-4BF390433076}

O43 - CFD: 2011-08-29 - 16:54:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{0AEF8F1A-4E15-4E60-836D-C93151DD47FE}

O43 - CFD: 2011-08-19 - 14:10:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{0B7F197F-53A4-4A18-89E4-7EA606E2393E}

O43 - CFD: 2011-11-18 - 15:15:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{0BE27EF7-0A6F-4EC2-A1DA-19114F666AC0}

O43 - CFD: 2011-08-31 - 09:02:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{0F8319AD-DE52-4B88-8D7D-3B66ABF5256E}

O43 - CFD: 2011-09-12 - 19:48:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{1091C29D-5839-425B-B6D4-9F86FE8B562E}

O43 - CFD: 2011-08-10 - 21:39:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{114BFA07-5974-4ED6-800E-20E64805F2FA}

O43 - CFD: 2011-08-15 - 14:43:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{138D6D6E-8D2B-4C3D-A03F-388FA37BB539}

O43 - CFD: 2011-08-25 - 19:45:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{15311EA5-ED00-4EEC-8B83-9A636131737E}

O43 - CFD: 2011-09-12 - 14:21:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{175A740A-FA64-4A65-812D-EDCB2A8CB20E}

O43 - CFD: 2011-08-16 - 15:21:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{1934FCB2-1DFD-442A-A555-4EF6B3A876CB}

O43 - CFD: 2011-09-02 - 16:56:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{1AE4167C-5E09-4BF2-8A33-A8C4163CD428}

O43 - CFD: 2011-08-26 - 12:08:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{1BEFBF98-5975-4999-B53A-B3D812B41EE2}

O43 - CFD: 2011-08-17 - 14:34:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{1CE6C590-897E-4544-BAE9-3AC266BD3B64}

O43 - CFD: 2011-09-08 - 19:34:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{208B357A-2BB0-4ECA-922C-FA2C51671BDF}

O43 - CFD: 2011-08-16 - 02:43:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{22BB70D5-4F07-4A6E-99C5-678D5D24344B}

O43 - CFD: 2011-09-09 - 10:58:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{2531770D-54D2-41E0-B24C-35C4FC1FAB9C}

O43 - CFD: 2011-08-30 - 18:32:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{26A9CF44-FAC1-49A8-86DF-54A2649C7C7D}

O43 - CFD: 2011-08-25 - 06:54:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{2A8A30F3-7A71-418B-9549-8B771625F31C}

O43 - CFD: 2011-08-21 - 15:59:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{2CB132CC-6617-456A-8FB1-EB6336B9840A}

O43 - CFD: 2011-09-12 - 19:48:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{2D0CDD26-DFBB-4EC6-AC98-46F855D594E6}

O43 - CFD: 2011-09-15 - 17:29:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{2E2F4A09-79C3-42E1-9B41-2B5082C28671}

O43 - CFD: 2011-08-18 - 02:35:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{3028B61B-F5C8-4691-B373-081E2966AE32}

O43 - CFD: 2011-09-02 - 16:56:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{30AA4B2F-481E-45F2-A318-BB8BC7B4E180}

O43 - CFD: 2011-08-14 - 18:48:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{321CF00B-E85B-4EDE-BABB-640D8B9F9724}

O43 - CFD: 2011-09-13 - 10:00:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{32F7668A-3985-44E0-8726-99E5540611BB}

O43 - CFD: 2011-09-08 - 19:34:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{337BF2F3-70E9-41EE-B9FC-933EAE0FB634}

O43 - CFD: 2011-08-15 - 14:43:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{34696E30-3A52-491E-B636-9525078E889F}

O43 - CFD: 2011-08-18 - 02:35:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{34917689-FECA-4018-927B-C60B2982577D}

O43 - CFD: 2011-08-14 - 05:06:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{38B03F42-9731-46A5-BF4C-EFF17A6CB3E0}

O43 - CFD: 2011-09-12 - 14:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{3A5B7AD6-F3A9-4019-BACC-A4648AFFF14F}

O43 - CFD: 2011-09-19 - 08:16:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{3CD3CEFF-22B7-4331-B14A-1AF4377C10E1}

O43 - CFD: 2011-08-24 - 18:18:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{44CCCFC9-1D9C-4309-8BC5-0D235F1409D8}

O43 - CFD: 2011-08-16 - 15:21:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{4A85147F-6E6D-4410-86A9-4AB169D37911}

O43 - CFD: 2011-08-30 - 06:31:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{4B59F768-B4DA-4A38-ADDC-F734FB5E1F19}

O43 - CFD: 2011-09-14 - 08:50:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{4EE9E830-E44B-4568-A135-F30A1D3D5C04}

O43 - CFD: 2011-08-10 - 21:38:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{506E35F8-BEB6-40B3-B4E9-E951265DCFEC}

O43 - CFD: 2011-09-15 - 01:53:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{51439CE7-D7B3-4B14-8354-9344F61D8F49}

O43 - CFD: 2011-08-11 - 17:40:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526C8C8B-0640-4ABE-BF11-8EC60C353554}

O43 - CFD: 2011-08-31 - 21:03:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526CF8F9-AB33-4C0B-A0C8-C7EBBECDB6C7}

O43 - CFD: 2011-08-27 - 15:33:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{58A41A2F-3F90-4E3E-8378-F41A6362FA79}

O43 - CFD: 2011-09-08 - 07:33:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{5DA34096-EABB-45C1-A90B-5FB397F31F87}

O43 - CFD: 2011-08-24 - 06:17:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{5F8B8DED-80FF-4917-B693-705A09594FD3}

O43 - CFD: 2011-09-06 - 21:50:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{62DC2BBE-EC45-47CA-B2A1-62F4B05B573B}

O43 - CFD: 2011-09-13 - 10:00:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{6C7F6D01-F4FC-4647-988C-E4DEB0F25913}

O43 - CFD: 2011-09-21 - 01:24:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{72A7065B-8420-4123-9F64-57C6D9C62CD4}

O43 - CFD: 2011-09-06 - 09:31:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{72C57EA1-FE36-45E0-A2D1-675C553D5580}

O43 - CFD: 2011-08-25 - 06:54:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{73EB9416-C1CE-4BFA-9955-9513B5477699}

O43 - CFD: 2011-09-17 - 08:49:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{74C90F02-F7D0-4E06-B637-E445CAF36D06}

O43 - CFD: 2011-09-09 - 10:58:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{7521D90B-5587-4D8C-ABDB-0085989A54A4}

O43 - CFD: 2011-08-23 - 14:39:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{753B033E-7B44-4388-821B-35C9A1E88451}

O43 - CFD: 2011-08-29 - 02:55:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{7807ADC6-729B-4E34-8F83-900924F9006E}

O43 - CFD: 2011-08-30 - 18:32:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{78530A86-BAF6-41FB-BC41-C68B384B7F5B}

O43 - CFD: 2011-09-05 - 12:26:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{78955A57-E87D-48DF-A2D2-39645DACBA89}

O43 - CFD: 2011-09-04 - 09:50:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{78EA1059-B90A-42CB-81FD-A5B472C75949}

O43 - CFD: 2011-08-31 - 21:03:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{78F56C8F-A2ED-405A-A074-C67073F17289}

O43 - CFD: 2011-08-14 - 05:06:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{7912EDB7-44E3-4566-8FEF-4505029C6FAD}

O43 - CFD: 2011-08-09 - 15:21:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{7D7D0664-385B-4C08-AA40-2395620CD076}

O43 - CFD: 2011-08-24 - 18:18:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{81E640F7-668F-40A9-B443-E4D3779705AC}

O43 - CFD: 2011-08-29 - 02:55:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{8486F76A-DC91-42D8-94FC-E5DAF69C163F}

O43 - CFD: 2011-08-29 - 16:54:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{86F28ACC-CC36-427F-A260-E97806A1C9BB}

O43 - CFD: 2011-08-13 - 06:43:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{881ED1AD-65AA-47B0-9791-2530D7ABADAF}

O43 - CFD: 2011-08-27 - 15:32:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{8ACDE25E-21AE-4A2E-9750-F5FED095E5A5}

O43 - CFD: 2011-09-03 - 16:01:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{8BDB10D7-466E-480D-A67E-0396D2913E1B}

O43 - CFD: 2011-08-12 - 05:54:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{8CD7D08E-2CD7-4BCF-A78C-BCD90FA357BD}

O43 - CFD: 2011-08-18 - 14:36:32 - [0] ----D- C:\Users\Hervé\AppData\Local\{914EDD28-0687-4D51-B36A-5454BA9F81A2}

O43 - CFD: 2011-09-10 - 15:07:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{919DB16E-BFC0-4EF8-BF24-31F8F18E8C3A}

O43 - CFD: 2011-08-09 - 15:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{965A2E33-076F-4786-9D6C-A0A95BF39B82}

O43 - CFD: 2011-08-23 - 14:39:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{9670D023-A6C6-47A9-BE8A-EAA22CD690D6}

O43 - CFD: 2011-09-15 - 17:29:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{97C252B9-498B-4D59-AB92-93F85EE0E324}

O43 - CFD: 2011-08-11 - 17:40:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{99BABE23-9745-4CB1-8385-250BAE420CD9}

O43 - CFD: 2011-09-01 - 14:42:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{9ACDDE21-46F8-4139-BD6E-4596E75F2EFD}

O43 - CFD: 2011-09-18 - 14:22:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{9B9C7BE1-F1C5-4F1F-A4B7-CDFD031F2DCD}

O43 - CFD: 2011-08-13 - 06:43:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{A87877DA-3A14-4223-8808-4B23155BAF41}

O43 - CFD: 2011-09-16 - 13:03:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{AA85243A-B29A-4CBA-88DA-BDB09B71E293}

O43 - CFD: 2011-09-01 - 14:42:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{AD0E8C74-4AFF-41B6-89CC-60281F850083}

O43 - CFD: 2011-08-20 - 21:14:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{B0F5E5E5-326B-4910-AA06-0E3A35067E6E}

O43 - CFD: 2011-08-20 - 21:14:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{B177A1CC-DE7F-4602-B2D2-E7F1001F4ADF}

O43 - CFD: 2011-08-25 - 19:45:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{B41BFF44-EE11-4136-8F01-172686131269}

O43 - CFD: 2011-08-12 - 17:55:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{B5CAFB59-7E38-4998-B419-C1D16E8AA50C}

O43 - CFD: 2011-08-21 - 15:59:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{B7EED034-5993-45F1-A4FF-2D6C613F59EB}

O43 - CFD: 2011-09-06 - 21:50:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{BBD8A34E-54B5-4333-945E-3D0AB1B4BC33}

O43 - CFD: 2011-09-11 - 15:31:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{BDCB8339-FA3C-49D3-AEBB-1256B5B689E4}

O43 - CFD: 2011-09-11 - 15:31:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DA10AF-3139-4E74-AB53-C7B6AF166819}

O43 - CFD: 2011-08-22 - 19:39:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DE88E7-CA03-4F92-9D7B-454A8FEBEABA}

O43 - CFD: 2011-09-05 - 12:26:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{C35A66A5-98D1-42D9-AA9E-C99788B0E6A6}

O43 - CFD: 2011-08-26 - 12:08:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{C372D854-FE61-4E0F-90AF-E604F06B4F8D}

O43 - CFD: 2011-09-08 - 07:33:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{C7A189CF-4A45-4C5D-8A26-3413601A74DD}

O43 - CFD: 2011-08-30 - 06:31:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA6639DF-EC7B-467E-A45C-8256A05C3C81}

O43 - CFD: 2011-09-02 - 02:42:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA86A84E-2062-44DB-92DF-CDBC720038B0}

O43 - CFD: 2011-09-10 - 00:26:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CEEEE8CB-FC4E-46C6-83CC-390A605C6DA2}

O43 - CFD: 2011-08-27 - 00:21:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CF0FFDA6-0564-48FD-A3C5-5178F2BF8D1F}

O43 - CFD: 2011-09-10 - 15:06:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{CFD6336A-1813-4AEA-B644-42DE05BC5FF1}

O43 - CFD: 2011-08-12 - 05:54:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D160B31E-67E5-49EB-B51D-01BD86EFC9D9}

O43 - CFD: 2011-08-18 - 14:36:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{D421163D-A9D4-4348-B18E-F84096C3BB94}

O43 - CFD: 2011-08-20 - 09:13:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{D42FA5EC-ED50-45F2-9A34-3E51D7BD49F4}

O43 - CFD: 2011-08-17 - 14:35:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{D44B1131-78AE-404B-A4F3-4775EF6FC79C}

O43 - CFD: 2011-09-19 - 08:16:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D48EB198-3D95-42EA-9D8E-018D0AF2B96E}

O43 - CFD: 2011-09-03 - 16:02:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{D55A98E9-A37C-4BDB-81E1-BBE0826FE6CB}

O43 - CFD: 2011-09-07 - 13:48:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D59221BC-AA64-4125-9788-A668ACE11BF3}

O43 - CFD: 2011-08-14 - 18:48:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D6293C27-C29C-410C-8537-CAAE68FF75B9}

O43 - CFD: 2011-09-20 - 13:23:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{D87F46DD-665D-476A-8E41-F08D7BF7A0AE}

O43 - CFD: 2011-09-10 - 00:26:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{DA22390D-535A-4AFD-95BA-475A49BB02E4}

O43 - CFD: 2011-09-20 - 13:23:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{DDE402D3-77E3-4016-AE52-B81ACDE30CC9}

O43 - CFD: 2011-09-15 - 01:53:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DE426265-5B1A-4F8F-815F-6780FD23A035}

O43 - CFD: 2011-08-20 - 09:14:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DEDC5717-27A6-4C77-B568-17BB0FC6E448}

O43 - CFD: 2011-08-22 - 04:31:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{E0F412BB-286E-42A5-9AB1-907248897054}

O43 - CFD: 2011-08-16 - 02:44:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{E6F610BB-4F46-47C3-A741-5CD9D1188D19}

O43 - CFD: 2011-09-18 - 14:22:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{E7C6A7B2-1B5A-46FD-8694-B8D2CEE80D1C}

O43 - CFD: 2011-09-04 - 09:50:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{E8B0284E-F6E1-4AC9-8482-E18F07CD494E}

O43 - CFD: 2011-08-31 - 09:02:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{E9446A2C-53AC-4F76-BB3A-D332044FCB00}

O43 - CFD: 2011-08-28 - 14:55:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{EA579AD7-7833-417B-8BDA-D6ED170D6713}

O43 - CFD: 2011-08-22 - 19:39:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{EBCEBEDB-09C9-4941-B723-0D98D2626463}

O43 - CFD: 2011-08-12 - 17:55:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{EC8BD2CB-78C4-4C85-8ADE-3A49748FB6A5}

O43 - CFD: 2011-08-27 - 00:21:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{F08BF85D-F251-4666-AECA-B31BA4F3338C}

O43 - CFD: 2011-09-07 - 13:48:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{F20CC8A2-F19D-47A9-99F6-8B22E2EAC7A8}

O43 - CFD: 2011-08-28 - 14:55:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{F21CD5E0-401A-420B-8DE7-061119E0B133}

O43 - CFD: 2011-08-24 - 06:17:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{F24C3569-221D-44F8-8644-C2513D6F79C8}

O43 - CFD: 2011-09-02 - 02:42:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{F6225E5D-F011-4410-B84F-998ABA4AAF14}

O43 - CFD: 2011-08-19 - 14:10:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{FB4DDB94-BCFE-4890-A92D-E8FFD5FF887D}

O43 - CFD: 2011-09-21 - 01:24:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD440CCA-6FA6-4B3C-B5CD-DF246A7C713D}

O43 - CFD: 2011-08-22 - 04:30:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD511DA3-4602-4D99-A0F6-EC44D2DA10CE}

O43 - CFD: 2011-08-24 - 18:24:42 - [271938] ----D- C:\Program Files (x86)\Acro Software

O43 - CFD: 2011-11-23 - 17:27:24 - [5020005371] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 2011-09-17 - 17:54:04 - [2794315] ----D- C:\Program Files (x86)\Adobe Media Player

O43 - CFD: 2011-09-12 - 20:10:12 - [2436124] ----D- C:\Program Files (x86)\AMD APP

O43 - CFD: 2011-09-26 - 17:04:50 - [2428606] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 2011-09-12 - 19:47:22 - [42762632] ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 2011-11-24 - 01:32:52 - [991548] ----D- C:\Program Files (x86)\BasicScan

O43 - CFD: 2011-11-25 - 12:43:04 - [631120] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 2011-11-23 - 17:32:50 - [409218] ----D- C:\Program Files (x86)\BrightBreeze

O43 - CFD: 2011-11-18 - 17:58:14 - [1781147629] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 2011-09-20 - 22:21:20 - [454626790] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 2011-07-12 - 10:18:00 - [262144] ----D- C:\Program Files (x86)\D-Link AirPlus

O43 - CFD: 2011-11-23 - 17:32:56 - [241440] ----D- C:\Program Files (x86)\DealScout

O43 - CFD: 2011-09-30 - 21:10:50 - [103037152] ----D- C:\Program Files (x86)\DivX

O43 - CFD: 2011-11-12 - 23:21:08 - [112231986] ----D- C:\Program Files (x86)\GIMP-2.0

O43 - CFD: 2011-08-08 - 20:34:54 - [45764852] ----D- C:\Program Files (x86)\Google

O43 - CFD: 2011-08-24 - 18:25:28 - [8075602] ----D- C:\Program Files (x86)\GPLGS

O43 - CFD: 2011-11-23 - 17:43:44 - [103246685] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 2011-10-25 - 19:35:58 - [6468088] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 2011-08-03 - 18:14:50 - [773494] ----D- C:\Program Files (x86)\Iomega

O43 - CFD: 2011-11-25 - 12:43:36 - [147669125] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 2011-10-18 - 21:53:24 - [91769218] ----D- C:\Program Files (x86)\Java

O43 - CFD: 2011-08-11 - 21:56:28 - [45282901] ----D- C:\Program Files (x86)\K-Lite Codec Pack

O43 - CFD: 2011-09-24 - 19:36:42 - [7250304] ----D- C:\Program Files (x86)\lg_fwupdate

O43 - CFD: 2011-10-03 - 17:46:00 - [708069270] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 2011-07-31 - 02:07:32 - [1006208] ----D- C:\Program Files (x86)\Microsoft Security Client

O43 - CFD: 2011-10-25 - 19:38:20 - [38412395] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 2011-03-02 - 11:47:46 - [1829877] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 2011-07-23 - 19:37:04 - [14904] ----D- C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 2011-07-23 - 19:34:56 - [1387249] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 2011-07-25 - 20:14:18 - [3726168] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 2011-08-09 - 15:16:32 - [8167779] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 2011-07-23 - 19:37:10 - [26521] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 2011-08-09 - 21:35:44 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 2011-10-16 - 13:57:04 - [0] ----D- C:\Program Files (x86)\My Company Name

O43 - CFD: 2011-11-21 - 08:18:10 - [38784696] ----D- C:\Program Files (x86)\Orange

O43 - CFD: 2011-11-24 - 00:39:00 - [90344996] ----D- C:\Program Files (x86)\PokerStars.FR

O43 - CFD: 2011-05-27 - 06:25:52 - [3360505] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 2009-07-14 - 06:32:40 - [39159041] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 2011-05-27 - 06:28:42 - [1197242] ----D- C:\Program Files (x86)\Renesas Electronics

O43 - CFD: 2011-09-20 - 22:18:00 - [22354572] ----D- C:\Program Files (x86)\SmartSound Software

O43 - CFD: 2011-08-24 - 06:24:04 - [41880981] ----D- C:\Program Files (x86)\SoundSpectrum

O43 - CFD: 2011-09-12 - 19:47:30 - [5693312] ----D- C:\Program Files (x86)\SpeedFan

O43 - CFD: 2011-09-20 - 18:44:34 - [4842412836] ----D- C:\Program Files (x86)\Steam

O43 - CFD: 2011-05-27 - 06:27:20 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 2011-10-12 - 22:10:24 - [22046044] ----D- C:\Program Files (x86)\Ubisoft

O43 - CFD: 2009-07-14 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 2011-11-24 - 20:49:22 - [7276766] ----D- C:\Program Files (x86)\Winamax Poker

O43 - CFD: 2010-11-21 - 07:19:02 - [524800] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 2011-08-09 - 07:31:32 - [186735490] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 2010-11-21 - 07:19:02 - [6181376] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 2010-11-21 - 07:19:02 - [5579025] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 2009-07-14 - 06:32:40 - [12197556] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 2010-11-21 - 07:19:02 - [4417800] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 2010-11-21 - 04:31:40 - [189952] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 2010-11-21 - 07:19:02 - [5994626] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 2011-09-10 - 15:44:04 - [24314826] ----D- C:\Program Files (x86)\Xobni

O43 - CFD: 2011-11-09 - 15:01:56 - [988585904] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 2011-11-16 - 23:32:26 - [39378332] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 2011-11-25 - 12:43:22 - [103791979] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 2011-09-12 - 19:47:22 - [339208] ----D- C:\Program Files (x86)\Common Files\ATI Technologies

O43 - CFD: 2011-05-30 - 09:54:30 - [138024] ----D- C:\Program Files (x86)\Common Files\CyberLink

O43 - CFD: 2011-10-03 - 17:46:06 - [196160] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 2011-09-30 - 21:10:34 - [24656896] ----D- C:\Program Files (x86)\Common Files\DivX Shared

O43 - CFD: 2011-11-18 - 17:58:14 - [7549132] ----D- C:\Program Files (x86)\Common Files\France Telecom

O43 - CFD: 2011-09-13 - 10:35:12 - [647168] ----D- C:\Program Files (x86)\Common Files\HP

O43 - CFD: 2011-07-26 - 23:22:58 - [4969657] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 2011-10-18 - 21:53:48 - [1258951] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 2011-10-13 - 17:37:28 - [28160] ----D- C:\Program Files (x86)\Common Files\Macromedia

O43 - CFD: 2011-10-31 - 20:21:18 - [250674706] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 2011-08-09 - 06:05:20 - [0] ----D- C:\Program Files (x86)\Common Files\Pinnacle

O43 - CFD: 2011-11-09 - 13:47:40 - [4809008] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 2009-07-14 - 04:20:10 - [2702] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 2011-10-16 - 13:57:04 - [372019] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 2009-07-14 - 04:20:10 - [41103783] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 2011-08-09 - 09:56:18 - [411432] ----D- C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 2011-11-15 - 14:30:30 - [47837723] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 2011-10-13 - 17:37:30 - [1375667] ----D- C:\Program Files (x86)\Common Files\Vbox

O43 - CFD: 2011-03-02 - 11:46:56 - [263021018] ----D- C:\Program Files (x86)\Common Files\Windows Live

~ Scan Program Folder in 00mn 03s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.774687F2312F0749037F3F82E7F7DC2D] - 2011-03-19 - 16:05:37 ---A- . (...) -- C:\Windows\SysNative\xvidcore.dll [703488]

O44 - LFC:[MD5.774687F2312F0749037F3F82E7F7DC2D] - 2011-03-19 - 16:05:37 ---A- . (...) -- C:\Windows\system32\xvidcore.dll [703488]

O44 - LFC:[MD5.D239CA35ACD1EE0A3C6A82250DEB2589] - 2011-03-19 - 16:06:36 ---A- . (...) -- C:\Windows\SysNative\xvidvfw.dll [255488]

O44 - LFC:[MD5.D239CA35ACD1EE0A3C6A82250DEB2589] - 2011-03-19 - 16:06:36 ---A- . (...) -- C:\Windows\system32\xvidvfw.dll [255488]

O44 - LFC:[MD5.E5163BA9F0156E94F733F327F7029B61] - 2011-03-21 - 14:57:44 ---A- . (...) -- C:\Windows\SysNative\xvid.ax [173056]

O44 - LFC:[MD5.E5163BA9F0156E94F733F327F7029B61] - 2011-03-21 - 14:57:44 ---A- . (...) -- C:\Windows\system32\xvid.ax [173056]

O44 - LFC:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 2011-11-09 - 13:34:32 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912]

O44 - LFC:[MD5.5D47664D0624F0367C7A2A6FA9AA8C66] - 2011-11-18 - 15:24:46 ---A- . (...) -- C:\Windows\win.ini [665]

O44 - LFC:[MD5.1F24CF1F7DB6D4461AC65A86DB8E4BC2] - 2011-11-18 - 17:58:10 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [116224]

O44 - LFC:[MD5.4B5C07DB91A0099272FAAE732E1152BD] - 2011-11-18 - 17:58:10 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [116864]

O44 - LFC:[MD5.2E1B41D1904E0615C15FB568AD8B088E] - 2011-11-24 - 01:32:50 ---A- . (...) -- C:\Windows\PFRO.log [20380]

O44 - LFC:[MD5.F5B696A228B5A0B9D1415790242749F1] - 2011-11-24 - 01:33:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5203800]

O44 - LFC:[MD5.F5B696A228B5A0B9D1415790242749F1] - 2011-11-24 - 01:33:07 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [5203800]

O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 2011-11-25 - 12:43:36 ---A- . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\SysNative\GEARAspi64.dll [126312]

O44 - LFC:[MD5.E403AACF8C7BB11375122D2464560311] - 2011-11-25 - 12:43:36 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O44 - LFC:[MD5.AC0612BEB517CACF463E1F5EE76E52FD] - 2011-11-25 - 12:43:36 RSHAD . (.GEAR Software Inc. - GEARAspi (x64).) -- C:\Windows\system32\GEARAspi64.dll [126312]

O44 - LFC:[MD5.8F9F4D971D2D0B9294B37787550EADD1] - 2011-11-27 - 06:59:12 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.FF65ED49A8D3BFF2443E65849ACDDC94] - 2011-11-27 - 06:59:13 ---A- . (...) -- C:\Windows\setupact.log [93694]

O44 - LFC:[MD5.68878278C256DF3BC1236E92B89965BD] - 2011-11-27 - 07:10:47 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1859735]

O44 - LFC:[MD5.7BEB0242E37C4F1E25B82D281FEBB9AC] - 2011-11-27 - 10:51:23 ----- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1564030]

O44 - LFC:[MD5.7BEB0242E37C4F1E25B82D281FEBB9AC] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1564030]

O44 - LFC:[MD5.1A0C8EDF74801F54873098E5F2A1E6C3] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [108222]

O44 - LFC:[MD5.764A90606A2A805C82A28D590493CBFD] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132614]

O44 - LFC:[MD5.76DC7388207671FD51D538A1D2C37476] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [621002]

O44 - LFC:[MD5.C58D5DD8197AC5FE57555CCB4C171F74] - 2011-11-27 - 10:51:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [709286]

O44 - LFC:[MD5.1A0C8EDF74801F54873098E5F2A1E6C3] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [108222]

O44 - LFC:[MD5.764A90606A2A805C82A28D590493CBFD] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [132614]

O44 - LFC:[MD5.76DC7388207671FD51D538A1D2C37476] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [621002]

O44 - LFC:[MD5.C58D5DD8197AC5FE57555CCB4C171F74] - 2011-11-27 - 10:51:23 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [709286]

O44 - LFC:[MD5.15272F5536D4C9680EDEC1B6E4FB5466] - 2011-11-27 - 10:54:08 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

~ Scan Files in 00mn 01s

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "F:\Connectivity\ConnectivityManager.exe" [Enabled] .(.France Telecom SA - Pas de description.) -- F:\Connectivity\ConnectivityManager.exe

~ Scan Keys in 00mn 00s

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\system32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\system32\livessp.dll

~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{bfa56c5f-1204-11e1-b21c-1c6f65c06866}\AutoRun\command. (...) -- I:\AutoRunCardDetector.exe (.not file.)

O51 - MPSK:{e0ffad69-0acc-11e1-b05a-1c6f65c06866}\AutoRun\command. (...) -- G:\Formation.exe (.not file.)

~ Scan Keys in 00mn 00s

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.XVID"="xvidvfw.dll" . (...) -- C:\Windows\system32\xvidvfw.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"xvidvfw.dll"="Xvid MPEG-4 Video Codec" . (...) -- C:\Windows\system32\xvidvfw.dll

~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

O53 - SMSR:HKLM\...\startupreg\AdobeCS5ServiceManager [Key] . (.Adobe Systems Incorporated - Adobe CS5 Service Manager.) -- C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe

O53 - SMSR:HKLM\...\startupreg\BDRegion [Key] . (.cyberlink - brs.) -- C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

O53 - SMSR:HKLM\...\startupreg\boincmgr [Key] . (.Space Sciences Laboratory - BOINC Manager for Windows.) -- F:\BOINC\boincmgr.exe

O53 - SMSR:HKLM\...\startupreg\boinctray [Key] . (.Space Sciences Laboratory - BOINC System Tray for Windows.) -- F:\BOINC\boinctray.exe

O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- F:\DAEMON Tools Lite\DTLite.exe

O53 - SMSR:HKLM\...\startupreg\DivXUpdate [Key] . (.Pas de propriétaire - DivX Update.) -- C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe

O53 - SMSR:HKLM\...\startupreg\Iomega Home Storage Manager [Key] . (.Iomega Corporation - Iomega Home Media Network Discover Applicat.) -- C:\Program Files (x86)\Iomega\Home Storage Manager\Iomega Discovery.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\LGODDFU [Key] . (.BL - Pas de description.) -- C:\Program Files (x86)\lg_fwupdate\fwupdate.exe

O53 - SMSR:HKLM\...\startupreg\MailNotifier [Key] . (...) -- C:\Program Files (x86)\Orange\MailNotifier\MailNotifier.exe

O53 - SMSR:HKLM\...\startupreg\MediaGet2 [Key] . (...) -- C:\Users\Hervé\AppData\Local\MediaGet2\mediaget.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Mega Manager [Key] . (...) -- F:\MegaManager.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Megakey [Key] . (.Megamedia Ltd. - Megakey.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\Megakey.exe

O53 - SMSR:HKLM\...\startupreg\MegakeyUpdater [Key] . (.Megamedia Ltd. - Megakey Update.) -- C:\Users\Hervé\AppData\Local\Megamedia\Megakey\MegakeyUpdater.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\PMBVolumeWatcher [Key] . (.Sony Corporation - Media Check Tool.) -- F:\Caméscope\PMBVolumeWatcher.exe

O53 - SMSR:HKLM\...\startupreg\ProfilerU [Key] . (.Saitek - Saitek SST Profile Launcher.) -- C:\Program Files\Saitek\SD6\Software\ProfilerU.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- F:\Quick Time\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\RemoteControl9 [Key] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe

O53 - SMSR:HKLM\...\startupreg\SaiMfd [Key] . (.Saitek - Saitek MFD File System Driver.) -- C:\Program Files\Saitek\SD6\Software\SaiMfd.exe

O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\steam.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O53 - SMSR:HKLM\...\startupreg\SwitchBoard [Key] . (.Adobe Systems Incorporated - SwitchBoard Server (32 bit).) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

~ Scan SMSR Keys in 00mn 00s

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

~ Scan Keys in 00mn 00s

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 2009-06-10 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 2009-07-14 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 2011-05-27 - 08:18:24 RSHAD . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 2011-07-22 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 2009-06-10 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 2011-07-22 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.2FBB00A7616106B95104574C6CD640C2] - 2011-05-26 - 19:46:20 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amd_sata.sys [78976]

O58 - SDL:[MD5.87D0D7645CB0D53220649BD5FE15D93E] - 2011-05-26 - 19:46:20 RSHAD . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\system32\drivers\amd_xata.sys [38528]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 2009-07-13 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.03B7145C889603537E9FFEABB1AD1089] - 2005-03-29 - 01:30:38 RSHAD . (.Pas de propriétaire - ATK0110 ACPI Utility.) -- C:\Windows\system32\drivers\ASACPI.sys [8192]

O58 - SDL:[MD5.5D4529AC4156E16BEDB01441AE0CF984] - 2009-07-08 - 23:49:16 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\athrx.sys [1484800]

O58 - SDL:[MD5.DBB487D09F56C674430AC454FD8BCAB9] - 2011-09-12 - 23:07:00 RSHAD . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\AtihdW76.sys [231440]

O58 - SDL:[MD5.5B03217859B014B090CB5060C1D96875] - 2011-09-12 - 23:23:16 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9980416]

O58 - SDL:[MD5.35D2184A99AD4CD5D17284D6C9F382C9] - 2011-09-12 - 21:54:10 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [309248]

O58 - SDL:[MD5.E82E61F46D1336447F4DEFF8C074F13E] - 2011-05-26 - 10:15:36 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie64.sys [16440]

O58 - SDL:[MD5.B4BDE3F758A34658A37DFED3D9783CD8] - 2011-07-26 - 14:45:02 RSHAD . (...) -- C:\Windows\system32\drivers\atksgt.sys [88480]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 2009-06-10 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 2009-07-14 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 2009-07-14 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 2009-07-14 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 2009-07-14 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 2009-06-10 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 2009-07-14 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.D3D64CF7B2BCEAA34A270F45A3FFFB36] - 2011-11-09 - 13:34:32 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [270912]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 2009-06-10 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 2009-06-10 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.1F24CF1F7DB6D4461AC65A86DB8E4BC2] - 2011-11-18 - 12:45:35 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbfake.sys [116224]

O58 - SDL:[MD5.4B5C07DB91A0099272FAAE732E1152BD] - 2011-11-18 - 12:45:35 RSHAD . (.Huawei Technologies Co., Ltd. - USB Modem/Serial Device Driver.) -- C:\Windows\system32\drivers\ewusbmdm.sys [116864]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 2011-11-25 - 13:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 2009-07-13 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2010-11-21 - 04:23:47 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 2011-07-22 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 2009-07-13 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.955982BF4421B77722196552B62E8DC2] - 2011-07-26 - 14:45:02 RSHAD . (...) -- C:\Windows\system32\drivers\lirsgt.sys [46400]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.024DA28053D57E9E32BEE52600576BBB] - 2011-08-09 - 21:18:34 RSHAD . (.Pinnacle Systems GmbH - Pinnacle Marvin Discrete Bus Enumerator.) -- C:\Windows\system32\drivers\MarvinBus64.sys [261120]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 2009-06-10 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 2009-07-13 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 2009-07-13 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.01266516E6E88D183A2B58722EEB4443] - 2011-05-27 - 17:30:50 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Hub Driver.) -- C:\Windows\system32\drivers\nusb3hub.sys [87552]

O58 - SDL:[MD5.5EC04F55CC5F165F21752712437DF638] - 2011-05-27 - 17:30:54 RSHAD . (.Renesas Electronics Corporation - USB 3.0 Host Controller Driver.) -- C:\Windows\system32\drivers\nusb3xhc.sys [207872]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 2011-07-22 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 2011-07-22 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 2009-06-10 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 2009-07-13 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.4B42BC58294E83A6A92EC8B88C14C4A3] - 2010-06-23 - 09:10:56 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [344680]

O58 - SDL:[MD5.88798B4381FD58FAE2DA07880C177C5C] - 2011-05-27 - 14:33:48 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [2826984]

O58 - SDL:[MD5.248ABD858FF7DCC966E5A54529DDD225] - 2011-08-09 - 15:10:48 RSHAD . (.Saitek - Saitek Hid Driver.) -- C:\Windows\system32\drivers\SaiH0255.sys [171144]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 2009-07-14 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 2009-06-10 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 2009-07-13 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 2009-07-13 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 2011-09-26 - 07:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.573D192E268F0C5B486B7E96F661E538] - 2011-05-26 - 04:06:46 RSHAD . (.Advanced Micro Devices - AMD USB Filter Driver.) -- C:\Windows\system32\drivers\usbfilter.sys [47232]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 2009-07-14 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 2009-06-10 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

~ Scan Drivers in 00mn 00s

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 2011-07-28 - C:\Windows\system32\DRIVERS\atikmdag.sys - No object(No service) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - 2011-03-04 - C:\Windows\system32\DRIVERS\amd_sata.sys - No object(No service) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMD_SATA

O64 - Services: CurCS - 2011-06-24 - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys - No object(No service) .(.Advanced Micro Devices - AMD OverDrive Service Driver.) - LEGACY_AODDRIVER4.01

O64 - Services: CurCS - 2011-07-26 - C:\Windows\system32\DRIVERS\atksgt.sys - No object (No service) .(...) - LEGACY_ATKSGT

O64 - Services: CurCS - 2010-07-09 - F:\PC WIZARD\PC Wizard 2010\pcwiz_x64.sys - No object(No service) .(.Windows ® Win 7 DDK provider - CPUID Driver.) - LEGACY_CPUZ134

O64 - Services: CurCS - 2011-07-26 - C:\Windows\system32\DRIVERS\lirsgt.sys - No object (No service) .(...) - LEGACY_LIRSGT

O64 - Services: CurCS - 2011-03-18 - C:\Windows\Syswow64\speedfan.sys - No object(No service) .(.Almico Software - SpeedFan x64 Driver.) - LEGACY_SPEEDFAN

O64 - Services: CurCS - 2010-12-08 - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl - No object(No service) .(.CyberLink Corp. - Pas de description.) - LEGACY_{B154377D-700F-42CC-9474-23858FBDF4BD}

~ Scan Services in 00mn 00s

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <jsfile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- F:\Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)

O69 - SBI: prefs.js [Hervé - c96ns2wb.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");

O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} [DefaultScope] - (Search the web (Babylon)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKUS\.DEFAULT] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan

O69 - SBI: SearchScopes [HKUS\S-1-5-18] {33524C00-63FB-43DB-A6BF-0A4E14B24649} - (BasicScan) - Welcome to BasicScan

~ Scan Keys in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.8C800F6BFE1323CBB2741AF23ED2CF68] [sPRF][2011-11-27] (...) -- C:\Users\Hervé\AppData\Local\Temp\i4jdel0.exe [4608]

[MD5.475C87632DA49C2E5A818012B5E669FF] [sPRF][2010-03-23] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r52.) -- C:\Users\Hervé\AppData\Local\Temp\InstallAX.exe [2553344]

[MD5.738D8A6AC0F3E275B8143E8AC0CC0C7A] [sPRF][2010-03-23] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r52.) -- C:\Users\Hervé\AppData\Local\Temp\InstallPlugin.exe [2516992]

[MD5.359D655287B012A8E2032651CBA88741] [sPRF][2011-11-09] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssa_aih.bat [465]

[MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][2011-11-09] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssa_aih.exe [748648]

[MD5.347106DB7195AC85FACF9DD37DC97D9D] [sPRF][2011-10-06] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih.bat [465]

[MD5.82F5A14E50C93D364DB1FF843C384DAA] [sPRF][2011-10-06] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih.exe [742216]

[MD5.89191DE4D3DFE0592D5FDDB49F820F8F] [sPRF][2011-11-09] (...) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih_1.bat [473]

[MD5.D8D04241B5C165FA769EEE376D530E25] [sPRF][2011-11-09] (.Adobe Systems Incorporated - Adobe Reader Installer.) -- C:\Users\Hervé\AppData\Local\Temp\install_reader10_fr_mssd_aih_1.exe [748648]

[MD5.84151460F6E63CAE2C163D7202EEDB1C] [sPRF][2011-10-06] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Hervé\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe [910112]

[MD5.F0168A2D9CEE9BDD083BE324BF9A1530] [sPRF][2011-11-10] (...) -- C:\Users\Hervé\AppData\Local\Temp\mediaget-uninstaller.exe [33512]

[MD5.5A432A042DAE460ABE7199B758E8606C] [sPRF][2006-10-28] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\Hervé\AppData\Local\Temp\ose00000.exe [145184]

[MD5.9A2347903D6EDB84C10F288BC0578C1C] [sPRF][2011-10-06] (.Trend Micro Inc. - HijackThis.) -- C:\Users\Hervé\AppData\Local\Temp\TomsDownloader15149.exe [388608]

[MD5.DB42F2574BEB18AD52E7447ED12CFBBC] [sPRF][2011-11-27] (...) -- C:\Users\Hervé\Desktop\SecurityCheck.exe [879652]

~ Scan Files in 00mn 00s

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{DC5729A9-1E81-4923-8D4E-42BD1EEE371C}" | In - None - P6 - TRUE | .(.CyberLink Corp. - CyberLink PowerDVD Cinema Main Program.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe

O87 - FAEL: "{DB9B3A7E-A58A-46DD-9339-0541102ECCB7}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 9.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.exe

O87 - FAEL: "TCP Query User{01E6F533-A91E-4D6D-B229-F11EC7E31B0D}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" | In - Public - P6 - TRUE | .(.Iomega Corporation.) -- C:\program files (x86)\iomega\home storage manager\iomega dis

O87 - FAEL: "UDP Query User{465764C3-CF85-44F8-BB0B-3AD67AE44BEF}C:\program files (x86)\iomega\home storage manager\iomega discovery.exe" | In - Public - P17 - TRUE | .(.Iomega Corporation.) -- C:\program files (x86)\iomega\home storage manager\iomega di

O87 - FAEL: "TCP Query User{FE568698-1463-4627-9A80-831A9A2BED22}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Private - P6 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega st

O87 - FAEL: "UDP Query User{B2E6207D-F11B-446C-BCA5-063A24A460D4}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Private - P17 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega s

O87 - FAEL: "{4056D6AC-D284-4B23-8702-FC6A6929B36C}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{6A6A3D15-6146-49C3-B596-D043B245D428}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- C:\Program Files (x86)\Steam\Steam.exe

O87 - FAEL: "{5007BCF8-4926-4FD8-9356-D2EE528EEFA1}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.)

O87 - FAEL: "{4AE54B63-EE34-4AB2-8D30-1D4614E41269}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.)

O87 - FAEL: "{3BF3E757-BC9F-46DB-8DF2-A037AB1F9AD9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.)

O87 - FAEL: "{04406FB8-2AD4-478A-954A-BF5452064EA7}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.)

O87 - FAEL: "{1888ACC9-C9DA-4816-9F12-82F0829D74D9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.)

O87 - FAEL: "{1E5ECF32-5F54-4CCE-B733-D8B9180916E2}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.)

O87 - FAEL: "{68CE0C80-DACB-4EFA-9610-D3F4AC6B59B0}" | In - Private - P6 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST™ Install Manager.) -- C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe

O87 - FAEL: "{95715C02-98E8-4787-BF63-B069A8634102}" | In - Private - P17 - TRUE | .(.Advanced Micro Devices, Inc. - CATALYST™ Install Manager.) -- C:\Program Files (x86)\Steam\SteamApps\common\amd driver updater, vista and 7, 64 bit\Setup.exe

O87 - FAEL: "{EBE49B5F-7FC2-44D6-BCC6-BC2365A3D06D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.)

O87 - FAEL: "{4E69E0B6-BA1E-4F4A-AFB7-4E1CCB788A10}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\ma-config.com\maconfservice.exe (.not file.)

O87 - FAEL: "TCP Query User{5A1307FF-DB2A-441A-BCC0-F0AE2CDE14CE}F:\il2 1946\il2fb.exe" | In - Private - P6 - TRUE | .(...) -- F:\il2 1946\il2fb.exe

O87 - FAEL: "UDP Query User{184AA91E-B3EE-443F-A360-FD4B3109611A}F:\il2 1946\il2fb.exe" | In - Private - P17 - TRUE | .(...) -- F:\il2 1946\il2fb.exe

O87 - FAEL: "{F554C2D5-3E98-4107-AEFC-78FDBD3AF4E3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{A14BEBFE-1154-4D8C-B804-7F83D9C353E4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "TCP Query User{0E41019B-86C3-4A3F-94D3-05D807E8A519}C:\program files (x86)\vuze\azureus.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.)

O87 - FAEL: "UDP Query User{7A18DB04-0737-4E85-891A-190D442CDCAF}C:\program files (x86)\vuze\azureus.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.)

O87 - FAEL: "{CDECCACF-6E4F-443A-8243-AE1E8F0624EC}" | In - None - P17 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files\CyberLink\PowerDirector\PDR9.exe

O87 - FAEL: "{9F4DDA75-DEF7-4FEF-85CB-EB976C1BCD0A}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "TCP Query User{71F73550-0C69-4AC9-B50F-0FCDBA67B177}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "UDP Query User{8BCF1AC4-F1C2-4D0A-8DCD-7F23C4F02258}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "TCP Query User{BC820EF3-0192-4D06-B725-2462F9CC2BCB}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "UDP Query User{D04428CA-739E-4142-93E0-232F12F10611}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "TCP Query User{5A864B9F-5F44-49EC-9863-07BB81A69818}F:\catia\intel_a\code\bin\orbixd.exe" | In - Private - P6 - TRUE | .(...) -- F:\catia\intel_a\code\bin\orbixd.exe

O87 - FAEL: "UDP Query User{65DFFE21-4D72-49EB-86F6-827E38E89C95}F:\catia\intel_a\code\bin\orbixd.exe" | In - Private - P17 - TRUE | .(...) -- F:\catia\intel_a\code\bin\orbixd.exe

O87 - FAEL: "TCP Query User{9F1183AD-8A2B-4858-A95C-4BB724D06F25}F:\catia\intel_a\code\bin\cnext.exe" | In - Private - P6 - TRUE | .(.Dassault Systemes - CATIA.) -- F:\catia\intel_a\code\bin\cnext.exe

O87 - FAEL: "UDP Query User{BC11DE2E-9917-4C78-A53B-B3F0A1351AF8}F:\catia\intel_a\code\bin\cnext.exe" | In - Private - P17 - TRUE | .(.Dassault Systemes - CATIA.) -- F:\catia\intel_a\code\bin\cnext.exe

O87 - FAEL: "{37A78D22-5F6B-43C0-9895-9D265CFC8B9C}" |In - Private - P6 - TRUE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{B0D2F68C-643D-471A-9DD7-C8A01F59DB49}" |In - Private - P17 - TRUE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{55A399F8-4F5F-499B-BDA6-5E924F0EEF0E}" |In - Domain - P6 - FALSE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{CD4C1552-32CA-4115-84E1-C4396E65A0A8}" |In - Domain - P17 - FALSE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{E942F3FD-BD64-4211-A3AB-45AFB1C44946}" |In - Public - P6 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{4B32C787-1E99-4278-A12E-A9F819133104}" |In - Public - P17 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{8553FA20-FD00-4B62-9E06-3C1076F2BEEC}" | In - Public - P6 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "{EFE41EFE-E0AB-4DE6-B156-67802F62C293}" | In - Public - P17 - TRUE | .(.France Telecom SA - Orange Upd@te.) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "TCP Query User{498E4640-D799-4946-AEE6-F710E847F6D0}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Public - P6 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega sto

O87 - FAEL: "UDP Query User{AD957647-2235-45F0-A20A-69B5D2BC62E1}C:\program files (x86)\iomega\home storage manager\iomega storage manager.exe" | In - Public - P17 - TRUE | .(.Iomega Corp..) -- C:\program files (x86)\iomega\home storage manager\iomega st

O87 - FAEL: "TCP Query User{481BE1AF-77CD-4456-9526-91BF75525205}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" | In - Private - P6 - TRUE | .(.Adobe Systems Incorporated.) -- C:\program files\adobe\adobe after effects cs5\supp

O87 - FAEL: "UDP Query User{F28A8C89-9597-4F9D-B9F8-BB0F40759FE8}C:\program files\adobe\adobe after effects cs5\support files\afterfx.exe" | In - Private - P17 - TRUE | .(.Adobe Systems Incorporated.) -- C:\program files\adobe\adobe after effects cs5\sup

O87 - FAEL: "{62893FA2-18AE-4748-9A1C-5F8172037317}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{E37D8F17-DCE2-41F1-9194-6AE73AE22EBD}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{FC0EFA09-7D9A-4863-9CBF-1349031DC824}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{09545272-1542-4C87-A457-A9B4D521B315}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{9965C0AE-7BEC-4D3D-B6C8-7003B56813D7}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

~ Scan Firewall in 00mn 00s

---\\ Scan Additionnel (O88)

Database Version : 8852 - (28/10/2011)

Clés trouvées (Keys found) : 7

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 11

Fichiers trouvés (Files found) : 0

[HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}] =>Adware.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}] =>Toolbar.Babylon

[HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}] =>Toolbar.Babylon

[HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}] =>Toolbar.Babylon

[HKCU\Software\PCTuto] =>Spyware.AgenceExclusive

[HKLM\Software\WOW6432Node\PCTuto] =>Spyware.AgenceExclusive

C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65 =>Adware.Seekmo

C:\ProgramData\Babylon =>Toolbar.Babylon

C:\Users\Hervé\AppData\Roaming\Babylon =>Toolbar.Babylon

C:\Users\Hervé\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\Hervé\AppData\Roaming\PCTuto =>Spyware.AgenceExclusive

C:\Users\Hervé\AppData\Local\Babylon =>Toolbar.Babylon

C:\Users\Hervé\AppData\Local\Conduit =>Toolbar.Conduit

C:\Users\Hervé\AppData\LocalLow\Conduit =>Toolbar.Conduit

C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\Extensions\ffxtlbr@babylon.com =>Toolbar.Babylon

~ Scan Additionnel in 00mn 04s

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Disabled 2011-11-09 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SR - | Auto 2011-09-12 204288 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SR - | Auto 2011-09-12 361984 | (AMD FUEL Service) . (.Advanced Micro Devices, Inc..) - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

SS - | Auto 2011-11-25 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Disabled 26112 | (BasicScan Service) . (...) - C:\Program Files (x86)\BasicScan\basicscan.exe

SS - | Disabled 2011-10-03 49214 | (BBDemon) . (.Dassault Systemes.) - F:\catia\intel_a\code\bin\CATSysDemon.exe

SR - | Auto 2011-11-25 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 2011-11-18 77824 | (FTRTSVC) . (.France Telecom SA.) - C:\PROGRA~2\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe

SS - | Auto 2011-07-22 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 2011-07-22 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 2011-07-22 182768 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Demand 2011-11-25 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Auto 2011-11-21 1055872 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

SS - | Disabled 2011-08-13 360224 | (PMBDeviceInfoProvider) . (.Sony Corporation.) - F:\Caméscope\PMBDeviceInfoProvider.exe

SS - | Disabled 386344 | (RichVideo64) . (...) - C:\Program Files\CyberLink\Shared files\RichVideo64.exe

SS - | Disabled 2011-08-08 411432 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SS - | Demand 2011-11-09 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 2009-07-14 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

SR - | Auto 2011-09-10 62184 | (XobniService) . (.Xobni Corporation.) - C:\Program Files (x86)\Xobni\XobniService.exe

SR - | Auto 2011-05-30 146928 | ({B154377D-700F-42cc-9474-23858FBDF4BD}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\000.fcl

~ Scan Services in 00mn 04s

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Hervé at 2011-11-27 10:56:13

device: opened successfully

user: error reading MBR

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 06s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Hervé at 2011-11-27 10:56:15

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 08s

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

~ Scan Emulateurs in 00mn 08s

End of the scan (1616 lines in 00mn 21s)(0)

Modifié le 27 novembre 2011 par Acrobate

lance_yien · le 27 novembre 2011

Le site fonctionne, je viens d'essayer!

Toutes les instructions du post précédent sont à suivre.

La nouvelle liste à coller dans HPZFix est celle-ci (commençant par M2):

M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\ffxtlbr@babylon.com] [] Babylon v1.1.9 (.Babylon.)
[HKCU\Software\PCTUTO]

[HKLM\Software\Babylon]

[HKLM\Software\PCTuto]

O43 - CFD: 2011-11-23 - 17:32:50 - [0] ----D- C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

O43 - CFD: 2011-10-02 - 12:07:46 - [0] ----D- C:\ProgramData\Babylon

O43 - CFD: 2011-10-02 - 12:07:46 - [6802] ----D- C:\Users\Hervé\AppData\Roaming\Babylon

O43 - CFD: 2011-11-09 - 13:34:56 - [5845440] ----D- C:\Users\Hervé\AppData\Roaming\OpenCandy

O43 - CFD: 2011-09-17 - 18:26:34 - [659456] ----D- C:\Users\Hervé\AppData\Roaming\PCtuto

O43 - CFD: 2011-10-02 - 12:07:46 - [3700063] ----D- C:\Users\Hervé\AppData\Local\Babylon

O53 - SMSR:HKLM\...\startupreg\MediaGet2 [Key] . (...) -- C:\Users\Hervé\AppData\Local\MediaGet2\mediaget.exe (.not file.)

O87 - FAEL: "TCP Query User{71F73550-0C69-4AC9-B50F-0FCDBA67B177}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "UDP Query User{8BCF1AC4-F1C2-4D0A-8DCD-7F23C4F02258}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Private - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "TCP Query User{BC820EF3-0192-4D06-B725-2462F9CC2BCB}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P6 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

O87 - FAEL: "UDP Query User{D04428CA-739E-4142-93E0-232F12F10611}C:\users\hervé\appdata\local\mediaget2\mediaget.exe" |In - Public - P17 - TRUE | .(...) -- C:\users\hervé\appdata\local\mediaget2\mediaget.exe (.not file.)

[HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}]

[HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]

[HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]

[HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}]

[HKCU\Software\PCTuto]

[HKLM\Software\WOW6432Node\PCTuto]

C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

C:\ProgramData\Babylon

C:\Users\Hervé\AppData\Roaming\Babylon

C:\Users\Hervé\AppData\Roaming\OpenCandy

C:\Users\Hervé\AppData\Roaming\PCTuto

C:\Users\Hervé\AppData\Local\Babylon

C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\Extensions\ffxtlbr@babylon.com

C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\user.js (.not file.)

O4 - HKCU\..\Run: [AdobeBridge] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [PCTuto] Clé orpheline

O4 - HKUS\S-1-5-21-873311265-2648897643-4050429337-1001\..\Run: [AdobeBridge] Clé orpheline

O4 - Global Startup: C:\Users\Hervé\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PokerStars.fr.lnk . (.PokerStars.) -- C:\Program Files (x86)\PokerStars.FR\PokerStarsUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [RunAsStdUser Task] (...) -- C:\Program Files (x86)\BrightBreeze\bin\2.0.12.0\BrightBreezeSA.exe (.not file.)

O42 - Logiciel: PokerStars.fr - (.PokerStars.fr.) [HKLM] -- PokerStars.fr

O43 - CFD: 2011-11-09 - 14:05:58 - [6867] ----D- C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 2011-11-25 - 16:12:06 - [0] ----D- C:\Users\Hervé\AppData\Local\CutePDF Writer

O43 - CFD: 2011-11-25 - 01:24:14 - [890043] ----D- C:\Users\Hervé\AppData\Local\PokerStars.FR

O43 - CFD: 2011-09-17 - 08:49:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{00C6E1EE-7F12-4A1B-836A-09425AB56AC2}

O43 - CFD: 2011-09-06 - 09:31:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{02CDDC35-2C18-4685-AFEB-EA128D69A99F}

O43 - CFD: 2011-09-14 - 08:50:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{02D1880F-6D24-4757-BDC2-C7AA634A94F4}

O43 - CFD: 2011-11-18 - 15:20:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{06AE5117-6586-4180-8ED3-AF013339006B}

O43 - CFD: 2011-09-16 - 13:04:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{080536D1-B102-4B5E-A3E5-4BF390433076}

O43 - CFD: 2011-08-29 - 16:54:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{0AEF8F1A-4E15-4E60-836D-C93151DD47FE}

O43 - CFD: 2011-08-19 - 14:10:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{0B7F197F-53A4-4A18-89E4-7EA606E2393E}

O43 - CFD: 2011-11-18 - 15:15:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{0BE27EF7-0A6F-4EC2-A1DA-19114F666AC0}

O43 - CFD: 2011-08-31 - 09:02:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{0F8319AD-DE52-4B88-8D7D-3B66ABF5256E}

O43 - CFD: 2011-09-12 - 19:48:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{1091C29D-5839-425B-B6D4-9F86FE8B562E}

O43 - CFD: 2011-08-10 - 21:39:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{114BFA07-5974-4ED6-800E-20E64805F2FA}

O43 - CFD: 2011-08-15 - 14:43:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{138D6D6E-8D2B-4C3D-A03F-388FA37BB539}

O43 - CFD: 2011-08-25 - 19:45:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{15311EA5-ED00-4EEC-8B83-9A636131737E}

O43 - CFD: 2011-09-12 - 14:21:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{175A740A-FA64-4A65-812D-EDCB2A8CB20E}

O43 - CFD: 2011-08-16 - 15:21:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{1934FCB2-1DFD-442A-A555-4EF6B3A876CB}

O43 - CFD: 2011-09-02 - 16:56:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{1AE4167C-5E09-4BF2-8A33-A8C4163CD428}

O43 - CFD: 2011-08-26 - 12:08:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{1BEFBF98-5975-4999-B53A-B3D812B41EE2}

O43 - CFD: 2011-08-17 - 14:34:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{1CE6C590-897E-4544-BAE9-3AC266BD3B64}

O43 - CFD: 2011-09-08 - 19:34:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{208B357A-2BB0-4ECA-922C-FA2C51671BDF}

O43 - CFD: 2011-08-16 - 02:43:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{22BB70D5-4F07-4A6E-99C5-678D5D24344B}

O43 - CFD: 2011-09-09 - 10:58:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{2531770D-54D2-41E0-B24C-35C4FC1FAB9C}

O43 - CFD: 2011-08-30 - 18:32:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{26A9CF44-FAC1-49A8-86DF-54A2649C7C7D}

O43 - CFD: 2011-08-25 - 06:54:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{2A8A30F3-7A71-418B-9549-8B771625F31C}

O43 - CFD: 2011-08-21 - 15:59:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{2CB132CC-6617-456A-8FB1-EB6336B9840A}

O43 - CFD: 2011-09-12 - 19:48:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{2D0CDD26-DFBB-4EC6-AC98-46F855D594E6}

O43 - CFD: 2011-09-15 - 17:29:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{2E2F4A09-79C3-42E1-9B41-2B5082C28671}

O43 - CFD: 2011-08-18 - 02:35:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{3028B61B-F5C8-4691-B373-081E2966AE32}

O43 - CFD: 2011-09-02 - 16:56:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{30AA4B2F-481E-45F2-A318-BB8BC7B4E180}

O43 - CFD: 2011-08-14 - 18:48:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{321CF00B-E85B-4EDE-BABB-640D8B9F9724}

O43 - CFD: 2011-09-13 - 10:00:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{32F7668A-3985-44E0-8726-99E5540611BB}

O43 - CFD: 2011-09-08 - 19:34:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{337BF2F3-70E9-41EE-B9FC-933EAE0FB634}

O43 - CFD: 2011-08-15 - 14:43:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{34696E30-3A52-491E-B636-9525078E889F}

O43 - CFD: 2011-08-18 - 02:35:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{34917689-FECA-4018-927B-C60B2982577D}

O43 - CFD: 2011-08-14 - 05:06:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{38B03F42-9731-46A5-BF4C-EFF17A6CB3E0}

O43 - CFD: 2011-09-12 - 14:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{3A5B7AD6-F3A9-4019-BACC-A4648AFFF14F}

O43 - CFD: 2011-09-19 - 08:16:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{3CD3CEFF-22B7-4331-B14A-1AF4377C10E1}

O43 - CFD: 2011-08-24 - 18:18:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{44CCCFC9-1D9C-4309-8BC5-0D235F1409D8}

O43 - CFD: 2011-08-16 - 15:21:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{4A85147F-6E6D-4410-86A9-4AB169D37911}

O43 - CFD: 2011-08-30 - 06:31:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{4B59F768-B4DA-4A38-ADDC-F734FB5E1F19}

O43 - CFD: 2011-09-14 - 08:50:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{4EE9E830-E44B-4568-A135-F30A1D3D5C04}

O43 - CFD: 2011-08-10 - 21:38:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{506E35F8-BEB6-40B3-B4E9-E951265DCFEC}

O43 - CFD: 2011-09-15 - 01:53:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{51439CE7-D7B3-4B14-8354-9344F61D8F49}

O43 - CFD: 2011-08-11 - 17:40:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526C8C8B-0640-4ABE-BF11-8EC60C353554}

O43 - CFD: 2011-08-31 - 21:03:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{526CF8F9-AB33-4C0B-A0C8-C7EBBECDB6C7}

O43 - CFD: 2011-08-27 - 15:33:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{58A41A2F-3F90-4E3E-8378-F41A6362FA79}

O43 - CFD: 2011-09-08 - 07:33:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{5DA34096-EABB-45C1-A90B-5FB397F31F87}

O43 - CFD: 2011-08-24 - 06:17:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{5F8B8DED-80FF-4917-B693-705A09594FD3}

O43 - CFD: 2011-09-06 - 21:50:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{62DC2BBE-EC45-47CA-B2A1-62F4B05B573B}

O43 - CFD: 2011-09-13 - 10:00:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{6C7F6D01-F4FC-4647-988C-E4DEB0F25913}

O43 - CFD: 2011-09-21 - 01:24:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{72A7065B-8420-4123-9F64-57C6D9C62CD4}

O43 - CFD: 2011-09-06 - 09:31:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{72C57EA1-FE36-45E0-A2D1-675C553D5580}

O43 - CFD: 2011-08-25 - 06:54:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{73EB9416-C1CE-4BFA-9955-9513B5477699}

O43 - CFD: 2011-09-17 - 08:49:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{74C90F02-F7D0-4E06-B637-E445CAF36D06}

O43 - CFD: 2011-09-09 - 10:58:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{7521D90B-5587-4D8C-ABDB-0085989A54A4}

O43 - CFD: 2011-08-23 - 14:39:12 - [0] ----D- C:\Users\Hervé\AppData\Local\{753B033E-7B44-4388-821B-35C9A1E88451}

O43 - CFD: 2011-08-29 - 02:55:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{7807ADC6-729B-4E34-8F83-900924F9006E}

O43 - CFD: 2011-08-30 - 18:32:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{78530A86-BAF6-41FB-BC41-C68B384B7F5B}

O43 - CFD: 2011-09-05 - 12:26:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{78955A57-E87D-48DF-A2D2-39645DACBA89}

O43 - CFD: 2011-09-04 - 09:50:38 - [0] ----D- C:\Users\Hervé\AppData\Local\{78EA1059-B90A-42CB-81FD-A5B472C75949}

O43 - CFD: 2011-08-31 - 21:03:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{78F56C8F-A2ED-405A-A074-C67073F17289}

O43 - CFD: 2011-08-14 - 05:06:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{7912EDB7-44E3-4566-8FEF-4505029C6FAD}

O43 - CFD: 2011-08-09 - 15:21:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{7D7D0664-385B-4C08-AA40-2395620CD076}

O43 - CFD: 2011-08-24 - 18:18:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{81E640F7-668F-40A9-B443-E4D3779705AC}

O43 - CFD: 2011-08-29 - 02:55:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{8486F76A-DC91-42D8-94FC-E5DAF69C163F}

O43 - CFD: 2011-08-29 - 16:54:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{86F28ACC-CC36-427F-A260-E97806A1C9BB}

O43 - CFD: 2011-08-13 - 06:43:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{881ED1AD-65AA-47B0-9791-2530D7ABADAF}

O43 - CFD: 2011-08-27 - 15:32:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{8ACDE25E-21AE-4A2E-9750-F5FED095E5A5}

O43 - CFD: 2011-09-03 - 16:01:56 - [0] ----D- C:\Users\Hervé\AppData\Local\{8BDB10D7-466E-480D-A67E-0396D2913E1B}

O43 - CFD: 2011-08-12 - 05:54:46 - [0] ----D- C:\Users\Hervé\AppData\Local\{8CD7D08E-2CD7-4BCF-A78C-BCD90FA357BD}

O43 - CFD: 2011-08-18 - 14:36:32 - [0] ----D- C:\Users\Hervé\AppData\Local\{914EDD28-0687-4D51-B36A-5454BA9F81A2}

O43 - CFD: 2011-09-10 - 15:07:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{919DB16E-BFC0-4EF8-BF24-31F8F18E8C3A}

O43 - CFD: 2011-08-09 - 15:21:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{965A2E33-076F-4786-9D6C-A0A95BF39B82}

O43 - CFD: 2011-08-23 - 14:39:22 - [0] ----D- C:\Users\Hervé\AppData\Local\{9670D023-A6C6-47A9-BE8A-EAA22CD690D6}

O43 - CFD: 2011-09-15 - 17:29:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{97C252B9-498B-4D59-AB92-93F85EE0E324}

O43 - CFD: 2011-08-11 - 17:40:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{99BABE23-9745-4CB1-8385-250BAE420CD9}

O43 - CFD: 2011-09-01 - 14:42:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{9ACDDE21-46F8-4139-BD6E-4596E75F2EFD}

O43 - CFD: 2011-09-18 - 14:22:44 - [0] ----D- C:\Users\Hervé\AppData\Local\{9B9C7BE1-F1C5-4F1F-A4B7-CDFD031F2DCD}

O43 - CFD: 2011-08-13 - 06:43:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{A87877DA-3A14-4223-8808-4B23155BAF41}

O43 - CFD: 2011-09-16 - 13:03:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{AA85243A-B29A-4CBA-88DA-BDB09B71E293}

O43 - CFD: 2011-09-01 - 14:42:18 - [0] ----D- C:\Users\Hervé\AppData\Local\{AD0E8C74-4AFF-41B6-89CC-60281F850083}

O43 - CFD: 2011-08-20 - 21:14:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{B0F5E5E5-326B-4910-AA06-0E3A35067E6E}

O43 - CFD: 2011-08-20 - 21:14:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{B177A1CC-DE7F-4602-B2D2-E7F1001F4ADF}

O43 - CFD: 2011-08-25 - 19:45:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{B41BFF44-EE11-4136-8F01-172686131269}

O43 - CFD: 2011-08-12 - 17:55:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{B5CAFB59-7E38-4998-B419-C1D16E8AA50C}

O43 - CFD: 2011-08-21 - 15:59:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{B7EED034-5993-45F1-A4FF-2D6C613F59EB}

O43 - CFD: 2011-09-06 - 21:50:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{BBD8A34E-54B5-4333-945E-3D0AB1B4BC33}

O43 - CFD: 2011-09-11 - 15:31:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{BDCB8339-FA3C-49D3-AEBB-1256B5B689E4}

O43 - CFD: 2011-09-11 - 15:31:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DA10AF-3139-4E74-AB53-C7B6AF166819}

O43 - CFD: 2011-08-22 - 19:39:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{C2DE88E7-CA03-4F92-9D7B-454A8FEBEABA}

O43 - CFD: 2011-09-05 - 12:26:50 - [0] ----D- C:\Users\Hervé\AppData\Local\{C35A66A5-98D1-42D9-AA9E-C99788B0E6A6}

O43 - CFD: 2011-08-26 - 12:08:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{C372D854-FE61-4E0F-90AF-E604F06B4F8D}

O43 - CFD: 2011-09-08 - 07:33:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{C7A189CF-4A45-4C5D-8A26-3413601A74DD}

O43 - CFD: 2011-08-30 - 06:31:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA6639DF-EC7B-467E-A45C-8256A05C3C81}

O43 - CFD: 2011-09-02 - 02:42:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{CA86A84E-2062-44DB-92DF-CDBC720038B0}

O43 - CFD: 2011-09-10 - 00:26:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CEEEE8CB-FC4E-46C6-83CC-390A605C6DA2}

O43 - CFD: 2011-08-27 - 00:21:16 - [0] ----D- C:\Users\Hervé\AppData\Local\{CF0FFDA6-0564-48FD-A3C5-5178F2BF8D1F}

O43 - CFD: 2011-09-10 - 15:06:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{CFD6336A-1813-4AEA-B644-42DE05BC5FF1}

O43 - CFD: 2011-08-12 - 05:54:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D160B31E-67E5-49EB-B51D-01BD86EFC9D9}

O43 - CFD: 2011-08-18 - 14:36:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{D421163D-A9D4-4348-B18E-F84096C3BB94}

O43 - CFD: 2011-08-20 - 09:13:54 - [0] ----D- C:\Users\Hervé\AppData\Local\{D42FA5EC-ED50-45F2-9A34-3E51D7BD49F4}

O43 - CFD: 2011-08-17 - 14:35:02 - [0] ----D- C:\Users\Hervé\AppData\Local\{D44B1131-78AE-404B-A4F3-4775EF6FC79C}

O43 - CFD: 2011-09-19 - 08:16:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D48EB198-3D95-42EA-9D8E-018D0AF2B96E}

O43 - CFD: 2011-09-03 - 16:02:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{D55A98E9-A37C-4BDB-81E1-BBE0826FE6CB}

O43 - CFD: 2011-09-07 - 13:48:14 - [0] ----D- C:\Users\Hervé\AppData\Local\{D59221BC-AA64-4125-9788-A668ACE11BF3}

O43 - CFD: 2011-08-14 - 18:48:36 - [0] ----D- C:\Users\Hervé\AppData\Local\{D6293C27-C29C-410C-8537-CAAE68FF75B9}

O43 - CFD: 2011-09-20 - 13:23:52 - [0] ----D- C:\Users\Hervé\AppData\Local\{D87F46DD-665D-476A-8E41-F08D7BF7A0AE}

O43 - CFD: 2011-09-10 - 00:26:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{DA22390D-535A-4AFD-95BA-475A49BB02E4}

O43 - CFD: 2011-09-20 - 13:23:42 - [0] ----D- C:\Users\Hervé\AppData\Local\{DDE402D3-77E3-4016-AE52-B81ACDE30CC9}

O43 - CFD: 2011-09-15 - 01:53:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DE426265-5B1A-4F8F-815F-6780FD23A035}

O43 - CFD: 2011-08-20 - 09:14:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{DEDC5717-27A6-4C77-B568-17BB0FC6E448}

O43 - CFD: 2011-08-22 - 04:31:06 - [0] ----D- C:\Users\Hervé\AppData\Local\{E0F412BB-286E-42A5-9AB1-907248897054}

O43 - CFD: 2011-08-16 - 02:44:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{E6F610BB-4F46-47C3-A741-5CD9D1188D19}

O43 - CFD: 2011-09-18 - 14:22:34 - [0] ----D- C:\Users\Hervé\AppData\Local\{E7C6A7B2-1B5A-46FD-8694-B8D2CEE80D1C}

O43 - CFD: 2011-09-04 - 09:50:28 - [0] ----D- C:\Users\Hervé\AppData\Local\{E8B0284E-F6E1-4AC9-8482-E18F07CD494E}

O43 - CFD: 2011-08-31 - 09:02:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{E9446A2C-53AC-4F76-BB3A-D332044FCB00}

O43 - CFD: 2011-08-28 - 14:55:00 - [0] ----D- C:\Users\Hervé\AppData\Local\{EA579AD7-7833-417B-8BDA-D6ED170D6713}

O43 - CFD: 2011-08-22 - 19:39:24 - [0] ----D- C:\Users\Hervé\AppData\Local\{EBCEBEDB-09C9-4941-B723-0D98D2626463}

O43 - CFD: 2011-08-12 - 17:55:20 - [0] ----D- C:\Users\Hervé\AppData\Local\{EC8BD2CB-78C4-4C85-8ADE-3A49748FB6A5}

O43 - CFD: 2011-08-27 - 00:21:08 - [0] ----D- C:\Users\Hervé\AppData\Local\{F08BF85D-F251-4666-AECA-B31BA4F3338C}

O43 - CFD: 2011-09-07 - 13:48:04 - [0] ----D- C:\Users\Hervé\AppData\Local\{F20CC8A2-F19D-47A9-99F6-8B22E2EAC7A8}

O43 - CFD: 2011-08-28 - 14:55:10 - [0] ----D- C:\Users\Hervé\AppData\Local\{F21CD5E0-401A-420B-8DE7-061119E0B133}

O43 - CFD: 2011-08-24 - 06:17:40 - [0] ----D- C:\Users\Hervé\AppData\Local\{F24C3569-221D-44F8-8644-C2513D6F79C8}

O43 - CFD: 2011-09-02 - 02:42:30 - [0] ----D- C:\Users\Hervé\AppData\Local\{F6225E5D-F011-4410-B84F-998ABA4AAF14}

O43 - CFD: 2011-08-19 - 14:10:48 - [0] ----D- C:\Users\Hervé\AppData\Local\{FB4DDB94-BCFE-4890-A92D-E8FFD5FF887D}

O43 - CFD: 2011-09-21 - 01:24:26 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD440CCA-6FA6-4B3C-B5CD-DF246A7C713D}

O43 - CFD: 2011-08-22 - 04:30:58 - [0] ----D- C:\Users\Hervé\AppData\Local\{FD511DA3-4602-4D99-A0F6-EC44D2DA10CE}

O43 - CFD: 2011-11-24 - 00:39:00 - [90344996] ----D- C:\Program Files (x86)\PokerStars.FR

O51 - MPSK:{e0ffad69-0acc-11e1-b05a-1c6f65c06866}\AutoRun\command. (...) -- G:\Formation.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Mega Manager [Key] . (...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{5007BCF8-4926-4FD8-9356-D2EE528EEFA1}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.)

O87 - FAEL: "{4AE54B63-EE34-4AB2-8D30-1D4614E41269}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\RM.exe (.not file.)

O87 - FAEL: "{3BF3E757-BC9F-46DB-8DF2-A037AB1F9AD9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.)

O87 - FAEL: "{04406FB8-2AD4-478A-954A-BF5452064EA7}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\Studio.exe (.not file.)

O87 - FAEL: "{1888ACC9-C9DA-4816-9F12-82F0829D74D9}" |In - Private - P6 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.)

O87 - FAEL: "{1E5ECF32-5F54-4CCE-B733-D8B9180916E2}" |In - Private - P17 - TRUE | .(...) -- F:\PINNACLE\Programs\umi.exe (.not file.)

O87 - FAEL: "{37A78D22-5F6B-43C0-9895-9D265CFC8B9C}" |In - Private - P6 - TRUE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{B0D2F68C-643D-471A-9DD7-C8A01F59DB49}" |In - Private - P17 - TRUE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{55A399F8-4F5F-499B-BDA6-5E924F0EEF0E}" |In - Domain - P6 - FALSE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{CD4C1552-32CA-4115-84E1-C4396E65A0A8}" |In - Domain - P17 - FALSE | .(...) -- F:\MegaManager.exe (.not file.)

O87 - FAEL: "{E942F3FD-BD64-4211-A3AB-45AFB1C44946}" |In - Public - P6 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{4B32C787-1E99-4278-A12E-A9F819133104}" |In - Public - P17 - TRUE | .(...) -- D:\fscommand\CKSocketServer.exe (.not file.)

O43 - CFD: 2011-11-27 - 10:45:36 - [23551830] ----D- C:\Users\Hervé\AppData\Roaming\Azureus

O87 - FAEL: "{F554C2D5-3E98-4107-AEFC-78FDBD3AF4E3}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "{A14BEBFE-1154-4D8C-B804-7F83D9C353E4}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Vuze\Azureus.exe (.not file.)

O87 - FAEL: "TCP Query User{0E41019B-86C3-4A3F-94D3-05D807E8A519}C:\program files (x86)\vuze\azureus.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.)

O87 - FAEL: "UDP Query User{7A18DB04-0737-4E85-891A-190D442CDCAF}C:\program files (x86)\vuze\azureus.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\vuze\azureus.exe (.not file.)

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

G1 - GCS: Preference [user Data\Default] None

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

M2 - MFEP: prefs.js [Hervé - c96ns2wb.default\{ba14329e-9550-4989-b3f2-9732e92d17cc}] [] Vuze Remote Community Toolbar v3.8.0.8 (.Conduit Ltd..)

R3 - URLSearchHook: (no name) [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (...) (No version) -- (.not file.)

[HKCU\Software\Conduit]

[HKLM\Software\Conduit]

O43 - CFD: 2011-09-02 - 02:59:10 - [0] ----D- C:\Users\Hervé\AppData\Local\Conduit

O69 - SBI: prefs.js [Hervé - c96ns2wb.default] user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");

C:\Users\Hervé\AppData\Local\Conduit

C:\Users\Hervé\AppData\LocalLow\Conduit

EmptyTemp

EmptyFlash

Acrobate · le 27 novembre 2011

RE Lance,

Voici les 3 rapports demandés,

ZHPFixReport

Rapport de ZHPFix 1.12.3366 par Nicolas Coolman, Update du 26/10/2011

Fichier d'export Registre :

Run by Hervé at 2011-11-27 12:07:47

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

========== Logiciel(s) ==========

ABSENT Software Key: PokerStars.fr

========== Clé(s) du Registre ==========

SUPPRIME Key: HKCU\Software\PCTUTO

ABSENT Key: HKLM\Software\Babylon

ABSENT Key: HKLM\Software\PCTuto

SUPPRIME Key**: StartupReg: MediaGet2

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}

ABSENT Key: HKCU\Software\PCTuto

SUPPRIME Key: HKLM\Software\WOW6432Node\PCTuto

SUPPRIME CLSID MPSK: {e0ffad69-0acc-11e1-b05a-1c6f65c06866}

SUPPRIME Key**: StartupReg: Mega Manager

SUPPRIME Key: HKCU\Software\Conduit

ABSENT Key: HKLM\Software\Conduit

========== Valeur(s) du Registre ==========

SUPPRIME TCP Query User{71F73550-0C69-4AC9-B50F-0FCDBA67B177}C:/users/hervé/appdata/local/mediaget2/mediaget.exe

SUPPRIME UDP Query User{8BCF1AC4-F1C2-4D0A-8DCD-7F23C4F02258}C:/users/hervé/appdata/local/mediaget2/mediaget.exe

SUPPRIME TCP Query User{BC820EF3-0192-4D06-B725-2462F9CC2BCB}C:/users/hervé/appdata/local/mediaget2/mediaget.exe

SUPPRIME UDP Query User{D04428CA-739E-4142-93E0-232F12F10611}C:/users/hervé/appdata/local/mediaget2/mediaget.exe

SUPPRIME RunValue: AdobeBridge

SUPPRIME RunValue: PCTuto

ABSENT RunValue: AdobeBridge

SUPPRIME {5007BCF8-4926-4FD8-9356-D2EE528EEFA1}

SUPPRIME {4AE54B63-EE34-4AB2-8D30-1D4614E41269}

SUPPRIME {3BF3E757-BC9F-46DB-8DF2-A037AB1F9AD9}

SUPPRIME {04406FB8-2AD4-478A-954A-BF5452064EA7}

SUPPRIME {1888ACC9-C9DA-4816-9F12-82F0829D74D9}

SUPPRIME {1E5ECF32-5F54-4CCE-B733-D8B9180916E2}

SUPPRIME {37A78D22-5F6B-43C0-9895-9D265CFC8B9C}

SUPPRIME {B0D2F68C-643D-471A-9DD7-C8A01F59DB49}

SUPPRIME {55A399F8-4F5F-499B-BDA6-5E924F0EEF0E}

SUPPRIME {CD4C1552-32CA-4115-84E1-C4396E65A0A8}

SUPPRIME {E942F3FD-BD64-4211-A3AB-45AFB1C44946}

SUPPRIME {4B32C787-1E99-4278-A12E-A9F819133104}

SUPPRIME {F554C2D5-3E98-4107-AEFC-78FDBD3AF4E3}

SUPPRIME {A14BEBFE-1154-4D8C-B804-7F83D9C353E4}

SUPPRIME TCP Query User{0E41019B-86C3-4A3F-94D3-05D807E8A519}C:/program files (x86)/vuze/azureus.exe

SUPPRIME UDP Query User{7A18DB04-0737-4E85-891A-190D442CDCAF}C:/program files (x86)/vuze/azureus.exe

SUPPRIME MWPS Value: EnableUIADesktopToggle

SUPPRIME MWPS Value: FilterAdministratorToken

SUPPRIME MWPE Value: NoActiveDesktop

SUPPRIME MWPE Value: NoActiveDesktopChanges

SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc}

========== Elément(s) de donnée du Registre ==========

REMPLACE Value NoActiveDesktopChanges : Good (0) - Bad (1)

SUPPRIME R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy

========== Préférences navigateur ==========

PRESENT Chrome File: C:\Users\Hervé\AppData\Local\Google\Chrome\User Data\Default\Preferences

ABSENT Chrome Site: None

SUPPRIME Mozilla Pref: user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&q=");

========== Dossier(s) ==========

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\extensions\ffxtlbr@babylon.com

SUPPRIME Folder: C:\ProgramData\2ACA5CC3-0F83-453D-A079-1076FE1A8B65

SUPPRIME Folder: C:\ProgramData\Babylon

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Babylon

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\OpenCandy

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\PCtuto

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\Babylon

SUPPRIME Folder: C:\ProgramData\regid.1986-12.com.adobe

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\CutePDF Writer

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\PokerStars.FR

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{00C6E1EE-7F12-4A1B-836A-09425AB56AC2}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{02CDDC35-2C18-4685-AFEB-EA128D69A99F}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{02D1880F-6D24-4757-BDC2-C7AA634A94F4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{06AE5117-6586-4180-8ED3-AF013339006B}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{080536D1-B102-4B5E-A3E5-4BF390433076}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0AEF8F1A-4E15-4E60-836D-C93151DD47FE}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0B7F197F-53A4-4A18-89E4-7EA606E2393E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0BE27EF7-0A6F-4EC2-A1DA-19114F666AC0}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{0F8319AD-DE52-4B88-8D7D-3B66ABF5256E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1091C29D-5839-425B-B6D4-9F86FE8B562E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{114BFA07-5974-4ED6-800E-20E64805F2FA}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{138D6D6E-8D2B-4C3D-A03F-388FA37BB539}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{15311EA5-ED00-4EEC-8B83-9A636131737E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{175A740A-FA64-4A65-812D-EDCB2A8CB20E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1934FCB2-1DFD-442A-A555-4EF6B3A876CB}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1AE4167C-5E09-4BF2-8A33-A8C4163CD428}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1BEFBF98-5975-4999-B53A-B3D812B41EE2}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{1CE6C590-897E-4544-BAE9-3AC266BD3B64}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{208B357A-2BB0-4ECA-922C-FA2C51671BDF}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{22BB70D5-4F07-4A6E-99C5-678D5D24344B}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2531770D-54D2-41E0-B24C-35C4FC1FAB9C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{26A9CF44-FAC1-49A8-86DF-54A2649C7C7D}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2A8A30F3-7A71-418B-9549-8B771625F31C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2CB132CC-6617-456A-8FB1-EB6336B9840A}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2D0CDD26-DFBB-4EC6-AC98-46F855D594E6}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{2E2F4A09-79C3-42E1-9B41-2B5082C28671}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3028B61B-F5C8-4691-B373-081E2966AE32}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{30AA4B2F-481E-45F2-A318-BB8BC7B4E180}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{321CF00B-E85B-4EDE-BABB-640D8B9F9724}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{32F7668A-3985-44E0-8726-99E5540611BB}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{337BF2F3-70E9-41EE-B9FC-933EAE0FB634}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{34696E30-3A52-491E-B636-9525078E889F}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{34917689-FECA-4018-927B-C60B2982577D}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{38B03F42-9731-46A5-BF4C-EFF17A6CB3E0}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3A5B7AD6-F3A9-4019-BACC-A4648AFFF14F}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{3CD3CEFF-22B7-4331-B14A-1AF4377C10E1}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{44CCCFC9-1D9C-4309-8BC5-0D235F1409D8}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4A85147F-6E6D-4410-86A9-4AB169D37911}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4B59F768-B4DA-4A38-ADDC-F734FB5E1F19}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{4EE9E830-E44B-4568-A135-F30A1D3D5C04}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{506E35F8-BEB6-40B3-B4E9-E951265DCFEC}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{51439CE7-D7B3-4B14-8354-9344F61D8F49}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{526C8C8B-0640-4ABE-BF11-8EC60C353554}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{526CF8F9-AB33-4C0B-A0C8-C7EBBECDB6C7}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{58A41A2F-3F90-4E3E-8378-F41A6362FA79}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{5DA34096-EABB-45C1-A90B-5FB397F31F87}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{5F8B8DED-80FF-4917-B693-705A09594FD3}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{62DC2BBE-EC45-47CA-B2A1-62F4B05B573B}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{6C7F6D01-F4FC-4647-988C-E4DEB0F25913}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{72A7065B-8420-4123-9F64-57C6D9C62CD4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{72C57EA1-FE36-45E0-A2D1-675C553D5580}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{73EB9416-C1CE-4BFA-9955-9513B5477699}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{74C90F02-F7D0-4E06-B637-E445CAF36D06}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7521D90B-5587-4D8C-ABDB-0085989A54A4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{753B033E-7B44-4388-821B-35C9A1E88451}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7807ADC6-729B-4E34-8F83-900924F9006E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78530A86-BAF6-41FB-BC41-C68B384B7F5B}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78955A57-E87D-48DF-A2D2-39645DACBA89}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78EA1059-B90A-42CB-81FD-A5B472C75949}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{78F56C8F-A2ED-405A-A074-C67073F17289}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7912EDB7-44E3-4566-8FEF-4505029C6FAD}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{7D7D0664-385B-4C08-AA40-2395620CD076}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{81E640F7-668F-40A9-B443-E4D3779705AC}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8486F76A-DC91-42D8-94FC-E5DAF69C163F}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{86F28ACC-CC36-427F-A260-E97806A1C9BB}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{881ED1AD-65AA-47B0-9791-2530D7ABADAF}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8ACDE25E-21AE-4A2E-9750-F5FED095E5A5}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8BDB10D7-466E-480D-A67E-0396D2913E1B}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{8CD7D08E-2CD7-4BCF-A78C-BCD90FA357BD}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{914EDD28-0687-4D51-B36A-5454BA9F81A2}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{919DB16E-BFC0-4EF8-BF24-31F8F18E8C3A}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{965A2E33-076F-4786-9D6C-A0A95BF39B82}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9670D023-A6C6-47A9-BE8A-EAA22CD690D6}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{97C252B9-498B-4D59-AB92-93F85EE0E324}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{99BABE23-9745-4CB1-8385-250BAE420CD9}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9ACDDE21-46F8-4139-BD6E-4596E75F2EFD}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{9B9C7BE1-F1C5-4F1F-A4B7-CDFD031F2DCD}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{A87877DA-3A14-4223-8808-4B23155BAF41}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{AA85243A-B29A-4CBA-88DA-BDB09B71E293}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{AD0E8C74-4AFF-41B6-89CC-60281F850083}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B0F5E5E5-326B-4910-AA06-0E3A35067E6E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B177A1CC-DE7F-4602-B2D2-E7F1001F4ADF}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B41BFF44-EE11-4136-8F01-172686131269}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B5CAFB59-7E38-4998-B419-C1D16E8AA50C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{B7EED034-5993-45F1-A4FF-2D6C613F59EB}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{BBD8A34E-54B5-4333-945E-3D0AB1B4BC33}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{BDCB8339-FA3C-49D3-AEBB-1256B5B689E4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C2DA10AF-3139-4E74-AB53-C7B6AF166819}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C2DE88E7-CA03-4F92-9D7B-454A8FEBEABA}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C35A66A5-98D1-42D9-AA9E-C99788B0E6A6}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C372D854-FE61-4E0F-90AF-E604F06B4F8D}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{C7A189CF-4A45-4C5D-8A26-3413601A74DD}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CA6639DF-EC7B-467E-A45C-8256A05C3C81}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CA86A84E-2062-44DB-92DF-CDBC720038B0}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CEEEE8CB-FC4E-46C6-83CC-390A605C6DA2}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CF0FFDA6-0564-48FD-A3C5-5178F2BF8D1F}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{CFD6336A-1813-4AEA-B644-42DE05BC5FF1}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D160B31E-67E5-49EB-B51D-01BD86EFC9D9}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D421163D-A9D4-4348-B18E-F84096C3BB94}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D42FA5EC-ED50-45F2-9A34-3E51D7BD49F4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D44B1131-78AE-404B-A4F3-4775EF6FC79C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D48EB198-3D95-42EA-9D8E-018D0AF2B96E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D55A98E9-A37C-4BDB-81E1-BBE0826FE6CB}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D59221BC-AA64-4125-9788-A668ACE11BF3}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D6293C27-C29C-410C-8537-CAAE68FF75B9}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{D87F46DD-665D-476A-8E41-F08D7BF7A0AE}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DA22390D-535A-4AFD-95BA-475A49BB02E4}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DDE402D3-77E3-4016-AE52-B81ACDE30CC9}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DE426265-5B1A-4F8F-815F-6780FD23A035}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{DEDC5717-27A6-4C77-B568-17BB0FC6E448}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E0F412BB-286E-42A5-9AB1-907248897054}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E6F610BB-4F46-47C3-A741-5CD9D1188D19}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E7C6A7B2-1B5A-46FD-8694-B8D2CEE80D1C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E8B0284E-F6E1-4AC9-8482-E18F07CD494E}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{E9446A2C-53AC-4F76-BB3A-D332044FCB00}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EA579AD7-7833-417B-8BDA-D6ED170D6713}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EBCEBEDB-09C9-4941-B723-0D98D2626463}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{EC8BD2CB-78C4-4C85-8ADE-3A49748FB6A5}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F08BF85D-F251-4666-AECA-B31BA4F3338C}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F20CC8A2-F19D-47A9-99F6-8B22E2EAC7A8}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F21CD5E0-401A-420B-8DE7-061119E0B133}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F24C3569-221D-44F8-8644-C2513D6F79C8}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{F6225E5D-F011-4410-B84F-998ABA4AAF14}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FB4DDB94-BCFE-4890-A92D-E8FFD5FF887D}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FD440CCA-6FA6-4B3C-B5CD-DF246A7C713D}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\{FD511DA3-4602-4D99-A0F6-EC44D2DA10CE}

SUPPRIME Folder: C:\Program Files (x86)\PokerStars.FR

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Azureus

SUPPRIME Folder: C:\Users\Hervé\AppData\Roaming\Mozilla\Firefox\Profiles\c96ns2wb.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Folder: C:\Users\Hervé\AppData\Local\Conduit

SUPPRIME Folder: c:\users\hervé\appdata\locallow\conduit

SUPPRIME Temporaires Windows: : 426

SUPPRIME Flash Cookies: 144

========== Fichier(s) ==========

ABSENT File: c:\users\hervé\appdata\local\mediaget2\mediaget.exe

ABSENT Folder/File: c:\programdata\2aca5cc3-0f83-453d-a079-1076fe1a8b65

ABSENT Folder/File: c:\programdata\babylon

ABSENT Folder/File: c:\users\hervé\appdata\roaming\babylon

ABSENT Folder/File: c:\users\hervé\appdata\roaming\opencandy

ABSENT Folder/File: c:\users\hervé\appdata\roaming\pctuto

ABSENT Folder/File: c:\users\hervé\appdata\local\babylon

ABSENT Folder/File: c:\users\hervé\appdata\roaming\mozilla\firefox\profiles\c96ns2wb.default\extensions\ffxtlbr@babylon.com

ABSENT Folder/File: c:\users\hervé\appdata\roaming\mozilla\firefox\profiles\c96ns2wb.default\user.js (.not file.)

SUPPRIME File: c:\users\hervé\appdata\roaming\microsoft\internet explorer\quick launch\pokerstars.fr.lnk

SUPPRIME File: c:\program files (x86)\pokerstars.fr\pokerstarsupdate.exe

ABSENT File: f:\megamanager.exe

ABSENT Folder/File: c:\users\hervé\appdata\local\conduit

SUPPRIME Temporaires Windows: : 526

SUPPRIME Flash Cookies: 90

========== Tache planifiée ==========

SUPPRIME Task: RunAsStdUser Task

========== Récapitulatif ==========

15 : Clé(s) du Registre

28 : Valeur(s) du Registre

2 : Elément(s) de donnée du Registre

143 : Dossier(s)

15 : Fichier(s)

1 : Logiciel(s)

3 : Préférences navigateur

1 : Tache planifiée

End of clean in 00mn 13s

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 2011-11-27 12:07:47 [16901]

=======================================================

Malwarebytes

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org

Version de la base de données: 8251

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

2011-11-27 12:22:07

mbam-log-2011-11-27 (12-22-07).txt

Type d'examen: Examen rapide

Elément(s) analysé(s): 180321

Temps écoulé: 1 minute(s), 5 seconde(s)

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 3

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 3

Fichier(s) infecté(s): 7

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BasicScan Service (Adware.Agent.ZGen) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\Software\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\BrightBreeze (Adware.HotBar.BB) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

Dossier(s) infecté(s):

c:\program files (x86)\brightbreeze\bin (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\program files (x86)\brightbreeze\bin\2.0.12.0 (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\programdata\brightbreezesa (Adware.HotBar.BB) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):

c:\program files (x86)\basicscan\basicscan.exe (Adware.Agent.ZGen) -> Quarantined and deleted successfully.

c:\program files (x86)\brightbreeze\bin\2.0.12.0\brightbreezesacb.exe (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\program files (x86)\brightbreeze\bin\2.0.12.0\brightbreezesahook.dll (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\program files (x86)\brightbreeze\bin\2.0.12.0\copyright.txt (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\programdata\brightbreezesa\brightbreezesa.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\programdata\brightbreezesa\brightbreezesaau_update.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.

c:\programdata\brightbreezesa\brightbreezesa_kyf_update.dat (Adware.HotBar.BB) -> Quarantined and deleted successfully.

=====================================

SecurityCheck

Results of screen317's Security Check version 0.99.28

Windows 7 x64 (UAC is enabled)

Internet Explorer 9

``````````````````````````````

Antivirus/Firewall Check:

Windows Security Center service is not running! This report may not be accurate!

WMI entry may not exist for antivirus; attempting automatic update.

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

Java 6 Update 29

Adobe Flash Player 11.0.1.152

Adobe Reader X (10.1.1)

Mozilla Firefox (7.0.1) Firefox out of Date!

````````````````````````````````

Process Check:

objlist.exe by Laurent

Windows Defender MSMpEng.exe

Malwarebytes' Anti-Malware mbamgui.exe

Microsoft Security Essentials msseces.exe

Microsoft Security Client Antimalware MsMpEng.exe

Microsoft Security Client Antimalware NisSrv.exe

``````````End of Log````````````

lance_yien · le 27 novembre 2011

Un vrai champ de mines!

Vérifier si ces programmes apparaissent dans Ajout/suppression de programmes: "basicscan" et "brightbreezesa".

Si oui, les désinstaller.

Supprimer leurs dossiers si toujours présents:

c:\program files (x86)\brightbreeze

c:\program files (x86)\basicscan

Un changement quelconques? des symptômes à vérifier?

Acrobate · le 27 novembre 2011

wow clair ai vu ça mais c'est fait le basicscan était dans le et fonctionnalité et l'autre non j'ai désinstallé le pc a redémarré .

Des changements, Hum pour le moment tout va bien, j'avais des micro coupure quand j'écrivais en fait même sans écrirela fénêtre mozilla passait qq seconde, enfin c'était furtif, active et se désactivait et qd je me retrouvais avec des mots à moitié ou carrément il me fallait recliquer dans la fenêtre pour continuer d'écrire, là sur ce message appraremment pas de phénomène qui se crée .....

A si ça le refait !!!!!! la fenêtre passe tranparente comme qd admettons je suis en fenêtre restreinte et clique sur le bureau et durant ce temps je perds le contrôle et ça revient ???????

Merci Lance pour ta rapidité et ton aide c'est dingue je mets un pass sur ma machine now !!!!!!!

mdrrrrrrr champs de mine ouille et moi qui pensais solliciter ton aide pour le pc de Madame oupssss mais bon elle ne voudra pas poster elle même pc elle ne s'en sert que pour créer des vidéo pour youtube et là chez elle c'est 43 feu folets qui ont accès et son pc de ce que j'ai vu infecté gravement plus que moi je pense ^^ pas malin tu me dira mais nous allons mettre des mots de passe, fini tout ça !!

Modifié le 27 novembre 2011 par Acrobate

lance_yien · le 27 novembre 2011

Alors, on continue la recherche!

Imprimer ces instructions ou les enregistrer dans un fichier texte sur le Bureau pour les consulter facilement à tout moment.

>>> Analyse en ligne: Brancher/ allumer tous les médias amovibles disponibles (DD externe, clés USB etc) susceptibles d'avoir été infecté et désactiver antivirus/ pare-feu et antispyware.

Utiliser Internet Explorer pour aller ici, cliquer sur le bouton "Lancer ESET Online Scanner", cocher la case "Oui, j'accepte les conditions d'utilisation." et cliquer sur Start.

Accepter l'installation de l'ActiveX et cocher "Analyser les archives", DEcocher "Supprimer les menaces détectées" et cliquer Démarrer.

Eset téléchargera la base de données et commencera le scan. NE PAS utiliser la machine tant que l'analyse n'est pas finie (peut durer très longtemps).

Quand c'est fini, un rapport "log.txt" sera sauvegardé automatiquement.

Pour ouvrir ce rapport, cliquer sur "Démarrer" => "Exécuter" et saisir (ou copier/coller):

%programfiles(x86)%\ESET\ESET Online Scanner\log.txt

Cliquer sur OK et copier/coller le contenu de la fenêtre qui s'ouvre dans la prochaine réponse. Fermer ESET et enchaîner avec,

>>> Analyse OTL: Télécharger, sur le BureauOTL (par OldTimer) depuis ici ou ici.

Fermer toutes les applications et fenêtres ouvertes.

Double-cliquer/Cliquer-droit sur OTL.exe => "Exécuter en tant qu'administrateur" et copier/ coller ces lignes (commençant par netsvcs) dans l'espace sous "Personnalisation":

netsvcs
drivers32

%SYSTEMDRIVE%\*.* /90

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /90

%systemroot%\Tasks\*.job

%systemroot%\system32\drivers\*.sys /90

CREATERESTOREPOINT

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs

SAVEMBR:0

Sans rien changer, cliquer sur le bouton bleu Analyse et laisser faire.

A la fin du scan, 2 rapports seront créés: "OTL.txt" (qui s'ouvre dans le bloc-note) et "Extras.txt" (qui sera minimisé dans la Barre des tâches).

Ne pas les poster directement ici car souvent trop lourd pour les limites du forum.

Aller sur le site : cjoint.com

Cliquer sur Parcourir, chercher le fichier "OTL.txt" et cliquer dessus. Cliquer sur Créer le lien CJoint.

Dans la page suivante --> , une adresse (http//...) sera créée. Ouvre le Bloc-note et copier /coller cette adresse dedans.

Faire de même pour le fichier "Extras.txt".

Copier/ Coller les 2 adresses dans la prochaine réponse.

Modifié le 27 novembre 2011 par lance_yien

Acrobate · le 28 novembre 2011

Bonjour Lance,

Oh oui cela a duré longtemps le scan en ligne et j'ai branché en plus un Hdd de 1To plus une lé usb de 32 Go mais idem des cochonneries dedans il en a trouvé pas mal mais l'opération éxécuter et %programfiles(x86)%\ESET\ESET Online Scanner\log.txt ne fonctionne pas je ne trouve pas le rapport ??

Une fenêtre dit que Windows ne trouve pas le chemin .. jusqu'au .txt j'ai fouillé ne le vois pas !

Autre chose de bizarre, lorsque je regarde une vidéo sur WMP en plein écran au bout de 20 seconde à peine il quitte de lui même le plein écran ?

Toutefois j'ai passé OLT, voici les rapports.

OLT.Txt

Lien CJoint.com AKCg7sJXI9W

Extra.Txt

Lien CJoint.com AKChaC00Fbb

Bon début de semaine à toi et merci pour ton aide on tpas mal de cochonneries dommage que je ne trouve pas le rapport créé, ça ne fonctionne pas (ESET) !!

HH

Modifié le 28 novembre 2011 par Acrobate

Connexion

Pas encore inscrit ?

[Résolu] Demande d'analyse HijackThis ainsi que de conseils

Messages recommandés

Acrobate

Acrobate

lance_yien

Acrobate

lance_yien

Acrobate

lance_yien

Acrobate

lance_yien

Acrobate

Rejoindre la conversation

En ligne récemment 0 membre est en ligne

Zebulon

Outils en ligne

Naviguer