Aller au contenu
Zebulon
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Problème de redirection


Bullsabs

Messages recommandés

J'ai un problème de redirection incessante à partir de la barre de recherche google

 

J'ai lancé une analyse ZHP DIAG et j'aimerais que vous puissiez m'aider.

 

Voici ce qu'a donné l'analyse

 

Vous pouvez me joindre à ********@gmail.com

 

Merci d'avance

 

Rapport de ZHPDiag v1.28.293 par Nicolas Coolman, Update du 18/12/2011

Run by Propriétaire at 20/12/2011 13:47:49

Web site : ZHPDiag Outil de diagnostic

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.7601.17514 (Defaut)

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_COA_NSLP channel

Windows ID Activation : OK

~ Windows Partial Key : JD4CM

Windows License : OK

~ Windows Remaining Initializations Number : 4

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4091 MB (55% free)

System Restore: Activé (Enable)

System drive C: has 224 GB (23%) free of 931 GB

 

---\\ Logged in mode

~ Computer Name: PROPRIÉTAIRE-PC

~ User Name: Propriétaire

~ All Users Names: Propriétaire, HomeGroupUser$, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Propriétaire\AppData\Roaming\

~ %Desktop% : C:\Users\Propriétaire\Desktop\

~ %Favorites% : C:\Users\Propriétaire\Favorites\

~ %LocalAppData% : C:\Users\Propriétaire\AppData\Local\

~ %StartMenu% : C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 224 Go of 931 Go)

D:\ CD-ROM drive (Not Inserted)

E:\ Hard drive, Flash drive, Thumb drive (Free 825 Go of 932 Go)

F:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.19/06/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.4EFC156290537BB9706D3A7A1A4B8733] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.16/12/2011 - 06:41:43.) -- C:\Windows\system32\wininet.dll [1188864]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/06/2011 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/06/2011 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.20/06/2011 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.19/06/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/06/2011 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/06/2011 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/06/2011 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.19/06/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/06/2011 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.13/07/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/06/2011 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/06/2011 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/06/2011 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 358/43970

~ Mes musiques (My Musics) : 822/2867

~ Mes Videos (My Videos) : 5/119

~ Mes Favoris (My Favorites) : 2/39

~ Mes Documents (My Documents) : 766/32035

~ Mon Bureau (My Desktop) : 1/15

~ Menu demarrer (Programs) : 7/61

~ Scan Hidden Files in 01mn 23s

 

 

 

---\\ Processus lancés

[MD5.95931097427085D02BE9E921C97771A0] - (...) -- C:\Users\Propriétaire\AppData\Roaming\BA4B2\DE986.exe [177664] [PID.1552]

[MD5.BD885C80B2E621E479CD0AEC3CEB78FB] - (...) -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\862B\41D.exe [292864] [PID.2204]

[MD5.6C6AB98D8DA92EA70A7B7774C2412CED] - (...) -- C:\Users\Propriétaire\AppData\Roaming\B295F\lvvm.exe [192000] [PID.3844]

[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904] [PID.3864]

[MD5.E02E715FA2BC8D88FF9362374E309D76] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392] [PID.3932]

[MD5.7609F659EDEE995BE6AD93FDDC1E4384] - (.ACD Systems - Device Detector.) -- C:\Program Files (x86)\Common Files\ACD Systems\EN\DevDetect.exe [435536] [PID.3948]

[MD5.83D7EEB3E14F14C489D44A4D32D7FB44] - (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE [38408] [PID.4076]

[MD5.969D876424F521AB1B938092FB077371] - (.CyberLink Corporation. - InstantBurn UDF Tool.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe [681256] [PID.4168]

[MD5.74EF10CD035DE51171C98E60E53AE221] - (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [104936] [PID.4184]

[MD5.28FD28A29C637C9AFEFE0A26E27C6DFE] - (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe [91432] [PID.4248]

[MD5.BD1D3356384529CE03D3D7155091EB6D] - (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe [75048] [PID.4264]

[MD5.95A7E88A5F4EF79C605413F00A945CD3] - (.DeviceVM, Inc. - Browser Configuration Utility.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [346320] [PID.4384]

[MD5.76375D7763C9B56C0E96AE30F6160DFF] - (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe [600256] [PID.4408]

[MD5.9C526EAF26ADF5346E607A7B82C76A3A] - (.Belgian Government - beidgui executable.) -- C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe [2060288] [PID.4460]

[MD5.56D92E37FCE2613C36883698A2F3BD9A] - (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Create 5\PdfCreate5Hook.exe [1277952] [PID.4576]

[MD5.68B7A5320065FCC7F4DF5A0DC3281EA5] - (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344] [PID.4632]

[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.4712]

[MD5.60EC4BC29892A106942EC0122F5A39DE] - (.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe [5668864] [PID.1436]

[MD5.B3495A2B54E28B11A3E1DFA56974144C] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil11c_ActiveX.exe [247968] [PID.1260]

[MD5.762809F0426F984AE535D05EBFB0258B] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [712704] [PID.3296]

[MD5.81DF1D2312CE980B844A6BC0863FE40F] - (.Microsoft Corporation - Microsoft Office Word.) -- C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE [408936] [PID.4432]

[MD5.F29D375926E36E3A56AF4805C7749302] - (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [219360] [PID.]

[MD5.2238B91AC1A12CC6CC4C4FED41258B2A] - (.Hewlett-Packard Company - LightScribe Service.) -- C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.BB74024A1D4E4808562C090980151653] - (.MyWebSearch.com - My Web Search Bar.) -- C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe [34320] [PID.]

[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.]

[MD5.7AEA4DF1CA68FD45DD4BBE1F0243CE7F] - (...) -- C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe [71096] [PID.]

[MD5.7CCAEBCAB6FC1ED0206C07E083E79207] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152] [PID.]

[MD5.43F1EE6E8EB468D368AF365EFD5111BD] - (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [240232] [PID.]

[MD5.7C475054074AA9E61A20E2414D368455] - (.Pas de propriétaire - Service Watcher.) -- C:\Windows\SysWOW64\SvcWatch.exe [81920] [PID.]

[MD5.A50FB7EF8C9FDE291653CD777D8EED5C] - (...) -- C:\Program Files (x86)\Tor\tor.exe [2743310] [PID.]

[MD5.E3588B11922D1620ECE82254E62E5D89] - (.Pas de propriétaire - Provides Internet Name Service.) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe [2424320] [PID.]

[MD5.7548066DF68A8A1A56B043359F915F37] - (.Intel Corporation - RAID Monitor.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe [354840] [PID.]

~ Scan Processes Running in 00mn 06s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

P2 - FPN: [HKLM] [@microsoft.com/GENUINE] - (.Microsoft Corporation - Windows Activation Technologies Plugin for Mozilla.) -- C:\Windows\System32\Wat\npWatWeb.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R3 - URLSearchHook: SearchHook Class [64Bits] - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} . (.DeviceVM, Inc. - Browser Configuration Utility Address Bar S.) (1.1.11.0) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll

R3 - URLSearchHook: (no name) [64Bits] - {00A6FAF6-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) (1, 2, 0, 11) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.dll

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (8.00.7600.16385 (win7_rtm.090713-1255)) -- C:\Windows\System32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:53152

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: MyWebSearch Search Assistant BHO [64Bits] - {00A6FAF1-072E-44cf-8957-5838F569A31D} . (.MyWebSearch.com - MyWebSearch Search Assistant.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.dll

O2 - BHO: mwsBar BHO [64Bits] - {07B18EA1-A523-4961-B6BB-170DE4475CCA} . (.MyWebSearch.com - My Web Search.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\

O2 - BHO: SkypeIEPluginBHO [64Bits] - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: ZeonIEEventHelper Class [64Bits] - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\bin\ZeonIEFavClient.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKLM\..\Run: [iAAnotif] . (.Intel Corporation - Event Monitor User Notification Tool.) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe

O4 - HKCU\..\Run: [Power2GoExpress] Clé orpheline

O4 - HKCU\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

O4 - HKCU\..\Run: [Device Detector] DevDetect.exe

O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATICEE.exe

O4 - HKCU\..\Run: [OpAgent] OpAgent.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.exe

O4 - HKCU\..\Run: [41D.exe] . (...) -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\862B\41D.exe

O4 - HKLM\..\Wow6432Node\Run: [instantBurn] . (.CyberLink Corporation. - InstantBurn UDF Tool.) -- C:\Program Files (x86)\CyberLink\InstantBurn\Win2K\IBurn.exe

O4 - HKLM\..\Wow6432Node\Run: [updateLBPShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [CLMLServer] . (.CyberLink - CyberLink MediaLibray Service.) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

O4 - HKLM\..\Wow6432Node\Run: [updateP2GoShortCut] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [updatePDRShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [RemoteControl8] . (.CyberLink Corp. - PowerDVD RC Service.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PDVD8Serv.exe

O4 - HKLM\..\Wow6432Node\Run: [PDVD8LanguageShortcut] . (.CyberLink Corp. - PowerDVD Language Application.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\Language\Language.exe

O4 - HKLM\..\Wow6432Node\Run: [bDRegion] . (.cyberlink - brs.) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe

O4 - HKLM\..\Wow6432Node\Run: [updatePPShortCut] . (.CyberLink Corp. - StartMen Application.) -- C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe

O4 - HKLM\..\Wow6432Node\Run: [updatePSTShortCut] Clé orpheline

O4 - HKLM\..\Wow6432Node\Run: [bCU] . (.DeviceVM, Inc. - Browser Configuration Utility.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe

O4 - HKLM\..\Wow6432Node\Run: [JMB36X IDE Setup] . (...) -- C:\Windows\RaidTool\xInsIDE.exe

O4 - HKLM\..\Wow6432Node\Run: [agentantidote.exe] . (.Druide informatique inc. - AgentAntidote.) -- C:\Program Files (x86)\Druide\Antidote 7\Programmes32\agentantidote.exe

O4 - HKLM\..\Wow6432Node\Run: [bePCSC] . (...) -- C:\Program Files (x86)\EmvSmartCardReader\BePCSC.exe

O4 - HKLM\..\Wow6432Node\Run: [smartMon] . (...) -- C:\Program Files (x86)\EmvSmartCardReader\SmartMON.exe

O4 - HKLM\..\Wow6432Node\Run: [beid] . (.Belgian Government - beidgui executable.) -- C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe

O4 - HKLM\..\Wow6432Node\Run: [Nuance OmniPage 17-reminder] . (.Nuance Communications, Inc. - Ereg (Unicode version).) -- C:\Program Files (x86)\Nuance\OmniPage17\Ereg\Ereg.exe

O4 - HKLM\..\Wow6432Node\Run: [PDFHook] . (.Nuance Communications, Inc. - PdfCreateHook Application.) -- C:\Program Files (x86)\Nuance\PDF Create 5\PdfCreate5Hook.exe

O4 - HKLM\..\Wow6432Node\Run: [PDF5 Registry Controller] . (.Nuance Communications, Inc. - PDF Converter Registry Controller.) -- C:\Program Files (x86)\Nuance\PDF Create 5\RegistryController.exe

O4 - HKLM\..\Wow6432Node\Run: [CloneCDTray] . (.SlySoft, Inc. - CloneCD Tray.) -- C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe

O4 - HKLM\..\Wow6432Node\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O4 - HKLM\..\Wow6432Node\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files\MYWEBS~1\bar\1.bin\m3SrchMn.exe (.not file.)

O4 - HKLM\..\Wow6432Node\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [Power2GoExpress] Clé orpheline

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [LightScribe Control Panel] . (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [Device Detector] DevDetect.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [EPSON Stylus DX8400 Series] . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) -- C:\Windows\System32\spool\drivers\x64\3\E_IATICEE.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [OpAgent] OpAgent.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [MyWebSearch Email Plugin] . (.MyWebSearch.com - My Web Search Plugin Loader.) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.exe

O4 - HKUS\S-1-5-21-2611574036-4080446114-3973540197-1000\..\Run: [41D.exe] . (...) -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\862B\41D.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\AVS Video Converter.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\AVS4YOU Software Navigator.lnk . (.Online Media Technologies Ltd..) -- C:\Program Files (x86)\AVS4YOU\AVSSoftwareNavigator\AVS4YOUSoftwareNavigator.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\Blu-ray Disc Suite.lnk . (.CyberLink.) -- C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\PowerStarter.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\DVD Shrink 3.2.lnk . (.DVD Shrink.) -- C:\Program Files (x86)\DVD Shrink\DVD Shrink 3.2.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\EPSON Easy Photo Print.lnk . (.SEIKO EPSON CORPORATION.) -- C:\Program Files (x86)\epson\Creativity Suite\Easy Photo Print\EEasyPhotoPrint.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\Format Factory.lnk . (.Free Time.) -- C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\HiJackThis.lnk . (.Trend Micro Inc..) -- C:\Users\Propriétaire\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\Nero Burning ROM.lnk . (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 9\Nero Burning ROM\Nero.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\OmniPage Professional 17.lnk . (.Macrovision Corporation.) -- C:\Windows\Installer\{34AFE453-F544-4269-89C9-CAB7F0744963}\NewShortcut5_C2133FA16288405E847EE66BD59EB0BB.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\VirtualDubMOD.lnk . (...) -- C:\Program Files (x86)\VirtualDubMOD\VirtualDubMod.exe

O4 - Global Startup: C:\Users\Propriétaire\Desktop\Windows Live Mail.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

O4 - Global Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\CDRWIN 8.lnk . (.Engelmann Media GmbH.) -- C:\Program Files (x86)\CDRWIN 8\CDRWIN8.exe

O4 - Global Startup: C:\Users\Propriétaire\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: Ajouter au fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: Ajouter le contenu des liens sélectionnés à un fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: Ajouter le contenu du lien à un fichier PDF existant . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: Créer des fichiers PDF à partir des liens sélectionnés . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: Créer fichier PDF . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: Créer un fichier PDF depuis le contenu du lien . (.Zeon Corporation - ZeonIEFavClient.dll.) -- C:\Program Files (x86)\Nuance\PDF Create 5\Bin\ZeonIEFavClient.dll

O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\Program Files\MICROS~3\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{2EFDD74B-C835-486B-99FB-70D7676398CE}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{49DD0DBB-A97C-4266-89C0-AB58DB528CA0}: DhcpNameServer = 109.88.203.3 212.68.193.196

O17 - HKLM\System\CS1\Services\Tcpip\..\{2EFDD74B-C835-486B-99FB-70D7676398CE}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{49DD0DBB-A97C-4266-89C0-AB58DB528CA0}: DhcpNameServer = 109.88.203.3 212.68.193.196

O17 - HKLM\System\CS2\Services\Tcpip\..\{2EFDD74B-C835-486B-99FB-70D7676398CE}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{49DD0DBB-A97C-4266-89C0-AB58DB528CA0}: DhcpNameServer = 109.88.203.3 212.68.193.196

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: skype-ie-addon-data [64Bits] - {91774881-D725-4E58-B298-07617B9B86A8} . (.Skype Technologies S.A. - Skype Click to Call for Internet Explorer.) -- C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: deflate [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: gzip [64Bits] - {8f6b0360-b80d-11d0-a9b3-006097942311} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Browser Configuration Utility Service (BCUService) . (.DeviceVM, Inc. - Browser Configuration Utility Auto-recovery.) - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION - EPSON Status Monitor 3.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe

O23 - Service: (gpsvc) - Clé orpheline

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) . (.Intel Corporation - RAID Monitor.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: My Web Search Service (MyWebSearchService) . (.MyWebSearch.com - My Web Search Bar.) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.exe

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: NMSAccess (NMSAccess) . (...) - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 196.3.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) . (.NVIDIA Corporation - Stereo Vision Control Panel API Server.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: Service Watcher (SvcWatch) . (.Pas de propriétaire - Service Watcher.) - C:\Windows\SysWOW64\SvcWatch.exe

O23 - Service: Tor Win32 Service (tor) . (...) - C:\Program Files (x86)\Tor\tor.exe

O23 - Service: Windows Internet Name Service (Windows Internet Name Service) . (.Pas de propriétaire - Provides Internet Name Service.) - C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

O23 - Service: Power Control [2010/02/17 18:05:23] ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp. - Pas de description.) - C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At11.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\At14.job

[MD5.00000000000000000000000000000000] [APT] [{0560B52B-2149-4B05-B039-D6C06FC96BF2}] (...) -- C:\Users\Propriétaire\Downloads\eMule\Incoming\(Full Ver.) Antidote HD\appsetup.exe (.not file.)

[MD5.79197AB8FC20E781BA141E291866A909] [APT] [{0E4EFF6A-8F7D-4985-BD41-D0B0697C5FF1}] (.Skype Technologies S.A..) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

[MD5.00000000000000000000000000000000] [APT] [{175198A9-2608-4D28-AF04-690792730B0D}] (...) -- C:\Users\Propriétaire\Desktop\Incoming\- Nero 9 - Keygen - Serial - Multilinguage (Eng-Spa-Ger-Fra-Ita) (Softwareé Applicationé Appé 2008-2009 Licenseé Full Ed

[MD5.00000000000000000000000000000000] [APT] [{51B702ED-3D83-481A-9434-82B2D3D7ED48}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\setup.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{640680D7-10CF-4E4B-94B1-A95F505C1132}] (...) -- C:\Users\Propriétaire\Downloads\eMule\Incoming\Nero Burning ROM v10.0.13100 + Serial\Nero-10.0.13100_trial.exe (.not file.)

[MD5.E7B263BFC7A6D9408DA0A73E5F238029] [APT] [{B73776EC-733A-44C7-93D2-3DC480FF0544}] (.Nero AG.) -- C:\Program Files (x86)\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe

[MD5.00000000000000000000000000000000] [APT] [{C0C9C86F-F449-4B25-A8F3-2D02DD291425}] (...) -- C:\Program Files (x86)\InstallShield Installation Information\{5396FBD8-8BD7-47F9-92AE-F62F13D5A11D}\setupmk.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C88C61E2-9F78-4267-B696-1B499667ED95}] (...) -- C:\Users\Propriétaire\Downloads\eMule\Incoming\(Full Ver.) Antidote HD\Install.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D481A8BE-9130-4BD3-8291-FF73EAD0A564}] (...) -- C:\Program Files (x86)\NETGEAR\WG111v3\WG111v3.exe (.not file.)

~ Scan Scheduled Task in 00mn 08s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (bygtlgkf) . (. - .) - C:\Windows\system32\drivers\bygtlgkf.sys (.not file.)

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: (CLBStor) . (.Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.) - C:\Windows\system32\DRIVERS\CLBStor.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\system32\Drivers\ElbyCDIO.sys

O41 - Driver: (gkpeccig) . (. - .) - C:\Windows\system32\drivers\gkpeccig.sys (.not file.)

O41 - Driver: (mkzratdh) . (. - .) - C:\Windows\system32\drivers\mkzratdh.sys (.not file.)

O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\Windows\system32\DRIVERS\MpFilter.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: (oaoieyav) . (. - .) - C:\Windows\system32\drivers\oaoieyav.sys (.not file.)

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (Serial) . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) - C:\Windows\system32\DRIVERS\serial.sys

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

O41 - Driver: (wmgqtjjz) . (. - .) - C:\Windows\system32\drivers\wmgqtjjz.sys (.not file.)

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ABBYY FineReader 6.0 Sprint - (.ABBYY Software House.) [HKLM] -- {ACF60000-22B9-4CE9-98D6-2CCF359BAC07}

O42 - Logiciel: ACDSee Photo Manager 2009 - (.ACD Systems International.) [HKLM] -- {300578F9-9EFF-4B93-9AB1-C0E5707EF463}

O42 - Logiciel: AVS Update Manager 1.0 - (.Online Media Technologies Ltd..) [HKLM] -- AVS Update Manager_is1

O42 - Logiciel: AVS Video Converter 7 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Video Converter 7_is1

O42 - Logiciel: AVS4YOU Software Navigator 1.4 - (.Online Media Technologies Ltd..) [HKLM] -- AVS4YOU Software Navigator_is1

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Reader 9.4.6 - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-A94000000001}

O42 - Logiciel: Antidote HD - (.Druide informatique inc..) [HKLM] -- {56CDB4FE-895F-4E0D-8BB4-9A8D4310898D}

O42 - Logiciel: Belgium e-ID middleware 3.5.3 (build 6295) - (.Belgian Government.) [HKLM] -- {824563DE-75AD-4166-9DC0-B6482F206295}

O42 - Logiciel: Browser Configuration Utility - (.DeviceVM.) [HKLM] -- {5B363E1D-8C36-4458-BAE4-D5081999E094}

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: CDRWIN 8 - (.Engelmann Media GmbH.) [HKLM] -- {23D4A873-14FF-474E-0001-6529DDC11226}

O42 - Logiciel: Camera RAW Plug-In for EPSON Creativity Suite - (.SEIKO EPSON CORPORATION.) [HKLM] -- {93EA9C3E-BDFD-4309-A605-9B5BBC0CCEFD}

O42 - Logiciel: CloneCD - (.SlySoft.) [HKLM] -- CloneCD

O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink Blu-ray Disc Suite - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink InstantBurn - (.CyberLink Corp..) [HKLM] -- {19C64880-BBCA-11D4-9EEE-0004ACDDDB3B}

O42 - Logiciel: CyberLink LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: CyberLink PowerBackup - (.CyberLink Corp..) [HKLM] -- {ADD5DB49-72CF-11D8-9D75-000129760D75}

O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}

O42 - Logiciel: CyberLink PowerDVD 8 - (.CyberLink Corp..) [HKLM] -- {2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}

O42 - Logiciel: CyberLink PowerProducer - (.CyberLink Corp..) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: EPSON Attach To Email - (.SEIKO EPSON.) [HKLM] -- InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}

O42 - Logiciel: EPSON Copy Utility 3 - (.Pas de propriétaire.) [HKLM] -- {67EDD823-135A-4D59-87BD-950616D6E857}

O42 - Logiciel: EPSON Easy Photo Print - (.SEIKO EPSON CORPORATION.) [HKLM] -- {3D78F2A2-C893-4ABD-B5FE-AD7011837755}

O42 - Logiciel: EPSON File Manager - (.Pas de propriétaire.) [HKLM] -- {2EB81825-E9EE-44F4-8F51-1240C3898DC6}

O42 - Logiciel: EPSON Logiciel imprimante - (.SEIKO EPSON Corporation.) [HKLM] -- EPSON Printer and Utilities

O42 - Logiciel: EPSON Scan - (.Pas de propriétaire.) [HKLM] -- EPSON Scanner

O42 - Logiciel: EPSON Scan Assistant - (.Pas de propriétaire.) [HKLM] -- {2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}

O42 - Logiciel: EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manuel - (.Pas de propriétaire.) [HKLM] -- EPSON Stylus CX7300_CX8300_DX7400_DX8400 Guide d'utilisation

O42 - Logiciel: EVEREST Ultimate Edition v5.30 - (.Lavalys, Inc..) [HKLM] -- EVEREST Ultimate Edition_is1

O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] -- Firebird SQL Server F

O42 - Logiciel: FormatFactory 2.60 - (.Free Time.) [HKLM] -- FormatFactory

O42 - Logiciel: FoxTab PDF Converter - (.Pas de propriétaire.) [HKCU] -- FoxTab PDF Converter

O42 - Logiciel: Free PDF to Word Doc Converter v1.1 - (.www.hellopdf.com.) [HKLM] -- Free PDF to Word Doc Converter_is1

O42 - Logiciel: Gigabyte Raid Configurer - (.Gigabyte Technology Corp..) [HKLM] -- {3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}

O42 - Logiciel: INDEX EDUCATION - EDT Monoposte 2011 - (.Index Education.) [HKLM] -- {C3607C93-C5C1-4350-82AB-3FDBFE73A6BE}

O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}

O42 - Logiciel: Java 6 Update 30 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216016FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: LaCie Formatter for LaCinema 1.0.0.4 - (.Pas de propriétaire.) [HKLM] -- {06201DFE-28BC-4A31-A5D2-F02F08C746F8}_is1

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {CC8E94A2-55C7-4460-953C-2A790180578C}

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: MAGIX Goya burnR 1.3.1.3 (F) - (.MAGIX AG.) [HKLM] -- MAGIX Goya burnR F

O42 - Logiciel: MAGIX Photos sur CD & DVD 7 7.0.2.0 (F) - (.MAGIX AG.) [HKLM] -- MAGIX Photos sur CD & DVD 7 F

O42 - Logiciel: MAGIX Screenshare 4.3.6.1987 (F) - (.MAGIX AG.) [HKLM] -- MAGIX Screenshare F

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}

O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR

O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Live Add-in 1.5 - (.Microsoft Corporation.) [HKLM] -- {F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}

O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {42738DB0-FC3E-4672-A99B-9372F5696E30}

O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {DC911ADF-7B60-40F2-A112-FB1EB6402D07}

O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {770657D0-A123-3C07-8E44-1C83EC895118}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {E10DB5DA-E576-40EA-A7FC-1CB2A7B283A6}

O42 - Logiciel: NVIDIA Stereoscopic 3D Driver - (.NVIDIA Corporation.) [HKLM] -- NVIDIAStereo

O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM] -- {d37781fb-ba2f-449a-a67e-2e9be8292bc0}

O42 - Logiciel: Nuance OmniPage 17 - (.Nuance Communications, Inc..) [HKLM] -- {34AFE453-F544-4269-89C9-CAB7F0744963}

O42 - Logiciel: Nuance PDF Create! 5 - (.Nuance Communications, Inc.) [HKLM] -- {CFF1444A-30A3-4CEC-89F3-18D2F65590F4}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: Realtek Ethernet Controller Driver - (.Realtek.) [HKLM] -- {8833FFB6-5B0C-4764-81AA-06DFEED9A476}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Roadkil's Unstoppable Copier Version 4.2 - (.Roadkil.Net.) [HKLM] -- {A306FD29-7D3A-4287-91AC-9A0180931395}_is1

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288621) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2288931) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CD769337-C8AC-46DB-A7DC-643E50089263}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2345043) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{536FB502-775F-4494-BACE-C02CC90B7A5B}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553089) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2553090) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB2584063) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB969559) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}

O42 - Logiciel: Security Update for 2007 Microsoft Office System (KB976321) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7F207DCA-3399-40CB-A968-6E5991B1421A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB979441) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007 (KB973709) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2344993) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}

O42 - Logiciel: Security Update for Microsoft Office system 2007 (KB974234) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: Skype Click to Call - (.Skype Technologies S.A..) [HKLM] -- {B6CF2967-C81E-40C0-9815-C05774FEF120}

O42 - Logiciel: Skype 5.5 - (.Skype Technologies S.A..) [HKLM] -- {AA59DDE4-B672-4621-A016-4C248204957A}

O42 - Logiciel: SmartCard Reader Driver Installation - (.SmartCard Reader.) [HKLM] -- InstallShield_{C6D91586-9F98-4CFD-9BC3-FC0800911005}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB2284654) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{FB166E7C-8AA6-48C8-B726-1F25BEE7825A}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}

O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C20964A7-5181-45E5-9E82-72F5D400DEBF}

O42 - Logiciel: Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{567103D1-96CD-4B76-93B9-2681A187DEFF}

O42 - Logiciel: Update for Microsoft Office OneNote 2007 (KB980729) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{329050A9-EF80-40F9-B633-74508F54C1FF}

O42 - Logiciel: VLC media player 1.1.5 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: VirtualDubMOD 1.5.10.3 Fr - (.Trad-Fr.) [HKLM] -- {B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {180C8888-50F1-426B-A9DC-AB83A1989C65}

O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {DA54F80E-261C-41A2-A855-549A144F2F59}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM] -- eMule

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\ACD Systems]

[HKCU\Software\AVS4YOU]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Fun Web Products]

[HKCU\Software\AppDataLow\Software\FunWebProducts]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\MyWebSearch]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Avg]

[HKCU\Software\BEID]

[HKCU\Software\CDDB]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Cyberlink]

[HKCU\Software\DT Soft]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DeviceVM]

[HKCU\Software\DownloadCenter]

[HKCU\Software\Druide informatique inc.]

[HKCU\Software\EPSON]

[HKCU\Software\EffectMgr]

[HKCU\Software\Engelmann Media]

[HKCU\Software\FLEXnet]

[HKCU\Software\FreeTime]

[HKCU\Software\Freeware]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\Index Education]

[HKCU\Software\Intelligent Converters]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lake]

[HKCU\Software\Lavalys]

[HKCU\Software\LightScribe]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MAGIX AG]

[HKCU\Software\Macromedia]

[HKCU\Software\Macrovision]

[HKCU\Software\Magix]

[HKCU\Software\Magnet]

[HKCU\Software\MainConcept]

[HKCU\Software\Mozilla]

[HKCU\Software\MyWebSearch]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nuance]

[HKCU\Software\ODBC]

[HKCU\Software\PDFCreator]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\SEIKO EPSON]

[HKCU\Software\ScanSoft]

[HKCU\Software\Skype]

[HKCU\Software\SlySoft]

[HKCU\Software\Softonic]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Zeon]

[HKCU\Software\eMule]

[HKLM\Software\<company>]

[HKLM\Software\ABBYY]

[HKLM\Software\ACD Systems]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVS4YOU]

[HKLM\Software\Adobe]

[HKLM\Software\Ahead]

[HKLM\Software\Audible]

[HKLM\Software\Avg]

[HKLM\Software\AviSynth]

[HKLM\Software\BEID]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Creative Tech]

[HKLM\Software\CyberLink]

[HKLM\Software\DeviceVM]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Druide informatique inc.]

[HKLM\Software\EPSON]

[HKLM\Software\Elaborate Bytes]

[HKLM\Software\Engelmann Media]

[HKLM\Software\FocusInteractive]

[HKLM\Software\Fun Web Products]

[HKLM\Software\GNU]

[HKLM\Software\Gigabyte Technology Corp.]

[HKLM\Software\Google]

[HKLM\Software\HaaliMkx]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\Lake]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\Macromedia]

[HKLM\Software\Magix]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\MyWebSearch]

[HKLM\Software\NETGEAR]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\PDFCreator]

[HKLM\Software\Policies]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\ScanSoft]

[HKLM\Software\Skype]

[HKLM\Software\SlySoft]

[HKLM\Software\Sonic]

[HKLM\Software\Trad-FR]

[HKLM\Software\VideoLAN]

[HKLM\Software\Waves Audio]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wow6432Node]

[HKLM\Software\ZEON]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 29/11/2011 - 22:12:52 - [75,534] ----D- C:\Program Files\Common Files

O43 - CFD: 17/12/2011 - 16:03:58 - [86,076] ----D- C:\Program Files\DVD Maker

O43 - CFD: 25/02/2010 - 07:53:36 - [0] ----D- C:\Program Files\EPSON

O43 - CFD: 17/02/2010 - 17:46:48 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 20/12/2011 - 13:22:40 - [4,941] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 29/11/2011 - 22:12:52 - [142,324] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 29/11/2011 - 22:12:52 - [1,089] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 29/11/2011 - 22:12:52 - [22,502] ----D- C:\Program Files\Microsoft Security Client

O43 - CFD: 29/11/2011 - 22:12:52 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 29/11/2011 - 22:12:52 - [49,898] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 29/11/2011 - 22:12:52 - [13,797] ----D- C:\Program Files\Realtek

O43 - CFD: 29/11/2011 - 22:12:52 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 17/12/2011 - 16:03:56 - [3,853] ----D- C:\Program Files\Windows Defender

O43 - CFD: 17/12/2011 - 16:03:58 - [8,797] ----D- C:\Program Files\Windows Journal

O43 - CFD: 29/11/2011 - 22:12:52 - [0,042] ----D- C:\Program Files\Windows Live

O43 - CFD: 17/12/2011 - 16:03:58 - [6,359] ----D- C:\Program Files\Windows Mail

O43 - CFD: 17/12/2011 - 16:03:58 - [7,331] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 29/11/2011 - 22:12:52 - [12,043] ----D- C:\Program Files\Windows NT

O43 - CFD: 17/12/2011 - 16:03:58 - [5,261] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 17/12/2011 - 16:03:58 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 17/12/2011 - 16:03:58 - [6,718] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 20/12/2011 - 13:20:58 - [63,321] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 29/11/2011 - 22:12:52 - [0,581] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 17/12/2011 - 16:03:58 - [11,629] ----D- C:\Program Files\Common Files\System

O43 - CFD: 09/03/2010 - 15:35:58 - [0,167] ----D- C:\ProgramData\ACD Systems

O43 - CFD: 28/11/2011 - 17:49:56 - [4,486] ----D- C:\ProgramData\Adobe

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 29/11/2011 - 22:13:14 - [148,421] ----D- C:\ProgramData\AVG2012

O43 - CFD: 19/01/2011 - 16:01:40 - [0] ----D- C:\ProgramData\AVS4YOU

O43 - CFD: 17/02/2010 - 17:46:48 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 02/08/2010 - 22:22:22 - [0] ----D- C:\ProgramData\Canneverbe Limited

O43 - CFD: 11/11/2010 - 22:46:22 - [0,355] ----D- C:\ProgramData\CDRWIN 8

O43 - CFD: 29/11/2011 - 20:27:26 - [0,000] --H-D- C:\ProgramData\Common Files

O43 - CFD: 10/11/2010 - 20:38:44 - [1,118] ----D- C:\ProgramData\CyberLink

O43 - CFD: 27/10/2010 - 22:06:26 - [0,001] ----D- C:\ProgramData\DAEMON Tools Pro

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 14/01/2011 - 09:33:18 - [0,000] ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 07/03/2010 - 20:29:52 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 22/02/2010 - 08:16:50 - [0,488] ----D- C:\ProgramData\EPSON

O43 - CFD: 17/02/2010 - 17:46:48 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 09/09/2010 - 14:33:18 - [3,388] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 19/02/2010 - 11:22:34 - [0,052] ----D- C:\ProgramData\InstallShield

O43 - CFD: 29/11/2011 - 18:55:54 - [0,206] ----D- C:\ProgramData\Kaspersky Lab

O43 - CFD: 02/06/2010 - 17:29:16 - [0,001] ----D- C:\ProgramData\LightScribe

O43 - CFD: 09/09/2010 - 14:36:20 - [3,388] ----D- C:\ProgramData\Macrovision

O43 - CFD: 09/02/2011 - 22:34:50 - [570,958] ----D- C:\ProgramData\MAGIX

O43 - CFD: 17/02/2010 - 17:46:48 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 29/11/2011 - 22:13:14 - [18,460] ----D- C:\ProgramData\MFAData

O43 - CFD: 20/06/2011 - 10:06:38 - [994,971] -S--D- C:\ProgramData\Microsoft

O43 - CFD: 20/12/2011 - 13:20:58 - [0,055] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 17/02/2010 - 17:46:48 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 03/08/2011 - 18:55:52 - [9,333] ----D- C:\ProgramData\Nero

O43 - CFD: 09/09/2010 - 14:36:28 - [0,000] ----D- C:\ProgramData\Nuance

O43 - CFD: 20/12/2011 - 13:23:06 - [2,166] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 09/09/2010 - 14:34:10 - [0,150] ----D- C:\ProgramData\ScanSoft

O43 - CFD: 27/10/2011 - 19:31:10 - [50,517] ----D- C:\ProgramData\Skype

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 29/04/2010 - 05:27:14 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 20/12/2011 - 13:24:20 - [0,258] ---AD- C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 08/09/2010 - 17:15:00 - [0,003] ----D- C:\ProgramData\UDL

O43 - CFD: 09/09/2010 - 14:36:26 - [0,050] ----D- C:\ProgramData\zeon

O43 - CFD: 08/03/2010 - 11:20:00 - [3,478] ----D- C:\Users\Propriétaire\AppData\Roaming\ACD Systems

O43 - CFD: 19/02/2010 - 17:52:20 - [6,357] ----D- C:\Users\Propriétaire\AppData\Roaming\Adobe

O43 - CFD: 07/03/2010 - 09:30:00 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\AVG8

O43 - CFD: 19/01/2011 - 16:01:40 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\AVS4YOU

O43 - CFD: 20/12/2011 - 13:20:58 - [0,183] ----D- C:\Users\Propriétaire\AppData\Roaming\B295F

O43 - CFD: 20/12/2011 - 13:20:58 - [0,367] ----D- C:\Users\Propriétaire\AppData\Roaming\BA4B2

O43 - CFD: 02/08/2010 - 22:22:22 - [0,001] ----D- C:\Users\Propriétaire\AppData\Roaming\Canneverbe Limited

O43 - CFD: 10/11/2010 - 20:38:44 - [0,002] ----D- C:\Users\Propriétaire\AppData\Roaming\CyberLink

O43 - CFD: 27/10/2010 - 22:06:10 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\DAEMON Tools Pro

O43 - CFD: 21/05/2010 - 12:28:40 - [0,002] ----D- C:\Users\Propriétaire\AppData\Roaming\Druide

O43 - CFD: 03/03/2010 - 17:22:56 - [0,741] ----D- C:\Users\Propriétaire\AppData\Roaming\EPSON

O43 - CFD: 09/09/2010 - 14:37:32 - [0,000] ----D- C:\Users\Propriétaire\AppData\Roaming\FLEXnet

O43 - CFD: 17/02/2010 - 17:47:20 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\Identities

O43 - CFD: 19/08/2011 - 18:07:44 - [0,001] ----D- C:\Users\Propriétaire\AppData\Roaming\IndexEducation

O43 - CFD: 17/02/2010 - 18:25:34 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\InstallShield

O43 - CFD: 18/02/2010 - 09:30:06 - [0,000] ----D- C:\Users\Propriétaire\AppData\Roaming\Macromedia

O43 - CFD: 09/02/2011 - 22:35:00 - [0,008] ----D- C:\Users\Propriétaire\AppData\Roaming\MAGIX

O43 - CFD: 14/07/2009 - 16:35:06 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\Media Center Programs

O43 - CFD: 20/12/2011 - 12:53:00 - [40,145] -S--D- C:\Users\Propriétaire\AppData\Roaming\Microsoft

O43 - CFD: 06/12/2011 - 18:02:44 - [12,632] ----D- C:\Users\Propriétaire\AppData\Roaming\Mozilla

O43 - CFD: 03/08/2011 - 19:29:32 - [0,598] ----D- C:\Users\Propriétaire\AppData\Roaming\Nero

O43 - CFD: 09/09/2010 - 14:34:14 - [0] ----D- C:\Users\Propriétaire\AppData\Roaming\Nuance

O43 - CFD: 27/05/2010 - 12:01:00 - [2,244] ----D- C:\Users\Propriétaire\AppData\Roaming\OpenOffice.org

O43 - CFD: 09/09/2010 - 14:37:26 - [1,294] ----D- C:\Users\Propriétaire\AppData\Roaming\ScanSoft

O43 - CFD: 29/11/2011 - 19:28:26 - [2,664] ----D- C:\Users\Propriétaire\AppData\Roaming\Skype

O43 - CFD: 28/07/2010 - 05:39:34 - [0,226] ----D- C:\Users\Propriétaire\AppData\Roaming\skypePM

O43 - CFD: 30/05/2010 - 17:35:20 - [12,550] ----D- C:\Users\Propriétaire\AppData\Roaming\U3

O43 - CFD: 04/10/2011 - 18:30:14 - [1,625] ----D- C:\Users\Propriétaire\AppData\Roaming\vlc

O43 - CFD: 07/11/2010 - 09:09:10 - [0,000] ----D- C:\Users\Propriétaire\AppData\Roaming\Windows Live Writer

O43 - CFD: 08/03/2010 - 11:16:50 - [0,000] ----D- C:\Users\Propriétaire\AppData\Roaming\WinRAR

O43 - CFD: 09/09/2010 - 14:37:28 - [0,045] ----D- C:\Users\Propriétaire\AppData\Roaming\Zeon

O43 - CFD: 09/09/2010 - 14:41:18 - [0,015] ----D- C:\Users\Propriétaire\AppData\Local\ABBYY

O43 - CFD: 08/03/2010 - 11:22:08 - [317,547] ----D- C:\Users\Propriétaire\AppData\Local\ACD Systems

O43 - CFD: 19/06/2011 - 08:35:14 - [5,560] ----D- C:\Users\Propriétaire\AppData\Local\Adobe

O43 - CFD: 17/02/2010 - 17:47:04 - [0] -SH-D- C:\Users\Propriétaire\AppData\Local\Application Data

O43 - CFD: 29/11/2011 - 19:18:46 - [7,771] ----D- C:\Users\Propriétaire\AppData\Local\Diagnostics

O43 - CFD: 08/03/2010 - 11:17:20 - [38,506] ----D- C:\Users\Propriétaire\AppData\Local\Downloaded Installations

O43 - CFD: 29/11/2011 - 19:20:58 - [0,078] ----D- C:\Users\Propriétaire\AppData\Local\ElevatedDiagnostics

O43 - CFD: 07/03/2010 - 20:29:52 - [11,594] ----D- C:\Users\Propriétaire\AppData\Local\eMule

O43 - CFD: 11/03/2010 - 15:32:30 - [0,000] ----D- C:\Users\Propriétaire\AppData\Local\Google

O43 - CFD: 17/02/2010 - 17:47:04 - [0] -SH-D- C:\Users\Propriétaire\AppData\Local\Historique

O43 - CFD: 07/11/2010 - 08:19:26 - [1416,678] ----D- C:\Users\Propriétaire\AppData\Local\Microsoft

O43 - CFD: 13/08/2010 - 22:55:56 - [0,370] ----D- C:\Users\Propriétaire\AppData\Local\Microsoft Games

O43 - CFD: 29/11/2011 - 19:28:42 - [0,296] ----D- C:\Users\Propriétaire\AppData\Local\Microsoft Help

O43 - CFD: 06/12/2011 - 18:02:24 - [24,872] ----D- C:\Users\Propriétaire\AppData\Local\Mozilla

O43 - CFD: 24/06/2011 - 20:26:42 - [3,822] ----D- C:\Users\Propriétaire\AppData\Local\Nero

O43 - CFD: 23/06/2011 - 20:54:52 - [0,004] ----D- C:\Users\Propriétaire\AppData\Local\Nero_AG

O43 - CFD: 17/02/2010 - 18:10:10 - [1,351] ----D- C:\Users\Propriétaire\AppData\Local\Power2Go

O43 - CFD: 20/12/2011 - 13:48:52 - [-730,621] ----D- C:\Users\Propriétaire\AppData\Local\Temp

O43 - CFD: 17/02/2010 - 17:47:04 - [0] -SH-D- C:\Users\Propriétaire\AppData\Local\Temporary Internet Files

O43 - CFD: 13/02/2011 - 08:32:50 - [1,998] ----D- C:\Users\Propriétaire\AppData\Local\VirtualStore

O43 - CFD: 17/11/2011 - 08:29:24 - [0,031] ----D- C:\Users\Propriétaire\AppData\Local\Windows Live

O43 - CFD: 07/11/2010 - 08:19:34 - [0,618] ----D- C:\Users\Propriétaire\AppData\Local\Windows Live Writer

O43 - CFD: 27/06/2011 - 08:44:38 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{08C6A858-0B0A-4753-B9EF-B31E9B0FDD75}

O43 - CFD: 07/09/2011 - 15:30:22 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{0D81E86E-93FA-43D3-8363-E2076BEF3129}

O43 - CFD: 01/10/2011 - 08:45:56 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{0D9D41A0-6696-46CC-90EB-61A00FED9021}

O43 - CFD: 12/09/2011 - 17:55:34 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{12B14707-9F81-4F1B-A9CC-D3E7BF83C7DE}

O43 - CFD: 07/09/2011 - 15:30:44 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{179C964A-5AFD-4D0A-9AD1-534CAF2C2380}

O43 - CFD: 17/11/2011 - 08:29:22 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{216F15F5-2F49-4734-96B7-5F35C6B87056}

O43 - CFD: 12/09/2011 - 17:58:28 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{2CB70C65-04D1-4E06-81E2-3C28B556D623}

O43 - CFD: 12/09/2011 - 17:55:24 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{2E167A87-1FA7-43A0-8490-371336030802}

O43 - CFD: 23/09/2011 - 13:18:44 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{2E524C5E-D433-4803-A712-E738E9883B43}

O43 - CFD: 07/09/2011 - 15:29:32 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{2FE3B770-4949-4E28-905A-F899B239DBA8}

O43 - CFD: 12/09/2011 - 17:45:58 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{36A11082-F3DA-427E-827A-9C6837514434}

O43 - CFD: 04/08/2011 - 21:47:00 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{37B085BB-F9F9-431A-8482-CA5715952048}

O43 - CFD: 14/09/2011 - 15:08:16 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{3AA32165-8D43-4DC1-AEE8-7B8E486BFA4F}

O43 - CFD: 19/08/2011 - 09:16:40 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{3FEA7B29-C66E-4F68-B812-14AEFF4013B7}

O43 - CFD: 15/09/2011 - 06:28:54 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{428D4424-C63D-4677-B852-CD7E251FE664}

O43 - CFD: 19/08/2011 - 09:16:50 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{432FA218-A6DB-4710-A5BB-E49EEDFDF3E7}

O43 - CFD: 23/09/2011 - 13:18:32 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{49304AA2-2702-4C36-BC72-4BD652BADD21}

O43 - CFD: 16/11/2011 - 22:45:14 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{5389C5F8-E8E8-48F8-ADC6-BB54DD6DAFA6}

O43 - CFD: 01/09/2011 - 06:12:16 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{5E4009F2-3F06-47B1-AD90-1696A8867C2A}

O43 - CFD: 12/09/2011 - 17:58:38 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{68F1C313-3B29-4053-B72D-A5B4BF754F6A}

O43 - CFD: 17/10/2011 - 10:45:20 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{6DA0DE07-7F3B-4855-95CE-799E86C80DB4}

O43 - CFD: 20/10/2011 - 08:43:30 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{73A7B728-3C3A-4780-BF6E-E5E3933C83B0}

O43 - CFD: 07/09/2011 - 15:29:32 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{756EB766-6AD3-48A8-88C3-4EBF9F29BEA1}

O43 - CFD: 15/09/2011 - 06:32:24 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{78A60FD5-2B0A-4165-9449-8614BE4DC44A}

O43 - CFD: 17/10/2011 - 10:45:32 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{8BE0FDA8-5AED-4635-B717-D924D70915C3}

O43 - CFD: 20/08/2011 - 11:44:00 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{8DEFB6F3-1C09-4FBC-9E48-4C71DE327D76}

O43 - CFD: 17/11/2011 - 08:29:12 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{8EE19AB9-BD51-4896-BA02-D38FA8BFB328}

O43 - CFD: 21/10/2011 - 17:17:16 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{90751B8B-EF39-47F9-B9A6-FD9512B64DA2}

O43 - CFD: 12/09/2011 - 17:40:48 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{94234097-5FD1-4A00-8D91-7739AC04021E}

O43 - CFD: 20/10/2011 - 08:43:40 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{94F02C9A-1F20-4FA8-A1DA-917D0751119F}

O43 - CFD: 19/08/2011 - 09:45:14 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{A12B206E-8A78-4B31-9B6A-0876B8C18D4A}

O43 - CFD: 19/08/2011 - 09:05:16 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{A22A7422-93C5-4B23-A8D9-80D22D34779C}

O43 - CFD: 14/09/2011 - 15:08:06 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{A709EFA3-2A65-43EA-96F3-A5061C5E42EB}

O43 - CFD: 19/08/2011 - 09:21:20 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{A7924F42-A369-4E7B-B28C-F60557B0044A}

O43 - CFD: 01/10/2011 - 08:46:08 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{A9F2692E-A8A7-43DC-ADAB-28FB6194A820}

O43 - CFD: 19/08/2011 - 09:45:24 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{BD1F3DD8-A9D0-40E9-AAFA-5CF6E71D00A3}

O43 - CFD: 15/09/2011 - 06:32:36 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{C0E3914C-23DD-456F-9E70-0350BB5A9987}

O43 - CFD: 12/09/2011 - 17:41:00 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{D5F68BCE-906E-450D-AF6F-998B0593347D}

O43 - CFD: 19/08/2011 - 09:21:32 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{D7AF3CC8-512D-48D3-B9AA-C3D3AB653DA9}

O43 - CFD: 01/09/2011 - 06:12:06 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{E773F7BE-E3DE-43DB-BAAB-DC7544149AA6}

O43 - CFD: 26/06/2011 - 07:16:08 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{E980CEE8-FFF6-40D1-8015-3A2197B2F3BD}

O43 - CFD: 12/09/2011 - 17:45:46 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{EAE985B8-47F9-495D-B28C-6D617D6F715D}

O43 - CFD: 21/06/2011 - 19:57:50 - [0] ----D- C:\Users\Propriétaire\AppData\Local\{F5EA1A30-A7B8-4820-86A8-A92AA25AB36C}

O43 - CFD: 29/11/2011 - 22:12:40 - [118,664] ----D- C:\Program Files (x86)\ABBYY FineReader 6.0 Sprint

O43 - CFD: 29/11/2011 - 22:12:40 - [64,124] ----D- C:\Program Files (x86)\ACD Systems

O43 - CFD: 29/11/2011 - 22:12:40 - [155,435] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 29/11/2011 - 22:12:40 - [7,303] ----D- C:\Program Files (x86)\AGEIA Technologies

O43 - CFD: 02/11/2010 - 17:59:10 - [0,002] ----D- C:\Program Files (x86)\Ask.com

O43 - CFD: 29/11/2011 - 20:29:10 - [18,324] ----D- C:\Program Files (x86)\AVG

O43 - CFD: 29/11/2011 - 22:12:40 - [63,721] ----D- C:\Program Files (x86)\AVS4YOU

O43 - CFD: 29/11/2011 - 22:13:28 - [0,179] ----D- C:\Program Files (x86)\B295F

O43 - CFD: 29/11/2011 - 22:12:40 - [11,881] ----D- C:\Program Files (x86)\Belgium Identity Card

O43 - CFD: 29/11/2011 - 22:12:40 - [8,042] ----D- C:\Program Files (x86)\BlueSquad

O43 - CFD: 29/11/2011 - 22:12:40 - [11,874] ----D- C:\Program Files (x86)\CDBurnerXP

O43 - CFD: 29/10/2010 - 15:25:00 - [19,129] ----D- C:\Program Files (x86)\CDRWIN 8

O43 - CFD: 20/12/2011 - 13:35:52 - [682,789] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 29/11/2011 - 22:12:44 - [971,820] ----D- C:\Program Files (x86)\CyberLink

O43 - CFD: 08/12/2011 - 10:57:38 - [0,079] ----D- C:\Program Files (x86)\DealPly

O43 - CFD: 29/11/2011 - 22:12:46 - [1,163] --H-D- C:\Program Files (x86)\DeviceVM

O43 - CFD: 29/11/2011 - 22:12:46 - [231,111] ----D- C:\Program Files (x86)\Druide

O43 - CFD: 14/01/2011 - 09:33:18 - [0,935] ----D- C:\Program Files (x86)\DVD Shrink

O43 - CFD: 07/05/2010 - 16:18:46 - [0,316] ----D- C:\Program Files (x86)\Easy PDF Creator

O43 - CFD: 07/03/2010 - 20:29:06 - [10,328] ----D- C:\Program Files (x86)\eMule

O43 - CFD: 27/06/2010 - 10:57:18 - [0,639] ----D- C:\Program Files (x86)\EmvSmartCardReader

O43 - CFD: 29/11/2011 - 22:12:46 - [138,006] ----D- C:\Program Files (x86)\epson

O43 - CFD: 29/11/2011 - 22:12:46 - [14,837] ----D- C:\Program Files (x86)\FoxTabPDFConverter

O43 - CFD: 03/11/2011 - 08:03:34 - [0,039] ----D- C:\Program Files (x86)\Free PDF to Word Converter

O43 - CFD: 03/11/2011 - 08:24:50 - [2,722] ----D- C:\Program Files (x86)\Free PDF to Word Doc Converter

O43 - CFD: 29/11/2011 - 22:12:46 - [112,601] ----D- C:\Program Files (x86)\FreeTime

O43 - CFD: 25/11/2011 - 17:07:06 - [0] ----D- C:\Program Files (x86)\FunWebProducts

O43 - CFD: 11/03/2010 - 15:32:36 - [0] ----D- C:\Program Files (x86)\Google

O43 - CFD: 29/11/2011 - 22:12:48 - [76,443] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 29/11/2011 - 22:12:48 - [58,953] ----D- C:\Program Files (x86)\Intel

O43 - CFD: 20/12/2011 - 13:21:20 - [4,381] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 14/12/2011 - 14:51:28 - [87,148] ----D- C:\Program Files (x86)\Java

O43 - CFD: 29/11/2011 - 22:12:48 - [2,234] ----D- C:\Program Files (x86)\LaCie

O43 - CFD: 29/11/2011 - 22:12:48 - [15,558] ----D- C:\Program Files (x86)\Lavalys

O43 - CFD: 02/11/2010 - 17:58:16 - [0,000] ----D- C:\Program Files (x86)\LimeWire

O43 - CFD: 16/12/2011 - 10:55:20 - [0,097] ----D- C:\Program Files (x86)\LP

O43 - CFD: 29/11/2011 - 22:12:48 - [315,881] ----D- C:\Program Files (x86)\MAGIX

O43 - CFD: 29/11/2011 - 22:12:48 - [0,502] ----D- C:\Program Files (x86)\Microsoft

O43 - CFD: 20/06/2011 - 10:07:30 - [0] ----D- C:\Program Files (x86)\Microsoft Antimalware

O43 - CFD: 29/11/2011 - 22:12:48 - [0,764] ----D- C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 20/12/2011 - 13:20:58 - [361,091] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 29/11/2011 - 22:12:48 - [0,960] ----D- C:\Program Files (x86)\Microsoft Security Client

O43 - CFD: 29/11/2011 - 22:12:48 - [36,633] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 20/12/2011 - 13:20:58 - [3,554] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 29/11/2011 - 22:12:48 - [7,789] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 07/12/2011 - 13:43:52 - [8,685] ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 29/11/2011 - 22:12:48 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 03/06/2010 - 11:31:44 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 29/11/2011 - 22:12:48 - [6,874] ----D- C:\Program Files (x86)\MyWebSearch

O43 - CFD: 29/11/2011 - 22:12:50 - [1063,398] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 19/02/2010 - 11:19:50 - [0] ----D- C:\Program Files (x86)\NETGEAR

O43 - CFD: 29/11/2011 - 22:12:50 - [505,250] ----D- C:\Program Files (x86)\Nuance

O43 - CFD: 29/11/2011 - 22:12:50 - [95,776] ----D- C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 29/11/2011 - 22:12:50 - [12,403] ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 29/11/2011 - 22:12:50 - [20,803] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 29/11/2011 - 22:12:50 - [4,419] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 29/11/2011 - 22:12:50 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 18/02/2010 - 13:48:06 - [0,756] ----D- C:\Program Files (x86)\Roadkil.Net

O43 - CFD: 29/11/2011 - 22:12:50 - [31,093] R---D- C:\Program Files (x86)\Skype

O43 - CFD: 29/11/2011 - 22:12:50 - [4,836] ----D- C:\Program Files (x86)\SlySoft

O43 - CFD: 17/02/2010 - 18:23:04 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 20/12/2011 - 12:15:44 - [2,616] ----D- C:\Program Files (x86)\Tor

O43 - CFD: 20/12/2011 - 12:52:58 - [0,370] ----D- C:\Program Files (x86)\Trend Micro

O43 - CFD: 14/07/2009 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 29/11/2011 - 22:12:50 - [76,802] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 29/11/2011 - 22:12:50 - [6,041] ----D- C:\Program Files (x86)\VirtualDubMOD

O43 - CFD: 29/11/2011 - 22:12:50 - [0,500] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 29/11/2011 - 22:12:52 - [90,899] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 17/12/2011 - 16:04:00 - [5,895] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 17/12/2011 - 16:04:00 - [4,791] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 29/11/2011 - 22:12:52 - [11,632] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 17/12/2011 - 16:04:00 - [4,213] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 17/12/2011 - 16:04:00 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 17/12/2011 - 16:04:00 - [24,869] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 29/11/2011 - 22:12:52 - [3,706] ----D- C:\Program Files (x86)\WinRAR

O43 - CFD: 20/12/2011 - 13:49:28 - [7,697] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 29/11/2011 - 22:12:40 - [18,418] ----D- C:\Program Files (x86)\Common Files\ACD Systems

O43 - CFD: 29/11/2011 - 22:12:40 - [5,962] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 29/11/2011 - 22:12:40 - [88,297] ----D- C:\Program Files (x86)\Common Files\AVSMedia

O43 - CFD: 17/02/2010 - 18:05:14 - [0,123] ----D- C:\Program Files (x86)\Common Files\CyberLink

O43 - CFD: 18/02/2010 - 13:27:18 - [0,089] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 29/11/2011 - 22:12:40 - [11,924] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 14/12/2011 - 14:51:58 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 29/11/2011 - 22:12:40 - [36,046] ----D- C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 20/12/2011 - 13:20:58 - [214,995] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 29/11/2011 - 22:12:42 - [196,678] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 29/11/2011 - 22:12:42 - [39,200] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 17/12/2011 - 16:03:58 - [42,208] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 29/11/2011 - 22:12:42 - [0] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 18/02/2010 - 09:42:36 - [27,647] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 01mn 49s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.794AE1512D499E1D6520A0AB87DC51FF] - 20/12/2011 - 13:37:19 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1048511]

O44 - LFC:[MD5.4311E6EE39071DB52E8AF1A860C2536F] - 20/12/2011 - 13:22:45 ---A- . (...) -- C:\Windows\setupact.log [100969]

O44 - LFC:[MD5.DEB17FBF209B9EFB268706EBB1AB1750] - 20/12/2011 - 13:22:42 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.97F2092DA4737086DC159502EE5AF5FE] - 20/12/2011 - 13:21:53 ---A- . (...) -- C:\known.met [0]

O44 - LFC:[MD5.518816C649219006E143EEE17A28A5A3] - 20/12/2011 - 13:21:52 ---A- . (...) -- C:\known2_64.met [1429]

O44 - LFC:[MD5.C46ACD442CD55BE39A4BFE24B5CBD575] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1556228]

O44 - LFC:[MD5.EE272A6A2795ED72EB93A379F444F571] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107190]

O44 - LFC:[MD5.451B7CBA7C3DC05E0F3C2C63D93196A7] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [131548]

O44 - LFC:[MD5.0DD7672195723BFDC02149AE7690AFAF] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [617910]

O44 - LFC:[MD5.2220C9D3062017E7E34D4DC064177E9D] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [706342]

O44 - LFC:[MD5.C46ACD442CD55BE39A4BFE24B5CBD575] - 17/12/2011 - 16:48:52 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1556228]

O44 - LFC:[MD5.EE272A6A2795ED72EB93A379F444F571] - 17/12/2011 - 16:48:52 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [107190]

O44 - LFC:[MD5.451B7CBA7C3DC05E0F3C2C63D93196A7] - 17/12/2011 - 16:48:52 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [131548]

O44 - LFC:[MD5.0DD7672195723BFDC02149AE7690AFAF] - 17/12/2011 - 16:48:52 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [617910]

O44 - LFC:[MD5.2220C9D3062017E7E34D4DC064177E9D] - 17/12/2011 - 16:48:52 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [706342]

O44 - LFC:[MD5.22F704CADB42AF18E9105B3EF8D14995] - 17/12/2011 - 16:08:06 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [733032]

O44 - LFC:[MD5.22F704CADB42AF18E9105B3EF8D14995] - 17/12/2011 - 16:08:06 RSHAD . (...) -- C:\Windows\system32\FNTCACHE.DAT [733032]

O44 - LFC:[MD5.1980DF2E2439C892F4CBCE66A7FF9E28] - 17/12/2011 - 16:01:01 ---A- . (...) -- C:\Windows\IE9_main.log [2492]

O44 - LFC:[MD5.829DAFD628C3C8320448D1860811B6E2] - 17/12/2011 - 00:05:24 ---A- . (...) -- C:\Windows\SysNative\MRT.INI [118]

O44 - LFC:[MD5.829DAFD628C3C8320448D1860811B6E2] - 17/12/2011 - 00:05:24 RSHAD . (...) -- C:\Windows\system32\MRT.INI [118]

O44 - LFC:[MD5.F4D5D284DD0DD7A5A3D2B11516BAEDC9] - 26/11/2011 - 08:06:53 ---A- . (...) -- C:\Windows\PFRO.log [17756]

~ Scan Files in 00mn 05s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{34d1c049-7c63-11df-b96e-00241dde9862}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)

O51 - MPSK:{3a3d10b3-05db-11e0-bbe9-00241dde9862}\AutoRun\command. (...) -- E:\setup_vmc_lite.exe (.not file.)

O51 - MPSK:{b1f86b01-05e5-11e0-b775-00241dde9862}\AutoRun\command. (...) -- G:\setup_vmc_lite.exe (.not file.)

O51 - MPSK:{da031cd5-6c07-11df-b81a-00241dde9862}\AutoRun\command. (...) -- E:\LaunchU3.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"VIDC.ACDV"="ACDV.dll" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53) (None)

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "HideSCAHealth"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 10/06/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 13/07/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 10/06/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 13/07/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 13/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 14/07/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 14/07/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.BD3E83E5F19657C869CBA1AF729D903B] - 17/02/2010 - 10:54:54 RSHAD . (.Cyberlink Co.,Ltd. - Cyberlink Storage Helper Driver (WindowsNT5.x).) -- C:\Windows\system32\drivers\CLBStor.sys [24560]

O58 - SDL:[MD5.D29FD09B13441B692330BACFFD28FE79] - 17/02/2010 - 10:54:52 RSHAD . (.CyberLink Corporation. - UDF File System Driver.) -- C:\Windows\system32\drivers\CLBUDF.sys [371696]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 29/10/2010 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\system32\drivers\ElbyCDFL.sys [40648]

O58 - SDL:[MD5.702D5606CF2199E0EDEA6F0E0D27CD10] - 29/10/2010 - 18:11:25 RSHAD . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) -- C:\Windows\system32\drivers\ElbyCDIO.sys [31400]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 10/06/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.647C55949DD6C4C9E7C74A22E64F84FF] - 27/06/2010 - 14:42:08 RSHAD . (.USB Smart Card Reader - USB Smart Card Reader.) -- C:\Windows\system32\drivers\EMVSCARD.sys [28544]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 13/07/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/06/2011 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.1D004CB1DA6323B1F55CAEF7F94B61D9] - 17/02/2010 - 18:54:36 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStor.sys [408600]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 13/07/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 13/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.86CFEF6DC6DE51AAB0C10384FE98F48F] - 17/02/2010 - 09:10:42 RSHAD . (.JMicron Technology Corp. - JMicron JMB36X RAID Driver.) -- C:\Windows\system32\drivers\jraid.sys [112240]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 10/06/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 13/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 13/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.181E7FE39211E04128A30708906627D8] - 18/02/2010 - 05:14:28 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [84584]

O58 - SDL:[MD5.C5731AF74881F8F288E73E5AED57649C] - 18/02/2010 - 10:50:59 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 196.34.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13795560]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 13/07/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 13/07/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 10/06/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 13/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.F65F171165FBB613F7AA3CC78E8CAB42] - 17/02/2010 - 12:58:42 RSHAD . (.Realtek - Realtek 8136/8168/8169 NDIS 6.20 64-bit Driver.) -- C:\Windows\system32\drivers\Rt64win7.sys [236544]

O58 - SDL:[MD5.397AF4C77E4AC1B262E4EBAC2958188C] - 17/02/2010 - 12:28:08 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1990304]

O58 - SDL:[MD5.F70A9384917659A4C5EF30F0F4EC484D] - 10/06/2009 - 21:35:46 RSHAD . (.Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) -- C:\Windows\system32\drivers\RTL8187B.sys [416768]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 14/07/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.C1D8E28B2C2ADFAEC4BA89E9FDA69BD6] - 14/07/2009 - 01:00:40 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\serial.sys [94208]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 10/06/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 13/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.E57B778208C783D8DEBAB320C16A1B82] - 02/08/2010 - 13:48:56 ---A- . (...) -- C:\Windows\system32\drivers\StarOpen.sys [5504]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 13/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 10/06/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.4A06585C8673F4458E9FBBC9DDDB4D28] - 18/11/2009 - 09:47:46 RSHAD . (.NETGEAR Inc. - NETGEAR WG111v3 Wireless-G USB Adapter NDIS Driver.) -- C:\Windows\system32\drivers\wg111v3.sys [446976]

O58 - SDL:[MD5.9387A484D31209D7FC3F795A787294DB] - 29/10/2010 - 01:57:06 ---A- . (.SlySoft, Inc. - ElbyCDIO Filter Driver.) -- C:\Windows\SysWOW64\drivers\ElbyCDFL.sys [40648]

O58 - SDL:[MD5.F92254B0BCFCD10CAAC7BCCC7CB7F467] - 02/08/2010 - 13:48:56 ---A- . (...) -- C:\Windows\SysWOW64\drivers\StarOpen.sys [7168]

~ Scan Drivers in 00mn 19s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\CLBUDF.sys (CLBUDF) .(.CyberLink Corporation. - UDF File System Driver.) - LEGACY_CLBUDF

O64 - Services: CurCS - 17/02/2009 - C:\Windows\system32\Drivers\ElbyCDIO.sys (ElbyCDIO) .(.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - LEGACY_ELBYCDIO

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 15/04/2009 - C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) .(.CyberLink Corp. - Pas de description.) - LEGACY_{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}

~ Scan Services in 00mn 00s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft Corporation - Windows Control Panel.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d’initialisation d’Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - Bing

O69 - SBI: SearchScopes [HKCU] {13F141FF-0572-4B74-A54A-849A11E30E5D} - (Yahoo! Search) - Yahoo! Search - Web Search

O69 - SBI: SearchScopes [HKCU] {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} - (Ask Search) - http://websearch.ask.com

O69 - SBI: SearchScopes [HKCU] {56256A51-B582-467e-B8D4-7786EDA79AE0} - (My Web Search) - MyWebSearch Home Page

O69 - SBI: SearchScopes [HKCU] {8BBD34D6-48DC-4856-A8A9-7E2EC159454F} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {C331982F-CC00-49bc-9790-0247327AB934} [DefaultScope] - (Yahoo) - Yahoo! Search - Recherche Web

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.85F50C18C0FB191F33EF72BE2559D925] [sPRF][04/11/2010] (...) -- C:\Users\Propriétaire\AppData\Local\Temp\FFSetupSoftonic260.exe [36895984]

[MD5.E5F1E5CAE32811A1AD884BEA43F1247C] [sPRF][22/06/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r53.) -- C:\Users\Propriétaire\AppData\Local\Temp\FlashPlayerUpdate.exe [2605008]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][28/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna1258197314099383860.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][24/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna1635225871730074415.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][30/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna1898661706493488514.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][31/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna20844368053866654.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][28/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna2366796243839146945.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][23/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna2733405884880985991.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][29/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna3182327113225475948.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][01/11/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna3525854962087125336.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][28/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna3537734928196438948.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][02/11/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna4834940385296406652.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][02/11/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna5626919351723578824.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][29/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna5860482842851178735.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][29/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna5926007738384459309.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][26/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna5961689030015187258.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][27/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna6391959020255887496.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][01/11/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna671143914870277714.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][24/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna7691515203277646910.dll [347258]

[MD5.4ACE9EEB32DE26548956B5E5841E90CB] [sPRF][25/10/2010] (.Java Native Access (JNA) - JNA native library.) -- C:\Users\Propriétaire\AppData\Local\Temp\jna8152335029502749051.dll [347258]

[MD5.09D9183536E2DC343A9B8EB070A58C1C] [sPRF][12/12/2009] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Propriétaire\AppData\Local\Temp\jre-6u17-windows-i586-iftw-rv.exe [792352]

[MD5.4437864C859B4EE2251CDBC5C77D845D] [sPRF][13/04/2010] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Propriétaire\AppData\Local\Temp\jre-6u20-windows-i586-iftw-rv.exe [922400]

[MD5.DFCCBB06ED411E0C006F05BCB1BDF7C2] [sPRF][19/07/2010] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Propriétaire\AppData\Local\Temp\jre-6u21-windows-i586-iftw-rv.exe [875296]

[MD5.676A86173A1FE2698C6F049D74DC6EB2] [sPRF][16/09/2010] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Propriétaire\AppData\Local\Temp\jre-6u22-windows-i586-iftw-rv.exe [875296]

[MD5.822AD0D91D012B82E26D1F1BFA286AC6] [sPRF][14/11/2011] (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Users\Propriétaire\AppData\Local\Temp\jre-6u30-windows-i586-iftw-rv.exe [909088]

[MD5.62B45F8FE4DD71AC9F8AFD487106754D] [sPRF][05/08/2010] (...) -- C:\Users\Propriétaire\AppData\Local\Temp\MFCSetup.exe [566784]

[MD5.B2F21461FDA4728D02A73BEADEF94035] [sPRF][11/07/2007] (.MAGIX AG - MAGIX Fonts (F).) -- C:\Users\Propriétaire\AppData\Local\Temp\mgxfonts.exe [1040912]

[MD5.111F679DA91C935C4AE8A0E23FFFA5A1] [sPRF][24/08/2007] (.MAGIX AG - MgxVistaTools.) -- C:\Users\Propriétaire\AppData\Local\Temp\MgxVistaTools.dll [172032]

[MD5.1CA0ED493CD5E2C104C81809E1DBB913] [sPRF][20/04/2010] (.Nero AG - Pas de description.) -- C:\Users\Propriétaire\AppData\Local\Temp\Nero-10.0.13100_trial.exe [306708552]

[MD5.5A432A042DAE460ABE7199B758E8606C] [sPRF][28/10/2006] (.Microsoft Corporation - Office Source Engine.) -- C:\Users\Propriétaire\AppData\Local\Temp\ose00000.exe [145184]

[MD5.9AC700B9E380F7F3E4AEA592EE15FA6B] [sPRF][29/05/2010] (.Skype Technologies S.A. - Skype.) -- C:\Users\Propriétaire\AppData\Local\Temp\SkypeSetup.exe [22966568]

[MD5.32A65658E0FD4D579DCB761411BFE21B] [sPRF][15/11/2011] (.Pas de propriétaire - Provides Internet Name Service.) -- C:\Users\Propriétaire\AppData\Local\Temp\TCChecker.exe [2197504]

[MD5.D41D8CD98F00B204E9800998ECF8427E] [sPRF][29/10/2010] (...) -- C:\Users\Propriétaire\AppData\Local\Temp\tmp2.exe [0]

[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][25/05/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Propriétaire\AppData\Local\Temp\_is230A.exe [455600]

[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][25/05/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Propriétaire\AppData\Local\Temp\_is41D1.exe [455600]

[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][01/11/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Propriétaire\AppData\Local\Temp\_is759C.exe [455600]

[MD5.FBAB280D0CAC5E21C72F0A1A7B5B9608] [sPRF][01/11/2006] (.Macrovision Corporation - Setup.exe.) -- C:\Users\Propriétaire\AppData\Local\Temp\_is95F9.exe [455600]

[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]

[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]

[MD5.C7103946ED86FAC01E23C457EDD7F719] [sPRF][04/02/2010] (.eBay, Inc. - EPUWALControl Module.) -- C:\Windows\Downloaded Program Files\EPUWALcontrol.dll [3171608]

[MD5.61FB16B6016BCC9AA42E02F787DC87FC] [sPRF][26/01/2010] (.Adobe Systems Incorporated - Adobe® Flash® Player ActiveX Installer.) -- C:\Windows\Downloaded Program Files\FP_AX_CAB_INSTALLER.exe [1955384]

[MD5.0C78701C6F42345DFF2B2B6C3C3D01EF] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [172032]

~ Scan Files in 00mn 15s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "NetPres-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-In-UDP" |In - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-WSD-Out-UDP" |Out - None - P17 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "NetPres-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Windows\system32\netproj.exe (.not file.)

O87 - FAEL: "{BD9FA89E-2DA2-400C-A197-29327B627DA3}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- C:\Program Files (x86)\CyberLink\PowerDirector\PDR.exe

O87 - FAEL: "{4F3D974B-5649-4CF5-83D9-F28D08124056}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDVD 8.0.) -- C:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.exe

O87 - FAEL: "TCP Query User{40D9341D-866A-4B77-910A-E25F78D72830}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "UDP Query User{51DB4233-6BE5-452A-BFE1-5A463A13DCD6}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "TCP Query User{12C710FE-34FF-4FD6-99AC-0023C3D7597B}C:\program files (x86)\limewire\limewire.exe" |In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)

O87 - FAEL: "UDP Query User{D3E33242-D63E-4F70-8795-34EF1F7CAD40}C:\program files (x86)\limewire\limewire.exe" |In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\limewire\limewire.exe (.not file.)

O87 - FAEL: "TCP Query User{61CA6070-F3A9-43CC-B0E8-B28433AD9F91}C:\program files (x86)\emule\emule.exe" | In - Public - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "UDP Query User{A63832FB-C4E8-40F5-926A-0450F50CAC53}C:\program files (x86)\emule\emule.exe" | In - Public - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "{8BB2F49C-0D19-4D97-AC1B-8C56D7095BD9}" | In - None - P17 - TRUE | .(.Skype Technologies S.A. - Skype.) -- C:\Program Files (x86)\Skype\Phone\Skype.exe

O87 - FAEL: "{885CE440-696F-4366-BAF6-C042443B661E}" | Out - None - P17 - TRUE | .(.Pas de propriétaire - Provides Internet Name Service.) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

O87 - FAEL: "{14A5A6D4-45E9-43FB-9317-BF7CBB4E72E3}" | In - None - P6 - TRUE | .(.Pas de propriétaire - Provides Internet Name Service.) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

O87 - FAEL: "{69EB07E6-51B1-448E-AE2B-5FAC357F37EA}" | In - None - P17 - TRUE | .(.Pas de propriétaire - Provides Internet Name Service.) -- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

~ Scan Firewall in 00mn 00s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8918 - (18/12/2011)

Clés trouvées (Keys found) : 121

Valeurs trouvées (Values found) : 3

Dossiers trouvés (Folders found) : 7

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]:Shell =>Hijack.Shell.Gen

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}] =>Toolbar.AskTBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{07b18eac-a523-4961-b6bb-170de4475cca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{1093995a-ba37-41d2-836e-091067c4ad17}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{120927bf-1700-43bc-810f-fab92549b390}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}] =>Toolbar.Agent

[HKLM\Software\WOW6432Node\Classes\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{1f52a5fa-a705-4415-b975-88503b291728}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{3e720451-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{3e720453-b472-4954-b7aa-33069eb53906}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0}] =>Adware.AdRotator

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{8e9cf769-3d3b-40eb-9e2d-76e7a205e4d2}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{991aac62-b100-47ce-8b75-253965244f69}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}] =>PUP.DealPly

[HKLM\Software\WOW6432Node\Classes\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}] =>Toolbar.AskSBar

[HKLM\Software\Classes\TypeLib\{d518921a-4a03-425e-9873-b9a71756821e}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{d858dafc-9573-4811-b323-7011a3aa7e61}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477}] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}] =>PUP.Dealio

[HKLM\Software\WOW6432Node\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da}] =>Adware.MyWebSearch

[HKLM\Software\Classes\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c}] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Classes\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978}] =>Adware.MyWebSearch

[HKLM\SYSTEM\CurrentControlSet\Services\MyWebSearchService] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\focusinteractive] =>Adware.MyWebSearch

[HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch

[HKLM\Software\WOW6432Node\Fun Web Products] =>Adware.MyWebSearch

[HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{07b18ea9-a523-4961-b6bb-170de4475cca} =>Adware.MyWebSearch

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{D4027C7F-154A-4066-A1AD-4243D8127440} =>Toolbar.AskSBar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Run]:MyWebSearch Email Plugin =>Adware.MyWebSearch

C:\Users\Propriétaire\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch

C:\Users\Propriétaire\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch

C:\Users\Propriétaire\AppData\Local\Temp\AskSearch =>Toolbar.AskBarDis

C:\Program Files (x86)\Ask.com =>Toolbar.AskBar

C:\Program Files (x86)\DealPly =>PUP.DealPly

C:\Program Files (x86)\FunWebProducts =>Adware.MyWebSearch

C:\Program Files (x86)\MyWebSearch =>Adware.MyWebSearch

~ Scan Additionnel in 00mn 04s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 17/02/2010 219360 | (BCUService) . (.DeviceVM, Inc..) - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe

SR - | Auto 25/02/2010 126464 | (EPSON_PM_RPCV4_01) . (.SEIKO EPSON CORPORATION.) - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.exe

SS - | Demand 09/02/2011 1527900 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe

SR - | Auto 17/02/2010 354840 | (IAANTMON) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe

SR - | Auto 02/06/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 25/11/2011 34320 | (MyWebSearchService) . (.MyWebSearch.com.) - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.exe

SR - | Auto 03/08/2011 935208 | Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

SR - | Auto 71096 | (NMSAccess) . (...) - C:\Program Files (x86)\CDBurnerXP\NMSAccessU.exe

SR - | Auto 18/02/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 247152 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

SR - | Auto 18/02/2010 240232 | (Stereo Service) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

SR - | Auto 0 | (SvcWatch) . (...) - C:\Windows\System32\SvcWatch.exe

SR - | Auto 2743310 | (tor) . (...) - C:\Program Files (x86)\Tor\tor.exe

SR - | Auto 0 | (Windows Internet Name Service) . (...) - C:\Windows\System32\config\systemprofile\AppData\Local\Windows Internet Name Service\wins.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 17/02/2010 146928 | ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}) . (.CyberLink Corp..) - C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl

~ Scan Services in 00mn 05s

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Propriétaire at 20/12/2011 13:52:20

 

device: opened successfully

user: error reading MBR

 

Disk trace:

error: Read Descripteur non valide

kernel: error reading MBR

~ Scan MBR in 00mn 02s

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Propriétaire at 20/12/2011 13:52:22

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

~ Scan MBR in 00mn 04s

 

 

 

End of the scan (1582 lines in 04mn 33s)(0)

Modifié par Dylav
Pas de coordonnées personnelles sur un espace public SVP ;o)
Lien vers le commentaire
Partager sur d’autres sites

Bonjour,

 

Pour des raisons d'ordre sur le forum et afin de ne pas se mélanger les pinceaux avec les différents rapports et demandes d'analyses, il ne faut pas poster dans le sujet d'un autre membre, chaque procédure est personnelle et faite sur mesure.

 

Crée ton propre sujet en cliquant sur le bouton "Commencer un sujet":

 

zebnouvsujet.jpg

 

Tu seras alors pris(e) en charge personnellement, avec des procédures qui te seront propres.

 

Par la suite, pour répondre dans ton sujet, utilise uniquement le bouton Ajouter une Réponse zebboutonrpondre.jpg et non "répondre" pour ne pas citer le post précédent. Merci.

 

+++

Lien vers le commentaire
Partager sur d’autres sites

  • Modérateurs

Bonjour Bullsabs, salut Apollo !

 

J'ai désimbriqué le sujet.

Si le titre que j'ai choisi ne convient pas, tu peux le changer grâce au bouton "Modifier qui se trouve au bas de ton premier message. Puis clique sur "Utiliser l'éditeur complet", et la modification du titre sera à ta disposition ;)

 

 

 

Lien vers le commentaire
Partager sur d’autres sites

Bonsoir,

 

Efface par la même occasion ton adresse email, très imprudemment indiquée sur un forum public!

 

Télécharge RogueKiller (par Tigzy) sur le bureau

(A partir d'une clé USB si le Rogue empêche l'accès au net) .

RogueKiller

Quitte tous les programmes en cours

Lance RogueKiller.exe.

 

Sous Vista/Seven, faire un clic droit et choisir Exécuter en tant qu'administrateur.

Si une détection apparait en haut de la fenêtre, tape 2 (mode REMOVE) et valide par la touche Entrer.

(Si le programme a été bloqué, renommer en RogueKiller.com et recommencer)

 

Si les raccourcis ont disparu, relance l'outil en mode 6.

Poste le rapport RKreport[2].txt.

 

++

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...