Virus ou pas ?

[aie]

Bonjour à tous,

Après avoir lancé un scan au démarrage, avast a trouvé 3 menaces (WMA:Wimad[Drp], Java:Jade-C[Heur] et Ricsi-831)

j'ai supprimé les objets infectés mais je voudrais être certain de m'être débarrassé de tout! J'ai lancé ZhpDiag tout à l'heure.

Pourriez vous analyser le rapport suivant car je n'y connais rien et me donner la marche à suivre?

merci d'avance!

cordialement

 

 

 

 

 

 

Rapport de ZHPDiag v1.28.2155 par Nicolas Coolman, Update du 28/10/2011

Run by Gro ian at 29/10/2011 13:31:09

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox v3.6.23 (fr) (Defaut)

GCIE: Google Chrome v15.0.874.106

 

---\\ Windows Product Information

Windows Vista Home Premium Edition, 32-bit Service Pack 2 (Build 6002)

Windows Server License Manager Script : OK

Windows Automatic Updates : OK

 

---\\ System Information

~ Processor: x86 Family 6 Model 15 Stepping 11, GenuineIntel

~ Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 3070 MB (61% free)

System Restore: Activé (Enable)

System drive C: has 96 GB (33%) free of 287 GB

 

---\\ Logged in mode

~ Computer Name: GROTROLL

~ User Name: Gro ian

~ All Users Names: Gro ian, ASPNET, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Gro ian\AppData\Roaming\

~ %Desktop% : C:\Users\Gro ian\Desktop\

~ %Favorites% : C:\Users\Gro ian\Favorites\

~ %LocalAppData% : C:\Users\Gro ian\AppData\Local\

~ %StartMenu% : C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 96 Go of 287 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 1 Go of 11 Go)

E:\ CD-ROM drive (Not Inserted)

F:\ Hard drive, Flash drive, Thumb drive (Free 15 Go of 75 Go)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ CD-ROM drive (Not Inserted)

K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

M:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.D07D4C3038F3578FFCE1C0237F2A1253] - (.Microsoft Corporation - Explorateur Windows.) (.21/10/2011 - 07:27:36.) -- C:\Windows\Explorer.exe [2926592]

[MD5.4B555106290BD117334E9A08761C035A] - (....) (.02/11/2006 - 10:45:37.) -- C:\Windows\system32\rundll32.exe [44544]

[MD5.101BA3EA053480BB5D957EF37C06B5ED] - (.Microsoft Corporation - Application de démarrage de Windows.) (.21/01/2008 - 03:23:42.) -- C:\Windows\system32\Wininit.exe [96768]

[MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.23/10/2011 - 14:48:37.) -- C:\Windows\system32\wininet.dll [1126912]

[MD5.898E7C06A350D4A1A64A9EA264D55452] - (.Microsoft Corporation - Application d'ouverture de session Windows.) (.21/10/2011 - 07:28:13.) -- C:\Windows\system32\Winlogon.exe [314368]

[MD5.95F5FF73B076576C41740F1A842B9B57] - (....) (.25/05/2008 - 21:22:10.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.3911B972B55FEA0478476B2E777B29FA] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.09/10/2011 - 14:58:27.) -- C:\Windows\system32\drivers\AFD.sys [273408]

[MD5.2D9C903DC76A66813D350A562DE40ED9] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.21/01/2008 - 03:23:00.) -- C:\Windows\system32\drivers\atapi.sys [21560]

[MD5.7ADD03E75BEB9E6DD102C3081D29840A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.21/01/2008 - 03:23:51.) -- C:\Windows\system32\drivers\Cdfs.sys [70144]

[MD5.6B4BFFB9BECD728097024276430DB314] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.21/10/2011 - 05:39:17.) -- C:\Windows\system32\drivers\Cdrom.sys [67072]

[MD5.622C41A07CA7E6DD91770F50D532CB6C] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.09/10/2011 - 15:59:03.) -- C:\Windows\system32\drivers\DfsC.sys [75264]

[MD5.062452B7FFD68C8C042A6261FE8DFF4A] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.21/10/2011 - 05:42:42.) -- C:\Windows\system32\drivers\HDAudBus.sys [561152]

[MD5.22D56C8184586B7A1F6FA60BE5F5A2BD] - (.Microsoft Corporation - Pilote de port i8042.) (.21/01/2008 - 03:23:20.) -- C:\Windows\system32\drivers\i8042prt.sys [54784]

[MD5.8793643A67B42CEC66490B2A0CF92D68] - (.Microsoft Corporation - IP Network Address Translator.) (.21/01/2008 - 03:24:25.) -- C:\Windows\system32\drivers\IpNat.sys [100864]

[MD5.1E94971C4B446AB2290DEB71D01CF0C2] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.09/10/2011 - 14:24:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [106496]

[MD5.ECD64230A59CBD93C85F1CD1CAB9F3F6] - (.Microsoft Corporation - MBT Transport driver.) (.21/10/2011 - 05:45:37.) -- C:\Windows\system32\drivers\netBT.sys [185856]

[MD5.6A4A98CEE84CF9E99564510DDA4BAA47] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.21/10/2011 - 07:32:49.) -- C:\Windows\system32\drivers\ntfs.sys [1083880]

[MD5.0FA9B5055484649D63C303FE404E5F4D] - (.Microsoft Corporation - Pilote de port parallèle.) (.02/11/2006 - 09:51:30.) -- C:\Windows\system32\drivers\Parport.sys [79360]

[MD5.A214ADBAF4CB47DD2728859EF31F26B0] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.21/01/2008 - 03:24:55.) -- C:\Windows\system32\drivers\Rasl2tp.sys [76288]

[MD5.FBC0BACD9C3D7F6956853F64A66E252D] - (.Microsoft Corporation - Microsoft RDP Device redirector.) (.21/01/2008 - 03:23:01.) -- C:\Windows\system32\drivers\rdpdr.sys [248832]

[MD5.7B75299A4D201D6A6533603D6914AB04] - (.Microsoft Corporation - SMB Transport driver.) (.21/10/2011 - 05:45:22.) -- C:\Windows\system32\drivers\smb.sys [66560]

[MD5.76B06EB8A01FC8624D699E7045303E54] - (.Microsoft Corporation - TDI Translation Driver.) (.21/10/2011 - 05:45:56.) -- C:\Windows\system32\drivers\tdx.sys [72192]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 1/23

~ Mes musiques (My Musics) : 1/4

~ Mes Videos (My Videos) : 1/4

~ Mes Favoris (My Favorites) : 2/23

~ Mes Documents (My Documents) : 1/176

~ Mon Bureau (My Desktop) : 9/959

~ Menu demarrer (Programs) : 7/29

~ Scan Hidden Files in 00mn 00s

 

 

 

---\\ Processus lancés

[MD5.0D392EDE3B97E0B3131B2F63EF1DB94E] - (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe [1008184] [PID.2192]

[MD5.D93985F5D87DF1A119E939EADB5C4B9E] - (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe [6266880] [PID.2216]

[MD5.9A4322EE420D6FACD4D4B1FF6CB856B1] - (.Hewlett-Packard Company - hpsysdrv.) -- C:\hp\support\hpsysdrv.exe [65536] [PID.2236]

[MD5.4B555106290BD117334E9A08761C035A] - (...) -- C:\Windows\System32\rundll32.exe [44544] [PID.]

[MD5.D2084C2112CBA266E08ED2A601E3C020] - (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe [132624] [PID.2684]

[MD5.731F68141C806BD2359FD878CD05C929] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [182808] [PID.2708]

[MD5.BD18FB44B14911F41CA8695928C9D9A8] - (.CyberLink Corp. - HP DVDSmart Resident Program.) -- C:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe [1148200] [PID.2792]

[MD5.E2B4488830B9F047930BB5FE0E4FD71B] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe [3722416] [PID.2808]

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe [254696] [PID.2840]

[MD5.2AA60514B683F15CF484C4A9F21C3425] - (.RealNetworks, Inc. - RealNetworks Scheduler.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe [273528] [PID.2940]

[MD5.BF08674925F151BD4537B89A493E3E0C] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehtray.exe [125952] [PID.2960]

[MD5.0F4195B9B348DE5CF9B822F81704B20E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\Windows\ehome\ehmsas.exe [37376] [PID.3012]

[MD5.36D773CBEA37AB24966963A9B4891227] - (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe [490952] [PID.3048]

[MD5.335FB5B236227217E54269FA85A1B27D] - (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe [679936] [PID.3096]

[MD5.009811BD21D0BD7BA5C7765565505764] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1644088] [PID.3108]

[MD5.480B8218CAC947DB5F32D126FAE2BACD] - (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe [3318784] [PID.3228]

[MD5.45D1648724123669962DBA211D2C64AA] - (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe [5308416] [PID.3268]

[MD5.D9335549EAE48B14FB66EFCB6FFAE736] - (.Hewlett-Packard Co. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [214360] [PID.3296]

[MD5.FE4F7AADAB104194D899E5B8B8B51CF0] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.exe [2363392] [PID.3352]

[MD5.A1E80D64FCD01CD6AD83CCC46051366F] - (.OpenOffice.org - OpenOffice.org 2.4.) -- C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN [2580480] [PID.3600]

[MD5.6080A176D09435FC8E6E800996656E18] - (.Microsoft Corporation - Console IME.) -- C:\Windows\system32\conime.exe [69120] [PID.4196]

[MD5.B70278D1459A677639D51892160FD365] - (.Hewlett-Packard Co. - HP CUE Status Root.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [184320] [PID.4384]

[MD5.7E04B1ADE140F483A6581461568D8D9C] - (.Hewlett-Packard Co. - HP CUE Alert Popup Window Objects.) -- C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe [610304] [PID.4420]

[MD5.883008A9B5BFF94A153D99DBA54CB5C1] - (.Hewlett-Packard - GPCore COM object.) -- C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe [362496] [PID.4456]

[MD5.7CAC10A1C258DFCB5ADE563BAE6D2F15] - (.Hewlett-Packard Company - KBD EXE.) -- C:\hp\kbd\kbd.exe [67128] [PID.4472]

[MD5.B6FDDDAB3A8C94CC5B47B6F6C596F9FC] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [912344] [PID.5228]

[MD5.4E8A14EB0F88199F8B8D5D55B3A17B5E] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [16856] [PID.3712]

[MD5.9F323EEAFAD860204EAA0630E0A3D7F9] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [696320] [PID.5316]

[MD5.E0A2DC5D912DD50F9190A6B38110A513] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) -- C:\Windows\system32\nvvsvc.exe [118784] [PID.]

[MD5.F81CAC1FFAC56A997E0EA750BDB30B03] - (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) -- C:\Windows\system32\Ati2evxx.exe [655360] [PID.]

[MD5.862BB4CBC05D80C5B45BE430E5EF872F] - (.Microsoft Corporation - Service de gestion des licences Microsoft.) -- C:\Windows\system32\SLsvc.exe [3408896] [PID.]

[MD5.C76769F246250EDAD34A5581419E9D60] - (.AVAST Software - avast! Service.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe [44768] [PID.]

[MD5.1117AF8C53AA278A4C5B7EF1B00E08F4] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [354840] [PID.]

[MD5.DFEFF67508D3A9AEB1A85D7B0F513B24] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.642180B8F50E7FC1FBAF87C718E259D6] - (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) -- F:\Program Files\Spyware Terminator\sp_rsser.exe [496128] [PID.]

[MD5.C7FBDD1ED42F82BFA35167A5C9803EA3] - (.Microsoft Corporation - PresentationFontCache.exe.) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [43904] [PID.]

[MD5.CB383AB0B8BA871D893B86D3C9A3ED9F] - (.Hewlett-Packard - HP Health Check Service.) -- c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [94208] [PID.]

~ Scan Processes Running in 00mn 01s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Gro ian\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G2 - GCE: Preference [user Data\Default] [icmlaeflemplmjndnaapfdbbnpncnbda] avast! WebRep v.6.0.1289 (Activé)

G2 - GCE: Preference [user Data\Default] [jfmjfhklogoienhpfnppmbcbjfjnkonk] RealPlayer HTML5Video Downloader Extension v.1.5 (Activé)

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\prefs.js

C:\Users\Gro ian\AppData\Roaming\Mozilla\Firefox\Profiles\5lqhjf02.default\user.js

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Gro ian] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

M1 - SPR:Search Page Redirection - C:\Program Files\Mozilla FireFox\extensions\support@daemon-tools.cc

M0 - MFSP: prefs.js [Gro ian - 5lqhjf02.default] Réseau Voltaire

M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\illimitux@illimitux.net] [illimitux] Illimitux v4.0 (.http://www.illimitux.net/.)

M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{20a82645-c095-46ed-80e3-08825760534b}] [MicrosoftCG] Microsoft .NET Framework Assistant v1.2.1 (.Microsoft.)

M2 - MFEP: prefs.js [Gro ian - 5lqhjf02.default\{635abd67-4fe9-1b23-4f01-e679fa7484c1}] [yahoo.ytff] Yahoo! Toolbar v2.1.1.20091029021655 (.Yahoo!.)

P2 - FPN:Firefox Plugin Navigator . (.Macromedia, Inc. - Macromedia Shockwave for Director Netscape plug-in, version 8.5.) -- C:\Program Files\Mozilla Firefox\Plugins\np32dsw.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- C:\Program Files\Mozilla Firefox\Plugins\nppl3260.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- C:\Program Files\Mozilla Firefox\Plugins\nprjplug.dll

P2 - FPN:Firefox Plugin Navigator . (.RealNetworks, Inc. - 12.0.1.669.) -- C:\Program Files\Mozilla Firefox\Plugins\nprpjplug.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_29 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@real.com/nppl3260;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer LiveConnect-Enabled Plug-In.) -- c:\program files\real\realplayer\Netscape6\nppl3260.dll

P2 - FPN: [HKLM] [@real.com/nprjplug;version=12.0.1.669] - (.RealNetworks, Inc. - RealJukebox Netscape Plugin.) -- c:\program files\real\realplayer\Netscape6\nprjplug.dll

P2 - FPN: [HKLM] [@real.com/nprpchromebrowserrecordext;version=12.0.1.669] - (.RealNetworks, Inc. - RealNetworks RealPlayer Chrome Background Extension Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserre

P2 - FPN: [HKLM] [@real.com/nprphtml5videoshim;version=12.0.1.669] - (.RealNetworks, Inc. - RealPlayer HTML5VideoShim Plug-In.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll

P2 - FPN: [HKLM] [@real.com/nprpjplug;version=12.0.1.669] - (.RealNetworks, Inc. - 12.0.1.669.) -- c:\program files\real\realplayer\Netscape6\nprpjplug.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=0.9.2] - (.the VideoLAN Team - Version 0.9.2, copyright 1996-2008 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.4.5".) -- C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP Jumpstation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP Jumpstation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\system32\ieframe.dll

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} . (.RealPlayer - RealPlayer Download and Record Plugin.) -- C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet E.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} . (.Pas de propriétaire - ToolBand Module.) -- C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} . (.AVAST Software - avast! WebRep Plugin.) -- C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [Windows Defender] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Windows\RtHDVCpl.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard Company - hpsysdrv.) -- c:\hp\support\hpsysdrv.exe

O4 - HKLM\..\Run: [KBD] . (...) -- C:\HP\KBD\KbdStub.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\Windows\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\Windows\system32\NvMcTray.dll

O4 - HKLM\..\Run: [sMSTray] . (.SAMSUNG ELECTRONICS - SMSTray.exe.) -- C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe

O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [hpqSRMon] Clé orpheline

O4 - HKLM\..\Run: [DVDAgent] . (.CyberLink Corp. - HP DVDSmart Resident Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\DVDAgent.exe

O4 - HKLM\..\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\AVAST Software\Avast\avastUI.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe

O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Run: [TkBellExe] . (.RealNetworks, Inc. - RealNetworks Scheduler.) -- c:\program files\real\realplayer\Update\realsched.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe

O4 - HKCU\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe

O4 - HKCU\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

O4 - HKCU\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe

O4 - HKCU\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKCU\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] oobefldr.dll

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [sidebar] . (.Microsoft Corporation - Volet Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [ehTray.exe] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files\DAEMON Tools Lite\daemon.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [Windows] . (.Pas de propriétaire - sharetest.) -- C:\Users\Public\Public Documents\Windows Movie Player\player.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [HPADVISOR] . (.Hewlett-Packard - HP Advisor.) -- C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [steam] . (.Valve Corporation - Steam.) -- C:\Program Files\Steam\Steam.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [spywareTerminatorUpdate] . (.Crawler.com - Spyware Terminator Update Support.) -- F:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKUS\S-1-5-21-2514959625-1822713593-4122749096-1000\..\Run: [eMuleAutoStart] . (.http://www.emule-project.net - eMule.) -- C:\Program Files\eMule\emule.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite Deluxe.lnk . (.CyberLink.) -- C:\Program Files\CyberLink\DVD Suite Deluxe\PowerStarter.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Mail\WinMail.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\foobar2000.lnk . (...) -- C:\Program Files\foobar2000\foobar2000.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung PC Studio 3.lnk . (...) -- C:\Program Files\Samsung\Samsung PC Studio 3\Launcher.exe

O4 - Global Startup: C:\Users\Gro ian\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk . (.Microsoft Corporation.) -- C:\Program Files\Windows Media Player\wmplayer.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: Afficher ou masquer l'HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} . (.Hewlett-Packard Co. - HP Smart Web Printing add-on for Internet Explorer.) -- C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

~ Scan Objets ActiveX in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{39B65FEB-9836-41DC-9E6B-77ED0EB01F21}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} . (.Skype Technologies - Skype for COM API.) -- C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\system32\mshtml.dll

O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\system32\mscoree.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

~ Scan STS/SSO in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service (HP Health Check Service) . (.Hewlett-Packard - HP Health Check Service.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 175.1.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) . (.Crawler.com - Spyware Terminator Realtime Shield 32-bit S.) - F:\Program Files\Spyware Terminator\sp_rsser.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeLogonTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.874B6089DB177C2C9F2029CB5199373F] [APT] [RealUpgradeScheduledTaskS-1-5-21-2514959625-1822713593-4122749096-1000] (.RealNetworks, Inc..) -- C:\Program Files\Real\RealUpgrade\RealUpgrade.exe

[MD5.53752C90C56CA5B260827E47762BA3B8] [APT] [RecoveryCD] (...) -- C:\Program Files\Hewlett-Packard\SDP\RemEngine.exe

[MD5.EA20D863A09D2C39A4E35D6D761236FE] [APT] [{0C6688EF-D347-411E-8D8B-EA3EBB2C56B0}] (.Skype Technologies S.A..) -- C:\Program Files\Skype\Phone\Skype.exe

[MD5.00000000000000000000000000000000] [APT] [{19B45A6F-2A6C-47B1-B674-4D404388DBCA}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr(2).exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{40FEDDC2-70EB-44A6-A327-EF09E2BBFDEF}] (...) -- c:\Users\Gro ian\Downloads\avira_antivirus_personal_fr.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{E5692892-047B-4551-9E86-6C189EBB8568}] (...) -- c:\Users\Gro ian\Downloads\avira_antivir_personal_fr.exe (.not file.)

[MD5.61D3771702DE72053FEE2A98F213A030] [APT] [scheduled Maintenance] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe

[MD5.EFB0FCD1CD300E5708E73230D91D6532] [APT] [scheduled Maintenance Swap] (.PC-Doctor, Inc..) -- C:\Program Files\PC-Doctor 5 for Windows\task_swap.exe

~ Scan Scheduled Task in 00mn 03s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\Windows\system32\DRIVERS\i8042prt.sys

O41 - Driver: (kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\Windows\system32\DRIVERS\kbdclass.sys

O41 - Driver: (mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\Windows\system32\DRIVERS\mouclass.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: (netbt) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (PSched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\Windows\system32\DRIVERS\rasacd.sys

O41 - Driver: (rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: (RDPENCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Smb) . (.Microsoft Corporation - SMB Transport driver.) - C:\Windows\system32\DRIVERS\smb.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\Windows\system32\DRIVERS\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM] -- {A80FA752-C491-4ED9-ABF0-4278563160B2}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: ArmyCalc's Eye version 1.0 beta - (.Pas de propriétaire.) [HKLM] -- ArmyCalc's Eye_is1

O42 - Logiciel: BioShock 2 - (.2K Games.) [HKLM] -- {4A8B461A-9336-4CF9-98F4-14DD38E673F0}

O42 - Logiciel: C-Dilla Licence Management System - (.Pas de propriétaire.) [HKLM] -- LMS

O42 - Logiciel: ContentSAFER for Wizmax - (.Pas de propriétaire.) [HKLM] -- {C19BE821-89B1-4A96-AC7C-873810C0CB5F}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: DAEMON Tools Toolbar - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Toolbar

O42 - Logiciel: DivxToDVD 0.5.2 - (.VSO-Software SARL.) [HKLM] -- VSO DivxToDVD_is1

O42 - Logiciel: Editeur Handling GTA-SA v2.0 - (.Pas de propriétaire.) [HKLM] -- Editeur Handling GTA-SA v2.0

O42 - Logiciel: FEARCombat - (.Vivendi Universal Games, Inc..) [HKLM] -- {75E607CF-7BAE-4B88-84B3-97F3DF44BA28}

O42 - Logiciel: Freeplayer - (.Free.) [HKLM] -- Freeplayer

O42 - Logiciel: GIMP 2.6.7 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: GTASA-Ultimate Editor - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1

O42 - Logiciel: Ghostbusters : The Video Game - (.Atari.) [HKLM] -- InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Grand Theft Auto IV - (.Rockstar Games.) [HKLM] -- {579BA58C-F33D-4970-9953-B94B43768AC3}

O42 - Logiciel: HP Active Support Library - (.Hewlett-Packard.) [HKLM] -- {E0810CC2-4B5B-4439-B1D0-452306AF2D64}

O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {73A43E42-3658-4DD9-8551-FACDA3632538}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}

O42 - Logiciel: HP Customer Feedback - (.Hewlett-Packard.) [HKLM] -- {9DBA770F-BF73-4D39-B1DF-6035D95268FC}

O42 - Logiciel: HP Customer Participation Program 10.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Easy Setup - Frontend - (.Hewlett-Packard.) [HKLM] -- {E1476612-02D6-42A3-BDC1-E292B4115738}

O42 - Logiciel: HP Imaging Device Functions 10.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP Photosmart C4400 All-In-One Driver Software 10.0 Rel .3 - (.HP.) [HKLM] -- {FF1F4E8E-A833-4c4b-A14A-45D5B841B5D8}

O42 - Logiciel: HP Photosmart Essential 2.5 - (.HP.) [HKLM] -- HP Photosmart Essential

O42 - Logiciel: HP Picasso Media Center Add-In - (.HP.) [HKLM] -- {55979C41-7D6A-49CC-B591-64AC1BBE2C8B}

O42 - Logiciel: HP Smart Web Printing 4.60 - (.HP.) [HKLM] -- HP Smart Web Printing

O42 - Logiciel: HP Solution Center 13.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}

O42 - Logiciel: Hewlett-Packard Active Check for Health Check - (.Hewlett-Packard.) [HKLM] -- {254C37AA-6B72-4300-84F6-98A82419187E}

O42 - Logiciel: Hewlett-Packard Asset Agent for Health Check - (.HP.) [HKLM] -- {669D4A35-146B-4314-89F1-1AC3D7B88367}

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216013FF}

O42 - Logiciel: Java 6 Update 4 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160040}

O42 - Logiciel: Java 6 Update 7 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160070}

O42 - Logiciel: Java SE Runtime Environment 6 Update 1 - (.Sun Microsystems, Inc..) [HKLM] -- {3248F0A8-6813-11D6-A77B-00B0D0160010}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {7F10292C-A190-4176-A665-A1ED3478DF86}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2572067) - (.Pas de propriétaire.) [HKLM] -- M2572067

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM] -- {3E31821C-7917-367E-938E-E65FC413EA31}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}

O42 - Logiciel: Microsoft Combat Flight Simulator - (.Pas de propriétaire.) [HKLM] -- Combat Flight Simulator 1.00

O42 - Logiciel: Microsoft Games for Windows - LIVE - (.Microsoft Corporation.) [HKLM] -- {2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 Language Pack SP1 - fra

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.23) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.23)

O42 - Logiciel: My HP Games - (.WildTangent.) [HKLM] -- WildTangent hp Master Uninstall

O42 - Logiciel: NVIDIA Drivers - (.Pas de propriétaire.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: OCR Software by I.R.I.S. 10.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OpenAL - (.Pas de propriétaire.) [HKLM] -- OpenAL

O42 - Logiciel: OpenOffice.org 2.4 - (.OpenOffice.org.) [HKLM] -- {A122962F-331A-4C2E-93DB-AD92D8A4FB14}

O42 - Logiciel: OpenOffice.org 2.4 Language Pack (Français) - (.OpenOffice.org.) [HKLM] -- {D2BE6521-F81C-4EC6-8887-A8BBC0B0786B}

O42 - Logiciel: Outils de diagnostic du matériel - (.PC-Doctor, Inc..) [HKLM] -- PC-Doctor 5 for Windows

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Python 2.5 - (.Martin v. Löwis.) [HKLM] -- {0A2C5854-557E-48C8-835A-3B9F074BDCAA}

O42 - Logiciel: QuarkXPress - (.Quark Inc..) [HKLM] -- {706EA4A8-97B5-4C29-A0F3-0B38C666F0C4}

O42 - Logiciel: RarZilla Free Unrar 2.52 - (.Philipp Winterberg.) [HKLM] -- RarZilla Free Unrar 2.52

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2005 Runtime - (.RealNetworks.) [HKLM] -- {026C3D27-9BE1-46BE-BEAE-6DE38A0F4FBE}

O42 - Logiciel: RealNetworks - Microsoft Visual C++ 2008 Runtime - (.RealNetworks, Inc.) [HKLM] -- {7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}

O42 - Logiciel: RealPlayer - (.RealNetworks.) [HKLM] -- RealPlayer 12.0

O42 - Logiciel: RealUpgrade 1.1 - (.RealNetworks, Inc..) [HKLM] -- {28C2DED6-325B-4CC7-983A-1777C8F7FBAB}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: SAMSUNG Mobile Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile Modem

O42 - Logiciel: SAMSUNG Mobile USB Modem 1.0 Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem 1.0

O42 - Logiciel: SAMSUNG Mobile USB Modem Software - (.Pas de propriétaire.) [HKLM] -- SAMSUNG Mobile USB Modem

O42 - Logiciel: SFV Checker - (.Pas de propriétaire.) [HKLM] -- {C9736F27-3CFC-4AF9-B2A7-5B1A54B1A84F}

O42 - Logiciel: Samsung Media Studio 5 - (.Samsung.) [HKLM] -- {C20CE592-B0F8-4D20-BF31-0151CA6331A6}

O42 - Logiciel: Samsung Mobile phone USB driver Software - (.Pas de propriétaire.) [HKLM] -- Samsung Mobile phone USB driver

O42 - Logiciel: Samsung PC Studio 3 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {C4A4722E-79F9-417C-BD72-8D359A090C97}

O42 - Logiciel: Samsung PC Studio 3 USB Driver Installer - (.Samsung Electronics Co., Ltd..) [HKLM] -- {EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}

O42 - Logiciel: San Andreas Mod Installer - (.cpmusick.) [HKLM] -- San Andreas Mod Installer1.1

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870

O42 - Logiciel: Shockwave - (.Pas de propriétaire.) [HKLM] -- Shockwave

O42 - Logiciel: Shop for HP Supplies - (.HP.) [HKLM] -- Shop for HP Supplies

O42 - Logiciel: SimpleOCR 3.1 - (.Pas de propriétaire.) [HKLM] -- SimpleOCR 3.1

O42 - Logiciel: Skype web features - (.Skype Technologies S.A..) [HKLM] -- {541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}

O42 - Logiciel: Skype™ 4.1 - (.Skype Technologies S.A..) [HKLM] -- {D103C4BA-F905-437A-8049-DB24763BBE36}

O42 - Logiciel: Solution de clavier multimédia amélioré - (.Hewlett-Packard.) [HKLM] -- KBD

O42 - Logiciel: Steam - (.Valve.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: The Forge - (.Pas de propriétaire.) [HKLM] -- The Forge

O42 - Logiciel: The KMPlayer (remove only) - (.Pas de propriétaire.) [HKLM] -- The KMPlayer

O42 - Logiciel: Universalis 9 - (.Pas de propriétaire.) [HKLM] -- {88872E86-59A5-4213-A609-FDCFA4D9BEA6}

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523

O42 - Logiciel: Utilitaires Sierra - (.Pas de propriétaire.) [HKLM] -- Utilitaires Sierra

O42 - Logiciel: VLC media player 0.9.2 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: VSO CopyToDVD 4 - (.VSO Software.) [HKLM] -- {870F1750-BA89-11DA-A94D-0800200C9A66}_is1

O42 - Logiciel: Warhammer® Mark of Chaos - (.NAMCO BANDAI Games.) [HKLM] -- {5F374D5D-DB43-4263-9C29-BAB2C93FEFE6}

O42 - Logiciel: WinRAR archiver - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: avast! Free Antivirus - (.AVAST Software.) [HKLM] -- avast

O42 - Logiciel: bfgscreen Screen Saver - (.Pas de propriétaire.) [HKLM] -- bfgscreen

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: foobar2000 v1.0.3 - (.Peter Pawlowski.) [HKLM] -- foobar2000

O42 - Logiciel: muvee autoProducer 6.1 - (.muvee Technologies.) [HKLM] -- {FDDB69BB-2F9A-4830-A579-ABBB7C5AF9A8}

O42 - Logiciel: ratDVD 0.78.1444 - (.ratDVD.) [HKLM] -- ratDVD

O42 - Logiciel: sp44626 - (.Hewlett-Packard.) [HKLM] -- sp44626

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ALWIL Software]

[HKCU\Software\AOL]

[HKCU\Software\ATI]

[HKCU\Software\AVAST Software]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\MarkAny]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Binary Noise]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\CyberLink]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\Encyclopaedia-Universalis]

[HKCU\Software\Freeplayer]

[HKCU\Software\GTAGarage]

[HKCU\Software\Gabest]

[HKCU\Software\GameSpy]

[HKCU\Software\Google]

[HKCU\Software\HP Guide]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\KMPlayer]

[HKCU\Software\Leadertech]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Muvee)]

[HKCU\Software\MainConcept]

[HKCU\Software\Micromega Software System]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NOS]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\NamcoBandai]

[HKCU\Software\Netscape]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Philipp Winterberg]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Quark]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\SFX TEAM]

[HKCU\Software\Samsung Media Studio]

[HKCU\Software\Samsung PC Studio]

[HKCU\Software\Samsung]

[HKCU\Software\SecuROM]

[HKCU\Software\Skype]

[HKCU\Software\SoftVTU]

[HKCU\Software\Softthinks]

[HKCU\Software\Spyware Terminator]

[HKCU\Software\THQ]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Valve]

[HKCU\Software\Vso]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Winamp]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\eMule]

[HKCU\Software\muvee Technologies]

[HKCU\Software\ratDVD]

[HKCU\Software\yahooinstall]

[HKLM\Software\2K Games]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\AVAST Software]

[HKLM\Software\Adobe]

[HKLM\Software\America Online]

[HKLM\Software\AppForge]

[HKLM\Software\Atari]

[HKLM\Software\Bohemia Interactive Studio]

[HKLM\Software\C-Dilla]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CDDB]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DIOC]

[HKLM\Software\DT Soft]

[HKLM\Software\Debug]

[HKLM\Software\EasyBits]

[HKLM\Software\Encyclopaedia-Universalis]

[HKLM\Software\Google]

[HKLM\Software\HP]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\LightScribe]

[HKLM\Software\MCCI]

[HKLM\Software\Macromedia]

[HKLM\Software\MarkAny]

[HKLM\Software\Matrix Games]

[HKLM\Software\Micromega Software System]

[HKLM\Software\Monolith Productions]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\MusicNet]

[HKLM\Software\NAMCO BANDAI Games]

[HKLM\Software\NOS]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NamcoBandai]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PC-Doctor]

[HKLM\Software\Philipp Winterberg]

[HKLM\Software\PocketSoft]

[HKLM\Software\Policies]

[HKLM\Software\Quark]

[HKLM\Software\RealNetworks]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Rockstar Games]

[HKLM\Software\SAMI]

[HKLM\Software\SEGA]

[HKLM\Software\SRS Labs]

[HKLM\Software\Samsung Electronics Co., Ltd.]

[HKLM\Software\Samsung]

[HKLM\Software\Sierra OnLine]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Spyware Terminator]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Symantec]

[HKLM\Software\THQ]

[HKLM\Software\Total War]

[HKLM\Software\Traction Software]

[HKLM\Software\VSO]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\VodeiMPAVI]

[HKLM\Software\Volatile]

[HKLM\Software\WOW6432Node]

[HKLM\Software\WildTangent]

[HKLM\Software\Wilson WindowWare]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Xing Technology Corp.]

[HKLM\Software\Yahoo]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 23/02/2010 - 01:34:10 - [9726800104] ----D- C:\Program Files\2K Games

O43 - CFD: 22/03/2010 - 01:17:16 - [36774748] ----D- C:\Program Files\ACE

O43 - CFD: 08/10/2011 - 12:44:24 - [162985646] ----D- C:\Program Files\Adobe

O43 - CFD: 19/09/2008 - 19:20:06 - [0] ----D- C:\Program Files\Alwil Software

O43 - CFD: 28/12/2009 - 22:05:02 - [11637630252] ----D- C:\Program Files\Atari

O43 - CFD: 08/10/2011 - 12:35:12 - [233894048] ----D- C:\Program Files\AVAST Software

O43 - CFD: 27/10/2011 - 11:27:44 - [430876514] ----D- C:\Program Files\Common Files

O43 - CFD: 25/05/2008 - 12:49:28 - [734177944] ----D- C:\Program Files\CyberLink

O43 - CFD: 09/10/2008 - 01:17:10 - [5224196] ----D- C:\Program Files\DAEMON Tools Lite

O43 - CFD: 09/10/2008 - 01:17:10 - [2776033] ----D- C:\Program Files\DAEMON Tools Toolbar

O43 - CFD: 25/05/2008 - 12:59:18 - [69636367] ----D- C:\Program Files\EasyBits For Kids

O43 - CFD: 14/03/2009 - 19:32:54 - [6716849] ----D- C:\Program Files\Editeur Handling GTA-SA

O43 - CFD: 21/09/2008 - 19:51:18 - [11210932] ----D- C:\Program Files\eMule

O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 01/05/2010 - 01:17:00 - [8543004] ----D- C:\Program Files\foobar2000

O43 - CFD: 24/09/2008 - 21:59:26 - [33283418] ----D- C:\Program Files\Freeplayer

O43 - CFD: 02/12/2009 - 06:05:28 - [87124142] ----D- C:\Program Files\GIMP-2.0

O43 - CFD: 04/06/2010 - 19:07:10 - [276709277] ----D- C:\Program Files\Google

O43 - CFD: 16/03/2009 - 10:47:36 - [248251] ----D- C:\Program Files\Gta Save

O43 - CFD: 27/08/2009 - 19:52:06 - [5039176] ----D- C:\Program Files\GTA4MODS.com

O43 - CFD: 16/03/2009 - 10:16:02 - [636167] ----D- C:\Program Files\GTASA-Ultimate Editor

O43 - CFD: 24/12/2009 - 23:58:48 - [142429656] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 22/10/2011 - 20:43:58 - [256300102] ----D- C:\Program Files\HP

O43 - CFD: 25/05/2008 - 12:58:54 - [493988158] ----D- C:\Program Files\HP Games

O43 - CFD: 03/05/2010 - 14:05:44 - [155893613] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 10/06/2009 - 16:41:32 - [50343759] ----D- C:\Program Files\Intel

O43 - CFD: 23/10/2011 - 16:37:22 - [5391567] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 21/10/2011 - 11:49:36 - [326569139] ----D- C:\Program Files\Java

O43 - CFD: 20/03/2009 - 17:04:32 - [1827624] ----D- C:\Program Files\MarkAny

O43 - CFD: 02/11/2006 - 14:37:36 - [93446071] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 22/02/2010 - 23:14:54 - [9281414] ----D- C:\Program Files\Microsoft Games for Windows - LIVE

O43 - CFD: 19/09/2008 - 18:54:44 - [28429690] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 19/09/2008 - 20:01:58 - [152968] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 21/10/2011 - 20:38:34 - [15715] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 21/10/2011 - 20:29:46 - [99342446] ----D- C:\Program Files\Movie Maker

O43 - CFD: 08/10/2011 - 19:10:36 - [82751554] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 02/11/2006 - 14:37:36 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 09/10/2011 - 19:09:58 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 25/05/2008 - 12:50:04 - [155052528] ----D- C:\Program Files\muvee Technologies

O43 - CFD: 03/05/2010 - 14:05:46 - [4545451502] ----D- C:\Program Files\NAMCO BANDAI Games

O43 - CFD: 31/07/2009 - 09:34:24 - [0] ----D- C:\Program Files\NOS

O43 - CFD: 24/10/2009 - 20:07:30 - [3052112] R---D- C:\Program Files\Online Services

O43 - CFD: 01/03/2009 - 21:42:44 - [782336] ----D- C:\Program Files\OpenAL

O43 - CFD: 19/09/2008 - 22:20:24 - [345051443] ----D- C:\Program Files\OpenOffice.org 2.4

O43 - CFD: 25/05/2008 - 13:07:08 - [87416588] ----D- C:\Program Files\PC-Doctor 5 for Windows

O43 - CFD: 01/12/2009 - 20:58:34 - [462446712] ----D- C:\Program Files\Quark

O43 - CFD: 21/09/2008 - 19:52:02 - [1765114] ----D- C:\Program Files\RarZilla Free Unrar

O43 - CFD: 11/11/2008 - 00:14:58 - [9004657] ----D- C:\Program Files\ratDVD

O43 - CFD: 25/10/2011 - 10:23:30 - [133820951] ----D- C:\Program Files\Real

O43 - CFD: 25/05/2008 - 12:40:48 - [62844252] ----D- C:\Program Files\Realtek

O43 - CFD: 02/11/2006 - 14:37:36 - [38694657] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 12/04/2010 - 00:46:56 - [0] ----D- C:\Program Files\Rockstar Games

O43 - CFD: 05/04/2010 - 17:28:12 - [214186562] ----D- C:\Program Files\Samsung

O43 - CFD: 16/03/2009 - 01:54:40 - [3461724] ----D- C:\Program Files\San Andreas Mod Installer

O43 - CFD: 12/06/2009 - 22:35:30 - [3775462563] ----D- C:\Program Files\Sierra

O43 - CFD: 17/10/2011 - 17:04:36 - [32] ----D- C:\Program Files\Sierra On-Line

O43 - CFD: 07/10/2008 - 18:31:26 - [25280966] ----D- C:\Program Files\SimpleOCR

O43 - CFD: 26/07/2009 - 21:25:42 - [35821657] R---D- C:\Program Files\Skype

O43 - CFD: 19/09/2008 - 19:34:06 - [1716] ----D- C:\Program Files\Sports Interactive

O43 - CFD: 29/10/2011 - 13:17:10 - [139480002] ----D- C:\Program Files\Steam

O43 - CFD: 28/09/2008 - 11:08:14 - [22640] ----D- C:\Program Files\SuperCopier2

O43 - CFD: 03/10/2008 - 17:23:02 - [46575431] ----D- C:\Program Files\The KMPlayer

O43 - CFD: 14/06/2009 - 14:31:12 - [13416496] ----D- C:\Program Files\THQ

O43 - CFD: 18/10/2008 - 17:06:48 - [1721850] ----D- C:\Program Files\Traction Software

O43 - CFD: 02/11/2006 - 15:01:56 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 22/02/2009 - 03:36:40 - [4419897009] ----D- C:\Program Files\Universalis 9

O43 - CFD: 19/09/2008 - 22:31:40 - [50104454] ----D- C:\Program Files\VideoLAN

O43 - CFD: 27/10/2011 - 14:19:56 - [126747722] ----D- C:\Program Files\vso

O43 - CFD: 21/10/2011 - 20:29:46 - [1016832] ----D- C:\Program Files\Windows Calendar

O43 - CFD: 21/10/2011 - 20:29:44 - [2737152] ----D- C:\Program Files\Windows Collaboration

O43 - CFD: 21/10/2011 - 20:29:44 - [4490624] ----D- C:\Program Files\Windows Defender

O43 - CFD: 21/10/2011 - 20:29:44 - [7084664] ----D- C:\Program Files\Windows Journal

O43 - CFD: 23/10/2011 - 11:05:32 - [9116344] ----D- C:\Program Files\Windows Mail

O43 - CFD: 21/10/2011 - 20:29:44 - [4498121] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 19/09/2008 - 18:48:42 - [7957544] ----D- C:\Program Files\Windows NT

O43 - CFD: 21/10/2011 - 20:29:44 - [13528738] ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD: 23/10/2011 - 11:05:34 - [134144] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 21/10/2011 - 20:29:46 - [6674851] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 22/02/2010 - 22:53:44 - [3726887] ----D- C:\Program Files\WinRAR

O43 - CFD: 04/10/2008 - 17:13:36 - [175] --H-D- C:\Program Files\Zero G Registry

O43 - CFD: 29/10/2011 - 13:31:14 - [4244456] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 08/10/2011 - 12:44:46 - [6347682] ----D- C:\Program Files\Common Files\Adobe

O43 - CFD: 19/09/2008 - 19:02:28 - [469525] ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD: 21/12/2009 - 01:00:02 - [5280332] ----D- C:\Program Files\Common Files\HP

O43 - CFD: 25/05/2008 - 13:04:40 - [10110139] ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD: 21/10/2011 - 11:50:22 - [47526965] ----D- C:\Program Files\Common Files\Java

O43 - CFD: 09/10/2009 - 19:09:32 - [32098366] ---AD- C:\Program Files\Common Files\LightScribe

O43 - CFD: 25/05/2008 - 12:49:34 - [56683] ---AD- C:\Program Files\Common Files\LS Getting Started

O43 - CFD: 22/02/2010 - 23:21:44 - [222154713] ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD: 25/05/2008 - 12:50:04 - [49413198] ----D- C:\Program Files\Common Files\muvee Technologies

O43 - CFD: 27/10/2011 - 11:27:44 - [4346720] ----D- C:\Program Files\Common Files\PX Storage Engine

O43 - CFD: 25/10/2011 - 10:22:58 - [0] ----D- C:\Program Files\Common Files\Real

O43 - CFD: 02/11/2006 - 13:18:34 - [2702] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 26/07/2009 - 21:25:10 - [1959208] ----D- C:\Program Files\Common Files\Skype

O43 - CFD: 02/11/2006 - 13:18:34 - [41101735] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 23/10/2011 - 15:41:34 - [419624] ----D- C:\Program Files\Common Files\Steam

O43 - CFD: 19/09/2008 - 20:09:36 - [498856] ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD: 21/10/2011 - 20:29:44 - [8737810] ----D- C:\Program Files\Common Files\System

O43 - CFD: 25/10/2011 - 10:23:28 - [352256] ----D- C:\Program Files\Common Files\xing shared

O43 - CFD: 08/10/2011 - 12:44:44 - [763] ----D- C:\ProgramData\Adobe

O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 25/05/2008 - 12:42:36 - [2893592] ----D- C:\ProgramData\ATI

O43 - CFD: 08/10/2011 - 12:35:12 - [6499190] ----D- C:\ProgramData\AVAST Software

O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 29/09/2008 - 21:21:26 - [4243] ----D- C:\ProgramData\CyberLink

O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 21/09/2008 - 20:05:22 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 24/12/2009 - 23:59:24 - [1089335] ----D- C:\ProgramData\Hewlett-Packard

O43 - CFD: 25/12/2009 - 00:08:20 - [18368758] ----D- C:\ProgramData\HP

O43 - CFD: 25/12/2009 - 00:03:54 - [8988] ----D- C:\ProgramData\HP Product Assistant

O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 10/10/2008 - 00:41:12 - [236586863] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 19/09/2008 - 18:48:42 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 25/05/2008 - 12:50:04 - [4460] ----D- C:\ProgramData\muvee Technologies

O43 - CFD: 28/08/2009 - 14:10:48 - [26596640] ----D- C:\ProgramData\NOS

O43 - CFD: 19/09/2008 - 19:30:34 - [189051] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 25/05/2008 - 12:55:10 - [1235] ----D- C:\ProgramData\PC-Doctor

O43 - CFD: 25/05/2008 - 12:55:10 - [1991680] ----D- C:\ProgramData\PC-Doctor 5 for Windows

O43 - CFD: 01/12/2009 - 20:58:34 - [166348] ----D- C:\ProgramData\Quark

O43 - CFD: 21/10/2011 - 11:25:14 - [1657586] ----D- C:\ProgramData\Real

O43 - CFD: 22/02/2010 - 23:22:48 - [19984] -SH-D- C:\ProgramData\SecuROM

O43 - CFD: 26/07/2009 - 21:25:08 - [25777757] ----D- C:\ProgramData\Skype

O43 - CFD: 28/10/2011 - 14:26:06 - [88243642] ----D- C:\ProgramData\Spyware Terminator

O43 - CFD: 02/11/2006 - 15:02:04 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 27/04/2010 - 22:36:26 - [191] ----D- C:\ProgramData\Sun

O43 - CFD: 19/09/2008 - 20:06:28 - [2746] ----D- C:\ProgramData\Symantec

O43 - CFD: 27/10/2011 - 15:28:04 - [36864] ---AD- C:\ProgramData\Temp

O43 - CFD: 02/11/2006 - 15:02:06 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 27/10/2011 - 16:40:32 - [387] ----D- C:\ProgramData\Vso

O43 - CFD: 19/09/2008 - 19:12:20 - [243] ----D- C:\ProgramData\WEBREG

O43 - CFD: 15/10/2011 - 19:22:44 - [1225108720] ----D- C:\ProgramData\WildTangent

O43 - CFD: 21/09/2008 - 21:17:32 - [1665879] ----D- C:\Users\Gro ian\AppData\Roaming\Adobe

O43 - CFD: 19/09/2008 - 18:58:18 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\ATI

O43 - CFD: 29/10/2011 - 13:19:42 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Avira

O43 - CFD: 08/10/2011 - 00:44:00 - [48593381] ----D- C:\Users\Gro ian\AppData\Roaming\Bioshock2

O43 - CFD: 20/03/2009 - 21:16:48 - [20] ----D- C:\Users\Gro ian\AppData\Roaming\CyberLink

O43 - CFD: 09/10/2008 - 01:11:58 - [1382] ----D- C:\Users\Gro ian\AppData\Roaming\DAEMON Tools

O43 - CFD: 20/03/2009 - 17:04:34 - [107050] ----D- C:\Users\Gro ian\AppData\Roaming\DataCast

O43 - CFD: 27/10/2011 - 15:26:58 - [631] ----D- C:\Users\Gro ian\AppData\Roaming\dvdcss

O43 - CFD: 21/09/2008 - 19:51:18 - [4862] ----D- C:\Users\Gro ian\AppData\Roaming\eMule

O43 - CFD: 10/10/2011 - 15:24:58 - [5061849] ----D- C:\Users\Gro ian\AppData\Roaming\foobar2000

O43 - CFD: 20/06/2009 - 07:22:20 - [329437] ----D- C:\Users\Gro ian\AppData\Roaming\Hewlett-Packard

O43 - CFD: 07/10/2008 - 18:35:42 - [251556] ----D- C:\Users\Gro ian\AppData\Roaming\HP

O43 - CFD: 07/02/2010 - 20:58:44 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\HPAppData

O43 - CFD: 22/10/2011 - 20:46:58 - [18625] ----D- C:\Users\Gro ian\AppData\Roaming\HpUpdate

O43 - CFD: 19/09/2008 - 18:57:34 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Identities

O43 - CFD: 19/09/2008 - 18:52:00 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\InstallShield

O43 - CFD: 16/05/2009 - 11:05:10 - [379] ----D- C:\Users\Gro ian\AppData\Roaming\Leadertech

O43 - CFD: 19/09/2008 - 18:53:16 - [3897407] ----D- C:\Users\Gro ian\AppData\Roaming\Macromedia

O43 - CFD: 07/10/2008 - 19:06:54 - [6924] ----D- C:\Users\Gro ian\AppData\Roaming\Magic Academy

O43 - CFD: 02/11/2006 - 14:37:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Center Programs

O43 - CFD: 28/10/2011 - 12:53:20 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Media Player Classic

O43 - CFD: 14/06/2009 - 14:31:54 - [3018979] -S--D- C:\Users\Gro ian\AppData\Roaming\Microsoft

O43 - CFD: 27/08/2009 - 13:16:20 - [4274645] ----D- C:\Users\Gro ian\AppData\Roaming\Mozilla

O43 - CFD: 10/10/2011 - 15:15:02 - [5632] ----D- C:\Users\Gro ian\AppData\Roaming\muvee Technologies

O43 - CFD: 29/10/2011 - 13:17:52 - [2832008] ----D- C:\Users\Gro ian\AppData\Roaming\OpenOffice.org2

O43 - CFD: 01/12/2009 - 21:01:24 - [48770] ----D- C:\Users\Gro ian\AppData\Roaming\Quark

O43 - CFD: 27/10/2011 - 11:29:54 - [53435062] ----D- C:\Users\Gro ian\AppData\Roaming\Real

O43 - CFD: 05/04/2010 - 17:36:52 - [2411799] ----D- C:\Users\Gro ian\AppData\Roaming\Samsung

O43 - CFD: 25/06/2009 - 01:40:18 - [11777] R-H-D- C:\Users\Gro ian\AppData\Roaming\SecuROM

O43 - CFD: 12/08/2009 - 21:55:58 - [1331916] ----D- C:\Users\Gro ian\AppData\Roaming\Skype

O43 - CFD: 12/08/2009 - 18:26:46 - [42456] ----D- C:\Users\Gro ian\AppData\Roaming\skypePM

O43 - CFD: 08/02/2009 - 19:24:46 - [10888344] ----D- C:\Users\Gro ian\AppData\Roaming\Sports Interactive

O43 - CFD: 28/10/2011 - 13:00:04 - [316419] ----D- C:\Users\Gro ian\AppData\Roaming\Spyware Terminator

O43 - CFD: 19/09/2008 - 18:58:16 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\Symantec

O43 - CFD: 24/09/2008 - 21:59:40 - [750956] ----D- C:\Users\Gro ian\AppData\Roaming\vlc

O43 - CFD: 27/10/2011 - 16:40:32 - [15420] ----D- C:\Users\Gro ian\AppData\Roaming\Vso

O43 - CFD: 19/09/2008 - 21:08:28 - [715] ----D- C:\Users\Gro ian\AppData\Roaming\WildTangent

O43 - CFD: 10/06/2009 - 16:40:36 - [0] ----D- C:\Users\Gro ian\AppData\Roaming\WinBatch

O43 - CFD: 22/02/2010 - 22:54:14 - [12] ----D- C:\Users\Gro ian\AppData\Roaming\WinRAR

O43 - CFD: 08/10/2011 - 12:44:12 - [5848099] ----D- C:\Users\Gro ian\AppData\Local\Adobe

O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Application Data

O43 - CFD: 15/10/2011 - 19:22:46 - [4381] ----D- C:\Users\Gro ian\AppData\Local\ApplicationHistory

O43 - CFD: 01/03/2009 - 21:43:08 - [1611] ----D- C:\Users\Gro ian\AppData\Local\ArmA

O43 - CFD: 19/09/2008 - 18:58:18 - [28955] ----D- C:\Users\Gro ian\AppData\Local\ATI

O43 - CFD: 21/09/2008 - 19:51:18 - [33396618] ----D- C:\Users\Gro ian\AppData\Local\eMule

O43 - CFD: 28/12/2009 - 23:58:40 - [3485] ----D- C:\Users\Gro ian\AppData\Local\GHOSTBUSTERS

O43 - CFD: 04/06/2010 - 19:09:58 - [5972628] ----D- C:\Users\Gro ian\AppData\Local\Google

O43 - CFD: 20/09/2008 - 19:15:06 - [5262] ----D- C:\Users\Gro ian\AppData\Local\Hewlett-Packard

O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Historique

O43 - CFD: 07/10/2008 - 18:15:54 - [4597110] ----D- C:\Users\Gro ian\AppData\Local\HP

O43 - CFD: 22/06/2010 - 21:06:00 - [69254356] ----D- C:\Users\Gro ian\AppData\Local\Microsoft

O43 - CFD: 20/09/2008 - 20:38:28 - [1631441] ----D- C:\Users\Gro ian\AppData\Local\Microsoft Games

O43 - CFD: 10/10/2008 - 00:39:58 - [39143] ----D- C:\Users\Gro ian\AppData\Local\MigWiz

O43 - CFD: 19/09/2008 - 19:21:06 - [48670864] ----D- C:\Users\Gro ian\AppData\Local\Mozilla

O43 - CFD: 01/12/2009 - 21:01:24 - [312146] ----D- C:\Users\Gro ian\AppData\Local\Quark

O43 - CFD: 11/11/2008 - 00:15:02 - [1867] ----D- C:\Users\Gro ian\AppData\Local\ratDVD

O43 - CFD: 04/06/2010 - 19:07:58 - [0] ----D- C:\Users\Gro ian\AppData\Local\Real

O43 - CFD: 10/02/2010 - 04:00:50 - [5938696] ----D- C:\Users\Gro ian\AppData\Local\Rockstar Games

O43 - CFD: 29/10/2011 - 13:30:06 - [75838] ----D- C:\Users\Gro ian\AppData\Local\Temp

O43 - CFD: 19/09/2008 - 18:50:46 - [0] -SH-D- C:\Users\Gro ian\AppData\Local\Temporary Internet Files

O43 - CFD: 07/10/2008 - 18:19:10 - [1144934035] ----D- C:\Users\Gro ian\AppData\Local\VirtualStore

O43 - CFD: 03/05/2010 - 15:00:44 - [44941] ----D- C:\Users\Gro ian\AppData\Local\Warhammer Mark of Chaos

~ Scan Program Folder in 00mn 24s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.9CCC90E8837186EFAC7906FDE941B123] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [144430]

O44 - LFC:[MD5.DF8710BC7D45337837437DD7945DB515] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc009.dat [784446]

O44 - LFC:[MD5.984A6944012B9779B4999D6EC706FD3C] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfc00C.dat [39692]

O44 - LFC:[MD5.D2C935BD07EFCF25CBF87571A57CF535] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh009.dat [1405718]

O44 - LFC:[MD5.B537CAD543F10FF798C0D7E7AEFD7740] - 29/10/2011 - 12:22:34 ---A- . (...) -- C:\Windows\system32\perfh00C.dat [116488]

O44 - LFC:[MD5.C05CF8C56868DEB29DA32E23425BA059] - 29/10/2011 - 12:21:49 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1149285]

O44 - LFC:[MD5.7D16401CBE0F9E49F355BDC8DCE79BE9] - 29/10/2011 - 12:16:58 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.625DB955B10C13546A2A24B71E8FB96C] - 29/10/2011 - 08:59:09 ---A- . (...) -- C:\Windows\MEMORY.DMP [187088816]

O44 - LFC:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592]

O44 - LFC:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD device.) -- C:\Windows\system32\drivers\pcouffin.sys [47360]

O44 - LFC:[MD5.1D0316BEB736160D249C4F147261EC70] - 25/10/2011 - 09:23:17 ---A- . (.RealNetworks, Inc. - Real Player ActiveX Control.) -- C:\Windows\system32\rmoc3260.dll [198832]

O44 - LFC:[MD5.33833B3EDA1B07EBD367FA9B38B23E60] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 16 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5016.dll [6656]

O44 - LFC:[MD5.B74E422BC81236042529DC8A42A18423] - 25/10/2011 - 09:23:04 ---A- . (.RealNetworks, Inc. - 32 bit DirectX helper DLL.) -- C:\Windows\system32\pndx5032.dll [5632]

O44 - LFC:[MD5.B4EB68502E52EBDC0B2C55EA3445284C] - 25/10/2011 - 09:23:03 ---A- . (.Progressive Networks - Pas de description.) -- C:\Windows\system32\pncrt.dll [272896]

O44 - LFC:[MD5.ECD81B99477AB4A93D7838EB40B870D0] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\icrav03.rat [8798]

O44 - LFC:[MD5.6D21D0A95286DCD09E354B612F592EB7] - 23/10/2011 - 14:48:44 ---A- . (...) -- C:\Windows\system32\ticrf.rat [1988]

O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 23/10/2011 - 14:48:37 ---A- . (...) -- C:\Windows\system32\ieuinit.inf [72822]

O44 - LFC:[MD5.7D0FB26D5CACBED6D9BE0B960C1F5CD6] - 23/10/2011 - 10:07:44 ---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT [337752]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:25 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 23/10/2011 - 10:05:08 --HA- . (...) -- C:\Windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf [0]

O44 - LFC:[MD5.FB724E1170D41C52038B14E283AB13B0] - 22/10/2011 - 19:43:53 ---A- . (...) -- C:\updatedatfix.log [734]

O44 - LFC:[MD5.2C536D41DCE213E1D449F18B3D41EA55] - 21/10/2011 - 12:58:43 ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\Windows\system32\FlashPlayerCPLApp.cpl [414368]

O44 - LFC:[MD5.D248D0DB24D9E01AA7F2E42A9758E8C0] - 21/10/2011 - 10:49:35 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_29-b11.log [3075]

O44 - LFC:[MD5.9A7E344C3D52EE1A2EF003B33B1C1BF1] - 21/10/2011 - 10:40:15 ---A- . (.Microsoft - NPS Migration Plugin.) -- C:\Windows\system32\IasMigPlugin.dll [454144]

O44 - LFC:[MD5.358A03A7A47F0AD71E84306AC635A626] - 21/10/2011 - 10:40:06 ---A- . (.Pas de propriétaire - Programme d'authentification du périphériqu.) -- C:\Windows\system32\EhStorAuthn.dll [117248]

O44 - LFC:[MD5.81638E6E467193699B5A800732ECBDE4] - 21/10/2011 - 10:39:18 ---A- . (.Microsoft - Classe d’assistance SMB (partage de fichier.) -- C:\Windows\system32\SMBHelperClass.dll [83456]

O44 - LFC:[MD5.20143FD619C185E13E170E91AB304477] - 17/10/2011 - 16:04:38 ---A- . (...) -- C:\Windows\SIERRA.INI [301]

O44 - LFC:[MD5.F99DDD5E4F807B43E8B85DCD5F4B59EA] - 10/10/2011 - 13:37:06 ---A- . (.Microsoft - Legacy GDF resource DLL.) -- C:\Windows\system32\GameUXLegacyGDFs.dll [4240384]

O44 - LFC:[MD5.FA4B5940B31853ADE67A73026884C8C9] - 09/10/2011 - 18:13:47 ---A- . (.Microsoft Corporation - Bibliothèque d'assistance au déploiement de.) -- C:\Windows\system32\dfshim.dll [1130824]

O44 - LFC:[MD5.54F73529D65E5EB41FFC28C4EDDF069F] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\system32\atmlib.dll [34304]

O44 - LFC:[MD5.B44A7AC9E801C38F54F7340351313E85] - 09/10/2011 - 08:27:15 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\system32\atmfd.dll [292864]

O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 09/10/2011 - 08:25:39 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll [81920]

O44 - LFC:[MD5.0857BDD856888D78E6E991CDDA49A4B8] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm [220672]

O44 - LFC:[MD5.8A64A3F68F0E24917759852C842DCD74] - 09/10/2011 - 08:23:29 ---A- . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\system32\l3codeca.acm [62464]

O44 - LFC:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]

O44 - LFC:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 11:35:51 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856]

O44 - LFC:[MD5.01C47C2ECED034EF6F8C1552A97CFF00] - 08/10/2011 - 11:35:50 ---A- . (...) -- C:\Windows\system32\config.nt [2577]

O44 - LFC:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616]

O44 - LFC:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568]

O44 - LFC:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]

O44 - LFC:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 11:35:50 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200]

O44 - LFC:[MD5.701A5948B60452EF6CF06C2900C3B9EA] - 08/10/2011 - 11:35:26 ---A- . (.AVAST Software - avast! Screen Saver stub.) -- C:\Windows\avastSS.scr [41184]

O44 - LFC:[MD5.37CCBB62A3D8FE3903CD2CBFC711895C] - 08/10/2011 - 11:35:25 ---A- . (.AVAST Software - avast! start-up scanner.) -- C:\Windows\system32\aswBoot.exe [199304]

O44 - LFC:[MD5.ABA0F3AF163878E5E64248A92A8ECCA8] - 08/10/2011 - 10:29:55 ---A- . (...) -- C:\Windows\system32\jupdate-1.6.0_26-b03.log [6310]

O44 - LFC:[MD5.AFBF77A659ABEA37EBE3994656970CF2] - 03/10/2011 - 04:06:16 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\system32\javaws.exe [157472]

O44 - LFC:[MD5.9225A1067BC2858575B9787BB3ECC4FD] - 03/10/2011 - 04:06:15 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\javaw.exe [145184]

O44 - LFC:[MD5.9D1379B60113E70C75592B02538E84D6] - 03/10/2011 - 04:06:14 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\java.exe [145184]

O44 - LFC:[MD5.3107D5460A32130EAFE9BEAA12EE2251] - 03/10/2011 - 04:06:03 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\system32\deployJava1.dll [472808]

O44 - LFC:[MD5.F6D48AE1F578493D2E19DD644B153976] - 01/08/2009 - 07:27:37 ---A- . (...) -- C:\Windows\system32\winrm.vbs [201184]

O44 - LFC:[MD5.B2EDF82825D979928AE07CBE9C7A2160] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\WsmTxt.xsl [2426]

O44 - LFC:[MD5.3C436603213561E2E7DD3D4459DBB7D4] - 16/07/2009 - 18:30:03 ---A- . (...) -- C:\Windows\system32\wsmanconfig_schema.xml [4675]

O44 - LFC:[MD5.18B2C06EF8DC3FAF83C074089024391E] - 11/07/2009 - 18:03:56 ---A- . (...) -- C:\Windows\system32\wlan.tmf [2501921]

O44 - LFC:[MD5.52CB0185C73E1BA86CC7F726F22523C3] - 11/04/2009 - 07:28:21 ---A- . (...) -- C:\Windows\system32\msjetoledb40.dll [368640]

O44 - LFC:[MD5.AD4C3968CE1DB3A3A4632E1CDECA9555] - 11/04/2009 - 05:48:19 ---A- . (...) -- C:\Windows\system32\eaphost.tmf [344698]

O44 - LFC:[MD5.A3EB38D309C5682BBA0E23732C5D4AF2] - 11/04/2009 - 05:46:15 ---A- . (...) -- C:\Windows\system32\WFP.TMF [208966]

O44 - LFC:[MD5.4DF0D81B2B19B87DBFF241619DCDDC31] - 11/04/2009 - 05:43:51 ---A- . (...) -- C:\Windows\system32\dot3.tmf [442788]

O44 - LFC:[MD5.16D06DC26B8BD160AD81EE271D9577D8] - 11/04/2009 - 05:43:37 ---A- . (...) -- C:\Windows\system32\onex.tmf [392170]

O44 - LFC:[MD5.E9E66706083BFE4B0070EE0A5E8D42DB] - 11/04/2009 - 02:59:51 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchema.bin [107612]

O44 - LFC:[MD5.B51BF7934D2B657454F66035AA5BFA03] - 11/04/2009 - 02:54:25 ---A- . (...) -- C:\Windows\system32\locale.nls [3662128]

O44 - LFC:[MD5.75DFEB04C0C978810720283C1B5CD7B1] - 07/03/2009 - 02:11:16 ---A- . (...) -- C:\Windows\system32\systemsf.ebd [130008]

O44 - LFC:[MD5.07400BC21119204892795F015052CDF4] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\RacUR.xml [9212]

O44 - LFC:[MD5.6F7C27002EA0F9496070A1150C977DEC] - 20/02/2009 - 01:20:51 ---A- . (...) -- C:\Windows\system32\spcinstrumentation.man [9239]

O44 - LFC:[MD5.4C58B5E71FEEFD18BB7F537343C7219A] - 18/02/2009 - 19:43:18 ---A- . (...) -- C:\Windows\system32\RacUREx.xml [153]

O44 - LFC:[MD5.BCDBB5CEA1E8AEA0FA353691EB003728] - 18/02/2009 - 19:39:57 ---A- . (...) -- C:\Windows\system32\slmgr.vbs [92918]

O44 - LFC:[MD5.D07E5384D2B4E71F7D49C9F334D69284] - 27/05/2008 - 05:59:40 ---A- . (...) -- C:\Windows\system32\StructuredQuerySchemaTrivial.bin [18904]

O44 - LFC:[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - 08/11/2007 - 10:04:45 ---A- . (...) -- C:\Windows\system32\korwbrkr.lex [11967524]

~ Scan Files in 00mn 33s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l'Éditeur de configuration de sécurité Windows.) -- C:\Windows\system32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\system32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\system32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\system32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\system32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\system32\tspkg.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Volume Manager Extension Driver.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{140b194a-559a-11df-ad84-00221507e036}\AutoRun\command. (...) -- K:\wdsync.exe (.not file.)

O51 - MPSK:{94e74665-0fc5-11de-ab70-00221507e036}\AutoRun\command - Clé orpheline

O51 - MPSK:{e7d9ec61-958e-11dd-bdbe-00221507e036}\AutoRun\command. (...) -- M:\Support\AutoRun\AutoRun.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\system32\iccvid.dll

O52 - TDSD: \Drivers32\"msacm.l3codecp"="l3codecp.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Audio Layer-3 Codec for MSACM.) -- C:\Windows\system32\l3codecp.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TS Single Sign On Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.04F0FCAC69C7C71A3AC4EB97FAFC8303] - 21/01/2008 - 03:23:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [422968]

O58 - SDL:[MD5.60505E0041F7751BDBB80F88BF45C2CE] - 21/01/2008 - 03:23:25 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [300600]

O58 - SDL:[MD5.8A42779B02AEC986EAB64ECFC98F8BD7] - 21/01/2008 - 03:23:26 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys [101432]

O58 - SDL:[MD5.241C9E37F8CE45EF51C3DE27515CA4E5] - 21/01/2008 - 03:23:27 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys [149560]

O58 - SDL:[MD5.9EAEF5FC9B8E351AFA7E78A6FAE91F91] - 21/01/2008 - 03:23:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [17464]

O58 - SDL:[MD5.5D2888182FB46632511ACEE92FDAD522] - 21/01/2008 - 03:23:23 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [79416]

O58 - SDL:[MD5.5E2A321BD7C8B3624E41FDEC3E244945] - 21/01/2008 - 03:23:24 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [79928]

O58 - SDL:[MD5.C47623FFD181A1E7D63574DDE2A0A711] - 08/10/2011 - 21:36:12 ---A- . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [20568]

O58 - SDL:[MD5.4804753A4EC7D67CC22D226BFFD1C1E3] - 08/10/2011 - 21:36:26 ---A- . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [54616]

O58 - SDL:[MD5.36239E24470A3DD81FAE37510953CC6C] - 08/10/2011 - 21:36:38 ---A- . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [34392]

O58 - SDL:[MD5.CAA846E9C83836BDC3D2D700C678DB65] - 08/10/2011 - 21:38:05 ---A- . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [442200]

O58 - SDL:[MD5.748AE7F2D7DA33ADB063FE05704A9969] - 08/10/2011 - 21:37:53 ---A- . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [320856]

O58 - SDL:[MD5.CA9925CE1DBD07FFE1EB357752CF5577] - 08/10/2011 - 21:36:36 ---A- . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [52568]

O58 - SDL:[MD5.38973519D2A61E33E49A09C6B05621CD] - 25/05/2008 - 01:53:20 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [3520512]

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [13568]

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [5248]

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [71808]

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [62336]

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [12160]

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [11904]

O58 - SDL:[MD5.0CA25E686A4928484E9FDABD168AB629] - 21/01/2008 - 03:23:00 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [19000]

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys [71272]

O58 - SDL:[MD5.5425F74AC0C1DBD96A1E04F17D63F94C] - 21/01/2008 - 03:23:24 ---A- . (.Intel Corporation - Pilote désérialisé NDIS 6 de la carte Intel® PRO/1000.) -- C:\Windows\system32\drivers\E1G60I32.sys [118784]

O58 - SDL:[MD5.23B62471681A124889978F6295B3F4C6] - 21/01/2008 - 03:23:22 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [342584]

O58 - SDL:[MD5.16EE7B23A009E00D835CDB79574A91A6] - 21/01/2008 - 03:23:26 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys [40504]

O58 - SDL:[MD5.37769C28E1C6489C56E41DB7A32D58C5] - 17/06/2009 - 16:56:40 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\Windows\system32\drivers\iaStor.sys [327192]

O58 - SDL:[MD5.54155EA1B0DF185878E0FC9EC3AC3A14] - 21/01/2008 - 03:23:23 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys [235064]

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [41576]

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys [35944]

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys [35944]

O58 - SDL:[MD5.C7E15E82879BF3235B559563D4185365] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [96312]

O58 - SDL:[MD5.EE01EBAE8C9BF0FA072E0FF68718920A] - 21/01/2008 - 03:23:25 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [89656]

O58 - SDL:[MD5.912A04696E9CA30146A62AFA1463DD5C] - 21/01/2008 - 03:23:23 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [96312]

O58 - SDL:[MD5.0001CE609D66632FA17B84705F658879] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys [31288]

O58 - SDL:[MD5.C252F32CD9A49DBFC25ECF26EBD51A99] - 21/01/2008 - 03:23:27 ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [386616]

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys [33384]

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [45160]

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys [20608]

O58 - SDL:[MD5.B40539857021CB65C640FA18B9E40BB0] - 19/09/2008 - 13:01:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows Vista Kernel Mode Driver, Version 175.) -- C:\Windows\system32\drivers\nvlddmkm.sys [7465312]

O58 - SDL:[MD5.2EDF9E7751554B42CBB60116DE727101] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [102968]

O58 - SDL:[MD5.ABED0C09758D1D97DB0042DBB2688177] - 21/01/2008 - 03:23:21 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [45112]

O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360]

O58 - SDL:[MD5.390C204CED3785609AB24E9C52054A84] - 25/05/2008 - 17:27:00 ---A- . (.Hewlett-Packard Company - PS2 SYS.) -- C:\Windows\system32\drivers\PS2.sys [19072]

O58 - SDL:[MD5.0A6DB55AFB7820C99AA1F3A1D270F4F6] - 21/01/2008 - 03:23:24 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1122360]

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [106088]

O58 - SDL:[MD5.5D26CCB06E1F3B5C26E863DF3F4F2611] - 10/06/2009 - 16:03:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys [2152088]

O58 - SDL:[MD5.ABBE0F54BA3A378262C9CB86CF7D91F8] - 25/05/2008 - 15:56:02 ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS6 32-bit Driver.) -- C:\Windows\system32\drivers\Rtlh86.sys [118784]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.A99C6C8B0BAA970D8AA59DDC50B57F94] - 21/01/2008 - 03:23:26 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [74808]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296]

O58 - SDL:[MD5.8831252BCF05FCFB5ABD116A22E552D8] - 28/10/2011 - 11:59:41 ---A- . (...) -- C:\Windows\system32\drivers\sp_rsdrv2.sys [142592]

O58 - SDL:[MD5.5A1D0CA8A5F1E7B4EC50B9D76C001F0E] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Device 1.0 Driver.) -- C:\Windows\system32\drivers\ss_bus.sys [83592]

O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cm.sys [12424]

O58 - SDL:[MD5.A251AEE642F64B8BC5E2CBFEBB437A1D] - 05/04/2010 - 10:11:16 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_cmnt.sys [12424]

O58 - SDL:[MD5.F0A85580E36A3A85059037D39A9CF079] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Filter Driver.) -- C:\Windows\system32\drivers\ss_mdfl.sys [15112]

O58 - SDL:[MD5.84C3DBFD1BFA4ADC0A950B3D5506CB00] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - SAMSUNG Mobile USB Modem 1.0 Driver.) -- C:\Windows\system32\drivers\ss_mdm.sys [109704]

O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_wh.sys [12424]

O58 - SDL:[MD5.09104A5FE22B716571E90E11B73A042C] - 05/04/2010 - 10:11:18 ---A- . (.MCCI Corporation - Windows 2000/XP support functions.) -- C:\Windows\system32\drivers\ss_whnt.sys [12424]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 05/04/2010 - 15:05:00 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5632]

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys [35944]

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys [31848]

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys [34920]

O58 - SDL:[MD5.9224BB254F591DE4CA8D572A5F0D635C] - 21/01/2008 - 03:23:20 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys [238648]

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys [98408]

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 21/01/2008 - 03:23:23 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys [115816]

O58 - SDL:[MD5.AADF5587A4063F52C2C3FED7887426FC] - 21/01/2008 - 03:23:00 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [20024]

O58 - SDL:[MD5.587253E09325E6BF226B299774B728A9] - 21/01/2008 - 03:23:23 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [130616]

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (...) -- C:\Windows\system32\ANSI.SYS [9029]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (...) -- C:\Windows\system32\country.sys [27097]

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (...) -- C:\Windows\system32\HIMEM.SYS [4768]

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEY01.SYS [42809]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS [42537]

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (...) -- C:\Windows\system32\NTDOS.SYS [27866]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (...) -- C:\Windows\system32\NTDOS404.SYS [29146]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (...) -- C:\Windows\system32\NTDOS411.SYS [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (...) -- C:\Windows\system32\NTDOS412.SYS [29274]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (...) -- C:\Windows\system32\NTDOS804.SYS [29146]

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (...) -- C:\Windows\system32\NTIO.SYS [33952]

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (...) -- C:\Windows\system32\NTIO404.SYS [34672]

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (...) -- C:\Windows\system32\NTIO411.SYS [35776]

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (...) -- C:\Windows\system32\NTIO412.SYS [35536]

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (...) -- C:\Windows\system32\NTIO804.SYS [34672]

~ Scan Drivers in 00mn 02s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 06/09/2011 - C:\Windows\system32\drivers\aswMonFlt.sys - aswMonFlt(aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??/??/???? - C:\Windows\system32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

~ Scan Services in 00mn 01s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <Regedit.Document>[HKLM\..\open\Command] (...) -- c:\Winnt\Regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <Regedit.Document>[HKCR\..\open\Command] (...) -- c:\Winnt\Regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {242366AF-80F7-4DFF-8169-C948CA272752} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {32654C5A-909A-4920-9EAD-9D31FC5F3792} - (AOL Recherche) - http://slirsredirect.search.aol.com

O69 - SBI: SearchScopes [HKCU] {8F00202E-3F8E-4026-9CF4-5C5D404AA43F} - (Kelkoo) - Voitures Et Motos | Comparer Prix & Acheter Voiture Et Moto - Kelkoo France

O69 - SBI: SearchScopes [HKCU] {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} - (DAEMON Search) - DAEMON-Search.com :: EXPLORE

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.254FBCA565E049648B0CCE2CEADF05D2] [sPRF][27/10/2011] (...) -- C:\Users\Gro ian\AppData\Roaming\inst.exe [87608]

[MD5.5B6C11DE7E839C05248CED8825470FEF] [sPRF][27/10/2011] (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Users\Gro ian\AppData\Roaming\pcouffin.sys [47360]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{8C052177-3D71-427F-8122-3B72997E90B4}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files\Cyberlink\PowerDirector\PDR.exe

O87 - FAEL: "TCP Query User{D5940B08-68B1-4096-A64C-A95CD0064CE1}C:\program files\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "UDP Query User{5A42F6A4-90E6-44E5-BD16-032472D34A80}C:\program files\emule\emule.exe" | In - Private - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "{8BCB3F0E-CA42-4A30-862D-6C7F8DBA267D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.)

O87 - FAEL: "{F974D8E2-6BDC-438F-8321-CDF5E9FC8F22}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main.exe (.not file.)

O87 - FAEL: "{32313217-1411-420F-9B0F-AF54A1364016}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.)

O87 - FAEL: "{D269A3F6-7C45-4EAC-9CA9-A608395930D3}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2main_amdxp.exe (.not file.)

O87 - FAEL: "{B3B65CDB-8F8A-446D-A83E-BF41D5F368F0}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.)

O87 - FAEL: "{81CB45F8-247A-4A80-B251-B78BE699FBAD}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwupdate.exe (.not file.)

O87 - FAEL: "{967E89FD-A862-4F17-82DE-30243E745B97}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.)

O87 - FAEL: "{2A994EFF-D668-456B-BE5B-539043983F0B}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Atari\Neverwinter Nights 2\nwn2server.exe (.not file.)

O87 - FAEL: "TCP Query User{7B73471C-4175-4A1C-8F48-2500E6F04423}C:\program files\emule\emule.exe" | In - Public - P6 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "UDP Query User{A5767F8B-EA8C-46F3-8082-F2338159F127}C:\program files\emule\emule.exe" | In - Public - P17 - FALSE | .(.http://www.emule-project.net - eMule.) -- C:\program files\emule\emule.exe

O87 - FAEL: "TCP Query User{6B223150-D6B6-42CF-98DE-AF55B9F63A9E}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.)

O87 - FAEL: "UDP Query User{AB60F2C0-7FDD-4CEB-B65F-83EC805CA4FB}C:\program files\thq\dawn of war - soulstorm\soulstorm.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - soulstorm\soulstorm.exe (.not file.)

O87 - FAEL: "TCP Query User{C28B611B-809A-439E-AA24-4693671856ED}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.)

O87 - FAEL: "UDP Query User{35EF8499-3CA4-43B4-9A7B-4AE492FFB965}C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\thq\dawn of war - dark crusade\darkcrusade.exe (.not file.)

O87 - FAEL: "{C22D7154-CA9A-4870-9F37-023AA7BA351E}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.)

O87 - FAEL: "{19D24194-AE38-4322-8212-55207FF38BFC}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.)

O87 - FAEL: "{76CEBD95-2072-49B8-8BA3-BEA201D88E9D}" | In - Public - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

O87 - FAEL: "{833C4168-9F1F-4C86-BB0D-CA6A7FE6C71B}" | In - Public - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\System32\muzapp.exe

O87 - FAEL: "TCP Query User{D9D5EF40-4D83-4205-8744-79076479A64F}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P6 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribes

O87 - FAEL: "UDP Query User{57B2D4F7-0C4E-49E6-9B86-2292532D9038}C:\program files\ubisoft\heroes of might and magic v - tribes of the east\bin\h5_game.exe" |In - Public - P17 - TRUE | .(...) -- C:\program files\ubisoft\heroes of might and magic v - tribe

O87 - FAEL: "{8312D59D-710D-4BFA-B983-17E9780C9783}" | In - Private - P6 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe

O87 - FAEL: "{71644499-4DDE-427E-AF3D-B042B78E0DCB}" | In - Private - P17 - TRUE | .(.Monolith Productions, Inc. - F.E.A.R..) -- C:\Program Files\Sierra\FEARCombat\FEARMP.exe

O87 - FAEL: "{7B67770B-5AF6-4C58-9D80-65E6FD05D00D}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.)

O87 - FAEL: "{BE3F4F03-D2B8-4BA7-B5A0-570D1A71AAA6}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe (.not file.)

O87 - FAEL: "{55D4BF6D-0700-40DB-ACD0-B8EDC27B07A7}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O87 - FAEL: "{0BFE84DE-58BC-45E1-B81B-74BB5F38B8BD}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartMusic.exe (.not file.)

O87 - FAEL: "{670487AB-7F7A-4CAF-B8F6-65C07F3C094E}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartPhoto.exe (.not file.)

O87 - FAEL: "{6E4A0FEF-3976-4A62-B8C7-4C8B288E4A0D}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPTouchSmartVideo.exe (.not file.)

O87 - FAEL: "{7E4B9AE0-27F2-4C71-B778-1D4CCEA2644C}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\TSMAgent.exe (.not file.)

O87 - FAEL: "{AF6971E2-00D0-4CFE-AB03-F879483288D7}" |In - None - P6 - TRUE | .(...) -- c:\Program Files\Hewlett-Packard\Media\DVD\Kernel\CLML\CLMLSvc.exe (.not file.)

O87 - FAEL: "{52491F82-B3E1-49CF-896F-E69CA166F490}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- c:\Program Files\Hewlett-Packard\Media\DVD\HPDVDSmart.exe

O87 - FAEL: "{8FF70E9B-C9AD-4D78-8041-B8C108DD48C1}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.)

O87 - FAEL: "{A60F6F60-ABB5-44B7-A8BC-59BEA7455B24}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe (.not file.)

O87 - FAEL: "{C2CD0F89-7731-436F-A70B-8881B0D84EB8}" | In - None - P17 - TRUE | .(.Hewlett-Packard - HP Update Client.) -- C:\Program Files\HP\hp software update\hpwucli.exe

O87 - FAEL: "TCP Query User{F51BDF3E-E90A-4C8F-AE05-4EC07C1DD919}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P6 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark

O87 - FAEL: "UDP Query User{85446F0F-EDF7-4477-A3A7-57AB5C3A3721}C:\program files\namco bandai games\warhammer® mark of chaos\warhammer.exe" | In - Public - P17 - TRUE | .(.Black Hole Entertainment.) -- C:\program files\namco bandai games\warhammer® mark

O87 - FAEL: "TCP Query User{C02D70A1-20EE-49BA-902D-47D23A95376A}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P6 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe

O87 - FAEL: "UDP Query User{286E1A0A-8F83-4BCA-B680-580F94CEBC97}F:\program files\spyware terminator\spywareterminatorupdate.exe" | In - Public - P17 - TRUE | .(.Crawler.com.) -- F:\program files\spyware terminator\spywareterminatorupdate.exe

~ Scan Firewall in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8789 - (28/10/2011)

Clés trouvées (Keys found) : 4

Valeurs trouvées (Values found) : 2

Dossiers trouvés (Folders found) : 1

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\AppID\WMHelper.DLL] =>PUP.BearShare

[HKLM\Software\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}] =>PUP.iMesh

[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\daemon tools toolbar] =>Toolbar.Agent

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent

[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{32099aac-c132-4136-9e9a-4e364a424e17} =>Toolbar.Agent

C:\Program Files\DAEMON Tools Toolbar =>Toolbar.Agent

~ Scan Additionnel in 00mn 06s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 25/05/2008 655360 | (Ati External Event Utility) . (.ATI Technologies Inc..) - C:\Windows\system32\Ati2evxx.exe

SR - | Auto 06/09/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

SS - | Demand 25/05/2008 165416 | (GameConsoleService) . (.WildTangent, Inc..) - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe

SS - | Demand 0 | (getPlus® Helper) . (...) - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

SS - | Auto 04/06/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 04/06/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SR - | Auto 25/05/2008 94208 | (HP Health Check Service) . (.Hewlett-Packard.) - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe

SR - | Auto 10/06/2009 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

SR - | Auto 09/10/2009 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 19/09/2008 118784 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 08/10/2011 496128 | (sp_rssrv) . (.Crawler.com.) - F:\Program Files\Spyware Terminator\sp_rsser.exe

SS - | Demand 03/05/2010 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files\Common Files\Steam\SteamService.exe

SR - | Auto 21/01/2008 21504 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\system32\svchost.exe

~ Scan Services in 00mn 07s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 00mn 09s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O58 - SDL:[MD5.5B6C11DE7E839C05248CED8825470FEF] - 27/10/2011 - 13:20:14 ---A- . (.VSO Software - low level access layer for CD/DVD/BD devices.) -- C:\Windows\system32\drivers\pcouffin.sys [47360]

O58 - SDL:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/10/2008 - 00:00:00 ---A- . (...) -- C:\Windows\system32\drivers\sptd.sys [717296]

~ Scan Emulateurs in 00mn 11s

 

 

 

End of the scan (1337 lines in 01mn 27s)(0)