Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Messages recommandés


Bonjour à tout le monde, j'ai vraiment besoin d'aide..


JE suis surement infecte..Il cache les dossiers ce qui fait en sorte que lorsque je boot avec windows 7 normal..De tres nombreux erreur s'affiche, plus rien sur le bureau noir, plus rien dan sle menu programme..etc..

Voici mon zhp


HELP et merci

p.s je dois travailler en mode sans echec avec reseau


Rapport de ZHPDiag v1.28.291 par Nicolas Coolman, Update du 17/12/2011

Run by c at 2011-12-17 20:52:50

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.



---\\ Web Browser

MSIE: Internet Explorer v8.0.7601.17514

MFIE: Mozilla Firefox 4.0.1 v4.0.1 (Defaut)

GCIE: Google Chrome v16.0.912.63


---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

Software Protection Service (Protection logicielle) : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK


---\\ System Information

~ Processor: AMD64 Family 16 Model 5 Stepping 3, AuthenticAMD

~ Operating System: 64 Bits

Boot mode: Sans échec avec prise en charge du réseau (Fail-safe with network boot)

Total RAM: 8187 MB (89% free)

System Restore: Activé (Enable)

System drive C: has 200 GB (68%) free of 293 GB


---\\ Logged in mode

~ Computer Name: RHEAUME-PCDELL

~ User Name: c

~ All Users Names: c, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator


---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\c\AppData\Roaming\

~ %Desktop% : C:\Users\c\Desktop\

~ %Favorites% : C:\Users\c\Favorites\

~ %LocalAppData% : C:\Users\c\AppData\Local\

~ %StartMenu% : C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\


---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 200 Go of 293 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ CD-ROM drive (Not Inserted)

F:\ Hard drive, Flash drive, Thumb drive (Free 62 Go of 143 Go)

G:\ Hard drive, Flash drive, Thumb drive (Free 36 Go of 39 Go)

H:\ Hard drive, Flash drive, Thumb drive (Free 184 Go of 442 Go)




---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: Modified

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date

~ Scan Security Center in 00mn 00s




---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.2011-04-26 - 01:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.2009-07-13 - 20:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.2009-07-13 - 20:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.4EFC156290537BB9706D3A7A1A4B8733] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2011-12-13 - 00:41:43.) -- C:\Windows\system32\wininet.dll [1188864]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.2011-03-13 - 08:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.2011-03-13 - 08:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.2011-03-13 - 08:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.2011-06-16 - 21:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.2009-07-13 - 20:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.2009-07-13 - 18:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.2011-03-13 - 04:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.2011-03-13 - 04:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.2011-03-13 - 05:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.2009-07-13 - 18:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.2009-07-13 - 19:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.2011-06-16 - 21:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.2011-03-13 - 04:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.2011-04-26 - 01:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.2009-07-13 - 19:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.2011-03-13 - 05:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.2009-07-13 - 19:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.2011-03-13 - 04:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.2011-03-13 - 08:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s




---\\ Etat des fichiers cachés (Caché/Total)

Mes images (My Pictures) : 14012/14012 (Modified)

Mes musiques (My Musics) : 3484/3484 (Modified)

Mes Videos (My Videos) : 342/342 (Modified)

Mes Favoris (My Favorites) : 18/18 (Modified)

Mes Documents (My Documents) : 3294/3294 (Modified)

Mon Bureau (My Desktop) : 6/6 (Modified)

Menu demarrer (Programs) : 43/43 (Modified)

~ Scan Hidden Files in 00mn 11s




---\\ Processus lancés

[MD5.F4E4B3415F133F49DB8D3EC168CC4921] - (.Nicolas Coolman - Nettoyeur de rapport ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPFix.exe [504832] [PID.1796]

[MD5.B7C5410D1A88DADE14BFD135AA5B80DF] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [712192] [PID.1160]

~ Scan Processes Running in 00mn 00s




---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\c\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default]

G2 - GCE: Preference [user Data\Default] [bmbpbcpokffodhpcdjaoopolhdlbconi] XfireXO v. ()

G2 - GCE: Preference [user Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Recherche Google v. (Activé)

~ Scan Google Browser in 00mn 00s




---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)


M3 - MFPP: Plugins - [c] -- C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\ur8o760l.default\searchplugins\conduit.xml

M0 - MFSP: prefs.js [c - ur8o760l.default]

M2 - MFEP: prefs.js [c - ur8o760l.default\] [] Deutsches Wörterbuch v2.0.2 (.Robert Kaiser, unter Verwendung des igerman98-Wörterbuchs von Björn Jacke.)

P2 - FPN: [HKLM] [,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- G:\Microsoft Office\Office14\NPAUTHZ.dll

P2 - FPN: [HKCU] [@Skype Video Calling Plugin] - (.Skype Limited - Facebook Video Calling Plugin.) -- C:\Users\c\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll

P2 - FPN: [HKCU] [] - (.Pando Networks - Pando Web Plugin.) -- C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

~ Scan Firefox Browser in 00mn 00s




---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: (no name) [64Bits] - {5e5ab302-7f65-44cd-8211-c1d4caaccea3} . (...) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s




---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s




---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s




---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s




---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- G:\Microsoft Office\Office14\GROOVEEX.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- G:\Microsoft Office\Office14\URLREDIR.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll

O2 - BHO: Bing Bar Helper [64Bits] - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} . (.Microsoft Corporation. - Extensions du client Bing.) -- C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s




---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [broadcom Wireless Manager UI] . (.Dell Inc. - DW WLAN Card Wireless Network Tray Applet.) -- C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe

O4 - HKLM\..\Run: [DellStage] . (.Pas de propriétaire - Dell Stage.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKCU\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\c\AppData\Local\Facebook\Update\FacebookUpdate.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- G:\DAEMON Tools Lite\DTLite.exe

O4 - HKCU\..\Run: [mGiJpKILEPL.exe] . (...) -- C:\ProgramData\mGiJpKILEPL.exe

O4 - HKLM\..\Wow6432Node\Run: [uCam_Menu] . (.CyberLink Corp. - MUI StartMenu Application.) -- G:\Dell\Dell TouchCam\Dell TouchCam\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- G:\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\Wow6432Node\Run: [AccuWeatherWidget] . (.Pas de propriétaire - desktop weather widget.) -- C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKLM\..\Wow6432Node\Run: [startCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Wow6432Node\Run: [APSDaemon] . (.Apple Inc. - Apple Push.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O4 - HKLM\..\Wow6432Node\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-3021462351-2592770391-3841778094-1000\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O4 - HKUS\S-1-5-21-3021462351-2592770391-3841778094-1000\..\Run: [Facebook Update] . (.Facebook Inc. - Programme d'installation de Facebook.) -- C:\Users\c\AppData\Local\Facebook\Update\FacebookUpdate.exe

O4 - HKUS\S-1-5-21-3021462351-2592770391-3841778094-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- G:\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-21-3021462351-2592770391-3841778094-1000\..\Run: [mGiJpKILEPL.exe] . (...) -- C:\ProgramData\mGiJpKILEPL.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s




---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\c\Desktop\Firefox.lnk . (.Mozilla Corporation.) -- G:\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\c\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\c\Desktop\System Fix.lnk . (...) -- C:\ProgramData\YaePlqWAKCROSF.exe

O4 - Global Startup: C:\Users\c\Desktop\TESV.exe - Raccourci.lnk . (.Bethesda Softworks.) -- F:\The Elder Scrolls V Skyrim\TESV.exe

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- G:\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\System Fix.lnk . (...) -- C:\ProgramData\YaePlqWAKCROSF.exe

O4 - Global Startup: C:\Users\c\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xfire.lnk . (.Xfire Inc..) -- F:\Xfire\Xfire.exe

~ Scan Global Startup in 00mn 00s




---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s




---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Envoyer à OneNote . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- G:\MICROS~1\Office14\ONBttnIE.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Excel.) -- G:\MICROS~1\Office14\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s




---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- G:\MICROS~1\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- G:\MICROS~1\Office14\ONBTTN~1.dll

~ Scan IE Extra Buttons in 00mn 00s




---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files (x86)\Bonjour\mdnsNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

~ Scan Winsock in 00mn 00s




---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{2B6CB3BF-3F32-4998-A07F-C9A46A93CACE}: DhcpNameServer =

O17 - HKLM\System\CS1\Services\Tcpip\..\{2B6CB3BF-3F32-4998-A07F-C9A46A93CACE}: DhcpNameServer =

O17 - HKLM\System\CS2\Services\Tcpip\..\{2B6CB3BF-3F32-4998-A07F-C9A46A93CACE}: DhcpNameServer =

~ Scan Domain in 00mn 00s




---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s




---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s




---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\Windows\system32\atiesrxx.exe

O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - G:\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - G:\Avira\AntiVir Desktop\avguard.exe

O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. - MobileDeviceService.) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DellOSDservice (DellOSDservice) . (.Microsoft - Dell.) - C:\Program Files\Dell\OSD\DellOSDservice.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: PnkBstrA (PnkBstrA) . (...) - C:\Windows\SysWOW64\PnkBstrA.exe

O23 - Service: DW WLAN Tray Service (wltrysvc) . (.Dell Inc. - DW WLAN Card Wireless Network Service.) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe

~ Scan Services in 00mn 00s




---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s




---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s




---\\ Session Manager Key (AppCertDlls,KnownDLLs) (O36)

O36 - KnownDLLs: (clbcatq) . (.Microsoft Corporation - COM+ Configuration Catalog.) -- C:\Windows\system32\clbcatq.dll

O36 - KnownDLLs: (ole32) . (.Microsoft Corporation - Microsoft OLE pour Windows.) -- C:\Windows\system32\ole32.dll

O36 - KnownDLLs: (advapi32) . (.Microsoft Corporation - API avancées Windows 32.) -- C:\Windows\system32\advapi32.dll

O36 - KnownDLLs: (COMDLG32) . (.Microsoft Corporation - DLL commune de boîtes de dialogues.) -- C:\Windows\system32\COMDLG32.dll

O36 - KnownDLLs: (gdi32) . (.Microsoft Corporation - GDI Client DLL.) -- C:\Windows\system32\gdi32.dll

O36 - KnownDLLs: (IERTUTIL) . (.Microsoft Corporation - Run time utility for Internet Explorer.) -- C:\Windows\system32\IERTUTIL.dll

O36 - KnownDLLs: (IMAGEHLP) . (.Microsoft Corporation - Windows NT Image Helper.) -- C:\Windows\system32\IMAGEHLP.dll

O36 - KnownDLLs: (IMM32) . (.Microsoft Corporation - Multi-User Windows IMM32 API Client DLL.) -- C:\Windows\system32\IMM32.dll

O36 - KnownDLLs: (kernel32) . (.Microsoft Corporation - DLL du client API BASE Windows NT.) -- C:\Windows\system32\kernel32.dll

O36 - KnownDLLs: (LPK) . (.Microsoft Corporation - Language Pack.) -- C:\Windows\system32\LPK.dll

O36 - KnownDLLs: (MSCTF) . (.Microsoft Corporation - DLL de MSCTF Server.) -- C:\Windows\system32\MSCTF.dll

O36 - KnownDLLs: (MSVCRT) . (.Microsoft Corporation - Windows NT CRT DLL.) -- C:\Windows\system32\MSVCRT.dll

O36 - KnownDLLs: (NORMALIZ) . (.Microsoft Corporation - Unicode Normalization DLL.) -- C:\Windows\system32\NORMALIZ.dll

O36 - KnownDLLs: (NSI) . (.Microsoft Corporation - NSI User-mode interface DLL.) -- C:\Windows\system32\NSI.dll

O36 - KnownDLLs: (OLEAUT32) . (.Microsoft Corporation - Pas de description.) -- C:\Windows\system32\OLEAUT32.dll

O36 - KnownDLLs: (PSAPI) . (.Microsoft Corporation - Process Status Helper.) -- C:\Windows\system32\PSAPI.dll

O36 - KnownDLLs: (rpcrt4) . (.Microsoft Corporation - Runtime d’appel de procédure distante.) -- C:\Windows\system32\rpcrt4.dll

O36 - KnownDLLs: (sechost) . (.Microsoft Corporation - Host for SCM/SDDL/LSA Lookup APIs.) -- C:\Windows\system32\sechost.dll

O36 - KnownDLLs: (Setupapi) . (.Microsoft Corporation - Installation de L’API Windows.) -- C:\Windows\system32\Setupapi.dll

O36 - KnownDLLs: (SHELL32) . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\system32\SHELL32.dll

O36 - KnownDLLs: (SHLWAPI) . (.Microsoft Corporation - Bibliothèque d’utilitaires légers du Shell.) -- C:\Windows\system32\SHLWAPI.dll

O36 - KnownDLLs: (URLMON) . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\URLMON.dll

O36 - KnownDLLs: (user32) . (.Microsoft Corporation - DLL client de l’API uilisateur de Windows m.) -- C:\Windows\system32\user32.dll

O36 - KnownDLLs: (USP10) . (.Microsoft Corporation - Uniscribe Unicode script processor.) -- C:\Windows\system32\USP10.dll

O36 - KnownDLLs: (WININET) . (.Microsoft Corporation - Extensions Internet pour Win32.) -- C:\Windows\system32\WININET.dll

O36 - KnownDLLs: (WLDAP32) . (.Microsoft Corporation - DLL API LDAP Win32.) -- C:\Windows\system32\WLDAP32.dll

O36 - KnownDLLs: (WS2_32) . (.Microsoft Corporation - Windows Socket 2.0 32-Bit DLL.) -- C:\Windows\system32\WS2_32.dll

O36 - KnownDLLs: (DifxApi) . (.Microsoft Corporation - Driver Install Frameworks for API library m.) -- C:\Windows\system32\difxapi.dll

~ Scan Keys in 00mn 00s




---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3021462351-2592770391-3841778094-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3021462351-2592770391-3841778094-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SystemToolsDailyTest.job

~ Scan Scheduled Task in 00mn 00s




---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s




---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (dtsoftbus01) . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) - C:\Windows\system32\DRIVERS\dtsoftbus01.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 00s




---\\ Logiciels installés (O42)

O42 - Logiciel: AMD APP SDK Runtime - (.Advanced Micro Devices Inc..) [HKLM] -- {503F672D-6C84-448A-8F8F-4BC35AC83441}

O42 - Logiciel: APB Reloaded - (.Pas de propriétaire.) [HKLM] -- APB Reloaded

O42 - Logiciel: ATI AVIVO64 Codecs - (.ATI Technologies Inc..) [HKLM] -- {6C6E67A6-7C58-76FA-DA85-C8A84F95D54A}

O42 - Logiciel: ATI Catalyst Install Manager - (.ATI Technologies, Inc..) [HKLM] -- {E2A839F5-EEB0-8166-2FA8-947EDEFEA902}

O42 - Logiciel: AVerMedia A336 MiniCard Hybrid TV Tuner - (.Nom de votre société.) [HKLM] -- InstallShield_{9CB5D007-448C-4A31-A363-E2896CC864E2}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -- {AFF7E080-1974-45BF-9310-10DE1A1F5ED0}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Reader X (10.1.1) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Age of Empires III - (.Microsoft Game Studios.) [HKLM] -- InstallShield_{7B9CC60A-9B81-46A3-A953-76B6BF9EEC97}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {A83279FD-CA4B-4206-9535-90974DE76654}

O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {75104836-CAC7-444E-A39E-3F54151942F5}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C6579A65-9CAE-4B31-8B6B-3306E0630A66}

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM] -- Avira AntiVir Desktop

O42 - Logiciel: Battlefield 3 - (.Electronic Arts.) [HKLM] -- {76285C16-411A-488A-BCE3-C83CB933D8CF}

O42 - Logiciel: Battlelog Web Plugins - (.EA Digital Illusions CE AB.) [HKLM] -- Battlelog Web Plugins

O42 - Logiciel: Bing Bar - (.Microsoft Corporation.) [HKLM] -- {449CE12D-E2C7-4B97-B19E-55D163EA9435}

O42 - Logiciel: BitTorrent - (.Pas de propriétaire.) [HKLM] -- BitTorrent

O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}

O42 - Logiciel: CIR Tool Kit - (.Nuvoton Technology Corp.) [HKLM] -- {2FAECEAF-0EBE-48FF-B60A-B4577C0EFDAB}

O42 - Logiciel: Canon MG4100 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM] -- {1C1473A1-1A26-4C8F-9548-A52D03066CE7}

O42 - Logiciel: Cisco EAP-FAST Module - (.Cisco Systems, Inc..) [HKLM] -- {64BF0187-F3D2-498B-99EA-163AF9AE6EC9}

O42 - Logiciel: Cisco LEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {51C7AD07-C3F6-4635-8E8A-231306D810FE}

O42 - Logiciel: Cisco PEAP Module - (.Cisco Systems, Inc..) [HKLM] -- {ED5776D5-59B4-46B7-AF81-5F2D94D7C640}

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM] -- InstallShield_{72BF1DA0-2B00-4794-9173-159722019B74}

O42 - Logiciel: CyberLink YouPaint - (.CyberLink Corp..) [HKLM] -- {72BF1DA0-2B00-4794-9173-159722019B74}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DW WLAN Card Utility - (.Dell Inc..) [HKLM] -- DW WLAN Card Utility

O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{6228DF3B-7158-47B2-BE23-0D2CE2726AEA}

O42 - Logiciel: Dell Driver Download Manager - (.Dell Inc..) [HKCU] -- f031ef6ac137efc5

O42 - Logiciel: Dell PhotoStage - (.ArcSoft.) [HKLM] -- {E4335E82-17B3-460F-9E70-39D9BC269DB3}

O42 - Logiciel: Dell Stage - (.Fingertapps.) [HKLM] -- {7D356F08-270A-4BA4-9B54-CF0C53463E8C}

O42 - Logiciel: Dell Support Center - (.Dell Inc..) [HKLM] -- Dell Support Center

O42 - Logiciel: Dell Support Center - (.PC-Doctor, Inc..) [HKLM] -- {0090A87C-3E0E-43D4-AA71-A71B06563A4A}

O42 - Logiciel: Dell Touch Software Suite Games - (.Fingertapps.) [HKLM] -- {E7867100-CEF7-423B-AA3E-1A79D32A6ACF}

O42 - Logiciel: Dell TouchCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: Dell TouchCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}

O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM] -- InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}

O42 - Logiciel: Dell VideoStage - (.CyberLink Corp..) [HKLM] -- {DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}

O42 - Logiciel: DellOSD - (.Dell, Inc..) [HKLM] -- {89B91433-49FF-45E6-9B89-02E761A5ACB9}

O42 - Logiciel: Dragon Age II - (.Electronic Arts, Inc..) [HKLM] -- {F2E23139-3404-4E3C-9855-7724415D62A5}

O42 - Logiciel: EASEUS Partition Master 4.1.1 Professional - (.EASEUS.) [HKLM] -- EASEUS Partition Master Professional Edition_is1

O42 - Logiciel: ESN Sonar - (.ESN Social Software AB.) [HKLM] -- ESN Sonar-0.70.0

O42 - Logiciel: ESN Sonar - (.ESN Social Software AB.) [HKLM] -- ESN Sonar-0.70.4

O42 - Logiciel: Facebook Video Calling - (.Skype Limited.) [HKLM] -- {1D7CE340-70C3-4848-BCCF-215950328A4C}

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: GamersFirst LIVE! - (.GamersFirst.) [HKLM] -- GamersFirst LIVE!

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM] -- Google Chrome

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Java 6 Update 26 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216024FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {92606477-9366-4D3B-8AE3-6BE4B29727AB}

O42 - Logiciel: Les Sims 3 - (.Electronic Arts.) [HKLM] -- {C05D8CDB-417D-4335-A38C-A0659EDFD6B8}

O42 - Logiciel: Les héros de la République - (.LucasArts.) [HKLM] -- {5612C844-55BC-4B77-82C2-A2E28962418E}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 4.0 SP2 Parser and SDK - (.Microsoft Corporation.) [HKLM] -- {716E0306-8318-4364-8B8F-0CC4E9376BAC}

O42 - Logiciel: MSXML4 Parser - (.Microsoft Game Studios.) [HKLM] -- {01501EBA-EC35-4F9F-8889-3BE346E5DA13}

O42 - Logiciel: Mafia II - (.Pas de propriétaire.) [HKLM] -- Mafia II_is1

O42 - Logiciel: Malwarebytes' Anti-Malware version - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Extended

O42 - Logiciel: Microsoft .NET Framework 4 Extended - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}

O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable - (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A078-72BE483917EF}

O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0015-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0016-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0018-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0019-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001B-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0401-1000-0000000FF1CE}_Office14.PROPLUS_{4D5950EA-6D1F-44DB-A814-C8B57FE8E883}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0413-1000-0000000FF1CE}_Office14.PROPLUS_{AA4240DC-855A-477B-8E38-89FBC16056E3}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{1779650B-2E44-4A19-8DF6-3866D645764A}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-002C-040C-1000-0000000FF1CE}_Office14.PROPLUS_{2509F305-2B34-41FD-ABBA-01B898C66110}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0043-040C-1000-0000000FF1CE}_Office14.PROPLUS_{0D103750-8493-40B1-A4C8-EF5E468CDD74}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0044-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-006E-040C-1000-0000000FF1CE}_Office14.PROPLUS_{8360CFD4-3630-4F49-A1A0-31BB7A6CBAAC}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00BA-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E3526022-672F-42D2-B23D-DB6C216525A8}

O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0015-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0016-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00BA-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0044-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 32-bit Components 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00A1-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0018-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUS

O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0401-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0413-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0407-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0C0A-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002C-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0019-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 32-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0043-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006E-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001B-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Outlook Hotmail Connector 64 bits - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Outlook Social Connector Provider for Windows Live Messenger 64-bit - (.Microsoft Corporation.) [HKLM] -- {95140000-007D-0409-1000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Touch Pack for Windows 7 - (.Microsoft Corporation.) [HKLM] -- {8FF90DB8-6DED-44A3-B182-244FEC09012F}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {4B6C7001-C7D6-3710-913E-5BC23FCE91E6}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 - (.Microsoft Corporation.) [HKLM] -- {DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Microsoft WSE 3.0 Runtime - (.Microsoft Corp..) [HKLM] -- {E3E71D07-CD27-46CB-8448-16D4FB29AA13}

O42 - Logiciel: Microsoft XNA Framework Redistributable 3.0 - (.Microsoft Corporation.) [HKLM] -- {3898934B-05AE-41CD-96BE-70DA9BFBCE1F}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Mozilla Firefox 4.0.1 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 4.0.1 (x86 fr)

O42 - Logiciel: Mozilla Firefox 8.0.1 (x86 fr) - (.Mozilla.) [HKCU] -- Mozilla Firefox 8.0.1 (x86 fr)

O42 - Logiciel: MusicStage - (.Fingertapps.) [HKLM] -- {630A3FB3-D2EF-4412-B1A8-46424B6967A7}

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}

O42 - Logiciel: Origin - (.Electronic Arts, Inc..) [HKLM] -- Origin

O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -- {980A182F-E0A2-4A40-94C1-AE0C1235902E}

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: PunkBuster Services - (.Pas de propriétaire.) [HKLM] -- PunkBusterSvc

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {7BE15435-2D3E-4B58-867F-9C75BED0208C}

O42 - Logiciel: Quicken - (.Intuit Canada.) [HKLM] -- {00F819C4-7354-4F18-AFA6-A7413E9AC08A}

O42 - Logiciel: Realtek Ethernet Controller Driver For Windows 7 - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {A33E7B0C-B99C-4EC9-B702-8A328B161AF9}

O42 - Logiciel: Roxio Burn - (.Roxio.) [HKLM] -- {B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}

O42 - Logiciel: Roxio Update Manager - (.Roxio.) [HKLM] -- {04F3038E-4120-44CC-B330-E05F737246A5}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2416472) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2416472

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Extended (KB2487367) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2487367

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553091) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{527AC538-7A51-40A5-89D7-5C1FEBBEA4C3}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553096) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C4BF81CC-3786-4CE4-9D9F-DD393678B9EC}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553353) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{319EAFEC-EFD4-4B1C-8B9F-BC3FD5F37542}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{297E6E47-5F6E-4DD8-B880-75944B5C1C7C}

O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2553185) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{3E112FB8-14E5-4088-80AC-574FC376BCFE}

O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{97C3086D-D78B-43ED-9E13-1ED4704298FB}

O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{97C3086D-D78B-43ED-9E13-1ED4704298FB}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: Skype 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: Spiral Knights - (.SEGA.) [HKLM] -- Steam App 99900

O42 - Logiciel: Stargate Network - (.UNKNOWN.) [HKLM] -- Stargate-Network

O42 - Logiciel: Stargate Network - (.UNKNOWN.) [HKLM] -- {C29A19E3-7645-3295-5585-B2E3528AA52B}

O42 - Logiciel: Steam - (.Valve Corporation.) [HKLM] -- {048298C9-A4D3-490B-9FF9-AB023A9238F3}

O42 - Logiciel: StickyNotes - (.Dell.) [HKLM] -- {76304A0D-D291-4098-BBD9-0F33CFB2CB3C}

O42 - Logiciel: The Guild 2 - (.Pas de propriétaire.) [HKLM] -- TheGuild2

O42 - Logiciel: The Sims Complete Collection - (.Pas de propriétaire.) [HKLM] -- {F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2473228) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Extended (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523

O42 - Logiciel: Update for Microsoft Excel 2010 (KB2553439) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{903E6940-3F4B-4126-ACB2-5929F79561D5}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553065) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{57CEB66B-DD29-4883-92A2-671331657B52}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553092) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553092) - (.Microsoft.) [HKLM] -- {90140000-0044-040C-1000-0000000FF1CE}_Office14.PROPLUS_{E636FE63-842B-4F4B-9884-DA189ACC0B91}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E24F10E6-7D9B-4E3A-B6CF-4C3257A382CD}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0401-1000-0000000FF1CE}_Office14.PROPLUS_{55D8A317-4C64-40B2-96A2-E04C19A264D3}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{74D7080E-57AC-419D-9AA0-D277114D213F}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{4EB7D2FF-CC3E-4FC1-B4DB-CE3DCCCC8559}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{DC366AAD-10AA-4FB2-9D17-5DA0A4E76477}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0413-1000-0000000FF1CE}_Office14.PROPLUS_{6442DF77-AD16-4311-A564-7AA3ECB50A73}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0C0A-1000-0000000FF1CE}_Office14.PROPLUS_{CC54F5F1-51C0-4038-B3B0-42F1DCA806C4}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{16E045BF-8CE5-4F20-A0DA-F7F495D239D0}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{16E045BF-8CE5-4F20-A0DA-F7F495D239D0}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-006E-040C-1000-0000000FF1CE}_Office14.PROPLUS_{6878DD6A-6FB3-42F6-973F-B5FEC236C47D}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553385) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1AD9A591-B1A3-4B57-91A8-8E0CEDE538C1}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553455) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C4C7AF76-4C40-4368-8E36-95F778CF3935}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553455) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{C4C7AF76-4C40-4368-8E36-95F778CF3935}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2566458) - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A6C194EA-C6CB-4314-9E43-AD1F4A1E9D74}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9D6E552E-F044-4B59-BCE1-B729801D855F}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9D6E552E-F044-4B59-BCE1-B729801D855F}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-1000-0000000FF1CE}_Office14.PROPLUS_{11C904CD-7C47-40DD-B0DE-8AD64D718FA7}

O42 - Logiciel: Update for Microsoft Outlook 2010 (KB2553323) 64-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{9CD98D42-A6D5-4D87-8B5C-5259AF05CFED}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1FD215F3-AB16-4BC8-89A7-32457D45DE6D}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-1000-0000000FF1CE}_Office14.PROPLUS_{FD200AC8-F875-41C7-8447-489332D95E27}

O42 - Logiciel: War Rock - (.GamersFirst.) [HKLM] -- GamersFirst War Rock

O42 - Logiciel: WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {CEA21F20-DBF4-464C-8B81-28B8508AFDDD}

O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {E01819BD-709F-43A1-9600-6F5E4C584C37}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {180C8888-50F1-426B-A9DC-AB83A1989C65}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {DF6D988A-EEA0-4277-AAB8-158E086E439B}

O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}

O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {E02A6548-6FDE-40E2-8ED9-119D7D7E641F}

O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {5E2CD4FB-4538-4831-8176-05D653C3E6D4}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: Xfire (remove only) - (.Pas de propriétaire.) [HKLM] -- Xfire

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {6CFB1B20-ECAE-488F-9FFB-6AD420882E71}


---\\ HKCU & HKLM Software Keys








[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]











[HKCU\Software\DT Soft]

[HKCU\Software\Dell Computer Corporation]



[HKCU\Software\EA Games]



[HKCU\Software\Electronic Arts]







[HKCU\Software\Imprimante PDF Quicken]



[HKCU\Software\Local AppWizard-Generated Applications]



[HKCU\Software\Malwarebytes' Anti-Malware]







[HKCU\Software\Pando Networks]







[HKCU\Software\Telltale Games]






[HKCU\Software\WinRAR SFX]






[HKLM\Software\2K Games]

[HKLM\Software\AGEIA Technologies]


[HKLM\Software\ATI Technologies]





[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]



[HKLM\Software\Bethesda Softworks]










[HKLM\Software\DT Soft]

[HKLM\Software\Dell Computer Corporation]



[HKLM\Software\EA Games]

[HKLM\Software\ESN Launcher-1.104.0]

[HKLM\Software\Electronic Arts]


[HKLM\Software\GEAR Software]





[HKLM\Software\Intuit Canada]







[HKLM\Software\Malwarebytes' Anti-Malware]







[HKLM\Software\Nuvoton Technology Corp]


[HKLM\Software\Origin Games]


[HKLM\Software\Pando Networks]






[HKLM\Software\Riot Games]


[HKLM\Software\SRS Labs]












~ Scan Softwares in 00mn 00s




---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 2011-03-02 - 17:28:58 - [22,461] ----D- C:\Program Files\ATI

O43 - CFD: 2011-09-30 - 18:26:32 - [0,000] ----D- C:\Program Files\ATI Technologies

O43 - CFD: 2011-10-20 - 16:36:24 - [0,586] ----D- C:\Program Files\Bonjour

O43 - CFD: 2011-09-30 - 18:24:52 - [292,584] ----D- C:\Program Files\Common Files

O43 - CFD: 2011-06-20 - 10:30:26 - [26,341] ----D- C:\Program Files\Dell

O43 - CFD: 2011-12-17 - 11:09:26 - [126,760] ----D- C:\Program Files\Dell Support Center

O43 - CFD: 2011-03-13 - 19:47:24 - [86,076] ----D- C:\Program Files\DVD Maker

O43 - CFD: 2011-03-02 - 17:19:20 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 2011-12-14 - 03:19:08 - [4,941] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 2011-11-17 - 19:55:24 - [1,999] ----D- C:\Program Files\iPod

O43 - CFD: 2011-11-17 - 19:55:46 - [2,386] ----D- C:\Program Files\iTunes

O43 - CFD: 2011-03-14 - 19:32:36 - [63,116] ----D- C:\Program Files\Microsoft Analysis Services

O43 - CFD: 2009-07-14 - 02:45:56 - [142,324] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 2011-10-05 - 02:02:14 - [1,981] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 2011-03-14 - 19:35:38 - [2,830] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 2011-03-14 - 19:35:38 - [0,968] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 2011-03-14 - 19:35:56 - [0,312] ----D- C:\Program Files\Microsoft Synchronization Services

O43 - CFD: 2009-07-14 - 00:32:40 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 2011-03-02 - 17:27:26 - [0] ----D- C:\Program Files\Realtek

O43 - CFD: 2009-07-14 - 00:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 2009-07-14 - 00:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 2011-03-13 - 19:47:20 - [3,853] ----D- C:\Program Files\Windows Defender

O43 - CFD: 2011-03-13 - 19:47:24 - [8,797] ----D- C:\Program Files\Windows Journal

O43 - CFD: 2011-10-27 - 16:56:32 - [7,617] ----D- C:\Program Files\Windows Live

O43 - CFD: 2011-03-13 - 19:47:24 - [6,359] ----D- C:\Program Files\Windows Mail

O43 - CFD: 2011-03-13 - 19:47:24 - [7,331] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 2011-03-02 - 17:19:20 - [12,043] ----D- C:\Program Files\Windows NT

O43 - CFD: 2011-03-13 - 19:47:24 - [5,261] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 2011-03-13 - 19:47:24 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 2011-03-13 - 19:47:24 - [6,718] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 2011-06-29 - 19:27:18 - [6,277] ----D- C:\Program Files\Common Files\Apple

O43 - CFD: 2011-09-30 - 18:24:52 - [4,912] ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD: 2011-03-14 - 19:36:26 - [0,095] ----D- C:\Program Files\Common Files\DESIGNER

O43 - CFD: 2011-10-27 - 16:55:48 - [263,926] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 2009-07-13 - 22:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 2009-07-13 - 22:20:10 - [0,581] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 2011-11-10 - 03:18:58 - [16,792] ----D- C:\Program Files\Common Files\System

O43 - CFD: 2011-06-29 - 17:11:38 - [12,551] --H-D- C:\ProgramData\Adobe

O43 - CFD: 2011-06-20 - 11:23:50 - [0,001] --H-D- C:\ProgramData\AMD

O43 - CFD: 2011-06-29 - 20:01:28 - [117,895] --H-D- C:\ProgramData\Apple

O43 - CFD: 2011-06-21 - 16:41:16 - [68,261] --H-D- C:\ProgramData\Apple Computer

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 2011-06-06 - 15:34:46 - [225,850] --H-D- C:\ProgramData\Applications

O43 - CFD: 2011-09-30 - 18:25:32 - [0,000] --H-D- C:\ProgramData\ATI

O43 - CFD: 2011-03-10 - 21:59:52 - [63,010] --H-D- C:\ProgramData\Avira

O43 - CFD: 2011-03-02 - 17:19:20 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 2011-11-21 - 16:40:40 - [24,013] --H-D- C:\ProgramData\CanonBJ

O43 - CFD: 2011-03-02 - 19:09:06 - [0,013] --H-D- C:\ProgramData\CyberLink

O43 - CFD: 2011-03-02 - 18:08:20 - [0,001] --H-D- C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 2011-03-02 - 18:06:00 - [0] --H-D- C:\ProgramData\DAEMON Tools Pro

O43 - CFD: 2011-06-20 - 10:28:36 - [95,685] --H-D- C:\ProgramData\Dell

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 2011-05-28 - 12:33:16 - [0] --H-D- C:\ProgramData\EA Core

O43 - CFD: 2011-10-07 - 22:26:08 - [0,058] --H-D- C:\ProgramData\Electronic Arts

O43 - CFD: 2011-03-11 - 10:30:50 - [0] --H-D- C:\ProgramData\eMule

O43 - CFD: 2011-03-02 - 17:19:20 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 2011-03-15 - 16:37:54 - [15,051] --H-D- C:\ProgramData\Intuit

O43 - CFD: 2011-03-03 - 22:43:32 - [3,388] --H-D- C:\ProgramData\Macrovision

O43 - CFD: 2011-10-02 - 12:42:40 - [6,948] --H-D- C:\ProgramData\Malwarebytes

O43 - CFD: 2011-03-11 - 11:05:12 - [0,001] --H-D- C:\ProgramData\McAfee

O43 - CFD: 2011-10-16 - 09:21:24 - [0] --H-D- C:\ProgramData\Media Center Programs

O43 - CFD: 2011-03-02 - 17:19:20 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 2011-10-27 - 16:57:54 - [270,163] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 2011-12-17 - 14:40:30 - [0,014] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 2011-03-02 - 17:19:20 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 2011-08-21 - 08:51:54 - [0] --H-D- C:\ProgramData\Nexon

O43 - CFD: 2011-10-16 - 09:18:14 - [0] --H-D- C:\ProgramData\NexonUS

O43 - CFD: 2011-10-07 - 22:26:06 - [3,221] --H-D- C:\ProgramData\Origin

O43 - CFD: 2011-10-18 - 11:03:48 - [109,049] --H-D- C:\ProgramData\PCDr

O43 - CFD: 2011-11-05 - 16:18:08 - [0,002] --H-D- C:\ProgramData\PMB Files

O43 - CFD: 2011-11-18 - 22:10:04 - [59,059] --H-D- C:\ProgramData\Skype

O43 - CFD: 2011-11-10 - 16:05:24 - [5,222] --H-D- C:\ProgramData\Skype Extras

O43 - CFD: 2011-04-10 - 16:03:10 - [0,000] --H-D- C:\ProgramData\Solidshield

O43 - CFD: 2011-03-03 - 22:43:52 - [0,005] --H-D- C:\ProgramData\Sonic

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 2011-04-12 - 18:39:52 - [0,000] --H-D- C:\ProgramData\Sun

O43 - CFD: 2011-07-08 - 21:18:36 - [0,031] --H-D- C:\ProgramData\SWTCWRH

O43 - CFD: 2011-03-14 - 10:51:46 - [0,156] --H-D- C:\ProgramData\Temp

O43 - CFD: 2009-07-14 - 00:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 2011-10-14 - 08:22:46 - [0] --H-D- C:\ProgramData\Uniblue

O43 - CFD: 2011-03-03 - 22:43:52 - [12,389] --H-D- C:\ProgramData\Uninstall

O43 - CFD: 2011-10-14 - 14:42:30 - [4,186] --H-D- C:\ProgramData\Xfire

O43 - CFD: 2011-04-30 - 23:09:34 - [0,852] ----D- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}

O43 - CFD: 2011-12-11 - 21:20:44 - [86,518] --H-D- C:\Users\c\AppData\Roaming\.minecraft

O43 - CFD: 2011-04-12 - 18:19:50 - [9,047] --H-D- C:\Users\c\AppData\Roaming\Adobe

O43 - CFD: 2011-11-19 - 10:08:22 - [-1632,665] --H-D- C:\Users\c\AppData\Roaming\Apple Computer

O43 - CFD: 2011-03-02 - 17:47:16 - [0] --H-D- C:\Users\c\AppData\Roaming\ATI

O43 - CFD: 2011-04-02 - 17:14:16 - [0] --H-D- C:\Users\c\AppData\Roaming\Avira

O43 - CFD: 2011-12-06 - 17:45:40 - [3,812] --H-D- C:\Users\c\AppData\Roaming\BitTorrent

O43 - CFD: 2011-03-14 - 10:56:28 - [0] --H-D- C:\Users\c\AppData\Roaming\CyberLink

O43 - CFD: 2011-03-02 - 18:57:22 - [0,014] --H-D- C:\Users\c\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 2011-03-02 - 18:06:00 - [0] --H-D- C:\Users\c\AppData\Roaming\DAEMON Tools Pro

O43 - CFD: 2011-03-14 - 11:04:24 - [42,891] --H-D- C:\Users\c\AppData\Roaming\Dell

O43 - CFD: 2011-03-04 - 07:28:10 - [0] --H-D- C:\Users\c\AppData\Roaming\Dell Touch Zone

O43 - CFD: 2011-09-24 - 19:20:20 - [64,578] --H-D- C:\Users\c\AppData\Roaming\fesf

O43 - CFD: 2011-06-20 - 10:35:52 - [0,012] --H-D- C:\Users\c\AppData\Roaming\Fingertapps

O43 - CFD: 2011-03-02 - 17:20:02 - [0] --H-D- C:\Users\c\AppData\Roaming\Identities

O43 - CFD: 2011-03-15 - 16:37:16 - [0,260] --H-D- C:\Users\c\AppData\Roaming\Intuit

O43 - CFD: 2011-03-15 - 18:04:52 - [0,000] --H-D- C:\Users\c\AppData\Roaming\LolClient

O43 - CFD: 2011-03-02 - 18:32:58 - [0,664] --H-D- C:\Users\c\AppData\Roaming\Macromedia

O43 - CFD: 2011-10-02 - 12:42:46 - [0,751] --H-D- C:\Users\c\AppData\Roaming\Malwarebytes

O43 - CFD: 2009-07-14 - 02:44:40 - [0] --H-D- C:\Users\c\AppData\Roaming\Media Center Programs

O43 - CFD: 2011-06-14 - 14:54:36 - [19,178] -S--D- C:\Users\c\AppData\Roaming\Microsoft

O43 - CFD: 2011-08-28 - 10:21:44 - [0] --H-D- C:\Users\c\AppData\Roaming\mineraft multi

O43 - CFD: 2011-03-02 - 19:09:16 - [39,182] --H-D- C:\Users\c\AppData\Roaming\Mozilla

O43 - CFD: 2011-10-14 - 08:20:02 - [11,683] --H-D- C:\Users\c\AppData\Roaming\OpenCandy

O43 - CFD: 2011-11-06 - 16:44:56 - [0,002] --H-D- C:\Users\c\AppData\Roaming\Origin

O43 - CFD: 2011-06-20 - 10:32:32 - [59,895] --H-D- C:\Users\c\AppData\Roaming\PCDr

O43 - CFD: 2011-03-03 - 22:56:44 - [0,000] --H-D- C:\Users\c\AppData\Roaming\Roxio

O43 - CFD: 2011-03-03 - 22:42:58 - [1,603] --H-D- C:\Users\c\AppData\Roaming\Roxio Log Files

O43 - CFD: 2011-12-09 - 16:50:04 - [6,304] --H-D- C:\Users\c\AppData\Roaming\Skype

O43 - CFD: 2011-11-11 - 00:01:02 - [0,015] --H-D- C:\Users\c\AppData\Roaming\skypePM

O43 - CFD: 2011-04-12 - 18:23:04 - [0,000] --H-D- C:\Users\c\AppData\Roaming\Stargate-Network

O43 - CFD: 2011-04-26 - 20:02:02 - [0,000] --H-D- C:\Users\c\AppData\Roaming\Unity

O43 - CFD: 2011-09-24 - 19:22:08 - [64,578] --H-D- C:\Users\c\AppData\Roaming\wfgf

O43 - CFD: 2011-03-30 - 17:03:18 - [0,000] --H-D- C:\Users\c\AppData\Roaming\WinRAR

O43 - CFD: 2011-10-21 - 18:15:32 - [0,002] --H-D- C:\Users\c\AppData\Roaming\Xfire

O43 - CFD: 2011-09-06 - 16:01:08 - [9,825] --H-D- C:\Users\c\AppData\Local\2K Games

O43 - CFD: 2011-04-12 - 18:19:34 - [15,191] --H-D- C:\Users\c\AppData\Local\Adobe

O43 - CFD: 2011-06-20 - 11:25:20 - [0,000] --H-D- C:\Users\c\AppData\Local\AMD

O43 - CFD: 2011-04-30 - 23:08:48 - [0] --H-D- C:\Users\c\AppData\Local\Apple

O43 - CFD: 2011-06-17 - 16:11:36 - [37,974] --H-D- C:\Users\c\AppData\Local\Apple Computer

O43 - CFD: 2011-03-02 - 17:19:30 - [0] -SH-D- C:\Users\c\AppData\Local\Application Data

O43 - CFD: 2011-03-02 - 19:47:02 - [5,656] --H-D- C:\Users\c\AppData\Local\Apps

O43 - CFD: 2011-03-14 - 09:33:18 - [8,372] --H-D- C:\Users\c\AppData\Local\ArcSoft

O43 - CFD: 2011-06-06 - 17:21:22 - [0,094] --H-D- C:\Users\c\AppData\Local\assembly

O43 - CFD: 2011-03-02 - 17:47:16 - [0,066] --H-D- C:\Users\c\AppData\Local\ATI

O43 - CFD: 2011-10-15 - 07:49:24 - [0] --H-D- C:\Users\c\AppData\Local\Conduit

O43 - CFD: 2011-03-14 - 10:55:32 - [44,213] --H-D- C:\Users\c\AppData\Local\Dell

O43 - CFD: 2011-06-19 - 20:11:24 - [0] --H-D- C:\Users\c\AppData\Local\Deployment

O43 - CFD: 2011-04-03 - 14:14:12 - [0] --H-D- C:\Users\c\AppData\Local\Diagnostics

O43 - CFD: 2011-03-11 - 10:33:20 - [17,451] --H-D- C:\Users\c\AppData\Local\eMule

O43 - CFD: 2011-10-09 - 09:10:48 - [0,028] --H-D- C:\Users\c\AppData\Local\ESN Sonar

O43 - CFD: 2011-11-19 - 13:01:18 - [6,504] --H-D- C:\Users\c\AppData\Local\Facebook

O43 - CFD: 2011-10-13 - 22:00:58 - [0,008] --H-D- C:\Users\c\AppData\Local\GamersFirst LIVE!

O43 - CFD: 2011-09-29 - 19:57:04 - [518,924] --H-D- C:\Users\c\AppData\Local\Google

O43 - CFD: 2011-03-02 - 17:19:30 - [0] -SH-D- C:\Users\c\AppData\Local\Historique

O43 - CFD: 2011-05-19 - 17:06:02 - [0,013] --H-D- C:\Users\c\AppData\Local\Ilivid Player

O43 - CFD: 2011-06-06 - 15:34:54 - [0,653] --H-D- C:\Users\c\AppData\Local\IsolatedStorage

O43 - CFD: 2011-10-27 - 17:11:02 - [612,457] --H-D- C:\Users\c\AppData\Local\Microsoft

O43 - CFD: 2011-10-01 - 15:22:12 - [0,796] --H-D- C:\Users\c\AppData\Local\Microsoft Games

O43 - CFD: 2011-04-07 - 15:47:16 - [0,069] --H-D- C:\Users\c\AppData\Local\Microsoft Help

O43 - CFD: 2011-03-02 - 19:07:56 - [104,528] --H-D- C:\Users\c\AppData\Local\Mozilla

O43 - CFD: 2011-10-14 - 14:42:30 - [0] --H-D- C:\Users\c\AppData\Local\OpenCandy

O43 - CFD: 2011-12-14 - 18:57:54 - [4,206] --H-D- C:\Users\c\AppData\Local\Origin

O43 - CFD: 2011-05-19 - 16:55:10 - [0] --H-D- C:\Users\c\AppData\Local\PackageAware

O43 - CFD: 2011-10-14 - 14:46:02 - [4,299] --H-D- C:\Users\c\AppData\Local\Pando_Temp

O43 - CFD: 2011-12-17 - 20:44:14 - [0,178] --H-D- C:\Users\c\AppData\Local\PMB Files

O43 - CFD: 2011-03-14 - 10:56:28 - [0] --H-D- C:\Users\c\AppData\Local\Powercinema

O43 - CFD: 2011-10-14 - 08:44:52 - [7,325] --H-D- C:\Users\c\AppData\Local\PunkBuster

O43 - CFD: 2011-11-25 - 13:57:16 - [0,000] --H-D- C:\Users\c\AppData\Local\Skyrim

O43 - CFD: 2011-12-17 - 20:53:26 - [791,590] --H-D- C:\Users\c\AppData\Local\Temp

O43 - CFD: 2011-03-02 - 17:19:32 - [0] -SH-D- C:\Users\c\AppData\Local\Temporary Internet Files

O43 - CFD: 2011-10-16 - 09:22:40 - [0] --H-D- C:\Users\c\AppData\Local\Unity

O43 - CFD: 2011-05-28 - 12:33:16 - [5,043] --H-D- C:\Users\c\AppData\Local\VirtualStore

O43 - CFD: 2011-12-07 - 06:46:00 - [0,016] --H-D- C:\Users\c\AppData\Local\Windows Live

O43 - CFD: 2011-10-27 - 17:11:30 - [0] --H-D- C:\Users\c\AppData\Local\{1F898502-2CBE-4ABE-B2DB-6BDDA944F5EF}

O43 - CFD: 2011-10-30 - 11:40:24 - [0] --H-D- C:\Users\c\AppData\Local\{4E5E3CE6-3C29-42DD-9A67-40DFFD653EC4}

O43 - CFD: 2011-12-07 - 06:45:44 - [0] --H-D- C:\Users\c\AppData\Local\{6B4BEED7-1A87-47F8-AA28-034E19EF3B06}

O43 - CFD: 2011-12-06 - 18:45:10 - [0] --H-D- C:\Users\c\AppData\Local\{82FC91CB-00C4-48BE-80C0-BC6734796989}

O43 - CFD: 2011-10-30 - 11:45:04 - [0] --H-D- C:\Users\c\AppData\Local\{972354C5-DB31-4E45-87D4-87F9094DFF4F}

O43 - CFD: 2011-12-06 - 18:45:00 - [0] --H-D- C:\Users\c\AppData\Local\{A3A3DB1B-05B6-4026-8320-3713D4FDA0B9}

O43 - CFD: 2011-12-05 - 18:43:52 - [0] --H-D- C:\Users\c\AppData\Local\{A5F4835E-2C28-484E-919C-1F846F54DBD1}

O43 - CFD: 2011-12-05 - 18:44:04 - [0] --H-D- C:\Users\c\AppData\Local\{A6C41073-70ED-4B7F-9F32-122E0A7A1208}

O43 - CFD: 2011-10-27 - 17:12:12 - [0] --H-D- C:\Users\c\AppData\Local\{AF059AE2-B28B-4E19-9547-D8AD7E8311F3}

O43 - CFD: 2011-12-06 - 06:44:44 - [0] --H-D- C:\Users\c\AppData\Local\{CB9E92ED-5D44-44B0-A96C-70D946D2028C}

O43 - CFD: 2011-10-30 - 11:40:36 - [0] --H-D- C:\Users\c\AppData\Local\{EEB61B50-4A83-418F-B1B6-02C307DBA6EB}

O43 - CFD: 2011-12-07 - 06:45:54 - [0] --H-D- C:\Users\c\AppData\Local\{F72EBE61-7AD9-4444-8A1A-F5A10DB4B525}

O43 - CFD: 2011-06-29 - 17:11:36 - [157,157] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 2011-06-20 - 11:22:18 - [2,335] ----D- C:\Program Files (x86)\AMD APP

O43 - CFD: 2011-06-29 - 19:27:26 - [2,201] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 2011-03-02 - 17:42:36 - [88,982] ----D- C:\Program Files (x86)\ATI Technologies

O43 - CFD: 2011-03-02 - 17:54:36 - [4,553] ----D- C:\Program Files (x86)\AVerMedia A336 MiniCard Hybrid TV Tuner

O43 - CFD: 2011-12-16 - 21:19:18 - [10,706] ----D- C:\Program Files (x86)\Battlelog Web Plugins

O43 - CFD: 2011-10-20 - 16:36:24 - [0,602] ----D- C:\Program Files (x86)\Bonjour

O43 - CFD: 2011-03-02 - 17:38:48 - [3,432] ----D- C:\Program Files (x86)\Cisco

O43 - CFD: 2011-11-18 - 22:10:02 - [358,605] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 2011-03-02 - 18:53:40 - [1,191] ----D- C:\Program Files (x86)\Cyberlink

O43 - CFD: 2011-03-02 - 20:15:36 - [0,004] ----D- C:\Program Files (x86)\Dell

O43 - CFD: 2011-06-17 - 13:02:22 - [125,852] ----D- C:\Program Files (x86)\Dell Stage

O43 - CFD: 2011-05-12 - 06:32:34 - [73,198] ----D- C:\Program Files (x86)\Dell Touch Software Suite

O43 - CFD: 2011-05-14 - 15:39:24 - [3,301] ----D- C:\Program Files (x86)\EA Games

O43 - CFD: 2011-10-13 - 21:59:54 - [34,312] ----D- C:\Program Files (x86)\GamersFirst

O43 - CFD: 2011-09-28 - 20:27:38 - [256,892] ----D- C:\Program Files (x86)\Google

O43 - CFD: 2011-10-16 - 09:20:00 - [60,403] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 2011-12-14 - 03:19:08 - [5,635] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 2011-11-17 - 19:55:46 - [140,828] ----D- C:\Program Files (x86)\iTunes

O43 - CFD: 2011-08-08 - 08:12:26 - [85,341] ----D- C:\Program Files (x86)\Java

O43 - CFD: 2011-03-02 - 19:51:52 - [1056,730] ----D- C:\Program Files (x86)\LucasArts

O43 - CFD: 2011-10-02 - 16:18:54 - [6,694] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 2011-10-01 - 15:19:54 - [0] ----D- C:\Program Files (x86)\Maxis

O43 - CFD: 2011-10-27 - 16:55:00 - [19,718] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 2011-03-14 - 19:32:36 - [37,927] ----D- C:\Program Files (x86)\Microsoft Analysis Services

O43 - CFD: 2011-06-17 - 20:28:12 - [6,540] ----D- C:\Program Files (x86)\Microsoft Games for Windows - LIVE

O43 - CFD: 2011-03-14 - 19:32:24 - [28,248] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 2011-10-29 - 10:15:26 - [36,633] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 2011-10-27 - 17:00:42 - [1,745] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 2011-06-06 - 15:35:30 - [322,885] ----D- C:\Program Files (x86)\Microsoft Touch Pack for Windows 7

O43 - CFD: 2011-03-14 - 19:33:22 - [1,314] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 2011-06-14 - 14:54:36 - [0,934] ----D- C:\Program Files (x86)\Microsoft WSE

O43 - CFD: 2011-06-06 - 15:35:00 - [5,405] ----D- C:\Program Files (x86)\Microsoft XNA

O43 - CFD: 2011-03-14 - 19:35:38 - [7,797] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 2011-03-14 - 19:35:48 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 2011-05-14 - 15:47:24 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 2011-03-02 - 17:31:56 - [1,701] ----D- C:\Program Files (x86)\Nuvoton Technology Corp

O43 - CFD: 2011-09-06 - 16:01:40 - [78,817] ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 2011-11-06 - 16:57:30 - [2,461] --H-D- C:\Program Files (x86)\Origin Games

O43 - CFD: 2011-03-15 - 16:52:30 - [7,120] ----D- C:\Program Files (x86)\Pando Networks

O43 - CFD: 2011-11-03 - 20:30:00 - [72,431] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 2011-06-20 - 10:40:48 - [1,824] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 2009-07-14 - 00:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 2011-11-18 - 22:10:06 - [16,555] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 2011-06-20 - 10:40:54 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 2011-11-25 - 13:55:12 - [1624,567] ----D- C:\Program Files (x86)\The Elder Scrolls V Skyrim

O43 - CFD: 2009-07-13 - 23:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 2011-03-03 - 22:55:04 - [0,500] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 2011-10-27 - 17:05:56 - [178,085] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 2011-03-13 - 19:47:30 - [5,895] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 2011-03-13 - 19:47:30 - [4,791] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 2009-07-14 - 00:32:40 - [11,632] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 2011-03-13 - 19:47:28 - [4,213] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 2011-03-13 - 19:47:30 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 2011-03-13 - 19:47:30 - [5,717] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 2011-12-17 - 20:53:06 - [7,993] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 2011-06-29 - 17:11:40 - [3,439] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 2011-04-12 - 18:19:46 - [29,675] ----D- C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 2011-11-17 - 19:55:24 - [98,984] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 2011-10-16 - 09:21:26 - [0,295] ----D- C:\Program Files (x86)\Common Files\BioWare

O43 - CFD: 2011-11-06 - 17:32:34 - [0,957] --H-D- C:\Program Files (x86)\Common Files\EAInstaller

O43 - CFD: 2011-06-12 - 16:22:42 - [6,098] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 2011-03-15 - 16:37:54 - [2,993] ----D- C:\Program Files (x86)\Common Files\Intuit

O43 - CFD: 2011-08-08 - 08:12:46 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 2011-10-27 - 16:55:48 - [132,635] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 2011-03-21 - 09:00:26 - [0,099] ----D- C:\Program Files (x86)\Common Files\Palo Alto Software

O43 - CFD: 2011-03-03 - 22:43:38 - [0,291] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 2011-03-03 - 22:43:38 - [6,170] ----D- C:\Program Files (x86)\Common Files\Roxio Shared

O43 - CFD: 2009-07-13 - 22:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 2011-03-03 - 22:43:38 - [0,355] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 2009-07-13 - 22:20:10 - [39,200] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 2011-09-30 - 18:07:30 - [0,400] ----D- C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 2011-11-10 - 03:18:58 - [10,050] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 2011-10-27 - 16:53:32 - [0] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 2011-09-06 - 16:01:38 - [25,762] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 00mn 36s




---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.9701ACE999CFBF4E0F806F03EA87635F] - 2011-11-21 - 16:40:20 ---A- . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\SysNative\CNMLMAS.DLL [385536]

O44 - LFC:[MD5.9701ACE999CFBF4E0F806F03EA87635F] - 2011-11-21 - 16:40:20 RSHAD . (.CANON INC. - IJ Language Monitor.) -- C:\Windows\system32\CNMLMAS.DLL [385536]

O44 - LFC:[MD5.328FAA0F67CE474491E13D8ED449DA34] - 2011-11-22 - 19:47:04 ---A- . (...) -- C:\PowerSetting.txt [14]

O44 - LFC:[MD5.8E46D7E915E8163C1898F4BA3B0F938E] - 2011-12-11 - 18:15:00 ---A- . (...) -- C:\Windows\DirectX.log [273906]

O44 - LFC:[MD5.62DBB533FBBCB7620EC99059B2FBF6E3] - 2011-12-14 - 03:20:11 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [416280]

O44 - LFC:[MD5.62DBB533FBBCB7620EC99059B2FBF6E3] - 2011-12-14 - 03:20:11 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [416280]

O44 - LFC:[MD5.161842849F22D20C88433A6960F96291] - 2011-12-16 - 21:19:17 ---A- . (...) -- C:\Windows\PFRO.log [35266]

O44 - LFC:[MD5.B4C92E42DD90AA6EF43BEC557F17ED49] - 2011-12-16 - 21:19:18 ---A- . (...) -- C:\Windows\MEMORY.DMP [614916732]

O44 - LFC:[MD5.84D6C13AD1DB11A557EDC64CA267E7B5] - 2011-12-17 - 20:22:57 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1454313]

O44 - LFC:[MD5.22AC1205C3B213A6F6C6931923272609] - 2011-12-17 - 20:22:58 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [22464]

O44 - LFC:[MD5.22AC1205C3B213A6F6C6931923272609] - 2011-12-17 - 20:22:58 --HA- . (...) -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [22464]

O44 - LFC:[MD5.22AC1205C3B213A6F6C6931923272609] - 2011-12-17 - 20:22:58 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [22464]

O44 - LFC:[MD5.22AC1205C3B213A6F6C6931923272609] - 2011-12-17 - 20:22:58 RSHAD . (...) -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [22464]

O44 - LFC:[MD5.3A498DE585BC5C4C23D1D32D37E39EC3] - 2011-12-17 - 20:24:31 ---A- . (...) -- C:\OSD_Log.txt [2148727]

O44 - LFC:[MD5.1708AD2D4C86A460638AF9B732EC9351] - 2011-12-17 - 20:43:37 ---A- . (...) -- C:\Windows\setupact.log [43876]

O44 - LFC:[MD5.9D763CCE51F99FE011E9F92CB791CC01] - 2011-12-17 - 20:46:14 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.665FB8BB9C0B6495A257D68B4D5B3431] - 2011-12-17 - 20:46:40 ---A- . (...) -- C:\Windows\ntbtlog.txt [102350]

O44 - LFC:[MD5.15031D343A6673A41E5E75911760838C] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1662566]

O44 - LFC:[MD5.8DA603D1D4C881449D4C0646784BABED] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [121082]

O44 - LFC:[MD5.D75DB06EFAAAC646629478E8D6F8FDE4] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [148786]

O44 - LFC:[MD5.38A28CB8A38B87F5F1FC71AD2D393FAC] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [652150]

O44 - LFC:[MD5.89292CA3849A6A13B07CB0EB5182A207] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [745268]

O44 - LFC:[MD5.15031D343A6673A41E5E75911760838C] - 2011-12-17 - 20:50:34 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1662566]

O44 - LFC:[MD5.8DA603D1D4C881449D4C0646784BABED] - 2011-12-17 - 20:50:34 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [121082]

O44 - LFC:[MD5.D75DB06EFAAAC646629478E8D6F8FDE4] - 2011-12-17 - 20:50:34 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [148786]

O44 - LFC:[MD5.38A28CB8A38B87F5F1FC71AD2D393FAC] - 2011-12-17 - 20:50:34 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [652150]

O44 - LFC:[MD5.89292CA3849A6A13B07CB0EB5182A207] - 2011-12-17 - 20:50:34 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [745268]

~ Scan Files in 00mn 13s




---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll

~ Scan Keys in 00mn 00s




---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s




---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{de4eb509-4527-11e0-b1c6-842b2b8313ab}\AutoRun\command. (...) -- E:\INSTALL.exe (.not file.)

~ Scan Keys in 00mn 00s




---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.XFR1"="xfcodec64.dll" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"wdmaud.drv"="Pilote de fonction UAA 1.1 Microsoft pour High Definition Audio" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"xfcodec64.dll"="Xfire video codec [XFR1]" . (.Pas de propriétaire - Xfire Video Codec.) -- C:\Windows\system32\xfcodec64.dll

~ Scan Keys in 00mn 00s




---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- G:\Microsoft Office\Office14\BCSSync.exe

O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Lite [Key] . (.DT Soft Ltd - DAEMON Tools Lite.) -- G:\DAEMON Tools Lite\DTLite.exe

O53 - SMSR:HKLM\...\startupreg\Desktop Disc Tool [Key] . (.Pas de propriétaire - Roxio Burn Launcher.) -- G:\Roxio\Roxio Burn\RoxioBurnLauncher.exe

O53 - SMSR:HKLM\...\startupreg\EADM [Key] . (.Electronic Arts - Origin.) -- F:\origine\Origin\Origin.exe

O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files (x86)\iTunes\iTunesHelper.exe

O53 - SMSR:HKLM\...\startupreg\LogMeIn Hamachi Ui [Key] . (...) -- F:\minecrafmulti\hamachi-2-ui.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Pando Media Booster [Key] . (.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O53 - SMSR:HKLM\...\startupreg\Steam [Key] . (.Valve Corporation - Steam.) -- F:\steam\Steam.exe

~ Scan SMSR Keys in 00mn 00s




---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s




---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

~ Scan Keys in 00mn 00s




---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 2009-06-10 - 20:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 2009-07-13 - 20:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 2009-07-13 - 20:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 2009-07-13 - 20:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.6A2EEB0C4133B20773BB3DD0B7B377B4] - 2011-06-20 - 08:18:24 RSHAD . (.Advanced Micro Devices - AMD IO Driver.) -- C:\Windows\system32\drivers\amdiox64.sys [46136]

O58 - SDL:[MD5.CC3021D064EB6D3C2F949530E2B0BA47] - 2011-03-02 - 13:57:08 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [73784]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 2009-06-10 - 20:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.FFC5A0F6263574EF0D5467496B721F77] - 2011-03-02 - 13:57:08 RSHAD . (.Advanced Micro Devices - Stor Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [28728]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 2009-07-13 - 20:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 2009-07-13 - 20:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.92D7A3D30E7C06B33A7A107CB71EC176] - 2011-06-20 - 01:46:36 RSHAD . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys [9319936]

O58 - SDL:[MD5.A6ED35E5481ECC36D14AB47BB943F8CB] - 2011-06-20 - 00:39:26 RSHAD . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\Windows\system32\drivers\atikmpag.sys [306176]

O58 - SDL:[MD5.E82E61F46D1336447F4DEFF8C074F13E] - 2011-03-02 - 08:33:52 RSHAD . (.Advanced Micro Devices Inc. - AMD PCIE Filter Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie64.sys [16440]

O58 - SDL:[MD5.DA2F7699F8F10B4CD18374017163F39C] - 2011-03-02 - 22:13:06 RSHAD . (.AVerMedia TECHNOLOGIES, Inc. - AVerMedia Hybrid TV Driver.) -- C:\Windows\system32\drivers\AVerPola.sys [371072]

O58 - SDL:[MD5.B1224E6B086CD6548315B04AB575A23E] - 2011-03-10 - 16:16:26 RSHAD . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys [88288]

O58 - SDL:[MD5.ED45F12CFA62B83765C9C1496758CC87] - 2011-03-10 - 16:16:26 RSHAD . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys [123784]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 2009-06-10 - 15:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.AC4E2D84DE54CD3A013AEFF0CC56095C] - 2011-06-20 - 13:13:08 RSHAD . (.Broadcom Corporation - Broadcom iLine10 PCI Network Adapter Proxy Protocol Driver.) -- C:\Windows\system32\drivers\bcm42rly.sys [22520]

O58 - SDL:[MD5.D224B2E6BB543F1D8F1177D57FEC2950] - 2011-03-02 - 14:13:08 RSHAD . (.Broadcom Corporation - Broadcom 802.11 Network Adapter Virtual Wireless Driver.) -- C:\Windows\system32\drivers\bcmvwl64.sys [20984]

O58 - SDL:[MD5.0B0DF4CD7C2C188C95C4E09C568AD54A] - 2011-03-02 - 14:13:06 RSHAD . (.Broadcom Corporation - Broadcom 802.11 Network Adapter wireless driver.) -- C:\Windows\system32\drivers\BCMWL664.SYS [3058168]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 2009-07-13 - 15:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 2009-07-13 - 15:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 2009-07-13 - 20:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 2009-07-13 - 15:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 2009-07-13 - 15:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 2009-07-13 - 15:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 2009-06-10 - 15:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 2009-07-13 - 20:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.FB9BEF3401EE5ECC2603311B9C64F44A] - 2011-03-02 - 18:55:07 RSHAD . (.DT Soft Ltd - DAEMON Tools Virtual Bus Driver.) -- C:\Windows\system32\drivers\dtsoftbus01.sys [254528]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 2009-06-10 - 20:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 2009-06-10 - 15:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.E403AACF8C7BB11375122D2464560311] - 2011-05-23 - 12:17:08 RSHAD . (.GEAR Software Inc. - CD DVD Filter.) -- C:\Windows\system32\drivers\GEARAspiWDM.sys [34152]

O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 2011-09-24 - 16:35:42 RSHAD . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\drivers\hamachi.sys [33856]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 2009-07-13 - 15:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 2011-03-13 - 08:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 2011-04-26 - 01:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 2009-07-13 - 20:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 2009-07-13 - 20:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 2009-07-13 - 20:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 2009-07-13 - 20:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 2009-07-13 - 20:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.23A854450DAB5C9B7A42AB9BE6F2E4BD] - 2011-10-02 - 16:00:50 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [25416]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 2009-06-10 - 20:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 2009-07-13 - 20:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 2009-07-13 - 20:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.324C4D3C3FC6ACCB72D5D83986442EBB] - 2011-06-20 - 13:13:10 RSHAD . (.CACE Technologies, Inc. - npf.sys (NT5/6 AMD64) Kernel Driver.) -- C:\Windows\system32\drivers\npf.sys [47632]

O58 - SDL:[MD5.BE29AA3CBA78480AB8591873197CB56A] - 2011-03-02 - 18:17:58 RSHAD . (.Nuvoton Technology Corp. - Nuvoton W836x7HG CIR Device Driver.) -- C:\Windows\system32\drivers\nuviocir_win7_x64.sys [33792]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 2011-04-26 - 01:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 2011-04-26 - 01:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 2009-06-10 - 20:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 2009-07-13 - 20:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.16D4E350420BAA7E63E16E3FC033E1F5] - 2011-03-21 - 12:22:06 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [452200]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 2009-07-13 - 15:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 2009-06-10 - 20:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 2009-07-13 - 20:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 2009-07-13 - 20:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.AA33FC47ED58C34E6E9261E4F850B7EB] - 2011-06-29 - 07:06:08 RSHAD . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\Windows\system32\drivers\usbaapl64.sys [51712]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 2009-07-13 - 20:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 2009-06-10 - 20:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.9EAFB3B3B60B8AD958985152A9309ACA] - 2011-03-10 - 12:45:10 ---A- . (...) -- C:\Windows\system32\epmntdrv.sys [16776]

O58 - SDL:[MD5.FB949ED2C93C878A189039F3D7730942] - 2011-03-10 - 16:55:00 ---A- . (...) -- C:\Windows\system32\EuGdiDrv.sys [9096]

O58 - SDL:[MD5.1E6438D4EA6E1174A3B3B1EDC4DE660B] - 2011-09-25 - 16:35:42 RSHAD . (.LogMeIn, Inc. - Hamachi Virtual Network Interface Driver.) -- C:\Windows\system32\hamachi.sys [33856]

O58 - SDL:[MD5.0905DC0814D738CFF53577A59CCD81E0] - 2011-10-04 - 19:05:01 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\SysWOW64\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.539CA34FBC74EC366A0D751028C32A08] - 2011-03-10 - 12:45:10 ---A- . (...) -- C:\Windows\SysWOW64\epmntdrv.sys [14216]

O58 - SDL:[MD5.1F2F4AB15CE03ECC257FEB2F6DC5A013] - 2011-03-10 - 16:55:00 ---A- . (...) -- C:\Windows\SysWOW64\EuGdiDrv.sys [8456]

~ Scan Drivers in 00mn 04s




---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s




---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 2011-05-14 - C:\Windows\system32\DRIVERS\atikmdag.sys (amdkmdag) .(.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) - LEGACY_AMDKMDAG

O64 - Services: CurCS - 2010-04-07 - C:\Windows\system32\DRIVERS\amdsata.sys (amdsata) .(.Advanced Micro Devices - AHCI 1.2 Device Driver.) - LEGACY_AMDSATA

O64 - Services: CurCS - 2011-08-30 - C:\Windows\system32\DRIVERS\avgntflt.sys (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - 2011-08-30 - C:\Windows\system32\DRIVERS\avipbb.sys (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - 2010-02-02 - C:\Windows\system32\drivers\BCM42RLY.sys (BCM42RLY) .(.Broadcom Corporation - Broadcom iLine10 PCI Network Adapter Pr.) - LEGACY_BCM42RLY

O64 - Services: CurCS - 2009-08-26 - C:\Windows\system32\epmntdrv.sys - epmntdrv (epmntdrv) .(...) - LEGACY_EPMNTDRV

O64 - Services: CurCS - 2009-09-16 - C:\Windows\system32\EuGdiDrv.sys - EuGdiDrv (EuGdiDrv) .(...) - LEGACY_EUGDIDRV

O64 - Services: CurCS - 2009-05-20 - C:\Windows\system32\Drivers\PxHlpa64.sys (PxHlpa64) .(.Sonic Solutions - Px Engine Device Driver for 64-bit Windows.) - LEGACY_PXHLPA64

O64 - Services: CurCS - 1899-12-30 - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

~ Scan Services in 00mn 00s




---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- G:\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- G:\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s




---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- G:\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- g:\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- g:\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- g:\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

~ Scan Keys in 00mn 00s




---\\ Search Browser Infection (O69)

O69 - SBI: C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\ur8o760l.default\searchplugins\conduit.xml

O69 - SBI: prefs.js [c - ur8o760l.default] user_pref("", "{searchTerms}");

O69 - SBI: prefs.js [c - ur8o760l.default] user_pref("browser.startup.homepage", "");

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - Google

O69 - SBI: SearchScopes [HKCU] {92A90C5E-8DDC-4E06-BD05-0AE80B6DCE0A} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} - (XfireXO Customized Web Search) -

~ Scan Keys in 00mn 00s




---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

~ Scan Services in 00mn 01s




---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.1354EEC7A827A779169A19D835C6422A] [sPRF][2011-10-14] (...) -- C:\Users\c\AppData\Local\Temp\cci.exe [643244]

[MD5.5980FAECF83024065D003A9E5F6FAF8F] [sPRF][2011-10-27] (...) -- C:\Users\c\AppData\Local\Temp\defaultCache.reg [1008052]

[MD5.232D7EAA3A268C0EFCC157C55BFF8927] [sPRF][2011-10-16] (...) -- C:\Users\c\AppData\Local\Temp\DelUS.bat [417]

[MD5.75375C22C72F1BEB76BEA39C22A1ED68] [sPRF][2010-02-08] (...) -- C:\Users\c\AppData\Local\Temp\ffunzip.exe [167936]

[MD5.496F03DCA0EFF43EA168ED20ACCC6EFF] [sPRF][2011-03-14] (...) -- C:\Users\c\AppData\Local\Temp\GLF31F4.tmp.ConduitEngineSetup.exe [158048]

[MD5.1A8438854DD15E4389F5BDEF502C369D] [sPRF][2011-03-14] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\c\AppData\Local\Temp\GLF31F4.tmp.tbXfir.dll [4216104]

[MD5.1A8438854DD15E4389F5BDEF502C369D] [sPRF][2011-03-14] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\c\AppData\Local\Temp\GLF38F6.tmp.ConduitEngine.dll [4216104]

[MD5.A3EEC0167D50D33809A226DEB2B1BA0B] [sPRF][2011-09-29] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll143311909.dll [3036288]

[MD5.A3EEC0167D50D33809A226DEB2B1BA0B] [sPRF][2011-09-29] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll143339053.dll [3036288]

[MD5.F1EF0663706B802E8FA8236D16AC5191] [sPRF][2011-11-07] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll27364135.dll [3032704]

[MD5.F1EF0663706B802E8FA8236D16AC5191] [sPRF][2011-11-07] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll27365320.dll [3032704]

[MD5.F1EF0663706B802E8FA8236D16AC5191] [sPRF][2011-11-07] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll27372746.dll [3032704]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545668455.dll [3038848]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545669657.dll [3038848]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545676989.dll [3038848]

[MD5.A3EEC0167D50D33809A226DEB2B1BA0B] [sPRF][2011-09-29] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545725318.dll [3036288]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545833411.dll [3038848]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545834534.dll [3038848]

[MD5.D89019614E391FD3B1ABD772AE67CF0D] [sPRF][2011-11-01] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll545841835.dll [3038848]

[MD5.A3EEC0167D50D33809A226DEB2B1BA0B] [sPRF][2011-09-29] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll546837309.dll [3036288]

[MD5.A3EEC0167D50D33809A226DEB2B1BA0B] [sPRF][2011-09-29] (.Electronic Arts, Inc. - Origin installer extension.) -- C:\Users\c\AppData\Local\Temp\installerdll547068299.dll [3036288]

[MD5.C9C15BBC0AC161A04EE252EA7FC00E32] [sPRF][2011-08-21] (.Nexon - Nexon Game Manager.) -- C:\Users\c\AppData\Local\Temp\NGM.exe [172032]

[MD5.D0AB38ADBB3BF53035ADD1206CE2B9AD] [sPRF][2011-08-21] (.Nexon - Nexon Game Manager Dynamic Link Library.) -- C:\Users\c\AppData\Local\Temp\NGMDll.dll [831488]

[MD5.13552FA3E24DE6891CE806E9C220ACCA] [sPRF][2011-08-21] (.Nexon - Nexon Game Manager Resource.) -- C:\Users\c\AppData\Local\Temp\NGMResource.dll [405504]

[MD5.47DE7C7073B3D61C5D5DDFFE5B090A72] [sPRF][2011-10-16] (...) -- C:\Users\c\AppData\Local\Temp\NGMUninstallInfo.dat [658]

[MD5.B184BA873AAFA1F09E3BC1DD6931D161] [sPRF][2011-11-10] (.Electronic Arts, Inc. - Origin.) -- C:\Users\c\AppData\Local\Temp\OriginLauncher27364135.exe [48141056]

[MD5.5944BE7116B8A5D1341F5EC4B4385513] [sPRF][2011-11-06] (.Electronic Arts, Inc. - Origin.) -- C:\Users\c\AppData\Local\Temp\OriginLauncher545668455.exe [48117736]

[MD5.5944BE7116B8A5D1341F5EC4B4385513] [sPRF][2011-11-06] (.Electronic Arts, Inc. - Origin.) -- C:\Users\c\AppData\Local\Temp\OriginLauncher545833411.exe [48117736]

[MD5.B92293778555CE3DABE7F0A7E98B34C0] [sPRF][2011-01-17] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\c\AppData\Local\Temp\prxGLF31F4.tmp.tbXfir.dll [175912]

[MD5.71EA857B02F778B3D54BA59444A9F802] [sPRF][2011-11-04] (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Users\c\AppData\Local\Temp\rootsupd.exe [336280]

[MD5.B7F4787840532CCFC18025C383E83644] [sPRF][2011-11-07] (.Electronic Arts, Inc. - Origin.) -- C:\Users\c\AppData\Local\Temp\Setup.exe [47020208]

[MD5.5151C17D942E3E5C18D6DB1C4500511A] [sPRF][2011-10-22] (.Skype Technologies S.A. - Skype.) -- C:\Users\c\AppData\Local\Temp\SkypeSetup.exe [23803016]

[MD5.F467645711172ECA7FCE253824A09179] [sPRF][2011-11-03] (...) -- C:\Users\c\AppData\Local\Temp\sonarinst.exe [1786688]

[MD5.1D70BE6C8303EB57079B005BA6B399AD] [sPRF][2011-10-13] (.Eclipse Foundation - SWT for Windows native library.) -- C:\Users\c\AppData\Local\Temp\swt-win32-3349.dll [139672]

[MD5.1A8438854DD15E4389F5BDEF502C369D] [sPRF][2011-03-14] (.Conduit Ltd. - Conduit Toolbar.) -- C:\Users\c\AppData\Local\Temp\tbXfir.dll [4216104]

[MD5.CBE0B05C11D5D523C2AF997D737C137B] [sPRF][2011-11-04] (.Microsoft Corporation - Microsoft Visual C++ 2010 x64 Redistributable Setup.) -- C:\Users\c\AppData\Local\Temp\vcredist_x64.exe [5673816]

[MD5.CEDE02D7AF62449A2C38C49ABECC0CD3] [sPRF][2011-11-04] (.Microsoft Corporation - Microsoft Visual C++ 2010 x86 Redistributable Setup.) -- C:\Users\c\AppData\Local\Temp\vcredist_x86.exe [4995416]

[MD5.342F79337765760AD4E392EB67D5ED2C] [sPRF][2011-11-04] (.Microsoft Corporation - Update Package.) -- C:\Users\c\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe [2585872]

[MD5.2C0A03B836415E84BC6F58C1929FC9E4] [sPRF][2011-12-17] (..SYSTE©M - MagerfaSof.) -- C:\Users\c\AppData\Local\Temp\wuauclt.exe [356352]

[MD5.0F1931E26C21219DB1C90E90037F11F6] [sPRF][2011-09-23] (...) -- C:\Users\c\Desktop\Minecraft(12).exe [270142]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][2004-12-07] (...) -- C:\Windows\Downloaded Program Files\bdcore.dll [32]

[MD5.298068536300DA6DC163E394797A7C50] [sPRF][2006-05-25] (...) -- C:\Windows\Downloaded Program Files\bdupd.dll [118784]

[MD5.5095D657B76B7F782A9F626273170A79] [sPRF][2011-02-22] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.2 r152.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [2871968]

[MD5.1CAB87DE6638846FBF51F32B5D95E482] [sPRF][2006-05-25] (...) -- C:\Windows\Downloaded Program Files\ipsupd.dll [53248]

[MD5.18075B2C9F0F300BEE209744A8BEC353] [sPRF][2004-12-07] (...) -- C:\Windows\Downloaded Program Files\libfn.dll [32]

~ Scan Files in 00mn 05s




---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{88186F33-C060-45B0-A1A4-B8ABE8AC1F92}" | In - Private - P6 - TRUE | .(.LucasArts - Republic Heroes.) -- C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe

O87 - FAEL: "{B3BF6E85-FECF-4F11-A0D6-B76879C468FE}" | In - Private - P17 - TRUE | .(.LucasArts - Republic Heroes.) -- C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe

O87 - FAEL: "{55EA77BA-C7EA-41EB-924F-B3937420E8BC}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{7DED10E8-292C-4740-AF85-0CBF1F4A64FD}" | In - None - P6 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- G:\BitTorrent\BitTorrent.exe

O87 - FAEL: "{4B8E77B6-163D-4F26-A283-52B7C678F937}" | In - None - P17 - TRUE | .(.BitTorrent, Inc. - BitTorrent.) -- G:\BitTorrent\BitTorrent.exe

O87 - FAEL: "TCP Query User{8995CE1F-85CE-4B47-A322-936033B538FF}G:\emule\emule.exe" | In - Private - P6 - TRUE | .(. - eMule.) -- G:\eMule\emule.exe

O87 - FAEL: "UDP Query User{DA85D19D-D27D-48A7-BC1A-9F06E12836D4}G:\emule\emule.exe" | In - Private - P17 - TRUE | .(. - eMule.) -- G:\eMule\emule.exe

O87 - FAEL: "{1045E5C4-BC70-42E7-93AD-BCC316537B55}" | In - None - P17 - TRUE | .(.CyberLink Corp. - VideoStage.) -- G:\Dell\VideoStage\VideoStage\VideoStage.exe

O87 - FAEL: "{76C1EB2E-90F3-4775-B88C-1918B7748D71}" |In - Private - P6 - TRUE | .(...) -- F:\league of legend\air\LolClient.exe (.not file.)

O87 - FAEL: "{5D56B2C1-5619-4929-9A1A-F17819C1D603}" |In - Private - P17 - TRUE | .(...) -- F:\league of legend\air\LolClient.exe (.not file.)

O87 - FAEL: "{1C715C86-EF55-481F-9EB0-04CC5D411CE8}" |In - Private - P6 - TRUE | .(...) -- F:\league of legend\game\League of Legends.exe (.not file.)

O87 - FAEL: "{C3D2E1D8-35BD-486E-A4A6-DBD5169D52D8}" |In - Private - P17 - TRUE | .(...) -- F:\league of legend\game\League of Legends.exe (.not file.)

O87 - FAEL: "TCP Query User{3614A21F-F0C4-4C48-8E7A-A24695D45FB9}H:\téléchargements\torrent\terminé\age of empires ii gold edition\empires2.exe" |In - Private - P6 - TRUE | .(...) -- H:\téléchargements\torrent\terminé\age of empires ii gold edition\empir

O87 - FAEL: "UDP Query User{0E40733F-6F35-4500-8B2C-0F78FA869588}H:\téléchargements\torrent\terminé\age of empires ii gold edition\empires2.exe" |In - Private - P17 - TRUE | .(...) -- H:\téléchargements\torrent\terminé\age of empires ii gold edition\empi

O87 - FAEL: "TCP Query User{8AEBD931-7D7F-4C76-A039-EE20A108D229}F:\xfire\xfire.exe" | In - Private - P6 - TRUE | .(.Xfire Inc. - Xfire.) -- F:\Xfire\Xfire.exe

O87 - FAEL: "UDP Query User{021D8BFC-7105-4997-89A3-EB1372D0F024}F:\xfire\xfire.exe" | In - Private - P17 - TRUE | .(.Xfire Inc. - Xfire.) -- F:\Xfire\Xfire.exe

O87 - FAEL: "TCP Query User{C3B01309-55FF-4303-AA3B-FA59FD28C1E1}F:\league of legend\lol.launcher.exe" | In - Private - P6 - TRUE | .(...) -- F:\league of legend\lol.launcher.exe

O87 - FAEL: "UDP Query User{F24F341E-8A7B-4C77-B75B-51B67FD32200}F:\league of legend\lol.launcher.exe" | In - Private - P17 - TRUE | .(...) -- F:\league of legend\lol.launcher.exe

O87 - FAEL: "TCP Query User{AF694033-E5A7-4007-9C00-D78A1E491066}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{B7862C61-CB69-4EAF-988A-BB4A20488B9B}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe

O87 - FAEL: "TCP Query User{30060D92-FF98-4BF9-8A68-27332CFCA9DF}C:\program files (x86)\microsoft games\halo trial\halo.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\microsoft games\halo trial\halo.exe (.not file.)

O87 - FAEL: "UDP Query User{5F672219-D968-44A6-A91A-C187C6382B3F}C:\program files (x86)\microsoft games\halo trial\halo.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\microsoft games\halo trial\halo.exe (.not file.)

O87 - FAEL: "TCP Query User{40F7D411-321A-4786-864A-297AA90C8A11}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe (.not file.)

O87 - FAEL: "UDP Query User{647AD6CA-5056-4BFE-A1A9-0E46CEFC5E51}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe (.not file.)

O87 - FAEL: "{D46527ED-A161-434E-88FD-68E03692B6B3}" | In - Domain - P6 - TRUE | .(.BioWare - Dragon Age II.) -- F:\Dragon Age 2\bin_ship\DragonAge2.exe

O87 - FAEL: "{672D160F-3D58-4D18-878D-0354CC202227}" | In - Domain - P17 - TRUE | .(.BioWare - Dragon Age II.) -- F:\Dragon Age 2\bin_ship\DragonAge2.exe

O87 - FAEL: "{FFD8B3CC-89D7-4C75-BDB1-668BDB1321F2}" | In - Domain - P6 - TRUE | .(.BioWare - Launcher Application.) -- F:\Dragon Age 2\DragonAge2Launcher.exe

O87 - FAEL: "{DF141CBA-B196-425A-AD09-F7E0F5141AF0}" | In - Domain - P17 - TRUE | .(.BioWare - Launcher Application.) -- F:\Dragon Age 2\DragonAge2Launcher.exe

O87 - FAEL: "{A2F05F8E-59DE-42C2-A396-E411D5332B3A}" | In - Private - P6 - TRUE | .(.Valve Corporation - Steam.) -- F:\steam\Steam.exe

O87 - FAEL: "{48993BD1-47C2-4241-9F1D-68379EB1F380}" | In - Private - P17 - TRUE | .(.Valve Corporation - Steam.) -- F:\steam\Steam.exe

O87 - FAEL: "{2428E426-DAB9-41BB-B4B7-86821EB40387}" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- F:\steam\SteamApps\common\spiral knights\java_vm\bin\javaw.exe

O87 - FAEL: "{562578C1-3996-4E17-A090-7D5064C9602C}" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- F:\steam\SteamApps\common\spiral knights\java_vm\bin\javaw.exe

O87 - FAEL: "{D09F58FA-DB72-45E5-B09A-D3D0628417ED}" |In - Private - P6 - TRUE | .(...) -- C:\ProgramData\NexonUS\NGM\NGM.exe (.not file.)

O87 - FAEL: "{CC4157AB-C9C1-4C6E-A609-497CBCB14062}" |In - Private - P17 - TRUE | .(...) -- C:\ProgramData\NexonUS\NGM\NGM.exe (.not file.)

O87 - FAEL: "{3D68ECDF-7A4C-4747-94F7-E37E1C084FD7}" | In - Private - P6 - TRUE | .(...) -- F:\DragonNest\DragonNest.exe

O87 - FAEL: "{7706EB2C-FDF2-44A4-99C0-51C0E796CD7D}" | In - Private - P17 - TRUE | .(...) -- F:\DragonNest\DragonNest.exe

O87 - FAEL: "{0D441463-1881-48D1-9179-4544BADFFAFB}" | In - Public - P6 - TRUE | .(...) -- F:\DragonNest\DragonNest.exe

O87 - FAEL: "{2486CE85-7CE0-41D9-9CBE-DF8DE15860CC}" | In - Public - P17 - TRUE | .(...) -- F:\DragonNest\DragonNest.exe

O87 - FAEL: "{DB3E99EF-538C-401B-987F-1584D7793250}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{5952A9F3-48AC-4EC1-9608-1F0E8DC22191}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\SonarHost.exe (.not file.)

O87 - FAEL: "{A643D5F2-5A86-4201-AAF4-01560B60B613}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\SonarHost.exe (.not file.)

O87 - FAEL: "{4DA4CE98-856E-4510-8DB1-81227BAE76FF}" | In - Domain - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O87 - FAEL: "{48BE8DCF-133C-4FC3-A925-983C9CFF74AD}" | In - Domain - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O87 - FAEL: "{7EF43237-8A0B-46FD-BAC5-70F68B86D095}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O87 - FAEL: "{EC5B1F31-8038-4015-ADA2-6E5A0CDA8A47}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O87 - FAEL: "{3404D759-86E3-4432-8829-B812C7801DF0}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

O87 - FAEL: "{1EB60748-9F3A-44C7-8C6B-78D5F4D2CD36}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{7EDD97CE-A84C-4AEE-8AC5-02FE2CF65CA1}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{73F6C2D3-F01E-4746-825A-620017E1572E}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{C2FFDF74-2AA9-43E6-8629-E23B10C36A09}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{4EAF61B1-DD96-4E07-A914-A734EB2FC712}" | In - Public - P6 - TRUE | .(.K2 Network, Inc. - APB Reloaded.) -- F:\Apb\APB Reloaded\Binaries\APB.exe

O87 - FAEL: "{23A0A19F-36FD-4892-A596-B4E891C5E9FB}" | In - Public - P17 - TRUE | .(.K2 Network, Inc. - APB Reloaded.) -- F:\Apb\APB Reloaded\Binaries\APB.exe

O87 - FAEL: "{3214DF6A-955E-447A-8D77-40C20B185F15}" | In - Public - P6 - TRUE | .(.Vivox Inc. - Pas de description.) -- F:\Apb\APB Reloaded\Binaries\VivoxVoiceService.exe

O87 - FAEL: "{C1853FAC-FFB9-42D6-88F3-6DF494321909}" | In - Public - P17 - TRUE | .(.Vivox Inc. - Pas de description.) -- F:\Apb\APB Reloaded\Binaries\VivoxVoiceService.exe

O87 - FAEL: "{EBD2DE61-B6AB-41E3-B4B2-8BAFB68E143E}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{2AA79CD9-CF87-4893-8F97-1BD7D9A757E7}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe

O87 - FAEL: "{8EFD9FDE-98E4-4DB6-9B8A-17259AD64377}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{28AC5446-213B-428E-B1C7-3511D022E21E}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O87 - FAEL: "{96AF9EE9-3445-4EA5-9F27-58033064C15A}" | In - Private - P6 - TRUE | .(.K2 Network, Inc. - APB Reloaded.) -- F:\Apb\APB Reloaded\Binaries\APB.exe

O87 - FAEL: "{AED6E0D0-E556-496C-B50E-C40140ECDF7A}" | In - Private - P17 - TRUE | .(.K2 Network, Inc. - APB Reloaded.) -- F:\Apb\APB Reloaded\Binaries\APB.exe

O87 - FAEL: "{3F10E406-BF0B-43B3-8280-52DE7B19674A}" | In - Private - P6 - TRUE | .(.Vivox Inc. - Pas de description.) -- F:\Apb\APB Reloaded\Binaries\VivoxVoiceService.exe

O87 - FAEL: "{D16DE974-6613-44DD-9002-C67FEC37BF9C}" | In - Private - P17 - TRUE | .(.Vivox Inc. - Pas de description.) -- F:\Apb\APB Reloaded\Binaries\VivoxVoiceService.exe

O87 - FAEL: "{5933EBE5-AC58-4DDF-9D76-526A3E79AD81}" | In - None - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files (x86)\iTunes\iTunes.exe

O87 - FAEL: "{DC6568D6-FC46-4FE6-B304-6B3FE53476D9}" | In - None - P17 - TRUE | .(.Skype Limited - Facebook Video Calling.) -- C:\Users\c\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

O87 - FAEL: "{8159492A-40FE-4E99-A945-F40432861F4D}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{BD918D64-08CF-40D6-A37E-D3A1A5A20EDD}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrA.exe

O87 - FAEL: "{899C002A-5DC2-4FDF-9EFA-ABF02EA469BA}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{D6497EFF-0C71-4FAA-9F80-24F973F823D2}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\SysWOW64\PnkBstrB.exe

O87 - FAEL: "{D48D735E-A294-4C6E-8E37-9AA72F121B88}" | In - Private - P6 - TRUE | .(.EA Digital Illusions CE AB - Battlefield 3.) -- F:\battlefield 3\Battlefield 3\bf3.exe

O87 - FAEL: "{678F0193-8AB0-4C1B-8263-B72361D8AFCF}" | In - Private - P17 - TRUE | .(.EA Digital Illusions CE AB - Battlefield 3.) -- F:\battlefield 3\Battlefield 3\bf3.exe

O87 - FAEL: "{179613E4-08AF-4630-BD67-DEBCD6EF49D7}" | In - Private - P6 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

O87 - FAEL: "{B3F4B675-6A8F-4B9C-91EB-1D865B840AF6}" | In - Private - P17 - TRUE | .(.ESN Social Software AB - ESN Sonar Host Application.) -- C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe

~ Scan Firewall in 00mn 02s




---\\ Scan Additionnel (O88)

Database Version : 8896 - (17/12/2011)

Clés trouvées (Keys found) : 3

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 7

Fichiers trouvés (Files found) : 1


[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] =>Toolbar.Conduit

[HKLM\Software\Classes\Toolbar.CT2304157] =>Toolbar.Agent

C:\Users\c\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\c\AppData\Local\Conduit =>Toolbar.Conduit

C:\Users\c\AppData\Local\OpenCandy =>Adware.OpenCandy

C:\Users\c\AppData\LocalLow\Conduit =>Toolbar.Conduit

C:\Users\c\AppData\Local\Temp\log =>Worm.Silly

C:\Users\c\AppData\Roaming\Mozilla\Firefox\Profiles\ur8o760l.default\SearchPlugins\conduit.xml =>Toolbar.Conduit

~ Scan Additionnel in 00mn 06s




---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Auto 2011-06-29 64952 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Auto 2011-06-20 203776 | (AMD External Events Utility) . (.AMD.) - C:\Windows\system32\atiesrxx.exe

SS - | Auto 2011-03-10 136360 | (AntiVirSchedulerService) . (.Avira GmbH.) - G:\Avira\AntiVir Desktop\sched.exe

SS - | Auto 2011-03-10 269480 | (AntiVirService) . (.Avira GmbH.) - G:\Avira\AntiVir Desktop\avguard.exe

SS - | Auto 2011-11-17 55144 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

SS - | Demand 2011-10-27 183560 | (BBSvc) . (.Microsoft Corporation..) - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.exe

SS - | Auto 2011-10-20 462184 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SS - | Auto 2011-06-20 7168 | (DellOSDservice) . (.Microsoft.) - C:\Program Files\Dell\OSD\DellOSDservice.exe

SS - | Auto 2011-09-28 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 2011-09-28 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 2011-07-27 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 2011-03-30 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SS - | Demand 2011-11-17 934760 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe

SS - | Demand 2011-12-17 25072 | (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) . (.PC-Doctor, Inc..) - C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms

SS - | Auto 0 | (PnkBstrA) . (...) - C:\Windows\System32\PnkBstrA.exe

SS - | Demand 2011-07-20 419624 | (Steam Client Service) . (.Valve Corporation.) - C:\Program Files (x86)\Common Files\Steam\SteamService.exe

SS - | Auto 2011-06-20 48128 | (wltrysvc) . (.Dell Inc..) - C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.exe

SS - | Auto 2009-07-13 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 09s




---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

~ Scan MBR in 00mn 02s




---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by c at 2011-12-17 20:54:30


********* Dump file Name *********


~ Scan MBR in 00mn 04s




---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

~ Scan Emulateurs in 00mn 04s




End of the scan (1596 lines in 01mn 39s)(0)




Télécharge RogueKiller (par Tigzy) sur le bureau

(A partir d'une clé USB si le Rogue empêche l'accès au net) .


Quitte tous les programmes en cours

Lance RogueKiller.exe.


Sous Vista/Seven, faire un clic droit et choisir Exécuter en tant qu'administrateur.

Si une détection apparait en haut de la fenêtre, tape 2 (mode REMOVE) et valide par la touche Entrer.

(Si le programme a été bloqué, renommer en et recommencer)


Si les raccourcis ont disparu, relance l'outil en mode 6.

Poste le rapport RKreport[2].txt.




Voici le rapport apre le mode 1


RogueKiller V6.2.0 [12/12/2011] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/38)

Blog: tigzy-RK


Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode sans echec avec prise en charge reseau

Utilisateur: c [Droits d'admin]

Mode: Recherche -- Date : 18/12/2011 07:21:58


¤¤¤ Processus malicieux: 0 ¤¤¤


¤¤¤ Entrees de registre: 10 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : mGiJpKILEPL.exe (C:\ProgramData\mGiJpKILEPL.exe) -> FOUND

[sUSP PATH] HKUS\S-1-5-21-3021462351-2592770391-3841778094-1000[...]\Run : mGiJpKILEPL.exe (C:\ProgramData\mGiJpKILEPL.exe) -> FOUND

[WallPP] HKCU\[...]\Desktop : Wallpaper () -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> FOUND

[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> FOUND


¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤


¤¤¤ Driver: [NOT LOADED] ¤¤¤


¤¤¤ Infection : ¤¤¤


¤¤¤ Fichier HOSTS: ¤¤¤



¤¤¤ MBR Verif: ¤¤¤

--- User ---

[MBR] 3abf68c653a13a5f6780f8a89e735686

[bSP] 3014223ab206f08eed715a161a9ffcab : MBR Code unknown

Partition table:

0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 41 Mo

1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 80325 | Size: 15728 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 30800325 | Size: 314927 Mo

3 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 645893325 | Size: 669505 Mo

User = LL1 ... OK!

Error reading LL2 MBR!


Termine : << RKreport[1].txt >>





et voici apres le mode 2


RogueKiller V6.2.0 [12/12/2011] par Tigzy

mail: tigzyRK<at>gmail<dot>com

Remontees: [RogueKiller] Remontées (1/38)

Blog: tigzy-RK


Systeme d'exploitation: Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode sans echec avec prise en charge reseau

Utilisateur: c [Droits d'admin]

Mode: Suppression -- Date : 18/12/2011 07:22:30


¤¤¤ Processus malicieux: 0 ¤¤¤


¤¤¤ Entrees de registre: 9 ¤¤¤

[sUSP PATH] HKCU\[...]\Run : mGiJpKILEPL.exe (C:\ProgramData\mGiJpKILEPL.exe) -> DELETED

[WallPP] HKCU\[...]\Desktop : Wallpaper () -> REPLACED (C:\Users\c\AppData\Roaming\Mozilla\Firefox\Fond d'écran.bmp)

[HJ] HKCU\[...]\Advanced : Start_ShowMyComputer (0) -> REPLACED (1)

[HJ] HKCU\[...]\Advanced : Start_ShowSearch (0) -> REPLACED (1)

[HJ] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)

[HJ] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

[HJ] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> REPLACED (0)


¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤


¤¤¤ Driver: [NOT LOADED] ¤¤¤


¤¤¤ Infection : ¤¤¤


¤¤¤ Fichier HOSTS: ¤¤¤



¤¤¤ MBR Verif: ¤¤¤

--- User ---

[MBR] 3abf68c653a13a5f6780f8a89e735686

[bSP] 3014223ab206f08eed715a161a9ffcab : MBR Code unknown

Partition table:

0 - [XXXXXX] FAT16 [HIDDEN!] Offset (sectors): 63 | Size: 41 Mo

1 - [ACTIVE] NTFS [VISIBLE] Offset (sectors): 80325 | Size: 15728 Mo

2 - [XXXXXX] NTFS [VISIBLE] Offset (sectors): 30800325 | Size: 314927 Mo

3 - [XXXXXX] UNKNW [VISIBLE] Offset (sectors): 645893325 | Size: 669505 Mo

User = LL1 ... OK!

Error reading LL2 MBR!


Termine : << RKreport[2].txt >>

RKreport[1].txt ; RKreport[2].txt




Merci...Ensuite ?


Les raccoourcis et dossiers sont-il revenus?


Sinon, passe RogueKiller avec l'option 6 et poster le rapport stp.



Après ça:


Télécharge TDSSKiller de Kaspersky sur ton bureau.


Ou: ; décompresse le zip.


Double-clique sur TDSSKiller.exe

L'écran de TDSSKiller s'affiche:




- Laisser cochées les 2 options par défaut -Visible via l'onglet "change parameter".




Et coche les 2 options supplémentaires:




Clique sur Start scan pour lancer l'analyse.



- Si une menace est détectée (Threats detected) vérifie que, suivant le cas:


En général, laisse les options proposées par défaut par l'outil



l'option "delete" (effacer) est bien cochée pour la famille TDL2


l'option "delete" (effacer) est bien cochée pour tout objet de la forme chiffre_aléatoire:chiffre_aléatoire.exe


l'option "delete" (effacer) est bien cochée pour tout service de la forme chiffre et/ou lettre aléatoire (hidden file)



l'option "cure" (réparer ) pour la famille TDL3.


l'option "cure" (réparer ) pour la famille tdl4(\HardDisk0\MBR).


l'option "cure" (réparer) pour la famille Rootkit.Win32.ZAccess


puis clique sur Continue.


- laisse l'action par défaut "skip" (sauter) pour les "suspicious objects. low risks", avant de savoir ce que c'est, puis clique sur Continue.





En fin d'analyse il peut être demandé de relancer la machine:



clique sur Reboot Now.


- Si aucun reboot n'est demandé, clique sur le bouton Report et poste le contenu du fichier qui s'affiche.


- Si un reboot est demandé, aprés redémarrage tu trouveras le contenu du rapport de TDSSKiller ici:


[systemDrive représente la partition sur laquelle est installé le système, généralement C:]




Voici le rapport tel que demandé..


Le tout s'ameliore je crois..

Le menu démarrer est par contre vide..Mais le menu demarrer "Tous les programmes" est présent et son contenu


Merci encore, j'attends le suite..p.s il y avait deux treats de medium risk que j'ai mit en quarantaine


13:53:59.0238 3040 TDSS rootkit removing tool Dec 13 2011 10:39:31

13:54:00.0080 3040 ============================================================

13:54:00.0080 3040 Current date / time: 2011/12/18 13:54:00.0080

13:54:00.0080 3040 SystemInfo:

13:54:00.0080 3040

13:54:00.0080 3040 OS Version: 6.1.7601 ServicePack: 1.0

13:54:00.0080 3040 Product type: Workstation

13:54:00.0080 3040 ComputerName: RHEAUME-PCDELL

13:54:00.0080 3040 UserName: c

13:54:00.0080 3040 Windows directory: C:\Windows

13:54:00.0080 3040 System windows directory: C:\Windows

13:54:00.0080 3040 Running under WOW64

13:54:00.0080 3040 Processor architecture: Intel x64

13:54:00.0080 3040 Number of processors: 4

13:54:00.0080 3040 Page size: 0x1000

13:54:00.0080 3040 Boot type: Safe boot with network

13:54:00.0080 3040 ============================================================

13:54:00.0829 3040 Initialize success

13:54:07.0880 2432 ============================================================

13:54:07.0880 2432 Scan started

13:54:07.0880 2432 Mode: Manual; SigCheck; TDLFS;

13:54:07.0880 2432 ============================================================

13:54:08.0379 2432 1394ohci (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:54:08.0613 2432 1394ohci - ok

13:54:08.0629 2432 ACPI (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:54:08.0645 2432 ACPI - ok

13:54:08.0691 2432 AcpiPmi (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:54:08.0738 2432 AcpiPmi - ok

13:54:08.0816 2432 adp94xx (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys

13:54:08.0832 2432 adp94xx - ok

13:54:08.0847 2432 adpahci (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys

13:54:08.0863 2432 adpahci - ok

13:54:08.0863 2432 adpu320 (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys

13:54:08.0879 2432 adpu320 - ok

13:54:08.0941 2432 AFD (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys

13:54:08.0988 2432 AFD - ok

13:54:09.0003 2432 agp440 (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:54:09.0003 2432 agp440 - ok

13:54:09.0035 2432 aliide (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:54:09.0050 2432 aliide - ok

13:54:09.0066 2432 amdide (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:54:09.0081 2432 amdide - ok

13:54:09.0113 2432 amdiox64 (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys

13:54:09.0191 2432 amdiox64 - ok

13:54:09.0222 2432 AmdK8 (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys

13:54:09.0253 2432 AmdK8 - ok

13:54:09.0596 2432 amdkmdag (92d7a3d30e7c06b33a7a107cb71ec176) C:\Windows\system32\DRIVERS\atikmdag.sys

13:54:09.0737 2432 amdkmdag - ok

13:54:09.0768 2432 amdkmdap (a6ed35e5481ecc36d14ab47bb943f8cb) C:\Windows\system32\DRIVERS\atikmpag.sys

13:54:09.0799 2432 amdkmdap - ok

13:54:09.0830 2432 AmdPPM (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys

13:54:09.0861 2432 AmdPPM - ok

13:54:09.0877 2432 amdsata (cc3021d064eb6d3c2f949530e2b0ba47) C:\Windows\system32\DRIVERS\amdsata.sys

13:54:09.0893 2432 amdsata - ok

13:54:09.0908 2432 amdsbs (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys

13:54:09.0908 2432 amdsbs - ok

13:54:09.0924 2432 amdxata (ffc5a0f6263574ef0d5467496b721f77) C:\Windows\system32\DRIVERS\amdxata.sys

13:54:09.0924 2432 amdxata - ok

13:54:09.0986 2432 AODDriver4.0 - ok

13:54:10.0033 2432 AppID (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:54:10.0142 2432 AppID - ok

13:54:10.0173 2432 arc (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys

13:54:10.0173 2432 arc - ok

13:54:10.0189 2432 arcsas (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys

13:54:10.0205 2432 arcsas - ok

13:54:10.0220 2432 AsyncMac (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:54:10.0329 2432 AsyncMac - ok

13:54:10.0361 2432 atapi (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:54:10.0361 2432 atapi - ok

13:54:10.0392 2432 AtiPcie (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys

13:54:10.0392 2432 AtiPcie - ok

13:54:10.0423 2432 AVerPola (da2f7699f8f10b4cd18374017163f39c) C:\Windows\system32\DRIVERS\AVerPola.sys

13:54:10.0470 2432 AVerPola - ok

13:54:10.0501 2432 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys

13:54:10.0501 2432 avgntflt - ok

13:54:10.0517 2432 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys

13:54:10.0532 2432 avipbb - ok

13:54:10.0579 2432 b06bdrv (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys

13:54:10.0610 2432 b06bdrv - ok

13:54:10.0626 2432 b57nd60a (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:54:10.0657 2432 b57nd60a - ok

13:54:10.0704 2432 BCM42RLY (ac4e2d84de54cd3a013aeff0cc56095c) C:\Windows\system32\drivers\BCM42RLY.sys

13:54:10.0704 2432 BCM42RLY - ok

13:54:10.0766 2432 BCM43XX (0b0df4cd7c2c188c95c4e09c568ad54a) C:\Windows\system32\DRIVERS\bcmwl664.sys

13:54:10.0813 2432 BCM43XX - ok

13:54:10.0844 2432 BcmVWL (d224b2e6bb543f1d8f1177d57fec2950) C:\Windows\system32\DRIVERS\bcmvwl64.sys

13:54:10.0844 2432 BcmVWL - ok

13:54:10.0875 2432 Beep (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:54:10.0938 2432 Beep - ok

13:54:10.0969 2432 blbdrive (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:54:10.0985 2432 blbdrive - ok

13:54:11.0016 2432 bowser (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:54:11.0063 2432 bowser - ok

13:54:11.0063 2432 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys

13:54:11.0125 2432 BrFiltLo - ok

13:54:11.0125 2432 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys

13:54:11.0141 2432 BrFiltUp - ok

13:54:11.0172 2432 Brserid (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:54:11.0203 2432 Brserid - ok

13:54:11.0219 2432 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:54:11.0234 2432 BrSerWdm - ok

13:54:11.0250 2432 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:54:11.0265 2432 BrUsbMdm - ok

13:54:11.0281 2432 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:54:11.0312 2432 BrUsbSer - ok

13:54:11.0328 2432 BTHMODEM (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys

13:54:11.0343 2432 BTHMODEM - ok

13:54:11.0359 2432 cdfs (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:54:11.0390 2432 cdfs - ok

13:54:11.0406 2432 cdrom (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:54:11.0453 2432 cdrom - ok

13:54:11.0484 2432 circlass (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys

13:54:11.0499 2432 circlass - ok

13:54:11.0531 2432 CLFS (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:54:11.0546 2432 CLFS - ok

13:54:11.0577 2432 CmBatt (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys

13:54:11.0593 2432 CmBatt - ok

13:54:11.0609 2432 cmdide (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:54:11.0624 2432 cmdide - ok

13:54:11.0655 2432 CNG (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys

13:54:11.0687 2432 CNG - ok

13:54:11.0702 2432 Compbatt (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys

13:54:11.0702 2432 Compbatt - ok

13:54:11.0718 2432 CompositeBus (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys

13:54:11.0733 2432 CompositeBus - ok

13:54:11.0765 2432 crcdisk (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys

13:54:11.0765 2432 crcdisk - ok

13:54:11.0858 2432 DfsC (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:54:11.0889 2432 DfsC - ok

13:54:11.0889 2432 discache (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:54:11.0936 2432 discache - ok

13:54:11.0952 2432 Disk (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys

13:54:11.0967 2432 Disk - ok

13:54:12.0014 2432 drmkaud (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:54:12.0030 2432 drmkaud - ok

13:54:12.0061 2432 dtsoftbus01 (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys

13:54:12.0077 2432 dtsoftbus01 - ok

13:54:12.0108 2432 DXGKrnl (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:54:12.0139 2432 DXGKrnl - ok

13:54:12.0139 2432 EagleX64 - ok

13:54:12.0217 2432 ebdrv (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys

13:54:12.0279 2432 ebdrv - ok

13:54:12.0311 2432 elxstor (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys

13:54:12.0326 2432 elxstor - ok

13:54:12.0357 2432 epmntdrv (9eafb3b3b60b8ad958985152a9309aca) C:\Windows\system32\epmntdrv.sys

13:54:12.0389 2432 epmntdrv ( UnsignedFile.Multi.Generic ) - warning

13:54:12.0389 2432 epmntdrv - detected UnsignedFile.Multi.Generic (1)

13:54:12.0404 2432 ErrDev (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:54:12.0451 2432 ErrDev - ok

13:54:12.0467 2432 EuGdiDrv (fb949ed2c93c878a189039f3d7730942) C:\Windows\system32\EuGdiDrv.sys

13:54:12.0482 2432 EuGdiDrv ( UnsignedFile.Multi.Generic ) - warning

13:54:12.0482 2432 EuGdiDrv - detected UnsignedFile.Multi.Generic (1)

13:54:12.0498 2432 exfat (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:54:12.0529 2432 exfat - ok

13:54:12.0560 2432 fastfat (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:54:12.0591 2432 fastfat - ok

13:54:12.0607 2432 fdc (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys

13:54:12.0638 2432 fdc - ok

13:54:12.0669 2432 FileInfo (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:54:12.0669 2432 FileInfo - ok

13:54:12.0685 2432 Filetrace (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:54:12.0732 2432 Filetrace - ok

13:54:12.0747 2432 flpydisk (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys

13:54:12.0747 2432 flpydisk - ok

13:54:12.0779 2432 FltMgr (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:54:12.0794 2432 FltMgr - ok

13:54:12.0810 2432 FsDepends (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:54:12.0825 2432 FsDepends - ok

13:54:12.0857 2432 fssfltr (dc0dce4ec2c5d2cf6472f9fd6aa9a7dc) C:\Windows\system32\DRIVERS\fssfltr.sys

13:54:12.0857 2432 fssfltr - ok

13:54:12.0888 2432 Fs_Rec (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys

13:54:12.0888 2432 Fs_Rec - ok

13:54:12.0919 2432 fvevol (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:54:12.0935 2432 fvevol - ok

13:54:12.0950 2432 gagp30kx (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys

13:54:12.0966 2432 gagp30kx - ok

13:54:13.0013 2432 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

13:54:13.0013 2432 GEARAspiWDM - ok

13:54:13.0075 2432 hamachi (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys

13:54:13.0075 2432 hamachi - ok

13:54:13.0091 2432 hcw85cir (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:54:13.0137 2432 hcw85cir - ok

13:54:13.0200 2432 HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:54:13.0215 2432 HdAudAddService - ok

13:54:13.0231 2432 HDAudBus (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

13:54:13.0247 2432 HDAudBus - ok

13:54:13.0262 2432 HidBatt (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys

13:54:13.0278 2432 HidBatt - ok

13:54:13.0278 2432 HidBth (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys

13:54:13.0309 2432 HidBth - ok

13:54:13.0325 2432 HidIr (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys

13:54:13.0356 2432 HidIr - ok

13:54:13.0387 2432 HidUsb (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:54:13.0418 2432 HidUsb - ok

13:54:13.0434 2432 HpSAMD (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:54:13.0449 2432 HpSAMD - ok

13:54:13.0481 2432 HTTP (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:54:13.0527 2432 HTTP - ok

13:54:13.0559 2432 hwpolicy (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:54:13.0559 2432 hwpolicy - ok

13:54:13.0590 2432 i8042prt (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys

13:54:13.0590 2432 i8042prt - ok

13:54:13.0621 2432 iaStorV (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:54:13.0637 2432 iaStorV - ok

13:54:13.0652 2432 iirsp (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys

13:54:13.0668 2432 iirsp - ok

13:54:13.0683 2432 IntcAzAudAddService - ok

13:54:13.0715 2432 intelide (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:54:13.0715 2432 intelide - ok

13:54:13.0746 2432 intelppm (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:54:13.0761 2432 intelppm - ok

13:54:13.0793 2432 IpFilterDriver (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:54:13.0839 2432 IpFilterDriver - ok

13:54:13.0855 2432 IPMIDRV (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:54:13.0871 2432 IPMIDRV - ok

13:54:13.0886 2432 IPNAT (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:54:13.0917 2432 IPNAT - ok

13:54:13.0949 2432 IRENUM (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:54:13.0980 2432 IRENUM - ok

13:54:13.0995 2432 isapnp (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:54:14.0011 2432 isapnp - ok

13:54:14.0027 2432 iScsiPrt (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:54:14.0042 2432 iScsiPrt - ok

13:54:14.0058 2432 kbdclass (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

13:54:14.0073 2432 kbdclass - ok

13:54:14.0089 2432 kbdhid (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

13:54:14.0120 2432 kbdhid - ok

13:54:14.0151 2432 KSecDD (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys

13:54:14.0151 2432 KSecDD - ok

13:54:14.0183 2432 KSecPkg (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys

13:54:14.0198 2432 KSecPkg - ok

13:54:14.0214 2432 ksthunk (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:54:14.0261 2432 ksthunk - ok

13:54:14.0292 2432 lltdio (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:54:14.0339 2432 lltdio - ok

13:54:14.0354 2432 LSI_FC (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys

13:54:14.0370 2432 LSI_FC - ok

13:54:14.0385 2432 LSI_SAS (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys

13:54:14.0385 2432 LSI_SAS - ok

13:54:14.0401 2432 LSI_SAS2 (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys

13:54:14.0401 2432 LSI_SAS2 - ok

13:54:14.0432 2432 LSI_SCSI (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys

13:54:14.0432 2432 LSI_SCSI - ok

13:54:14.0448 2432 luafv (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:54:14.0495 2432 luafv - ok

13:54:14.0510 2432 megasas (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys

13:54:14.0526 2432 megasas - ok

13:54:14.0573 2432 MegaSR (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys

13:54:14.0588 2432 MegaSR - ok

13:54:14.0619 2432 Modem (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:54:14.0651 2432 Modem - ok

13:54:14.0666 2432 monitor (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:54:14.0697 2432 monitor - ok

13:54:14.0713 2432 mouclass (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:54:14.0713 2432 mouclass - ok

13:54:14.0744 2432 mouhid (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:54:14.0775 2432 mouhid - ok

13:54:14.0807 2432 mountmgr (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:54:14.0807 2432 mountmgr - ok

13:54:14.0822 2432 mpio (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:54:14.0838 2432 mpio - ok

13:54:14.0853 2432 mpsdrv (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:54:14.0885 2432 mpsdrv - ok

13:54:14.0916 2432 MRxDAV (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:54:14.0931 2432 MRxDAV - ok

13:54:14.0963 2432 mrxsmb (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:54:14.0994 2432 mrxsmb - ok

13:54:15.0025 2432 mrxsmb10 (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:54:15.0056 2432 mrxsmb10 - ok

13:54:15.0072 2432 mrxsmb20 (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:54:15.0072 2432 mrxsmb20 - ok

13:54:15.0103 2432 msahci (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:54:15.0119 2432 msahci - ok

13:54:15.0134 2432 msdsm (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:54:15.0134 2432 msdsm - ok

13:54:15.0165 2432 Msfs (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:54:15.0197 2432 Msfs - ok

13:54:15.0212 2432 mshidkmdf (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:54:15.0243 2432 mshidkmdf - ok

13:54:15.0259 2432 msisadrv (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:54:15.0275 2432 msisadrv - ok

13:54:15.0306 2432 MSKSSRV (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:54:15.0337 2432 MSKSSRV - ok

13:54:15.0353 2432 MSPCLOCK (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:54:15.0384 2432 MSPCLOCK - ok

13:54:15.0399 2432 MSPQM (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:54:15.0446 2432 MSPQM - ok

13:54:15.0477 2432 MsRPC (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:54:15.0493 2432 MsRPC - ok

13:54:15.0509 2432 mssmbios (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys

13:54:15.0509 2432 mssmbios - ok

13:54:15.0540 2432 MSTEE (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:54:15.0571 2432 MSTEE - ok

13:54:15.0587 2432 MTConfig (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys

13:54:15.0602 2432 MTConfig - ok

13:54:15.0618 2432 Mup (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:54:15.0633 2432 Mup - ok

13:54:15.0665 2432 NativeWifiP (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:54:15.0680 2432 NativeWifiP - ok

13:54:15.0727 2432 NDIS (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:54:15.0758 2432 NDIS - ok

13:54:15.0774 2432 NdisCap (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:54:15.0805 2432 NdisCap - ok

13:54:15.0836 2432 NdisTapi (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:54:15.0883 2432 NdisTapi - ok

13:54:15.0930 2432 Ndisuio (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:54:15.0961 2432 Ndisuio - ok

13:54:16.0008 2432 NdisWan (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:54:16.0055 2432 NdisWan - ok

13:54:16.0086 2432 NDProxy (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:54:16.0117 2432 NDProxy - ok

13:54:16.0117 2432 NetBIOS (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:54:16.0164 2432 NetBIOS - ok

13:54:16.0195 2432 NetBT (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:54:16.0226 2432 NetBT - ok

13:54:16.0273 2432 nfrd960 (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys

13:54:16.0273 2432 nfrd960 - ok

13:54:16.0289 2432 Npfs (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:54:16.0320 2432 Npfs - ok

13:54:16.0335 2432 nsiproxy (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:54:16.0382 2432 nsiproxy - ok

13:54:16.0429 2432 Ntfs (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:54:16.0460 2432 Ntfs - ok

13:54:16.0460 2432 Null (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:54:16.0491 2432 Null - ok

13:54:16.0523 2432 nuviocir (be29aa3cba78480ab8591873197cb56a) C:\Windows\system32\DRIVERS\nuviocir_win7_x64.sys

13:54:16.0538 2432 nuviocir - ok

13:54:16.0569 2432 nvraid (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:54:16.0585 2432 nvraid - ok

13:54:16.0616 2432 nvstor (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:54:16.0632 2432 nvstor - ok

13:54:16.0647 2432 nv_agp (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:54:16.0663 2432 nv_agp - ok

13:54:16.0679 2432 ohci1394 (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:54:16.0694 2432 ohci1394 - ok

13:54:16.0757 2432 Parport (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys

13:54:16.0772 2432 Parport - ok

13:54:16.0788 2432 partmgr (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys

13:54:16.0803 2432 partmgr - ok

13:54:16.0897 2432 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 (7317a0b550f7ac0223b7070897670476) c:\program files\dell support center\pcdsrvc_x64.pkms

13:54:16.0897 2432 PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - ok

13:54:16.0928 2432 pci (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:54:16.0944 2432 pci - ok

13:54:16.0975 2432 pciide (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:54:16.0975 2432 pciide - ok

13:54:17.0006 2432 pcmcia (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys

13:54:17.0006 2432 pcmcia - ok

13:54:17.0037 2432 pcw (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:54:17.0037 2432 pcw - ok

13:54:17.0069 2432 PEAUTH (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:54:17.0115 2432 PEAUTH - ok

13:54:17.0209 2432 PptpMiniport (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:54:17.0240 2432 PptpMiniport - ok

13:54:17.0271 2432 Processor (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys

13:54:17.0287 2432 Processor - ok

13:54:17.0334 2432 Psched (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:54:17.0365 2432 Psched - ok

13:54:17.0396 2432 PxHlpa64 (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys

13:54:17.0396 2432 PxHlpa64 - ok

13:54:17.0443 2432 ql2300 (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys

13:54:17.0474 2432 ql2300 - ok

13:54:17.0490 2432 ql40xx (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys

13:54:17.0490 2432 ql40xx - ok

13:54:17.0521 2432 QWAVEdrv (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:54:17.0537 2432 QWAVEdrv - ok

13:54:17.0537 2432 RasAcd (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:54:17.0568 2432 RasAcd - ok

13:54:17.0599 2432 RasAgileVpn (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:54:17.0630 2432 RasAgileVpn - ok

13:54:17.0661 2432 Rasl2tp (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:54:17.0708 2432 Rasl2tp - ok

13:54:17.0724 2432 RasPppoe (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:54:17.0771 2432 RasPppoe - ok

13:54:17.0786 2432 RasSstp (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:54:17.0817 2432 RasSstp - ok

13:54:17.0864 2432 rdbss (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:54:17.0895 2432 rdbss - ok

13:54:17.0911 2432 rdpbus (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys

13:54:17.0927 2432 rdpbus - ok

13:54:17.0958 2432 RDPCDD (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:54:17.0989 2432 RDPCDD - ok

13:54:18.0005 2432 RDPENCDD (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:54:18.0036 2432 RDPENCDD - ok

13:54:18.0051 2432 RDPREFMP (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:54:18.0083 2432 RDPREFMP - ok

13:54:18.0114 2432 RDPWD (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys

13:54:18.0161 2432 RDPWD - ok

13:54:18.0192 2432 rdyboost (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:54:18.0207 2432 rdyboost - ok

13:54:18.0223 2432 rspndr (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:54:18.0254 2432 rspndr - ok

13:54:18.0301 2432 RTL8167 (16d4e350420baa7e63e16e3fc033e1f5) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:54:18.0317 2432 RTL8167 - ok

13:54:18.0348 2432 sbp2port (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:54:18.0363 2432 sbp2port - ok

13:54:18.0379 2432 scfilter (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:54:18.0426 2432 scfilter - ok

13:54:18.0457 2432 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:54:18.0488 2432 secdrv - ok

13:54:18.0519 2432 Serenum (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys

13:54:18.0535 2432 Serenum - ok

13:54:18.0566 2432 Serial (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys

13:54:18.0582 2432 Serial - ok

13:54:18.0613 2432 sermouse (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys

13:54:18.0629 2432 sermouse - ok

13:54:18.0660 2432 sffdisk (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:54:18.0691 2432 sffdisk - ok

13:54:18.0707 2432 sffp_mmc (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:54:18.0707 2432 sffp_mmc - ok

13:54:18.0722 2432 sffp_sd (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:54:18.0753 2432 sffp_sd - ok

13:54:18.0769 2432 sfloppy (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys

13:54:18.0785 2432 sfloppy - ok

13:54:18.0785 2432 SiSRaid2 (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys

13:54:18.0800 2432 SiSRaid2 - ok

13:54:18.0816 2432 SiSRaid4 (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys

13:54:18.0816 2432 SiSRaid4 - ok

13:54:18.0847 2432 Smb (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:54:18.0878 2432 Smb - ok

13:54:18.0909 2432 spldr (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:54:18.0925 2432 spldr - ok

13:54:18.0956 2432 srv (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:54:18.0987 2432 srv - ok

13:54:19.0003 2432 srv2 (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:54:19.0019 2432 srv2 - ok

13:54:19.0050 2432 srvnet (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:54:19.0065 2432 srvnet - ok

13:54:19.0097 2432 stexstor (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys

13:54:19.0112 2432 stexstor - ok

13:54:19.0128 2432 swenum (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys

13:54:19.0128 2432 swenum - ok

13:54:19.0206 2432 Tcpip (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys

13:54:19.0253 2432 Tcpip - ok

13:54:19.0284 2432 TCPIP6 (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys

13:54:19.0315 2432 TCPIP6 - ok

13:54:19.0331 2432 tcpipreg (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:54:19.0362 2432 tcpipreg - ok

13:54:19.0393 2432 TDPIPE (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:54:19.0424 2432 TDPIPE - ok

13:54:19.0440 2432 TDTCP (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys

13:54:19.0471 2432 TDTCP - ok

13:54:19.0502 2432 tdx (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:54:19.0533 2432 tdx - ok

13:54:19.0549 2432 TermDD (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys

13:54:19.0565 2432 TermDD - ok

13:54:19.0611 2432 tssecsrv (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:54:19.0643 2432 tssecsrv - ok

13:54:19.0705 2432 TsUsbFlt (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:54:19.0705 2432 TsUsbFlt - ok

13:54:19.0752 2432 tunnel (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:54:19.0783 2432 tunnel - ok

13:54:19.0799 2432 uagp35 (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys

13:54:19.0814 2432 uagp35 - ok

13:54:19.0845 2432 udfs (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:54:19.0892 2432 udfs - ok

13:54:19.0923 2432 uliagpkx (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:54:19.0939 2432 uliagpkx - ok

13:54:19.0955 2432 umbus (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:54:19.0970 2432 umbus - ok

13:54:20.0001 2432 UmPass (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys

13:54:20.0001 2432 UmPass - ok

13:54:20.0033 2432 USBAAPL64 (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys

13:54:20.0064 2432 USBAAPL64 - ok

13:54:20.0079 2432 usbccgp (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:54:20.0079 2432 usbccgp - ok

13:54:20.0126 2432 usbcir (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:54:20.0142 2432 usbcir - ok

13:54:20.0157 2432 usbehci (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys

13:54:20.0189 2432 usbehci - ok

13:54:20.0220 2432 usbhub (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:54:20.0251 2432 usbhub - ok

13:54:20.0267 2432 usbohci (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys

13:54:20.0282 2432 usbohci - ok

13:54:20.0282 2432 usbprint (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:54:20.0313 2432 usbprint - ok

13:54:20.0345 2432 USBSTOR (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:54:20.0360 2432 USBSTOR - ok

13:54:20.0376 2432 usbuhci (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys

13:54:20.0391 2432 usbuhci - ok

13:54:20.0407 2432 usbvideo (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\system32\Drivers\usbvideo.sys

13:54:20.0423 2432 usbvideo - ok

13:54:20.0438 2432 vdrvroot (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:54:20.0454 2432 vdrvroot - ok

13:54:20.0469 2432 vga (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:54:20.0485 2432 vga - ok

13:54:20.0501 2432 VgaSave (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:54:20.0532 2432 VgaSave - ok

13:54:20.0547 2432 vhdmp (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:54:20.0563 2432 vhdmp - ok

13:54:20.0563 2432 viaide (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:54:20.0579 2432 viaide - ok

13:54:20.0594 2432 volmgr (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:54:20.0610 2432 volmgr - ok

13:54:20.0641 2432 volmgrx (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:54:20.0657 2432 volmgrx - ok

13:54:20.0672 2432 volsnap (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:54:20.0672 2432 volsnap - ok

13:54:20.0703 2432 vsmraid (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys

13:54:20.0703 2432 vsmraid - ok

13:54:20.0719 2432 vwifibus (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys

13:54:20.0735 2432 vwifibus - ok

13:54:20.0766 2432 vwififlt (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys

13:54:20.0781 2432 vwififlt - ok

13:54:20.0828 2432 vwifimp (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys

13:54:20.0844 2432 vwifimp - ok

13:54:20.0875 2432 WacomPen (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys

13:54:20.0891 2432 WacomPen - ok

13:54:20.0922 2432 WANARP (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:20.0953 2432 WANARP - ok

13:54:20.0953 2432 Wanarpv6 (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:54:20.0984 2432 Wanarpv6 - ok

13:54:21.0015 2432 Wd (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys

13:54:21.0015 2432 Wd - ok

13:54:21.0031 2432 Wdf01000 (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:54:21.0047 2432 Wdf01000 - ok

13:54:21.0078 2432 WfpLwf (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:54:21.0109 2432 WfpLwf - ok

13:54:21.0125 2432 WIMMount (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:54:21.0125 2432 WIMMount - ok

13:54:21.0171 2432 WinUsb (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys

13:54:21.0187 2432 WinUsb - ok

13:54:21.0218 2432 WmiAcpi (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:54:21.0218 2432 WmiAcpi - ok

13:54:21.0265 2432 ws2ifsl (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:54:21.0312 2432 ws2ifsl - ok

13:54:21.0343 2432 WSDPrintDevice (8d918b1db190a4d9b1753a66fa8c96e8) C:\Windows\system32\DRIVERS\WSDPrint.sys

13:54:21.0359 2432 WSDPrintDevice - ok

13:54:21.0374 2432 WSDScan (4a2a5c50dd1a63577d3aca94269fbc7f) C:\Windows\system32\DRIVERS\WSDScan.sys

13:54:21.0405 2432 WSDScan - ok

13:54:21.0437 2432 WudfPf (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:54:21.0468 2432 WudfPf - ok

13:54:21.0499 2432 WUDFRd (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:54:21.0530 2432 WUDFRd - ok

13:54:21.0561 2432 MBR (0x1B8) (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:54:21.0671 2432 \Device\Harddisk0\DR0 - ok

13:54:21.0671 2432 Boot (0x1200) (3beeb3a1ce06486fd18913c1e652bdc4) \Device\Harddisk0\DR0\Partition0

13:54:21.0686 2432 \Device\Harddisk0\DR0\Partition0 - ok

13:54:21.0702 2432 Boot (0x1200) (732558f974603634a7473956c03da1e1) \Device\Harddisk0\DR0\Partition1

13:54:21.0702 2432 \Device\Harddisk0\DR0\Partition1 - ok

13:54:21.0702 2432 Boot (0x1200) (c51fb802401bffe668078db435c55715) \Device\Harddisk0\DR0\Partition2

13:54:21.0702 2432 \Device\Harddisk0\DR0\Partition2 - ok

13:54:21.0733 2432 Boot (0x1200) (912ba2a8acaf3a46244d7249c866fd1b) \Device\Harddisk0\DR0\Partition3

13:54:21.0733 2432 \Device\Harddisk0\DR0\Partition3 - ok

13:54:21.0749 2432 Boot (0x1200) (9775b215643ecda388dbf795bee79d9e) \Device\Harddisk0\DR0\Partition4

13:54:21.0749 2432 \Device\Harddisk0\DR0\Partition4 - ok

13:54:21.0749 2432 ============================================================

13:54:21.0749 2432 Scan finished

13:54:21.0749 2432 ============================================================

13:54:21.0764 2268 Detected object count: 2

13:54:21.0764 2268 Actual detected object count: 2

13:56:09.0139 2268 C:\Windows\system32\epmntdrv.sys - copied to quarantine

13:56:09.0139 2268 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

13:56:09.0170 2268 C:\Windows\system32\EuGdiDrv.sys - copied to quarantine

13:56:09.0170 2268 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine

13:56:16.0268 2288 Deinitialize success




Télécharger Unhide de Grinler et l'enregistrer sur le bureau.


Double-clique, (Sous Vista/7, clic droit/exécuter en temps qu'administrateur) sur l'icône.


Le pc va redémarrer, sinon fais-le redémarrer toi-même.


Vérifie si les dossiers sont réapparus.



Télécharge Malwarebytes' Anti-Malware (MBAM).


Malwarebytes : Malwarebytes Anti-Malware PRO removes malware including viruses, spyware, worms and trojans, plus it protects your computer clique pour la version FREE et enregistre l'exécutable sur le bureau.


Si MBAM est déjà installé, aller directement à la mise à jour puis à l'analyse.


Ce logiciel est à garder.


Uniquement en cas de problème de mise à jour:


Télécharger mises à jour MBAM


Exécute le fichier après l'installation de MBAM


Connecter les supports amovibles (clés usb etc.) avant de lancer l'analyse.


  • Double clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet "Mise à jour", clique sur le bouton "Recherche de mise à jour": si le pare-feu demande l'autorisation à MBAM de se connecter, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet "Recherche".
  • Sélectionne "Exécuter un examen complet"
  • Clique sur "Rechercher"
  • L'analyse démarre, le scan est relativement long, c'est normal.
  • A la fin de l'analyse, un message s'affiche :
    L'examen s'est terminé normalement. Clique sur 'Afficher les résultats' pour afficher tous les objets trouvés.
    Clique sur "Ok" pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
    Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport et poste-le dans ta prochaine réponse.

Si MBAM demande à redémarrer le pc, fais-le.


Si au redémarrage Windows te dit qu'il a bloqué certains programmes de démarrage, clique sur la bulle puis sur Exécuter les programmes bloqués/Malwarebytes Anti-Malware.




Merci toujours de suivi..


Voici le rapport

Les dossiers sont visible mais toujours pas les raccourcis du menu démarrer..J'imgaine que je peux refaire..Ou Windows a -til- une option pour

les rétablir par défaut..


Malwarebytes' Anti-Malware


Version de la base de données: 8393


Windows 6.1.7601 Service Pack 1

Internet Explorer 8.0.7601.17514


2011-12-18 19:49:41

mbam-log-2011-12-18 (19-49-41).txt


Type d'examen: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)

Elément(s) analysé(s): 452422

Temps écoulé: 1 heure(s), 5 minute(s), 7 seconde(s)


Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 4


Processus mémoire infecté(s):

(Aucun élément nuisible détecté)


Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)


Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)


Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)


Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)


Dossier(s) infecté(s):

(Aucun élément nuisible détecté)


Fichier(s) infecté(s):

c:\programdata\mgijpkilepl.exe (Rogue.FakeHDD) -> Quarantined and deleted successfully.

c:\Users\c\AppData\Local\Temp\4aomtr2ndokjjz.exe.tmp (Rogue.FakeHDD) -> Quarantined and deleted successfully.

c:\Users\c\Desktop\rk_quarantine\mgijpkilepl.exe.vir (Rogue.FakeHDD) -> Quarantined and deleted successfully.

c:\Users\c\AppData\Local\Temp\wuauclt.exe (Trojan.Agent) -> Quarantined and deleted successfully.




Essaie ceci: Clic droit sur l'icône du programme que tu veux avoir dans le menu démarrer/ épingler au menu démarrer.





Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
  • Créer...