Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Aanalyse HijackThis catastrophique

seppi c moi

Par seppi c moi
dans Analyses et éradication malwares

 Partager

Messages recommandés

seppi c moi Member

seppi c moi

Posté(e)
Posté(e)

WINDOWS 7 AMD Athlon II x 2 215 dual core NVIDIA Ge Force DD 1to et 4Go de DDR2

Bonjour, 3 mois d'absence, un pc auquel tout le monde avait accès et soudain devenu lent à force de travailler dessus. Réaction au clic sur icone parfois lent.

Pourtant j'étais tellement content de windows 7

Pas de virus pas de malware et mise à jour automatique de Windows 7

voici mon rapport hijackthis avec autant de croix rouges que de flèches vertes ! Faut il tout supprimer les croix rouges.

Je ne songe même pas à réinstaller Windows je perdrai trop !

Merci A+

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 08:17:17, on 10/02/2012

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

 

Running processes:

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Users\bernard\Downloads\HiJackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3210&r=173607101616p0405x135y44l39450

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3210&r=173607101616p0405x135y44l39450

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=040c&m=imedia_s3210&r=173607101616p0405x135y44l39450

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R3 - URLSearchHook: (no name) - {90eee664-34b1-422a-a782-779af65cdf6d} - (no file)

R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)

F2 - REG:system.ini: UserInit=C:\Windows\SysWOW64\userinit.exe,

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll

O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'SERVICE RÉSEAU')

O8 - Extra context menu item: &Envoyer à OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Download all links by FlashGet3 - C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 - res://C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll /100

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll

O9 - Extra button: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: Notes &liées OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\nvlsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - Trusted Zone: http://software.kuaiche.com

O16 - DPF: {1041FA3A-0F41-4EF1-A473-75E7F6CFB40A} (SRConnect.MSRConnect) - https://resu.bio67.fr/cab/SRConnect.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~2\Google\GOOGLE~4\GO36F4~1.DLL

O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: FABS - Helping agent for MAGIX media database (Fabs) - MAGIX AG - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Service Google Update (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\x64\maconfservice.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) - Unknown owner - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\WindowsMobile\rapimgr.dll,-104 (RapiMgr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Updater Service - Acer - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%windir%\WindowsMobile\wcescomm.dll,-40079 (WcesComm) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

--

End of file - 27056 bytes

Lien vers le commentaire
Partager sur d’autres sites

pear Devil Member !

pear

Posté(e)
Posté(e)

Bonjour,

 

Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

110906042614938066.jpg

 

Nettoyage

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

 

Hijackthis ne vaut plus guère!

 

Lancez cet outil de diagnostic:

Téléchargez ZhpDiag de Coolman

Double-cliquer sur ZHPDiag.exe pour installer l'outil

Sur le bureau ,il y aura 3 icônes

zhp0710.png

 

Sous XP, double clic sur l'icône ZhpDiag

Sous Vista/7, faire un clic droit et Exécuter en tant qu'administrateur

ZHPDiag.jpg

Cliquez sur le tournevis et choisissez Tous

En cas de blocage, sur O80 par exemple, cliquez sur le tournevis pour le décocher

 

Clic sur la Loupe pour lancer le scan

Postez le rapport ZhpDiag.txt qui apparait sur le bureau

Comment poster les rapports

Vous copiez/collez tout ou partie des rapports dans un ou plusieurs messages.

Autre solution:

Aller sur le site :Ci-Jointicne2cjoint.png

Appuyez sur Parcourir et chercher les rapports sur le disque,

Ensuite appuyez sur Créer le lien CJoint,

>> dans la page suivante --> ,,

une adresse http//.. sera créée

Copier /coller cette adresse dans votre prochain message.

 

Lien vers le commentaire
Partager sur d’autres sites
seppi c moi Member

seppi c moi

Posté(e)
  • Auteur
Posté(e)

# AdwCleaner v1.408 - Rapport créé le 10/02/2012 à 12:51:08

# Mis à jour le 29/01/2012 par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)

# Nom d'utilisateur : bernard - BERNARD-PC (Administrateur)

# Exécuté depuis : C:\Users\bernard\Downloads\adwcleaner.exe

# Option [Recherche]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Présent : C:\Users\bernard\AppData\Roaming\OfferBox

Dossier Présent : C:\Users\bernard\AppData\Roaming\OpenCandy

Dossier Présent : C:\Users\bernard\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

Dossier Présent : C:\Users\bernard\AppData\Local\OpenCandy

Dossier Présent : C:\Users\bernard\AppData\LocalLow\ConduitEngine

Dossier Présent : C:\Users\bernard\AppData\LocalLow\FunWebProducts

Dossier Présent : C:\Users\bernard\AppData\LocalLow\MyWebSearch

Dossier Présent : C:\Program Files (x86)\Application Updater

Dossier Présent : C:\Program Files (x86)\ConduitEngine

Dossier Présent : C:\Program Files (x86)\Search Settings

 

***** [Registre] *****

 

[*] Clé Présente : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Clé Présente : HKCU\Software\Ask.com

Clé Présente : HKCU\Software\Conduit

Clé Présente : HKCU\Software\Iminent

Clé Présente : HKCU\Software\AppDataLow\Toolbar

Clé Présente : HKCU\Software\AppDataLow\Software\AskToolbar

Clé Présente : HKCU\Software\AppDataLow\Software\Conduit

Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine

Clé Présente : HKCU\Software\AppDataLow\Software\Fun Web Products

Clé Présente : HKCU\Software\AppDataLow\Software\FunWebProducts

Clé Présente : HKCU\Software\AppDataLow\Software\MyWebSearch

Clé Présente : HKLM\SOFTWARE\Application Updater

Clé Présente : HKLM\SOFTWARE\Conduit

Clé Présente : HKLM\SOFTWARE\conduitEngine

Clé Présente : HKLM\SOFTWARE\Iminent

Clé Présente : HKLM\SOFTWARE\Offerbox

Clé Présente : HKLM\SOFTWARE\Search Settings

Clé Présente : HKLM\SOFTWARE\eRightSoft\OpenCandy

Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Présente : HKLM\SOFTWARE\Classes\AppID\BHO.DLL

Clé Présente : HKLM\SOFTWARE\Classes\AppID\EoEngineBHO.DLL

Clé Présente : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}

Clé Présente : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé Présente : HKLM\SOFTWARE\Microsoft\RFC1156Agent

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}

Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Clé Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Valeur Présente : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]

 

***** [Registre (x64)] *****

 

Clé Présente : HKCU\Software\Ask.com

Clé Présente : HKCU\Software\Conduit

Clé Présente : HKCU\Software\Iminent

Clé Présente : HKCU\Software\AppDataLow\Toolbar

Clé Présente : HKCU\Software\AppDataLow\Software\AskToolbar

Clé Présente : HKCU\Software\AppDataLow\Software\Conduit

Clé Présente : HKCU\Software\AppDataLow\Software\conduitEngine

Clé Présente : HKCU\Software\AppDataLow\Software\Fun Web Products

Clé Présente : HKCU\Software\AppDataLow\Software\FunWebProducts

Clé Présente : HKCU\Software\AppDataLow\Software\MyWebSearch

Clé Présente : HKLM\SOFTWARE\Classes\Conduit.Engine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.DllInfo

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDF

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFEncryptor

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFLine

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.PDF.PDFText

Clé Présente : HKLM\SOFTWARE\Classes\pdfforge.Tools

Clé Présente : HKLM\SOFTWARE\Classes\AppID\BHO.DLL

Clé Présente : HKLM\SOFTWARE\Classes\AppID\EoEngineBHO.DLL

Clé Présente : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe

Clé Présente : HKLM\SOFTWARE\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}

Clé Présente : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\2796BAE63F1801E277261BA0D77770028F20EEE4

Clé Présente : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DE28F4A4FFE5B92FA3C503D1A349A7F9962A8212

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}

Clé Présente : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}

Clé Présente : HKLM\SOFTWARE\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}

Clé Présente : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings

Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

Valeur Présente : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v9.0.8112.16421

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v10.0 (fr)

 

Profil : 012xr9iy.default

Fichier : C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\012xr9iy.default\prefs.js

 

Présente : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Présente : user_pref("browser.search.defaultenginename", "Web Search");

Présente : user_pref("browser.search.defaulturl", "hxxp://search.babylon.com/web/{searchTerms}?babsrc=browserse[...]

Présente : user_pref("browser.search.order.1", "Web Search");

Présente : user_pref("extensions.BabylonToolbar.bbDpng", 3);

Présente : user_pref("extensions.BabylonToolbar.cntry", "FR");

Présente : user_pref("extensions.BabylonToolbar.hdrMd5", "0BC2749CD72611C8568BCB752EEEABB4");

Présente : user_pref("extensions.BabylonToolbar.lastActv", "3");

Présente : user_pref("extensions.BabylonToolbar.lastDP", 3);

 

-\\ Google Chrome v16.0.912.77

 

Fichier : C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[R1].txt - [8032 octets] - [10/02/2012 12:51:08]

 

########## EOF - C:\AdwCleaner[R1].txt - [8160 octets] ##########

Lien vers le commentaire
Partager sur d’autres sites
seppi c moi Member

seppi c moi

Posté(e)
  • Auteur
Posté(e)

Rapport de ZHPDiag v1.28.32 par Nicolas Coolman, Update du 05/02/2012

Run by bernard at 10/02/2012 13:04:01

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

MFIE: Mozilla Firefox 10.0 v10.0

GCIE: Google Chrome v16.0.912.77

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 7QJB7

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: AMD64 Family 16 Model 6 Stepping 2, AuthenticAMD

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 4094 MB (58% free)

System Restore: Activé (Enable)

System drive C: has 302 GB (65%) free of 458 GB

 

---\\ Logged in mode

~ Computer Name: BERNARD-PC

~ User Name: bernard

~ All Users Names: HomeGroupUser$, bernard, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\bernard\AppData\Roaming\

~ %Desktop% : C:\Users\bernard\Desktop\

~ %Favorites% : C:\Users\bernard\Favorites\

~ %LocalAppData% : C:\Users\bernard\AppData\Local\

~ %StartMenu% : C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\system32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 302 Go of 458 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 212 Go of 459 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoFolderOptions: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoDesktop: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoStartMenuSubFolder: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoResolveSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoClose: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK

[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.DD81D91FF3B0763C392422865C9AC12E] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.14/07/2009 - 02:39:31.) -- C:\Windows\system32\rundll32.exe [45568]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\system32\Wininit.exe [129024]

[MD5.69151E566295E5A977FE71FFAFD3B3F8] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.04/11/2011 - 02:44:47.) -- C:\Windows\system32\wininet.dll [1390080]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\system32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\system32\sppcomapi.dll [232448]

[MD5.0D57D091E06BB1E58E72E5D08479FDDF] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.20/11/2010 - 14:07:20.) -- C:\Windows\system32\fr-FR\user32.dll.mui [20480]

[MD5.D5B031C308A409A0A576BFF4CF083D30] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.25/04/2011 - 03:34:03.) -- C:\Windows\system32\drivers\AFD.sys [499200]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 12/1117

~ Mes musiques (My Musics) : 2/64

~ Mes Videos (My Videos) : 2/141

~ Mes Favoris (My Favorites) : Non accessible (Not found)

~ Mes Documents (My Documents) : 185/16002

~ Mon Bureau (My Desktop) : 11/108

~ Menu demarrer (Programs) : 7/89

~ Scan Hidden Files in 00mn 13s

 

 

 

---\\ Processus lancés

[MD5.F7226AA410954185160067D5FA82F3F2] - (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe [3744552] [PID.2724]

[MD5.0830E6BA8463BEF96CF69C1993F74A4B] - (.Lavasoft Limited - Ad-Aware Tray Application.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWTray.exe [1187072] [PID.3664]

[MD5.2DE2B92C4EFEF841CEAA9752FC8FA91F] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [924632] [PID.1724]

[MD5.D414B8313C8BFC99C438E178B35D821C] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16856] [PID.4452]

[MD5.E7B562231BE0C5617F1516EC6DA16782] - (...) -- C:\Users\bernard\Downloads\adwcleaner.exe [578643] [PID.4856]

[MD5.697D3B09D8883F72265DA274E0972042] - (.Google Inc. - Google Chrome.) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe [1047024] [PID.1648]

[MD5.45F915891E66083D15D75F618DE8CDB2] - (.CANON INC. - CanoScan Toolbox Application.) -- C:\Program Files (x86)\Canon\CanoScan Toolbox Ver5.0\CSTBox.exe [1226304] [PID.4736]

[MD5.4309B75F125067EF805F3125B01FCC30] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [2210816] [PID.2864]

[MD5.D7080C7CA741961C60A3AAC1A1B69A84] - (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [3045688] [PID.]

[MD5.996E6D052438E8D8DFD501F31560B2E0] - (.AVAST Software - avast! Service.) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [44768] [PID.]

[MD5.63D43BA2EA495A9F1C1740A513C7E00B] - (.AVAST Software - avast! firewall service.) -- C:\Program Files\Alwil Software\Avast5\afwServ.exe [127192] [PID.]

[MD5.EA38136981C61C571D52C380DAAD46EF] - (.Lavasoft Limited - Ad-Aware Service Application.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2152152] [PID.]

[MD5.1355EBE184F9DAB1718BC587F8A7E05E] - (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376] [PID.]

[MD5.816FD5A6F3C2F3D600900096632FC60E] - (.Acer Incorporated - Global Registration Service.) -- C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496] [PID.]

[MD5.70DDE3A86DBEB1D6C3C30AD687B1877A] - (.Acer - Acer Update Service.) -- C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160] [PID.]

[MD5.DE199F3AA9C541A349AF95A5C72A71AF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [652872] [PID.]

[MD5.1BBBF640BC0E0B750537BAECE8D66C18] - (.Nero AG - NeroUpdate.) -- C:\Program Files (x86)\Nero\Update\NASvc.exe [641832] [PID.]

~ Scan Processes Running in 00mn 01s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\bernard\AppData\Local\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G2 - GCE: Preference [user Data\Default] [dagccfjdjlmangkgakkgmglbifnigjjo] Wupload Search Tool v.1.1.1 (Activé)

G2 - GCE: Preference [user Data\Default] [mfjkgbjaikamkkojmakjclmkianficch] Download Assistant v.5.0.2 (Activé)

G2 - GCE: Preference [user Data\Default] [mnbllbbekhlliaedopijladkbckldcbb] Ease Link v.1.0.0.6 (Activé)

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\012xr9iy.default\prefs.js

C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\012xr9iy.default\user.js

M3 - MFPP: Plugins - [bernard] -- C:\Users\bernard\AppData\Roaming\Mozilla\Firefox\Profiles\012xr9iy.default\searchplugins\scroogle-ssl.xml

M0 - MFSP: prefs.js [bernard - 012xr9iy.default] Google

M2 - MFEP: prefs.js [bernard - 012xr9iy.default\[email protected]] [] Visualisateur 3D de 20-20 v5.0.7.0 (.20-20 Technologies.)

M2 - MFEP: prefs.js [bernard - 012xr9iy.default\{75493B06-1504-4976-9A55-B6FE240FF0BF}] [] Barre de Confiance v3.0.1 (.Euro Information, groupe Credit Mutuel-CIC.)

M2 - MFEP: prefs.js [bernard - 012xr9iy.default\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}] [dwhelper] DownloadHelper v4.9.8 (.Michel Gutierrez.)

M2 - MFEP: prefs.js [bernard - 012xr9iy.default\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}] [] flashget3 Extension v1.1 (.flashget.)

M2 - MFEP: prefs.js [bernard - 012xr9iy.default\{e001c731-5e37-4538-a5cb-8168736a2360}] [bitdefender] BitDefender QuickScan v0.9.9.105 (.Echipa R&D BitDefender.)

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - np-mswmp.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\np-mswmp.dll

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape "9.5.0".) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.Zylom - Zylom Plugin.) -- C:\Program Files (x86)\Mozilla Firefox\Plugins\npzylomgamesplayer.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll

P2 - FPN: [HKLM] [@ma-config.com/HardwareDetection] - (.Cybelsoft - Plugin NPAPI Ma-Config.com.) -- C:\Program Files\ma-config.com\nphardwaredetection.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll

P2 - FPN: [HKCU] [@squareclock.com/SQ3DPlayer_Production_Castorama_Internet] - (.SquareClock SAS - SquareClock 3D Plugin - Production_Castorama_Internet.) -- C:\Users\bernard\AppData\Local\SquareClock.Production_Castorama_Internet\NPSQ3D.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\bernard\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\bernard\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://homepage.packardbell.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.packardbell.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Google

R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.1.8) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R3 - URLSearchHook: (no name) [64Bits] - {90eee664-34b1-422a-a782-779af65cdf6d} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: (no name) [64Bits] - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (...) (No version) -- (.not file.)

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.1.8) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 01s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 03s

~ Nombre de lignes (Lines number): 15078

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: SnagIt Toolbar Loader [64Bits] - {00C6482D-C502-44C8-8409-FCE54AD9C208} . (.TechSmith Corporation - Snagit Browser Helper Object for Internet E.) -- C:\Program Files (x86)\TechSmith\Snagit 10\dllx64\SnagitBHO64.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files\Microsoft Office\Office14\GROOVEEX.dll

O2 - BHO: Windows Live ID Sign-in Helper [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files\Microsoft Office\Office14\URLREDIR.dll

O2 - BHO: SnagIt Toolbar Loader [64Bits] - {00C6482D-C502-44C8-8409-FCE54AD9C208} . (.TechSmith Corporation - Snagit Browser Helper Object for Internet E.) -- C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Groove GFS Browser Helper [64Bits] - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} . (.Microsoft Corporation - Microsoft SharePoint Workspace Extensions.) -- C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\

O2 - BHO: Google Toolbar Notifier BHO [64Bits] - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll

O2 - BHO: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 01s

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Snagit [64Bits] - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} . (.TechSmith Corporation - Snagit Add-in for Internet Explorer.) -- C:\Program Files (x86)\TechSmith\Snagit 10\dllx64\SnagitIEAddin64.dll

~ Scan Toolbar in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - HD Audio Control Panel.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKLM\..\Wow6432Node\Run: [Google Desktop Search] . (.Google - Google Desktop.) -- C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

O4 - HKLM\..\Wow6432Node\Run: [avast] . (.AVAST Software - avast! Antivirus.) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe

O4 - HKLM\..\Wow6432Node\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

O4 - HKLM\..\Wow6432Node\Run: [bCSSync] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-3726170354-3271885172-43847968-1000\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 01s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Aacd.lnk . (.jlved.) -- C:\Program Files (x86)\Aacd v3\AACD.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Audacity 1.3 Beta (Unicode).lnk . (.The Audacity Team.) -- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)\audacity.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Audacity.lnk . (...) -- C:\Program Files (x86)\Audacity\audacity.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Calculator.lnk . (.Microsoft Corporation.) -- C:\Windows\system32\calc.exe

O4 - Global Startup: C:\Users\bernard\Desktop\DVDVideoSoft Free Studio.lnk . (.DvdVideoSoft Ltd..) -- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Free FLV Converter.lnk . (.Koyote Soft.) -- C:\Program Files (x86)\Free FLV Converter\FreeFLVConverter.exe

O4 - Global Startup: C:\Users\bernard\Desktop\FreeVideoDub - Raccourci.lnk . (.DVDVideoSoft Ltd..) -- C:\Program Files (x86)\DVDVideoSoft\Free Video Dub\FreeVideoDub.exe

O4 - Global Startup: C:\Users\bernard\Desktop\GLUCOFACTS Express 1.12.00.lnk . (.Sun Microsystems, Inc..) -- C:\Windows\SysWOW64\javaws.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\bernard\Desktop\HD Tune.lnk . (.EFD Software.) -- C:\Program Files (x86)\HD Tune\HDTune.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Kyodai Mahjongg.lnk . (.Rene-Gilles Deberdt.) -- C:\Program Files (x86)\Kyodai Mahjongg 2006\kmj.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Mah-Jong.lnk . (.Soft Enterprises GmbH.) -- C:\Program Files (x86)\Micro Application\Mah-Jong\MAH-JONG.EXE

O4 - Global Startup: C:\Users\bernard\Desktop\Metaboli - Téléchargement de jeux vidéos.lnk . (...) -- C:\Program Files (x86)\Packard Bell\metaboli\MetaBoli.exe

O4 - Global Startup: C:\Users\bernard\Desktop\mp3DirectCut.lnk . (.Martin Pesch.) -- D:\mp3DirectCut.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Museum - Raccourci.lnk . (...) -- D:\jeux\080819_EscapeTheMuseum_FRA\080819_EscapeTheMuseum_FRA\Museum.ico

O4 - Global Startup: C:\Users\bernard\Desktop\Photo Art Studio.lnk . (.AMS Software.) -- C:\Program Files (x86)\Photo Art Studio\ArtStudio.exe

O4 - Global Startup: C:\Users\bernard\Desktop\PhotoFiltre Studio X.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre Studio X\pfstudiox.exe

O4 - Global Startup: C:\Users\bernard\Desktop\PhotoFiltre.lnk . (.Antonio Da Cruz.) -- C:\Program Files (x86)\PhotoFiltre\photofiltre.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Presentation To Video Converter.lnk . (.GeoVid.) -- C:\Program Files (x86)\GeoVid\Presentation To Video Converter\presentationtovideoconverter.exe

O4 - Global Startup: C:\Users\bernard\Desktop\SCANPLUS - Raccourci.lnk . (...) -- C:\Users\Public\Documents\SCANNER HAUTEPIERRE\SCANPLUS\PC\SCANPLUS.ICO

O4 - Global Startup: C:\Users\bernard\Desktop\SCVS3186 - Raccourci.lnk . (.e-MEDIA.) -- C:\Users\Public\Documents\SCANNER HAUTEPIERRE\SCANPLUS\PC\SCVS3186.EXE

O4 - Global Startup: C:\Users\bernard\Desktop\SopCast.lnk . (.www.sopcast.com.) -- C:\Program Files (x86)\SopCast\SopCast.exe

O4 - Global Startup: C:\Users\bernard\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\bernard\Desktop\TeamViewer_Setup - Raccourci.lnk . (.TeamViewer GmbH.) -- C:\Users\bernard\Downloads\TeamViewer_Setup.exe

O4 - Global Startup: C:\Users\bernard\Desktop\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Cuisine Délinia.lnk . (.Tradition Bois.) -- C:\Program Files (x86)\Cuisine Delinia\CuisineDelinia.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk . (.Emsi Software GmbH.) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free MOV 2 AVI.lnk . (.NobodyCoder.) -- C:\Program Files (x86)\Free MOV 2 AVI\MOV2AVI.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Infix PDF Editor.lnk . (.Iceni Technology Limited.) -- C:\Program Files (x86)\PDF EDITEUR Iceni\Infix4\Infix.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\MAGIX Photo Manager 10.lnk . (.MAGIX.) -- C:\Program Files (x86)\MAGIX\Photo_Manager_10\FotoManager_dlx.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Malwarebytes Anti-Malware.lnk . (.Malwarebytes Corporation.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk . (.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Photo Art Studio.lnk . (.AMS Software.) -- C:\Program Files (x86)\Photo Art Studio\ArtStudio.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk . (.Google Inc..) -- C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PSPad.lnk . (.Prog-Soft s.r.o..) -- C:\Program Files (x86)\PSPad editor\PSPad.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snagit 10.lnk . (.TechSmith Corporation.) -- C:\Program Files (x86)\TechSmith\Snagit 10\Snagit32.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\VirtualDubMOD.lnk . (...) -- C:\Program Files (x86)\VirtualDubMOD\VirtualDubMod.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program Files (x86)\Vuze\Azureus.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft Convertisseur Vidéo Ultimate 6.lnk . (...) -- C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\vcloader.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Xilisoft Video Converter Ultimate 6.lnk . (...) -- C:\Program Files (x86)\Xilisoft\Video Converter Ultimate 6\vcloader.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\XnView.lnk . (.XnView, http://www.xnview.com.) -- C:\Program Files (x86)\XnView\xnview.exe

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

~ Scan Global Startup in 00mn 02s

 

 

 

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: &Envoyer à OneNote - (.not file.) - C:\Program Files\MICROS~1\Office14\ONBttnIE.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - (.not file.) - C:\Windows\system32\GPhotos.scr

O8 - Extra context menu item: Download all links by FlashGet3 . (...) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\BHO\fdgetallurl.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - (.not file.) - C:\Program Files\MICROS~1\Office12\EXCEL.exe

O8 - Extra context menu item: E&xporter vers Microsoft Excel - (.not file.) - C:\Program Files\MICROS~1\Office14\EXCEL.exe

O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll

O8 - Extra context menu item: Open with Scansoft PDF Converter 3.0 . (.ScanSoft, Inc. - PDF Converter Internet Explorer AddIn.) -- C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll

O8 - Extra context menu item: ????3?? . (.ScanSoft, Inc. - PDF Converter Internet Explorer AddIn.) -- C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll

O8 - Extra context menu item: ????3?????? . (.ScanSoft, Inc. - PDF Converter Internet Explorer AddIn.) -- C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\IEShellExt.dll

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBttnIE.dll

O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} . (.Microsoft Corporation - Microsoft OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~2\Office14\ONBTTN~1.dll

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{6BB46651-1A5B-4F46-A1C8-AF4989B98476}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\..\{98E07DB3-A506-47FF-ABAB-476EB48AC7A4}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{6BB46651-1A5B-4F46-A1C8-AF4989B98476}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{98E07DB3-A506-47FF-ABAB-476EB48AC7A4}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{6BB46651-1A5B-4F46-A1C8-AF4989B98476}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{98E07DB3-A506-47FF-ABAB-476EB48AC7A4}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: ms-itss [64Bits] - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files (x86)\Common Files\microsoft shared\Information Retrieval\msitss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 01s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Emsisoft Anti-Malware 5.0 - Service (a2AntiMalware) . (.Emsi Software GmbH - Emsisoft Anti-Malware Service.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.AVAST Software - avast! Service.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: avast! Firewall (avast! Firewall) . (.AVAST Software - avast! firewall service.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe

O23 - Service: FABS - Helping agent for MAGIX media dat (Fabs) . (.MAGIX AG - Verzeichnisüberwachung und Hilfsaufgaben fü.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

O23 - Service: ForceWare Intelligent Application Manage (ForceWare Intelligent Application Manager (IAM)) . (.Pas de propriétaire - app_filter Module.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global Registration Service.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) . (.Google - gusvc.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: (NAUpdate) . (.Nero AG - NeroUpdate.) - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: ForceWare IP service (nSvcIp) . (.Pas de propriétaire - NVIDIA Corporation.) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 197.4.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: Oberon Media Game Console service (OberonGameConsoleService) . (.Pas de propriétaire - OberonGameConsoleService.) - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe

O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) . (.TuneUp Software - TuneUp Utilities Service.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update Service.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

~ Scan Services in 00mn 03s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (lsdelete) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Ad-Aware Update (Weekly).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Google Software Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3726170354-3271885172-43847968-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3726170354-3271885172-43847968-1000UA.job

[MD5.98070A7FCE5B4AFB24A142C6F4C25CC1] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[MD5.B8E421C0890356CD4A793D8A346D9096] [APT] [Adobe Reader and Acrobat Manager] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.408DDD80EEDE47175F6844817B90213E] [APT] [Google Software Updater] (.Google.) -- C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3726170354-3271885172-43847968-1000Core] (.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-3726170354-3271885172-43847968-1000UA] (.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.6E3245DF783E58375B3465F03274743E] [APT] [Java Update Scheduler] (.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

[MD5.B8E421C0890356CD4A793D8A346D9096] [APT] [Programme de mise … jour en ligne de Adobe] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance] (...) -- C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{3ECA4DEF-94B3-4CF9-BFD5-13E615D3BDE0}] (...) -- J:\FLV PlayerFCSetup.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{FD3E89B6-753B-4330-8434-749949E818D8}] (...) -- C:\Program Files (x86)\Games\3 Days - Zoo Mystery\ThreeDays.exe (.not file.)

[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

~ Scan Scheduled Task in 00mn 05s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\Windows\system32\wmp.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\system32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\system32\drivers\discache.sys

O41 - Driver: (JSWPSLWF) . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) - C:\Windows\system32\DRIVERS\jswpslwfx.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\system32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\system32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\system32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\system32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\system32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\system32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\system32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\system32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\system32\drivers\rdprefmp.sys

O41 - Driver: (SASDIFSV) . (. - .) - C:\Users\bernard\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.sys (.not file.)

O41 - Driver: (SASKUTIL) . (. - .) - C:\Users\bernard\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.sys (.not file.)

O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\system32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\system32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys

~ Scan Drivers in 00mn 02s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{F580DDD5-8D37-4998-968E-EBB76BB86787}

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}

O42 - Logiciel: 3Planesoft Screensaver Manager 1.2 - (.3Planesoft.) [HKLM] -- 3Planesoft Screensaver Manager_is1

O42 - Logiciel: 7-Zip 4.65 - (.Pas de propriétaire.) [HKLM] -- 7-Zip

O42 - Logiciel: AACD_v3 - (.Jean-Luc VEDRINES.) [HKLM] -- AACD

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -- {287ECFA4-719A-2143-A09B-D6A12DE54E40}

O42 - Logiciel: Ad-Aware - (.Lavasoft Limited.) [HKLM] -- {932D0FC7-6DF1-4136-A2EC-166E8DEFD6A4}

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 11 Plugin 64-bit - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Photoshop Elements 7

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- {5511C07D-A83C-45AD-92B6-42DF99729A3C}

O42 - Logiciel: Adobe Photoshop Elements 7.0 - (.Adobe Systems Incorporated.) [HKLM] -- {CB6075D9-F912-40AE-BEA6-E590DA24F16B}

O42 - Logiciel: Adobe Reader 9.5.0 MUI - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}

O42 - Logiciel: Adobe Shockwave Player 11.5 - (.Adobe Systems, Inc..) [HKLM] -- Adobe Shockwave Player

O42 - Logiciel: Advertising Center - (.Nero AG.) [HKLM] -- {b2ec4a38-b545-4a00-8214-13fe0e915e6d}

O42 - Logiciel: Amazon MP3 Downloader 1.0.9 - (.Pas de propriétaire.) [HKLM] -- Amazon MP3 Downloader

O42 - Logiciel: Amazon MP3-Downloader 1.0.9 - (.Pas de propriétaire.) [HKLM] -- Amazon MP3-Downloader

O42 - Logiciel: AnmanieSMP 2.4 i - (.Christoph Walter.) [HKLM] -- AnmanieSMP_is1

O42 - Logiciel: Annie's Millions Deluxe - (.Zylom Games.) [HKLM] -- Annie's Millions Deluxe

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {6A3F9D74-BB80-4451-8CA1-4B3A857F1359}

O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}

O42 - Logiciel: Audacity 1.2.6 - (.Pas de propriétaire.) [HKLM] -- Audacity_is1

O42 - Logiciel: Audacity 1.3.12 (Unicode) - (.Audacity Team.) [HKLM] -- Audacity 1.3 Beta (Unicode)_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CD-LabelPrint - (.Pas de propriétaire.) [HKLM] -- MediaNavigation.CDLabelPrint

O42 - Logiciel: CDex - Open Source Digital Audio CD Extractor - (.Georgy Berdyshev.) [HKLM] -- CDex

O42 - Logiciel: CamStudio 2.0 Fr - (.Pas de propriétaire.) [HKLM] -- CamStudio 2.0 Fr_is1

O42 - Logiciel: CanoScan 4400F - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803

O42 - Logiciel: Canon CanoScan Toolbox 5.0 - (.Pas de propriétaire.) [HKLM] -- CanoScan Toolbox 5.0

O42 - Logiciel: Canon Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-PhotoPrint EX

O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM] -- Easy-WebPrint EX

O42 - Logiciel: Canon MG5200 series MP Drivers - (.Pas de propriétaire.) [HKLM] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series

O42 - Logiciel: Canon MP Navigator EX 4.0 - (.Pas de propriétaire.) [HKLM] -- MP Navigator EX 4.0

O42 - Logiciel: Canon My Printer - (.Pas de propriétaire.) [HKLM] -- CanonMyPrinter

O42 - Logiciel: Canon Solution Menu EX - (.Pas de propriétaire.) [HKLM] -- CanonSolutionMenuEX

O42 - Logiciel: Casto 3D Cuisine - (.SquareClock SAS.) [HKCU] -- SquareClock_Production_Castorama_Internet

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine

O42 - Logiciel: Convertisseur PDF 5.1.0.398 - (.Smart Soft.) [HKLM] -- Convertisseur PDF_is1

O42 - Logiciel: Coral Clock 3D Screensaver 1.0 - (.3Planesoft.) [HKLM] -- Coral Clock 3D Screensaver_is1

O42 - Logiciel: Cuisine Délinia 4.0.136 - (.Leroy Merlin.) [HKLM] -- Cuisine Délinia_is1

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DVD Shrink 3.2 - (.DVD Shrink.) [HKLM] -- DVD Shrink_is1

O42 - Logiciel: DebugMode Wink - (.Pas de propriétaire.) [HKLM] -- DebugMode Wink

O42 - Logiciel: Definition update for Microsoft Office 2010 (KB982726) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFBA0F11-6CF9-4611-BFD4-648FA4EBE8C1}

O42 - Logiciel: Dream Day First Home - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}

O42 - Logiciel: Easy CD-DA Extractor 15 - (.Poikosoft.) [HKLM] -- Easy CD-DA Extractor 15

O42 - Logiciel: Easy CD-DA Extractor 2010 - (.Poikosoft.) [HKLM] -- Easy CD-DA Extractor 2010

O42 - Logiciel: Emsisoft Anti-Malware 5.1 - (.Emsi Software GmbH.) [HKLM] -- Emsisoft Anti-Malware_is1

O42 - Logiciel: Enregistrement utilisateur de Canon MG5200 series - (.Pas de propriétaire.) [HKLM] -- Enregistrement utilisateur de Canon MG5200 series

O42 - Logiciel: Firebird SQL Server - MAGIX Edition - (.MAGIX AG.) [HKLM] -- {34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}

O42 - Logiciel: Fnacmusic - Gestionnaire de téléchargement - V2 - (.Fnacmusic.) [HKLM] -- {3C4F57EF-B5ED-40A7-ABEB-F1604BF6E41B}

O42 - Logiciel: Free FLV Converter V 7.3.0 - (.Koyote Soft.) [HKLM] -- Free FLV Converter_is1

O42 - Logiciel: Free Fire Screensaver - (.Laconic Software.) [HKLM] -- Free Fire Screensaver

O42 - Logiciel: Free MOV 2 AVI - (.Free MOV 2 AVI.) [HKLM] -- Free MOV 2 AVI

O42 - Logiciel: Free Video Cutter 1.1 - (.FreeVideoCutter.com.) [HKLM] -- {94895EA7-873E-4FCB-9C7B-DD3F7019D618}_is1

O42 - Logiciel: Free Video Dub version 2.0.3.1228 - (.DVDVideoSoft Ltd..) [HKLM] -- Free Video Dub_is1

O42 - Logiciel: FreeUndelete - (.Recoveronix.) [HKLM] -- {A35883BD-9C83-4625-82F3-90F86728C662}

O42 - Logiciel: GIMP 2.6.10 - (.The GIMP Team.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: GLUCOFACTS Express 1.12.00 - (.Bayer HealthCare LLC.) [HKCU] -- GLUCOFACTS Express 1.12.00

O42 - Logiciel: Gestionnaire pour appareils Windows Mobile - (.Microsoft Corporation.) [HKLM] -- {626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Desktop - (.Google.) [HKLM] -- Google Desktop

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

O42 - Logiciel: Géorando Liberté VT - (.IGN France.) [HKLM] -- {FE7078D3-E9E7-44D5-9658-3E104F6578C6}

O42 - Logiciel: HD Tune 2.10 - (.EFD Software.) [HKLM] -- HD Tune_is1

O42 - Logiciel: Hercules Deluxe Optical Glass - (.Hercules.) [HKLM] -- {E6F043EB-FEF5-4C34-95AF-99B3EB68F7D9}

O42 - Logiciel: Hercules Webcam Station Evolution SE - (.Hercules.) [HKLM] -- {C3C44248-B8F7-4B20-A5C7-994870B60F55}

O42 - Logiciel: High-Definition Video Playback - (.Nero AG.) [HKLM] -- {9193490D-5229-4FC4-9BB9-A6D63C09574A}

O42 - Logiciel: Identity Card - (.Packard Bell.) [HKLM] -- Identity Card

O42 - Logiciel: Infix 4.08 - (.Iceni Technology.) [HKLM] -- 43442AE9-6512-4392-B5DD-9167BECD1114_is1

O42 - Logiciel: Java 6 Update 22 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216022F0}

O42 - Logiciel: Java 6 Update 29 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216020FF}

O42 - Logiciel: Kyodai Mahjongg 2006 v1.42 - (.Rene-Gilles Deberdt.) [HKLM] -- Kyodai Mahjongg 2006_is1

O42 - Logiciel: LAME v3.98.3 for Audacity - (.Pas de propriétaire.) [HKLM] -- LAME for Audacity_is1

O42 - Logiciel: Logiciel d'archivage WinRAR - (.Pas de propriétaire.) [HKLM] -- WinRAR archiver

O42 - Logiciel: MAGIX Photo Manager 10 - (.MAGIX AG.) [HKLM] -- MAGIX_MSI_Foto_Manager_10

O42 - Logiciel: MAGIX Photo Manager 10 - (.MAGIX AG.) [HKLM] -- {0A380261-6EF4-4A99-AC04-80B12E8C48FF}

O42 - Logiciel: MAGIX Photos sur CD & DVD 10 Deluxe Version à télécharger - (.MAGIX AG.) [HKLM] -- MAGIX_MSI_Fotos_auf_CD_DVD_10_Dlx

O42 - Logiciel: MAGIX Photos sur CD & DVD 10 Deluxe Version à télécharger - (.MAGIX AG.) [HKLM] -- {D7331675-552C-40D1-9712-B05FBBDD4010}

O42 - Logiciel: MAGIX Screenshare - (.MAGIX AG.) [HKLM] -- {ACD4020A-996F-4BD3-BB34-ED2A78F2E86D}

O42 - Logiciel: MAGIX Speed burnR (MSI) - (.MAGIX AG.) [HKLM] -- {48DBCDCC-FE4D-4FEC-BED4-EFC3B983FA60}

O42 - Logiciel: MAGIX Tirage en ligne - (.MAGIX AG.) [HKLM] -- {975F7E19-5D56-4344-AB47-01FB309EE848}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Ma Cuisine Lapeyre - (.PRAGMA Informatique.) [HKLM] -- Ma Cuisine Lapeyre

O42 - Logiciel: Ma-Config.com (64 bits) - (.Cybelsoft.) [HKLM] -- {8298746D-C536-4155-A418-42FD6C42218C}

O42 - Logiciel: MahJong Suite 2011 v8.6 - (.TreeCardGames.) [HKLM] -- MahJong Suite_is1

O42 - Logiciel: MailStore Home 5.0.1.6919 - (.deepinvent Software GmbH.) [HKLM] -- MailStore Home_universal1

O42 - Logiciel: Malwarebytes Anti-Malware version 1.60.0.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Merriam Websters Spell Jam - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}

O42 - Logiciel: Metaboli - (.Packard Bell.) [HKLM] -- Metaboli

O42 - Logiciel: Micro Application - Mah-Jong - (.Pas de propriétaire.) [HKLM] -- Mah Jongg

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_OMUI.fr-fr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}_OMUI.fr-fr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0015-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0016-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0018-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0019-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001B-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{1A43C155-3DDA-43C9-92C5-0E7D0B2B156D}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{5072FEA2-862C-4BF0-9654-CB0DCBE2BE28}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-002A-040C-1000-0000000FF1CE}_Office14.PROPLUSR_{0CCCD9C7-637C-41CA-A293-6E9992109B09}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-002C-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C8E4AA87-3E5A-4C70-8CB7-43FE25C99B74}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-0044-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{7C5C7E8C-F6D2-43AC-93A4-89E4FF7367E6}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {90140000-00BA-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{C3AE9E57-4CD3-44FB-802F-9B461B26E3EB}

O42 - Logiciel: Microsoft Office 2010 Service Pack 1 (SP1) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Access MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Groove MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00BA-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français - (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr

O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Office 64-bit Components 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office OneNote MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2010 - (.Microsoft Corporation.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professionnel Plus 2010 - (.Microsoft Corporation.) [HKLM] -- Office14.PROPLUSR

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_OMUI.fr-fr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_OMUI.fr-fr_{A0516415-ED61-419A-981D-93596DA74165}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_OMUI.fr-fr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2 (SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}

O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0017-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared 64-bit MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-002A-040C-1000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2010 - (.Microsoft Corporation.) [HKLM] -- {90140000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Photo Premium 10 - (.Microsoft Corporation.) [HKLM] -- PictureItPrem_v10

O42 - Logiciel: Microsoft Primary Interoperability Assemblies 2005 - (.Microsoft Corporation.) [HKLM] -- {D24DB8B9-BB6C-4334-9619-BA1C650E13D3}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM] -- {B6E3757B-5E77-3915-866A-CCFC4B8D194C}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {071c9b48-7c32-4621-a0ac-3f809523288f}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable (x64) - (.Microsoft Corporation.) [HKLM] -- {ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {EE936C7A-EA40-31D5-9B65-8E3E089C3828}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {350AA351-21FA-3270-8B7A-835434E766AD}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {8220EEFE-38CD-377E-8595-13398D740ACE}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 - (.Microsoft Corporation.) [HKLM] -- {FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {1D8E6291-B0D5-35EC-8441-6616F567A0F7}

O42 - Logiciel: Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 - (.Microsoft Corporation.) [HKLM] -- {F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}

O42 - Logiciel: Microsoft Visual C++ Run Time Lib Setup - (.Microsoft.) [HKLM] -- {AAF4238F-7C29-451D-9925-C753271A5728}

O42 - Logiciel: Microsoft Windows Media Video 9 VCM - (.Pas de propriétaire.) [HKLM] -- WMV9_VCM

O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {0214A441-A4AB-43A8-8DEF-2F73C5364673}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack

O42 - Logiciel: Moyea FLV Editor Lite version: 1.1.1.846 - (.Pas de propriétaire.) [HKLM] -- {8E3F691A-4972-47FF-9E09-1981B62A5D5A}_is1

O42 - Logiciel: Mozilla Firefox 10.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 10.0 (x86 fr)

O42 - Logiciel: Mystery P.I. - The New York Fortune Deluxe - (.Zylom Games.) [HKLM] -- Mystery P.I. - The New York Fortune Deluxe

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Drivers - (.NVIDIA Corporation.) [HKLM] -- NVIDIA Drivers

O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.NVIDIA Corporation.) [HKLM] -- {7CFA46E3-CC2F-4355-82AE-6012DC3633FD}

O42 - Logiciel: NVIDIA ForceWare Network Access Manager - (.Pas de propriétaire.) [HKLM] -- InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}

O42 - Logiciel: Nero 11 - (.Nero AG.) [HKLM] -- {F021D637-BBDA-486B-96F0-225B62596C3B}

O42 - Logiciel: Nero 11 Disc Menus Basic - (.Nero AG.) [HKLM] -- {F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}

O42 - Logiciel: Nero 11 Effects Basic - (.Nero AG.) [HKLM] -- {E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}

O42 - Logiciel: Nero 11 Image Samples - (.Nero AG.) [HKLM] -- {F3743A2C-5D5F-4456-8F98-5DF36A954C50}

O42 - Logiciel: Nero 11 Kwik Themes Basic - (.Nero AG.) [HKLM] -- {5A212B2D-140D-46F4-B625-2D1CA5A00594}

O42 - Logiciel: Nero 11 PiP Effects Basic - (.Nero AG.) [HKLM] -- {2CA7225D-CB12-462A-9DD1-50319E158BA5}

O42 - Logiciel: Nero Audio Pack 1 - (.Nero AG.) [HKLM] -- {A7A0BF2E-31CC-49E3-9913-52C503EB969D}

O42 - Logiciel: Nero BackItUp 11 - (.Nero AG.) [HKLM] -- {AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}

O42 - Logiciel: Nero BackItUp 11 Help (CHM) - (.Nero AG.) [HKLM] -- {6AB2427E-A18F-4809-9A12-29F5EBABBB3A}

O42 - Logiciel: Nero Backup Drivers - (.Nero AG.) [HKLM] -- {D600D357-5CB9-4DE9-8FD4-14E208BD1970}

O42 - Logiciel: Nero Burning ROM 11 - (.Nero AG.) [HKLM] -- {B1846721-A8E6-46C7-83B6-0DCF7ADB4267}

O42 - Logiciel: Nero Burning ROM 11 Help (CHM) - (.Nero AG.) [HKLM] -- {53F7746A-96AA-49A5-86B8-59989680DAC5}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {bd5ca0da-71ad-43da-b19e-6eee0c9adc9a}

O42 - Logiciel: Nero ControlCenter - (.Nero AG.) [HKLM] -- {f4041dce-3fe1-4e18-8a9e-9de65231ee36}

O42 - Logiciel: Nero ControlCenter 11 - (.Nero AG.) [HKLM] -- {11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}

O42 - Logiciel: Nero ControlCenter 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D4D66270-9147-4BDF-9946-FCA2B303AA8F}

O42 - Logiciel: Nero Core Components 11 - (.Nero AG.) [HKLM] -- {BEBEE34D-84A2-4EDD-8BEA-96CC54371263}

O42 - Logiciel: Nero CoverDesigner 11 - (.Nero AG.) [HKLM] -- {FF44BCE5-5A18-4051-85F0-BC172D7B4695}

O42 - Logiciel: Nero CoverDesigner 11 Help (CHM) - (.Nero AG.) [HKLM] -- {55C2143E-FBA5-442F-9AFA-726FF068F39D}

O42 - Logiciel: Nero DiscSpeed - (.Nero AG.) [HKLM] -- {869200db-287a-4dc0-b02b-2b6787fbcd4c}

O42 - Logiciel: Nero DiscSpeed Help - (.Nero AG.) [HKLM] -- {cc019e3f-59d2-4486-8d4b-878105b62a71}

O42 - Logiciel: Nero DriveSpeed - (.Nero AG.) [HKLM] -- {33cf58f5-48d8-4575-83d6-96f574e4d83a}

O42 - Logiciel: Nero DriveSpeed Help - (.Nero AG.) [HKLM] -- {e5c7d048-f9b4-4219-b323-8bdb01a2563d}

O42 - Logiciel: Nero Express 11 - (.Nero AG.) [HKLM] -- {E10AAE4A-98B8-420A-BD93-E0520C23D624}

O42 - Logiciel: Nero Express 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}

O42 - Logiciel: Nero Express Help - (.Nero AG.) [HKLM] -- {83202942-84b3-4c50-8622-b8c0aa2d2885}

O42 - Logiciel: Nero InfoTool - (.Nero AG.) [HKLM] -- {fbcdfd61-7dcf-4e71-9226-873ba0053139}

O42 - Logiciel: Nero InfoTool Help - (.Nero AG.) [HKLM] -- {20400dbd-e6db-45b8-9b6b-1dd7033818ec}

O42 - Logiciel: Nero Kwik Media - (.Nero AG.) [HKLM] -- {BE814218-3919-4EA3-868A-2F60BC135CB4}

O42 - Logiciel: Nero Kwik Media Help (CHM) - (.Nero AG.) [HKLM] -- {B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}

O42 - Logiciel: Nero Online Upgrade - (.Nero AG.) [HKLM] -- {dba84796-8503-4ff0-af57-1747dd9a166d}

O42 - Logiciel: Nero Recode 11 - (.Nero AG.) [HKLM] -- {F69FB940-5031-4FE8-AFAD-085802D0BF63}

O42 - Logiciel: Nero Recode 11 Help (CHM) - (.Nero AG.) [HKLM] -- {57F80ECF-E27C-4EEE-AB58-E971BACE2639}

O42 - Logiciel: Nero RescueAgent 11 - (.Nero AG.) [HKLM] -- {034DCAF9-96E7-4936-9A07-712F80B5181E}

O42 - Logiciel: Nero RescueAgent 11 Help (CHM) - (.Nero AG.) [HKLM] -- {D01CE99A-8802-483C-A79F-298B691EB432}

O42 - Logiciel: Nero SoundTrax 11 - (.Nero AG.) [HKLM] -- {0713D1F9-DD77-42C1-8C7D-54D479E2E743}

O42 - Logiciel: Nero SoundTrax 11 Help (CHM) - (.Nero AG.) [HKLM] -- {390757AA-8830-43DC-AEE0-4E5B6F8439EB}

O42 - Logiciel: Nero StartSmart - (.Nero AG.) [HKLM] -- {7748ac8c-18e3-43bb-959b-088faea16fb2}

O42 - Logiciel: Nero StartSmart Help - (.Nero AG.) [HKLM] -- {2348b586-c9ae-46ce-936c-a68e9426e214}

O42 - Logiciel: Nero StartSmart OEM - (.Nero AG.) [HKLM] -- {4D43D635-6FDA-4fa5-AA9B-23CF73D058EA}

O42 - Logiciel: Nero Update - (.Nero AG.) [HKLM] -- {65BB0407-4CC8-4DC7-952E-3EEFDF05602A}

O42 - Logiciel: Nero Video 11 - (.Nero AG.) [HKLM] -- {0D7A4289-99CF-4B8D-B812-86BE50A54552}

O42 - Logiciel: Nero Video 11 Help (CHM) - (.Nero AG.) [HKLM] -- {FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}

O42 - Logiciel: Nero WaveEditor 11 - (.Nero AG.) [HKLM] -- {8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}

O42 - Logiciel: Nero WaveEditor 11 Help (CHM) - (.Nero AG.) [HKLM] -- {EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}

O42 - Logiciel: NeroExpress - (.Nero AG.) [HKLM] -- {595a3116-40bb-4e0f-a2e8-d7951da56270}

O42 - Logiciel: ONES Trial (F) - (.Pas de propriétaire.) [HKLM] -- ONES(F)

O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {05653DE1-6567-40C6-B930-39D399B64369}

O42 - Logiciel: PC Inspector File Recovery - (.Pas de propriétaire.) [HKLM] -- {0DD140D3-9563-481E-AA75-BA457CBDAEF2}

O42 - Logiciel: PC VGA Camera - (.Nom de votre société.) [HKLM] -- InstallShield_{4FADE58A-52F8-4FB5-A864-508385F5454C}

O42 - Logiciel: PDF to Word - (.Quick PDF.) [HKLM] -- {E6CBC979-E613-49E6-A37B-3C342DE35235}_is1

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PSPad editor - (.Jan Fiala.) [HKLM] -- PSPad editor_is1

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: Packard Bell GameZone Console - (.Oberon Media, Inc..) [HKLM] -- {117E3AE2-10D1-41C1-9FA6-F4C382F767A8}_is1

O42 - Logiciel: Packard Bell InfoCentre - (.Packard Bell.) [HKLM] -- Packard Bell InfoCentre

O42 - Logiciel: Packard Bell Recovery Management - (.Packard Bell.) [HKLM] -- {7F811A54-5A09-4579-90E1-C93498E230D9}

O42 - Logiciel: Packard Bell Registration - (.Packard Bell.) [HKLM] -- Packard Bell Registration

O42 - Logiciel: Packard Bell ScreenSaver - (.Packard Bell Incorporated.) [HKLM] -- Packard Bell Screensaver

O42 - Logiciel: Packard Bell Software Suite SE - (.Packard Bell.) [HKLM] -- Packard Bell Software Suite SE

O42 - Logiciel: Packard Bell Updater - (.Packard Bell.) [HKLM] -- {EE171732-BEB4-4576-887D-CB62727F01CA}

O42 - Logiciel: Personal Ancestral File - (.Pas de propriétaire.) [HKLM] -- {09DE2F51-DF0A-11D3-9DBC-00C04F522588}

O42 - Logiciel: Photo Art Studio 3.27 - (.AMS Software.) [HKLM] -- Photo Art Studio_is1

O42 - Logiciel: Photo Notifier and Animation Creator - (.IncrediMail Ltd..) [HKLM] -- Photo Notifier and Animation Creator

O42 - Logiciel: Photo Notifier and Animation Creator - (.Nom de votre société.) [HKLM] -- {6B7F28D4-160E-40C6-B7C8-5EC6B9734DA7}

O42 - Logiciel: PhotoFiltre - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre

O42 - Logiciel: PhotoFiltre Studio X - (.Pas de propriétaire.) [HKCU] -- PhotoFiltre Studio X

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM] -- Picasa 3

O42 - Logiciel: Presentation To Video Converter - (.GeoVid.) [HKLM] -- Presentation To Video Converter_is1

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {C9E14402-3631-4182-B377-6B0DFB1C0339}

O42 - Logiciel: RangeMax Wireless-N USB Adapter WN111v2 - (.NETGEAR.) [HKLM] -- InstallShield_{1C0E9C6B-D4D5-4D3C-8A10-F10A3E7BEEA5}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recuva - (.Piriform.) [HKLM] -- Recuva

O42 - Logiciel: Rep-Listing - (.JPA.) [HKLM] -- {887EF08A-011E-477C-B6CB-01E540538ADB}

O42 - Logiciel: Roxio PhotoSuite 5 - (.Roxio Corp..) [HKLM] -- {607CE53B-0999-4F3B-8FF1-DB1AA47548A8}

O42 - Logiciel: SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 - (.eRightSoft.) [HKLM] -- {B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1

O42 - Logiciel: ScanSoft PDF Converter 3.0 - (.ScanSoft, Inc.) [HKLM] -- {602A205F-8D02-48EE-8782-262B2103B984}

O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2160841

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2446708

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553091) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{07CA44F3-F5B3-4D12-8C91-EDC5FE91D45C}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553096) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{10802A6D-EDBF-4383-BCBD-9D5B32F56D35}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2553353) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{02421C16-2C31-47F8-81FA-CF3B25999D31}

O42 - Logiciel: Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DCE6D0BF-93E4-46C5-9A7C-F1EFF9707C02}

O42 - Logiciel: Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{61461470-8168-4F4B-97B7-617AF354F028}

O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}

O42 - Logiciel: Security Update for Microsoft SharePoint Workspace 2010 (KB2566445) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{337A3FB9-281D-4EC8-9CC1-7F6DDAC2359F}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: Serif PanoramaPlus 2 - (.Serif (Europe) Ltd.) [HKLM] -- {C6CE2AEF-E7E8-40E2-9F5B-CEF5DD79FB5C}

O42 - Logiciel: Snagit 10 - (.TechSmith Corporation.) [HKLM] -- {5BCC634A-58AD-42F9-B3C6-2EA52F81CF85}

O42 - Logiciel: SopCast 3.0.1 - (.SopCast.com.) [HKLM] -- SopCast

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

O42 - Logiciel: SuperFinder 1.5.1 build 5 - (.FSL - FreeSoftLand.) [HKLM] -- SuperFinder_is1

O42 - Logiciel: The Scruffs Deluxe - (.Zylom Games.) [HKCU] -- The Scruffs Deluxe

O42 - Logiciel: The Tudors Deluxe - (.Zylom Games.) [HKCU] -- The Tudors Deluxe

O42 - Logiciel: Tropical Fish 3D Screensaver 1.1 - (.3Planesoft.) [HKLM] -- Tropical Fish 3D Screensaver_is1

O42 - Logiciel: TuneUp Utilities 2012 - (.TuneUp Software.) [HKLM] -- TuneUp Utilities 2012

O42 - Logiciel: Uninstall 1.0.0.1 - (.Pas de propriétaire.) [HKLM] -- Uninstall_is1

O42 - Logiciel: Unlocker 1.9.0-x64 - (.Cedrick Collomb.) [HKLM] -- Unlocker

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3D1F379C-AA64-4823-90A4-A8DDD4B48C21}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2494150) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553065) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{A8686D24-1E89-43A1-973E-05A258D2B3F8}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553092) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7AC49FC8-F8D2-4DD8-9086-09E52385A21F}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{48E1B6C2-7299-4F3F-AA63-42F0ACE55AA4}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0401-0000-0000000FF1CE}_Office14.PROPLUSR_{57820349-C59E-45FF-BDDC-C68384C39FE0}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{E6EAF5E1-5E2A-4E4F-847E-97B45179E45B}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{17E7B9AB-2DD2-457D-8D8E-CD14ACA973FE}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{15058154-469F-4794-ACD5-94F8420F9B80}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0413-0000-0000000FF1CE}_Office14.PROPLUSR_{AC5C66AB-7561-4D7E-9EAD-0204DE4EEC9B}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUSR_{995A7832-B512-46D5-87C9-2D71FB541435}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-006E-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{B9A75D61-A9B7-452A-9FFB-BA8AC6697C99}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{C8694FF0-8203-483B-A07A-2BC40433167D}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{28FAC187-7C0E-413A-B90A-76F19D0FBF30}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{147E3669-1EA6-454C-B53E-A2BE51D8E520}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2553455) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{147E3669-1EA6-454C-B53E-A2BE51D8E520}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2566458) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFB525A0-E1C0-4E32-9968-FE401BC87363}

O42 - Logiciel: Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{BEBC2484-290C-46AD-9834-6DAD1FA80273}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90140000-00A1-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{FD88F03A-5684-4BF7-A01F-8514F8D3CB59}

O42 - Logiciel: Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BEBC2484-290C-46AD-9834-6DAD1FA80273}

O42 - Logiciel: Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{29E94638-D92F-4C40-BDA1-FEDCC92F478D}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {90140000-001A-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{23639AE1-CE0D-4ED2-9110-995796F53580}

O42 - Logiciel: Update for Microsoft Outlook Social Connector (KB2583935) - (.Microsoft.) [HKLM] -- {91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EDF9874C-9E37-4110-9FC3-094247E114DF}

O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: Veetle TV 0.9.18 - (.Veetle, Inc.) [HKLM] -- Veetle TV

O42 - Logiciel: VirtualDubMOD 1.5.10.3 Fr - (.Trad-Fr.) [HKLM] -- {B158F76F-76AB-4115-A4F0-4C6EF6956093}_is1

O42 - Logiciel: Visual C++ 2008 x86 Runtime - (v9.0.30729) - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}

O42 - Logiciel: Visual C++ 2008 x86 Runtime - v9.0.30729.01 - (.Microsoft Corporation.) [HKLM] -- {F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226

O42 - Logiciel: Welcome Center - (.Packard Bell.) [HKLM] -- Packard Bell Welcome Center

O42 - Logiciel: WinSesame - (.Pas de propriétaire.) [HKLM] -- WinSesame

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Language Selector - (.Microsoft Corporation.) [HKLM] -- {180C8888-50F1-426B-A9DC-AB83A1989C65}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Windows Movie Maker 2.6 - (.Microsoft Corporation.) [HKLM] -- {B3DAF54F-DB25-4586-9EF1-96D24BB14088}

O42 - Logiciel: Xilisoft Convertisseur Vidéo Ultimate 6 - (.Xilisoft.) [HKLM] -- Xilisoft Convertisseur Vidéo Ultimate 6

O42 - Logiciel: Xilisoft Video Converter Ultimate 6 - (.Xilisoft.) [HKLM] -- Xilisoft Video Converter Ultimate

O42 - Logiciel: XnView 1.98.5 - (.Gougelet Pierre-e.) [HKLM] -- XnView_is1

O42 - Logiciel: Xvid 1.1.2 final uninstall - (.Xvid team (Koepi).) [HKLM] -- Xvid_is1

O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM] -- Yahoo! Messenger

O42 - Logiciel: avast! Internet Security - (.AVAST Software.) [HKLM] -- avast

O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {E0B19DF7-B1C7-4937-82C4-0E4B1E346965}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: welcome - (.Nero AG.) [HKLM] -- {CCE210DF-7EEF-4A76-A63C-3EB091FDB992}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\7-Zip]

[HKCU\Software\AACD]

[HKCU\Software\AC3Filter]

[HKCU\Software\ALWIL Software]

[HKCU\Software\AVAST Software]

[HKCU\Software\Acer]

[HKCU\Software\Adasoft]

[HKCU\Software\Adobe]

[HKCU\Software\AppDataLow\Software\Adobe]

[HKCU\Software\AppDataLow\Software\AskToolbar]

[HKCU\Software\AppDataLow\Software\Canon]

[HKCU\Software\AppDataLow\Software\Conduit]

[HKCU\Software\AppDataLow\Software\Fun Web Products]

[HKCU\Software\AppDataLow\Software\FunWebProducts]

[HKCU\Software\AppDataLow\Software\Google]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\MyWebSearch]

[HKCU\Software\AppDataLow\Software\Vuze_Remote]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software\conduitEngine]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow\Toolbar]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Artifex Mundi]

[HKCU\Software\Ask.com]

[HKCU\Software\Audacity]

[HKCU\Software\Azureus]

[HKCU\Software\BeauSoft]

[HKCU\Software\Big Fish Games]

[HKCU\Software\Binary Noise]

[HKCU\Software\BitDefender]

[HKCU\Software\Bobyte]

[HKCU\Software\CDDB]

[HKCU\Software\CamelVista64]

[HKCU\Software\Canon]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Conduit]

[HKCU\Software\CooolSoft]

[HKCU\Software\CoreAAC]

[HKCU\Software\Corel]

[HKCU\Software\Cygnus Solutions]

[HKCU\Software\DVD Decrypter]

[HKCU\Software\DVD Shrink]

[HKCU\Software\DVDVideoSoft]

[HKCU\Software\Debugmode]

[HKCU\Software\Digital River]

[HKCU\Software\EasySystems]

[HKCU\Software\EffectMgr]

[HKCU\Software\FLEXlm License Manager]

[HKCU\Software\FlashGet Network]

[HKCU\Software\Folder Manager]

[HKCU\Software\Foxit Software Company]

[HKCU\Software\FreeSoftLand]

[HKCU\Software\Freeware]

[HKCU\Software\GNU]

[HKCU\Software\Gabest]

[HKCU\Software\GeoVid]

[HKCU\Software\Google]

[HKCU\Software\HerculesDeluxe Optical Glass]

[HKCU\Software\Hercules]

[HKCU\Software\IM Providers]

[HKCU\Software\IM]

[HKCU\Software\Iceni]

[HKCU\Software\ImInstaller]

[HKCU\Software\ImTOO]

[HKCU\Software\Image Power]

[HKCU\Software\Iminent]

[HKCU\Software\IncrediMail]

[HKCU\Software\JEDI-VCL]

[HKCU\Software\JavaSoft]

[HKCU\Software\JollyBear]

[HKCU\Software\LDS Church]

[HKCU\Software\Lavasoft]

[HKCU\Software\Ligos]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MAGIX AG]

[HKCU\Software\MAGIX Tirage en ligne]

[HKCU\Software\MAGIX]

[HKCU\Software\Macromedia]

[HKCU\Software\Magnet]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaNavigation]

[HKCU\Software\MegaCloud]

[HKCU\Software\Morpheus Software]

[HKCU\Software\Moyea]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NETGEAR]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Namida]

[HKCU\Software\NeroDigital]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Northcode Inc]

[HKCU\Software\ODBC]

[HKCU\Software\OEM]

[HKCU\Software\Oberon Media]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PDFCreator]

[HKCU\Software\PSPad]

[HKCU\Software\Paessler]

[HKCU\Software\Piriform]

[HKCU\Software\Poikosoft]

[HKCU\Software\Policies]

[HKCU\Software\Prassi Technology]

[HKCU\Software\RadLight]

[HKCU\Software\Raptr]

[HKCU\Software\Realtek]

[HKCU\Software\Redemption??]

[HKCU\Software\Redemption]

[HKCU\Software\Rep-Listing]

[HKCU\Software\Ripp-it]

[HKCU\Software\Riva]

[HKCU\Software\Roxio]

[HKCU\Software\SUPERAntiSpyware.com]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\ScanSoft]

[HKCU\Software\Serif]

[HKCU\Software\Smart Soft]

[HKCU\Software\Softonic]

[HKCU\Software\Stilesoft]

[HKCU\Software\T.Aragon]

[HKCU\Software\TeamViewer]

[HKCU\Software\TechSmith]

[HKCU\Software\TikGames]

[HKCU\Software\TreeCardGames]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\Veetle]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\WinRAR]

[HKCU\Software\Windows Live Writer]

[HKCU\Software\Wondershare]

[HKCU\Software\Wow6432Node]

[HKCU\Software\Xilisoft]

[HKCU\Software\YDownloader2]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\Zylom]

[HKCU\Software\cybelsoft]

[HKCU\Software\deepinvent]

[HKCU\Software\ej-technologies]

[HKCU\Software\kde.org]

[HKCU\Software\ydownloader2Setup]

[HKCU\Software\ydownloaderShareware]

[HKLM\Software\3Planesoft]

[HKLM\Software\58f]

[HKLM\Software\781]

[HKLM\Software\<company>]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ALWIL Software]

[HKLM\Software\ATI Technologies]

[HKLM\Software\AVAST Software]

[HKLM\Software\AcerUtil]

[HKLM\Software\Acer]

[HKLM\Software\Adaptec]

[HKLM\Software\Adobe]

[HKLM\Software\AdwCleaner]

[HKLM\Software\Ahead]

[HKLM\Software\Amazon]

[HKLM\Software\AppDataLow]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\Apple Inc.]

[HKLM\Software\Application Updater]

[HKLM\Software\Atheros]

[HKLM\Software\Audible]

[HKLM\Software\AviSynth]

[HKLM\Software\Azureus]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Bunndle]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Conduit]

[HKLM\Software\Convar Deutschland GmbH]

[HKLM\Software\Cygnus Solutions]

[HKLM\Software\DVDVideoSoft]

[HKLM\Software\DebugMode]

[HKLM\Software\Debug]

[HKLM\Software\Digital River]

[HKLM\Software\DivXNetworks]

[HKLM\Software\Eglise de Jésus-Christ des Saints des Derniers Jours]

[HKLM\Software\Elf_1.13]

[HKLM\Software\Emsi Software GmbH]

[HKLM\Software\FLEXlm License Manager]

[HKLM\Software\FileServe]

[HKLM\Software\FlashGet Network]

[HKLM\Software\Foxit Software]

[HKLM\Software\Global IP Solutions]

[HKLM\Software\GoodMedia]

[HKLM\Software\Google]

[HKLM\Software\Hercules Technologies]

[HKLM\Software\Hercules]

[HKLM\Software\IGN France]

[HKLM\Software\ImInstaller]

[HKLM\Software\Iminent]

[HKLM\Software\Infix PDF]

[HKLM\Software\InstallMonetizer]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JPA]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\LDS Church]

[HKLM\Software\Lame for Audacity]

[HKLM\Software\Lavasoft]

[HKLM\Software\Licenses]

[HKLM\Software\MAGIX Tirage en ligne]

[HKLM\Software\MAGIX]

[HKLM\Software\MINGJONG]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\Micro Application]

[HKLM\Software\MimarSinan]

[HKLM\Software\Mircrosoft]

[HKLM\Software\Morpheus Software]

[HKLM\Software\Moyea]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\OEM]

[HKLM\Software\Oberon Media]

[HKLM\Software\OemSetup]

[HKLM\Software\OfferBox]

[HKLM\Software\On2 Technologies]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PDFCreator]

[HKLM\Software\Packard Bell]

[HKLM\Software\Paessler]

[HKLM\Software\Piriform]

[HKLM\Software\PoINT]

[HKLM\Software\Poikosoft]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\Redemption??]

[HKLM\Software\Redemption]

[HKLM\Software\ReflexiveArcade]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Roxio]

[HKLM\Software\SONIX]

[HKLM\Software\SRS Labs]

[HKLM\Software\SSFTPDFC20]

[HKLM\Software\STAR]

[HKLM\Software\SUPERAntiSpyware.com]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\ScanSoft]

[HKLM\Software\Search Settings]

[HKLM\Software\Serif]

[HKLM\Software\Sonic]

[HKLM\Software\SuppHelpDir]

[HKLM\Software\Symantec]

[HKLM\Software\T.Aragon]

[HKLM\Software\TeamViewer]

[HKLM\Software\TechSmith]

[HKLM\Software\Trad-FR]

[HKLM\Software\TrendMicro]

[HKLM\Software\TuneUp]

[HKLM\Software\VB2S360]

[HKLM\Software\Veetle]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Vuze_Remote]

[HKLM\Software\Waves Audio]

[HKLM\Software\WebSupergoo]

[HKLM\Software\WinRAR]

[HKLM\Software\Windows]

[HKLM\Software\Wondershare]

[HKLM\Software\Wow6432Node]

[HKLM\Software\Xara]

[HKLM\Software\Xilisoft]

[HKLM\Software\XnView]

[HKLM\Software\Yahoo]

[HKLM\Software\bda]

[HKLM\Software\cybelsoft]

[HKLM\Software\deepinvent]

[HKLM\Software\eRightSoft]

[HKLM\Software\ej-technologies]

[HKLM\Software\instinno]

[HKLM\Software\magnet]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 09/07/2010 - 16:21:02 - [360,605] ----D- C:\Program Files\Alwil Software

O43 - CFD: 18/07/2011 - 18:19:08 - [5,882] ----D- C:\Program Files\Canon

O43 - CFD: 18/07/2011 - 18:17:48 - [29,185] --H-D- C:\Program Files\CanonBJ

O43 - CFD: 18/07/2011 - 18:20:50 - [101,035] ----D- C:\Program Files\Common Files

O43 - CFD: 15/03/2011 - 06:23:48 - [49,401] ----D- C:\Program Files\Convertisseur PDF

O43 - CFD: 02/03/2011 - 16:38:02 - [0,014] ----D- C:\Program Files\Defraggler

O43 - CFD: 07/07/2011 - 05:44:32 - [86,076] ----D- C:\Program Files\DVD Maker

O43 - CFD: 21/07/2011 - 09:41:46 - [21,514] ----D- C:\Program Files\Easy CD-DA Extractor 15

O43 - CFD: 18/02/2011 - 07:43:12 - [13,683] ----D- C:\Program Files\Easy CD-DA Extractor 2010

O43 - CFD: 05/07/2010 - 14:47:08 - [0] -SH-D- C:\Program Files\Fichiers communs

O43 - CFD: 19/03/2011 - 17:44:56 - [0,304] ----D- C:\Program Files\Google

O43 - CFD: 16/12/2011 - 03:23:46 - [6,139] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 27/12/2010 - 18:29:00 - [133,980] ----D- C:\Program Files\Jeux

O43 - CFD: 02/10/2011 - 07:39:36 - [9,047] ----D- C:\Program Files\ma-config.com

O43 - CFD: 14/07/2009 - 08:45:56 - [142,032] ----D- C:\Program Files\Microsoft Games

O43 - CFD: 14/09/2010 - 11:10:16 - [22,936] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 14/07/2009 - 06:32:40 - [0,025] ----D- C:\Program Files\MSBuild

O43 - CFD: 04/02/2012 - 17:18:06 - [356,355] ----D- C:\Program Files\Nero Multimedia Suite 10.5.10500 By NidalDz

O43 - CFD: 26/07/2010 - 08:34:14 - [32,149] ----D- C:\Program Files\NVIDIA Corporation

O43 - CFD: 07/04/2011 - 07:50:26 - [16,640] ----D- C:\Program Files\Packard Bell

O43 - CFD: 05/07/2010 - 14:47:56 - [0,234] ----D- C:\Program Files\PB Accessory Store

O43 - CFD: 28/10/2009 - 17:37:34 - [11,601] ----D- C:\Program Files\Realtek

O43 - CFD: 05/08/2010 - 17:25:16 - [2,729] ----D- C:\Program Files\Recuva

O43 - CFD: 14/07/2009 - 06:32:40 - [35,109] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 14/07/2009 - 06:09:28 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 22/02/2011 - 16:58:04 - [0,260] ----D- C:\Program Files\Unlocker

O43 - CFD: 07/07/2011 - 05:44:28 - [3,853] ----D- C:\Program Files\Windows Defender

O43 - CFD: 07/07/2011 - 05:44:30 - [8,797] ----D- C:\Program Files\Windows Journal

O43 - CFD: 07/07/2011 - 05:44:32 - [6,359] ----D- C:\Program Files\Windows Mail

O43 - CFD: 07/07/2011 - 05:44:30 - [7,331] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 05/07/2010 - 14:47:08 - [12,043] ----D- C:\Program Files\Windows NT

O43 - CFD: 07/07/2011 - 05:44:30 - [5,261] ----D- C:\Program Files\Windows Photo Viewer

O43 - CFD: 07/07/2011 - 05:44:30 - [0,233] ----D- C:\Program Files\Windows Portable Devices

O43 - CFD: 07/07/2011 - 05:44:32 - [7,181] ----D- C:\Program Files\Windows Sidebar

O43 - CFD: 19/12/2010 - 09:46:34 - [2,503] ----D- C:\Program Files\WinSesame

O43 - CFD: 28/10/2011 - 17:33:20 - [0,098] ----D- C:\Program Files\WMV9_VCM

O43 - CFD: 22/06/2011 - 13:09:40 - [10,482] ----D- C:\Program Files\Wondershare PPT2DVD BIS v5.1.0.68

O43 - CFD: 07/04/2011 - 07:51:20 - [12,494] ----D- C:\Program Files\Wondershare PPT2Video Pro 6.0.0.4 Software B+ Serial Key

O43 - CFD: 18/07/2011 - 18:20:50 - [0,001] ----D- C:\Program Files\Common Files\CANON

O43 - CFD: 09/12/2011 - 13:18:38 - [88,822] ----D- C:\Program Files\Common Files\Microsoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files\Common Files\Services

O43 - CFD: 14/07/2009 - 04:20:10 - [0,581] ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD: 09/11/2011 - 11:35:38 - [11,629] ----D- C:\Program Files\Common Files\System

O43 - CFD: 02/08/2010 - 05:55:30 - [430,646] ----D- C:\ProgramData\Adobe

O43 - CFD: 09/07/2010 - 16:21:02 - [273,350] ----D- C:\ProgramData\Alwil Software

O43 - CFD: 24/07/2010 - 15:51:28 - [66,486] ----D- C:\ProgramData\Apple

O43 - CFD: 17/09/2011 - 16:02:56 - [25,516] ----D- C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Application Data

O43 - CFD: 28/08/2011 - 13:06:22 - [0,971] ----D- C:\ProgramData\Arcade Lab

O43 - CFD: 08/08/2010 - 17:22:54 - [0,284] ----D- C:\ProgramData\Artifex Mundi

O43 - CFD: 29/07/2010 - 16:27:46 - [6,773] ----D- C:\ProgramData\Aspell

O43 - CFD: 24/08/2011 - 16:07:06 - [0,000] ----D- C:\ProgramData\boost_interprocess

O43 - CFD: 05/07/2010 - 14:47:08 - [0] -SH-D- C:\ProgramData\Bureau

O43 - CFD: 23/07/2010 - 17:29:08 - [0,150] --H-D- C:\ProgramData\CanonBJ

O43 - CFD: 31/10/2011 - 09:38:00 - [0] --H-D- C:\ProgramData\CanonEPP

O43 - CFD: 19/07/2011 - 07:02:38 - [0,000] --H-D- C:\ProgramData\CanonIJEGV

O43 - CFD: 31/10/2011 - 09:38:10 - [0,000] --H-D- C:\ProgramData\CanonIJEPPEX

O43 - CFD: 31/10/2011 - 09:38:00 - [0] --H-D- C:\ProgramData\CanonIJEPPEX2

O43 - CFD: 18/07/2011 - 18:22:42 - [0,003] ----D- C:\ProgramData\CanonIJMSetup

O43 - CFD: 20/07/2011 - 17:47:28 - [0,000] --H-D- C:\ProgramData\CanonIJMyPrinter

O43 - CFD: 12/01/2012 - 03:24:56 - [0,010] ----D- C:\ProgramData\CanonIJPLM

O43 - CFD: 20/07/2011 - 17:47:54 - [0,002] --H-D- C:\ProgramData\CanonIJSolutionMenuEX

O43 - CFD: 18/07/2011 - 18:20:42 - [0,065] ----D- C:\ProgramData\CanonIJWSpt

O43 - CFD: 22/08/2011 - 05:19:20 - [0,000] --H-D- C:\ProgramData\Common Files

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Documents

O43 - CFD: 29/06/2011 - 10:09:24 - [0,005] ----D- C:\ProgramData\DVD Shrink

O43 - CFD: 21/07/2011 - 09:41:44 - [0,015] ----D- C:\ProgramData\Easy CD-DA Extractor

O43 - CFD: 02/10/2011 - 07:59:00 - [0,001] ----D- C:\ProgramData\Easy Driver Pro

O43 - CFD: 30/08/2011 - 07:41:56 - [0] ----D- C:\ProgramData\eMule

O43 - CFD: 11/11/2011 - 09:26:28 - [0,005] ----D- C:\ProgramData\EscapeTheMuseum

O43 - CFD: 24/04/2011 - 16:53:38 - [0,031] ----D- C:\ProgramData\FarmFrenzy_Rome

O43 - CFD: 05/07/2010 - 14:47:08 - [0] -SH-D- C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Favorites

O43 - CFD: 14/12/2011 - 09:19:30 - [0] ----D- C:\ProgramData\firebird

O43 - CFD: 24/07/2010 - 09:01:30 - [0,001] ----D- C:\ProgramData\FLEXnet

O43 - CFD: 27/09/2011 - 19:55:44 - [0] ----D- C:\ProgramData\Friends Games

O43 - CFD: 21/02/2011 - 17:54:00 - [0,039] ----D- C:\ProgramData\GeoVid

O43 - CFD: 04/11/2010 - 08:49:32 - [0,499] ----D- C:\ProgramData\Google

O43 - CFD: 10/10/2011 - 16:53:54 - [0,013] ----D- C:\ProgramData\Google Updater

O43 - CFD: 29/07/2010 - 16:27:46 - [0,507] ----D- C:\ProgramData\Iceni

O43 - CFD: 31/12/2010 - 12:50:32 - [0,000] ----D- C:\ProgramData\IM

O43 - CFD: 31/12/2010 - 12:49:28 - [0,009] ----D- C:\ProgramData\IncrediMail

O43 - CFD: 07/09/2011 - 07:21:48 - [0,000] ----D- C:\ProgramData\InstallShield

O43 - CFD: 07/11/2010 - 18:16:24 - [0,002] ----D- C:\ProgramData\JollyBear

O43 - CFD: 01/12/2011 - 08:09:06 - [457,128] ----D- C:\ProgramData\Lavasoft

O43 - CFD: 02/10/2011 - 07:39:30 - [1,195] ----D- C:\ProgramData\ma-config.com

O43 - CFD: 31/12/2011 - 04:42:14 - [293,509] ----D- C:\ProgramData\MAGIX

O43 - CFD: 09/07/2010 - 16:30:46 - [15,239] ----D- C:\ProgramData\Malwarebytes

O43 - CFD: 05/07/2010 - 14:47:08 - [0] -SH-D- C:\ProgramData\Menu Démarrer

O43 - CFD: 06/07/2011 - 06:18:54 - [669,283] ----D- C:\ProgramData\Microsoft

O43 - CFD: 12/01/2012 - 03:09:18 - [0,222] ----D- C:\ProgramData\Microsoft Help

O43 - CFD: 05/07/2010 - 14:47:08 - [0] -SH-D- C:\ProgramData\Modèles

O43 - CFD: 05/02/2012 - 07:05:56 - [7,514] ----D- C:\ProgramData\Nero

O43 - CFD: 08/07/2010 - 20:12:18 - [0,018] ----D- C:\ProgramData\NETGEAR

O43 - CFD: 09/07/2010 - 16:17:38 - [0,012] ----D- C:\ProgramData\Norton

O43 - CFD: 28/10/2009 - 18:12:34 - [10,952] ----D- C:\ProgramData\NortonInstaller

O43 - CFD: 26/07/2010 - 08:34:18 - [0,262] ----D- C:\ProgramData\NVIDIA

O43 - CFD: 05/07/2010 - 14:47:36 - [0,005] ----D- C:\ProgramData\OEM

O43 - CFD: 09/08/2010 - 15:51:08 - [0,014] ----D- C:\ProgramData\OfficeRecovery

O43 - CFD: 28/10/2009 - 18:01:10 - [2,067] ----D- C:\ProgramData\Packard Bell

O43 - CFD: 06/07/2011 - 10:22:22 - [2,103] ----D- C:\ProgramData\Paessler

O43 - CFD: 02/08/2010 - 05:55:10 - [0,002] ----D- C:\ProgramData\Partner

O43 - CFD: 31/12/2010 - 12:50:26 - [2,080] ----D- C:\ProgramData\Photo Notifier and Animation Creator

O43 - CFD: 28/08/2011 - 16:11:32 - [0] ----D- C:\ProgramData\PlayFirst

O43 - CFD: 27/04/2011 - 20:17:36 - [0,277] ----D- C:\ProgramData\PlayPond

O43 - CFD: 08/08/2010 - 21:32:44 - [0,020] ----D- C:\ProgramData\Playrix Entertainment

O43 - CFD: 14/10/2011 - 16:00:06 - [0] ----D- C:\ProgramData\PoBros

O43 - CFD: 28/08/2011 - 13:00:44 - [0,073] ----D- C:\ProgramData\Sandlot Games

O43 - CFD: 07/09/2011 - 07:21:34 - [0,919] ----D- C:\ProgramData\ScanSoft

O43 - CFD: 15/03/2011 - 06:23:46 - [5,566] ----D- C:\ProgramData\Smart Soft

O43 - CFD: 06/02/2012 - 08:38:34 - [64,446] ----D- C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Start Menu

O43 - CFD: 09/07/2010 - 16:25:58 - [0,000] ----D- C:\ProgramData\Sun

O43 - CFD: 28/01/2011 - 11:13:20 - [0] ----D- C:\ProgramData\SUPERAntiSpyware.com

O43 - CFD: 09/07/2010 - 16:19:52 - [0,000] ----D- C:\ProgramData\Symantec

O43 - CFD: 22/04/2011 - 10:02:26 - [2,810] ----D- C:\ProgramData\TechSmith

O43 - CFD: 28/12/2011 - 09:10:50 - [0] ---AD- C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 06:08:58 - [0] -SH-D- C:\ProgramData\Templates

O43 - CFD: 05/12/2011 - 14:16:40 - [5,179] ----D- C:\ProgramData\TreeCardGames

O43 - CFD: 27/04/2011 - 20:17:34 - [0] ----D- C:\ProgramData\Trymedia

O43 - CFD: 09/02/2012 - 07:49:52 - [8,926] ----D- C:\ProgramData\TuneUp Software

O43 - CFD: 02/10/2011 - 07:59:34 - [0] ----D- C:\ProgramData\UAB

O43 - CFD: 13/01/2012 - 16:42:28 - [0,001] ----D- C:\ProgramData\Web Installer

O43 - CFD: 27/04/2011 - 16:09:58 - [0,008] ----D- C:\ProgramData\Xilisoft

O43 - CFD: 01/10/2011 - 16:01:22 - [0,579] ----D- C:\ProgramData\Yahoo!

O43 - CFD: 14/10/2011 - 15:54:10 - [0,264] ----D- C:\ProgramData\Zylom

O43 - CFD: 09/02/2012 - 07:47:52 - [22,935] -SH-D- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

O43 - CFD: 20/09/2011 - 18:48:14 - [16,447] -SH-D- C:\ProgramData\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}

O43 - CFD: 10/07/2010 - 16:54:12 - [0] -SH-D- C:\Users\bernard\AppData\Roaming\.#

O43 - CFD: 31/08/2011 - 07:59:08 - [25,101] ----D- C:\Users\bernard\AppData\Roaming\Adobe

O43 - CFD: 10/09/2010 - 07:59:00 - [0,010] ----D- C:\Users\bernard\AppData\Roaming\Amazon

O43 - CFD: 24/07/2010 - 16:17:44 - [0] ----D- C:\Users\bernard\AppData\Roaming\Apple Computer

O43 - CFD: 26/11/2011 - 08:19:20 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\ArchiFacile

O43 - CFD: 27/02/2011 - 16:38:50 - [0,025] ----D- C:\Users\bernard\AppData\Roaming\Ashampoo

O43 - CFD: 29/07/2010 - 16:27:44 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\Aspell

O43 - CFD: 24/01/2012 - 10:40:00 - [0,022] ----D- C:\Users\bernard\AppData\Roaming\Audacity

O43 - CFD: 26/07/2010 - 19:14:42 - [0,037] ----D- C:\Users\bernard\AppData\Roaming\Awem

O43 - CFD: 09/02/2012 - 09:22:38 - [45,791] ----D- C:\Users\bernard\AppData\Roaming\Azureus

O43 - CFD: 03/03/2011 - 19:49:36 - [58,558] ----D- C:\Users\bernard\AppData\Roaming\Big Fish Games

O43 - CFD: 07/11/2010 - 17:39:52 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\Bigfish 3 Days Zoo Mystery

O43 - CFD: 25/01/2012 - 18:07:44 - [3,296] ----D- C:\Users\bernard\AppData\Roaming\BITS

O43 - CFD: 03/03/2011 - 08:28:58 - [5,968] ----D- C:\Users\bernard\AppData\Roaming\Canon

O43 - CFD: 15/03/2011 - 06:23:54 - [0,003] ----D- C:\Users\bernard\AppData\Roaming\Convertisseur PDF

O43 - CFD: 31/08/2011 - 14:10:56 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\dvdcss

O43 - CFD: 08/01/2012 - 18:59:50 - [0,461] ----D- C:\Users\bernard\AppData\Roaming\DVDVideoSoft

O43 - CFD: 02/08/2010 - 13:11:52 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\FFSJ

O43 - CFD: 09/07/2010 - 18:11:08 - [3,062] ----D- C:\Users\bernard\AppData\Roaming\FlashGet

O43 - CFD: 26/01/2012 - 18:18:38 - [0,539] ----D- C:\Users\bernard\AppData\Roaming\FlashGetBHO

O43 - CFD: 22/01/2012 - 17:12:42 - [0,237] ----D- C:\Users\bernard\AppData\Roaming\FlashgetSetup

O43 - CFD: 21/01/2012 - 10:15:04 - [0,074] ----D- C:\Users\bernard\AppData\Roaming\FreeFLVConverter

O43 - CFD: 29/08/2011 - 17:52:52 - [1,293] ----D- C:\Users\bernard\AppData\Roaming\FrostWire

O43 - CFD: 05/07/2010 - 14:54:56 - [0,017] ----D- C:\Users\bernard\AppData\Roaming\GameConsole

O43 - CFD: 03/03/2011 - 20:00:22 - [0,033] ----D- C:\Users\bernard\AppData\Roaming\Games

O43 - CFD: 22/08/2011 - 05:44:16 - [0] ----D- C:\Users\bernard\AppData\Roaming\Genieo

O43 - CFD: 20/09/2011 - 05:54:40 - [0,002] ----D- C:\Users\bernard\AppData\Roaming\georando

O43 - CFD: 16/03/2011 - 18:07:26 - [0,018] ----D- C:\Users\bernard\AppData\Roaming\GeoVid

O43 - CFD: 08/07/2010 - 20:12:46 - [0] ----D- C:\Users\bernard\AppData\Roaming\Google

O43 - CFD: 26/01/2012 - 18:38:50 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\gtk-2.0

O43 - CFD: 26/02/2011 - 13:19:02 - [0,012] ----D- C:\Users\bernard\AppData\Roaming\HdO Adventure

O43 - CFD: 29/07/2010 - 16:27:46 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\Iceni

O43 - CFD: 24/11/2011 - 16:44:50 - [0,017] ----D- C:\Users\bernard\AppData\Roaming\Identities

O43 - CFD: 20/09/2011 - 05:49:02 - [0] ----D- C:\Users\bernard\AppData\Roaming\InstallShield

O43 - CFD: 11/09/2011 - 16:16:06 - [3,715] ----D- C:\Users\bernard\AppData\Roaming\Kingston

O43 - CFD: 07/08/2010 - 10:10:42 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\Laconic Software

O43 - CFD: 05/07/2010 - 14:49:06 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\Macromedia

O43 - CFD: 31/12/2011 - 04:44:22 - [0,017] ----D- C:\Users\bernard\AppData\Roaming\MAGIX

O43 - CFD: 09/02/2012 - 20:34:12 - [0,103] ----D- C:\Users\bernard\AppData\Roaming\MahJong Suite

O43 - CFD: 09/07/2010 - 16:30:54 - [0,357] ----D- C:\Users\bernard\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 08:44:40 - [0] ----D- C:\Users\bernard\AppData\Roaming\Media Center Programs

O43 - CFD: 09/01/2012 - 17:44:04 - [0,003] ----D- C:\Users\bernard\AppData\Roaming\MegaCloud

O43 - CFD: 31/12/2011 - 04:20:58 - [17,371] -S--D- C:\Users\bernard\AppData\Roaming\Microsoft

O43 - CFD: 22/04/2011 - 09:44:16 - [0] ----D- C:\Users\bernard\AppData\Roaming\Morpheus Software

O43 - CFD: 02/09/2011 - 11:44:20 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\Moyea

O43 - CFD: 04/11/2010 - 08:52:58 - [52,077] ----D- C:\Users\bernard\AppData\Roaming\Mozilla

O43 - CFD: 14/10/2011 - 15:59:24 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\MysteryStudio

O43 - CFD: 05/02/2012 - 08:46:34 - [0,119] ----D- C:\Users\bernard\AppData\Roaming\Nero

O43 - CFD: 07/02/2012 - 15:21:36 - [0] ----D- C:\Users\bernard\AppData\Roaming\NeroDigital

O43 - CFD: 17/03/2011 - 15:29:20 - [0] ----D- C:\Users\bernard\AppData\Roaming\NeroDigital

O43 - CFD: 01/03/2011 - 19:56:00 - [0,235] ----D- C:\Users\bernard\AppData\Roaming\OfferBox

O43 - CFD: 17/07/2011 - 16:15:16 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\OfficeRecovery

O43 - CFD: 22/08/2011 - 05:19:00 - [12,178] ----D- C:\Users\bernard\AppData\Roaming\OpenCandy

O43 - CFD: 28/07/2010 - 13:02:32 - [38,875] ----D- C:\Users\bernard\AppData\Roaming\OpenOffice.org

O43 - CFD: 21/11/2011 - 09:12:30 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\Packard Bell

O43 - CFD: 24/11/2011 - 15:51:36 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\PhotoFiltre

O43 - CFD: 24/11/2011 - 16:48:28 - [0,002] ----D- C:\Users\bernard\AppData\Roaming\PhotoFiltre Studio X

O43 - CFD: 28/08/2011 - 16:11:32 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\PlayFirst

O43 - CFD: 14/10/2011 - 16:00:06 - [0,001] ----D- C:\Users\bernard\AppData\Roaming\PoBros

O43 - CFD: 07/02/2012 - 17:44:14 - [0,038] ----D- C:\Users\bernard\AppData\Roaming\QuickScan

O43 - CFD: 29/07/2010 - 06:30:50 - [0,002] ----D- C:\Users\bernard\AppData\Roaming\Raptr

O43 - CFD: 31/10/2011 - 09:53:48 - [0,913] ----D- C:\Users\bernard\AppData\Roaming\Roxio

O43 - CFD: 31/07/2010 - 15:50:04 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\Scatlaws

O43 - CFD: 11/11/2011 - 09:23:06 - [0,002] ----D- C:\Users\bernard\AppData\Roaming\SpinTop Games

O43 - CFD: 28/01/2011 - 11:13:20 - [0] ----D- C:\Users\bernard\AppData\Roaming\SUPERAntiSpyware.com

O43 - CFD: 28/12/2011 - 16:34:34 - [0,192] ----D- C:\Users\bernard\AppData\Roaming\TeamViewer

O43 - CFD: 10/08/2010 - 12:56:02 - [0,013] ----D- C:\Users\bernard\AppData\Roaming\Template

O43 - CFD: 07/11/2010 - 18:16:52 - [0,003] ----D- C:\Users\bernard\AppData\Roaming\TheScruffs

O43 - CFD: 09/02/2012 - 07:49:48 - [0,123] ----D- C:\Users\bernard\AppData\Roaming\TuneUp Software

O43 - CFD: 11/12/2011 - 09:09:52 - [18,906] ----D- C:\Users\bernard\AppData\Roaming\U3

O43 - CFD: 28/09/2011 - 18:55:16 - [0,003] ----D- C:\Users\bernard\AppData\Roaming\ViquaSoft

O43 - CFD: 04/02/2012 - 09:26:08 - [0,077] ----D- C:\Users\bernard\AppData\Roaming\vlc

O43 - CFD: 24/10/2010 - 17:24:14 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\Windows Live Writer

O43 - CFD: 10/07/2010 - 15:43:10 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\WinRAR

O43 - CFD: 19/12/2010 - 09:46:20 - [0] ----D- C:\Users\bernard\AppData\Roaming\WinSesame

O43 - CFD: 27/04/2011 - 16:07:48 - [0,021] ----D- C:\Users\bernard\AppData\Roaming\Xilisoft

O43 - CFD: 23/04/2011 - 13:07:28 - [0] ----D- C:\Users\bernard\AppData\Roaming\Xilisoft Corporation

O43 - CFD: 07/01/2012 - 13:39:48 - [27,787] ----D- C:\Users\bernard\AppData\Roaming\XnView

O43 - CFD: 03/10/2011 - 05:15:38 - [0,518] ----D- C:\Users\bernard\AppData\Roaming\Yahoo!

O43 - CFD: 02/03/2011 - 17:21:26 - [0,002] ----D- C:\Users\bernard\AppData\Roaming\YDownloader2

O43 - CFD: 02/03/2011 - 14:39:32 - [0,000] ----D- C:\Users\bernard\AppData\Roaming\YDownloader2 Debug

O43 - CFD: 14/10/2011 - 15:59:58 - [0,252] ----D- C:\Users\bernard\AppData\Roaming\Zylom

O43 - CFD: 14/11/2010 - 08:51:30 - [143,190] ----D- C:\Users\bernard\AppData\Local\Adobe

O43 - CFD: 24/07/2010 - 15:51:30 - [0] ----D- C:\Users\bernard\AppData\Local\Apple

O43 - CFD: 24/07/2010 - 16:18:44 - [0] ----D- C:\Users\bernard\AppData\Local\Apple Computer

O43 - CFD: 05/07/2010 - 14:47:28 - [0] -SH-D- C:\Users\bernard\AppData\Local\Application Data

O43 - CFD: 08/07/2010 - 22:22:12 - [1,171] ----D- C:\Users\bernard\AppData\Local\Apps

O43 - CFD: 24/08/2011 - 14:56:56 - [0,028] ----D- C:\Users\bernard\AppData\Local\Ares

O43 - CFD: 31/12/2011 - 04:19:36 - [0,060] ----D- C:\Users\bernard\AppData\Local\Canon Easy-PhotoPrint EX

O43 - CFD: 08/07/2010 - 22:22:26 - [0] ----D- C:\Users\bernard\AppData\Local\Deployment

O43 - CFD: 01/03/2011 - 14:29:14 - [0] ----D- C:\Users\bernard\AppData\Local\Diagnostics

O43 - CFD: 31/07/2010 - 13:46:22 - [78,759] ----D- C:\Users\bernard\AppData\Local\Downloaded Installations

O43 - CFD: 21/07/2011 - 10:38:34 - [0,016] ----D- C:\Users\bernard\AppData\Local\Easy CD-DA Extractor

O43 - CFD: 08/01/2012 - 01:00:44 - [0] ----D- C:\Users\bernard\AppData\Local\ElevatedDiagnostics

O43 - CFD: 30/08/2011 - 08:04:36 - [0,122] ----D- C:\Users\bernard\AppData\Local\eMule

O43 - CFD: 21/04/2011 - 14:25:00 - [0,234] ----D- C:\Users\bernard\AppData\Local\Fnacmusic

O43 - CFD: 31/12/2011 - 07:53:28 - [-1615,567] ----D- C:\Users\bernard\AppData\Local\Google

O43 - CFD: 05/07/2010 - 14:47:28 - [0] -SH-D- C:\Users\bernard\AppData\Local\Historique

O43 - CFD: 29/07/2010 - 16:27:56 - [0,001] ----D- C:\Users\bernard\AppData\Local\Iceni

O43 - CFD: 31/12/2010 - 12:52:42 - [12,839] ----D- C:\Users\bernard\AppData\Local\IM

O43 - CFD: 07/11/2010 - 18:16:24 - [0] ----D- C:\Users\bernard\AppData\Local\JollyBear

O43 - CFD: 31/12/2011 - 04:44:22 - [0,117] ----D- C:\Users\bernard\AppData\Local\MAGIX

O43 - CFD: 14/09/2011 - 03:43:26 - [0] ----D- C:\Users\bernard\AppData\Local\MediaGet2

O43 - CFD: 14/10/2011 - 17:51:20 - [631,327] ----D- C:\Users\bernard\AppData\Local\Microsoft

O43 - CFD: 03/01/2011 - 07:10:52 - [0,141] ----D- C:\Users\bernard\AppData\Local\Microsoft Help

O43 - CFD: 08/07/2010 - 22:53:38 - [314,622] ----D- C:\Users\bernard\AppData\Local\Mozilla

O43 - CFD: 05/02/2012 - 08:36:34 - [8,793] ----D- C:\Users\bernard\AppData\Local\Nero

O43 - CFD: 07/02/2012 - 15:19:10 - [0,028] ----D- C:\Users\bernard\AppData\Local\Nero_AG

O43 - CFD: 11/11/2011 - 12:46:22 - [163,376] ----D- C:\Users\bernard\AppData\Local\Oberon Games

O43 - CFD: 22/08/2011 - 06:11:36 - [0] ----D- C:\Users\bernard\AppData\Local\OpenCandy

O43 - CFD: 25/05/2011 - 16:20:38 - [0] ----D- C:\Users\bernard\AppData\Local\PackageAware

O43 - CFD: 21/11/2011 - 09:17:26 - [0,012] ----D- C:\Users\bernard\AppData\Local\Packard Bell

O43 - CFD: 02/10/2011 - 07:59:10 - [0,003] ----D- C:\Users\bernard\AppData\Local\PC_Drivers_Headquarters

O43 - CFD: 31/07/2010 - 15:51:08 - [0] ----D- C:\Users\bernard\AppData\Local\Room Arranger

O43 - CFD: 14/11/2010 - 22:02:18 - [0,012] ----D- C:\Users\bernard\AppData\Local\SpookyManor

O43 - CFD: 29/11/2011 - 11:53:50 - [16,362] ----D- C:\Users\bernard\AppData\Local\SquareClock.Production_Castorama_Internet

O43 - CFD: 20/12/2010 - 18:50:06 - [0] ----D- C:\Users\bernard\AppData\Local\Sunbelt Software

O43 - CFD: 02/04/2011 - 08:36:22 - [6,540] ----D- C:\Users\bernard\AppData\Local\TechSmith

O43 - CFD: 10/02/2012 - 13:05:08 - [84,343] ----D- C:\Users\bernard\AppData\Local\Temp

O43 - CFD: 05/07/2010 - 14:47:28 - [0] -SH-D- C:\Users\bernard\AppData\Local\Temporary Internet Files

O43 - CFD: 08/02/2012 - 14:39:10 - [126,722] ----D- C:\Users\bernard\AppData\Local\VirtualStore

O43 - CFD: 06/02/2012 - 14:02:14 - [0,109] ----D- C:\Users\bernard\AppData\Local\Windows Live

O43 - CFD: 28/01/2011 - 09:35:40 - [0,357] ----D- C:\Users\bernard\AppData\Local\Windows Live Writer

O43 - CFD: 07/02/2012 - 10:52:28 - [0] ----D- C:\Users\bernard\AppData\Local\WMTools Downloaded Files

O43 - CFD: 31/12/2011 - 04:44:28 - [0] ----D- C:\Users\bernard\AppData\Local\Xara

O43 - CFD: 27/04/2011 - 15:51:04 - [0] ----D- C:\Users\bernard\AppData\Local\Xilisoft

O43 - CFD: 28/09/2010 - 09:14:46 - [2,128] ----D- C:\Users\bernard\AppData\Local\Yahoo

O43 - CFD: 27/02/2011 - 08:39:34 - [164,566] ----D- C:\Users\bernard\AppData\Local\Zylom Games

O43 - CFD: 13/01/2012 - 12:30:36 - [0] ----D- C:\Users\bernard\AppData\Local\{0360B2B1-93CE-4543-9BEF-E3493819AC8F}

O43 - CFD: 31/08/2011 - 12:24:06 - [0] ----D- C:\Users\bernard\AppData\Local\{0C5A6F3F-040F-4ED7-86FC-F0D6055BDB96}

O43 - CFD: 06/02/2012 - 14:02:00 - [0] ----D- C:\Users\bernard\AppData\Local\{131B4FDB-3102-42A3-B659-19BD6DE1AF8A}

O43 - CFD: 27/01/2011 - 14:32:28 - [0] ----D- C:\Users\bernard\AppData\Local\{1B28A109-617F-4C50-907A-BB491CD42933}

O43 - CFD: 14/01/2012 - 14:35:54 - [0] ----D- C:\Users\bernard\AppData\Local\{304ABB31-5B90-4ECA-90E6-EACA97A27364}

O43 - CFD: 31/08/2011 - 12:23:40 - [0] ----D- C:\Users\bernard\AppData\Local\{37291D6B-6090-42A7-8103-BE4B409BFB18}

O43 - CFD: 17/01/2012 - 08:43:08 - [0] ----D- C:\Users\bernard\AppData\Local\{3C07F9D2-3EE0-45D7-81BB-727169BFF70A}

O43 - CFD: 12/01/2012 - 19:40:20 - [0] ----D- C:\Users\bernard\AppData\Local\{409C9C15-BCEC-4C52-A3FF-3647D8E1212D}

O43 - CFD: 14/01/2012 - 14:36:40 - [0] ----D- C:\Users\bernard\AppData\Local\{4C73F278-8BBF-49AD-8C55-A3F1129C8A15}

O43 - CFD: 24/09/2011 - 09:43:08 - [0] ----D- C:\Users\bernard\AppData\Local\{4DEE2A70-5DA5-4570-8BBF-0A0178B40717}

O43 - CFD: 21/01/2012 - 09:37:58 - [0] ----D- C:\Users\bernard\AppData\Local\{50098926-4D96-4090-864A-2E8E0B4FCA3C}

O43 - CFD: 12/01/2012 - 19:41:20 - [0] ----D- C:\Users\bernard\AppData\Local\{8B6F87D2-A618-4EAB-B480-351951A28694}

O43 - CFD: 15/01/2012 - 10:11:52 - [0] ----D- C:\Users\bernard\AppData\Local\{8D792FD7-ABB8-43E5-B77C-8D5F9C21E3DC}

O43 - CFD: 09/12/2011 - 13:28:06 - [0] ----D- C:\Users\bernard\AppData\Local\{91961C03-32D7-42CA-8934-9B1374C9A704}

O43 - CFD: 13/01/2012 - 12:30:24 - [0] ----D- C:\Users\bernard\AppData\Local\{B12B588A-0494-4D83-9C45-3DA4F7F10772}

O43 - CFD: 17/01/2012 - 08:42:18 - [0] ----D- C:\Users\bernard\AppData\Local\{B1E6C1EC-6046-481B-BC0D-04AFD8684B60}

O43 - CFD: 09/01/2012 - 14:44:16 - [0] ----D- C:\Users\bernard\AppData\Local\{B83410FE-BA10-4310-999A-07D4A04EC913}

O43 - CFD: 15/01/2012 - 10:11:42 - [0] ----D- C:\Users\bernard\AppData\Local\{C3522912-325C-478A-9CF2-C1D2477EB885}

O43 - CFD: 21/02/2011 - 07:15:16 - [0] ----D- C:\Users\bernard\AppData\Local\{CEECE7A0-950F-499F-A495-C95C11723995}

O43 - CFD: 28/01/2011 - 09:35:54 - [0] ----D- C:\Users\bernard\AppData\Local\{D8F61B7A-25E5-4568-A189-96D019187B0A}

O43 - CFD: 06/02/2012 - 13:59:26 - [0] ----D- C:\Users\bernard\AppData\Local\{DA2814C3-BAFC-44FA-B0C5-071BD023CBF6}

O43 - CFD: 24/09/2011 - 09:42:40 - [0] ----D- C:\Users\bernard\AppData\Local\{DBD15310-E99C-4808-A721-61D4A9CF3B77}

O43 - CFD: 09/01/2012 - 14:44:04 - [0] ----D- C:\Users\bernard\AppData\Local\{E2EE1E0B-AEBC-41B5-88F8-5B9E009E4CF6}

O43 - CFD: 09/12/2011 - 13:28:18 - [0] ----D- C:\Users\bernard\AppData\Local\{ED105CC8-991B-4A4A-8141-7F4B98EDC4EF}

O43 - CFD: 21/01/2012 - 09:38:38 - [0] ----D- C:\Users\bernard\AppData\Local\{F115C979-851D-4873-9493-A554F52A5C54}

O43 - CFD: 26/02/2011 - 09:56:44 - [0] ----D- C:\Users\bernard\AppData\Local\{FC4A9932-E1C0-4039-9B68-5F217A172817}

O43 - CFD: 04/03/2011 - 15:49:22 - [0,700] ----D- C:\Program Files (x86)\3Planesoft Screensaver Manager

O43 - CFD: 12/09/2010 - 15:55:40 - [2,951] ----D- C:\Program Files (x86)\7-Zip

O43 - CFD: 27/07/2010 - 16:57:14 - [1,454] ----D- C:\Program Files (x86)\Aacd v3

O43 - CFD: 23/01/2010 - 20:36:42 - [1042,745] ----D- C:\Program Files (x86)\Adobe

O43 - CFD: 23/01/2010 - 20:27:54 - [117,667] ----D- C:\Program Files (x86)\AGEIA Technologies

O43 - CFD: 10/09/2010 - 14:38:36 - [5,078] ----D- C:\Program Files (x86)\Amazon

O43 - CFD: 22/04/2011 - 09:50:48 - [1,411] ----D- C:\Program Files (x86)\AnmSMP

O43 - CFD: 11/09/2011 - 09:25:18 - [2,316] ----D- C:\Program Files (x86)\Apple Software Update

O43 - CFD: 01/12/2011 - 07:48:04 - [0,000] ----D- C:\Program Files (x86)\Application Updater

O43 - CFD: 24/12/2011 - 12:38:44 - [22,258] ----D- C:\Program Files (x86)\ArtStudio

O43 - CFD: 08/07/2010 - 20:20:26 - [1,743] ----D- C:\Program Files (x86)\Atheros

O43 - CFD: 28/09/2011 - 16:16:40 - [8,289] ----D- C:\Program Files (x86)\Audacity

O43 - CFD: 05/04/2011 - 13:28:30 - [32,795] ----D- C:\Program Files (x86)\Audacity 1.3 Beta (Unicode)

O43 - CFD: 22/08/2011 - 05:44:10 - [1,454] ----D- C:\Program Files (x86)\AVG Secure Search

O43 - CFD: 14/08/2010 - 10:12:02 - [0,140] ----D- C:\Program Files (x86)\AviSynth 2.5

O43 - CFD: 27/07/2010 - 16:54:32 - [27,025] ----D- C:\Program Files (x86)\Bayer® HealthCare

O43 - CFD: 18/03/2011 - 14:07:04 - [0,036] ----D- C:\Program Files (x86)\Beausoft

O43 - CFD: 02/04/2011 - 07:55:32 - [0,082] ----D- C:\Program Files (x86)\bobyte

O43 - CFD: 18/11/2011 - 16:10:22 - [7,999] ----D- C:\Program Files (x86)\CamStudio

O43 - CFD: 31/10/2011 - 09:14:46 - [361,257] ----D- C:\Program Files (x86)\Canon

O43 - CFD: 22/01/2012 - 17:09:04 - [8,481] ----D- C:\Program Files (x86)\CCleaner

O43 - CFD: 21/06/2011 - 09:40:26 - [9,784] ----D- C:\Program Files (x86)\CDex

O43 - CFD: 05/02/2012 - 08:14:36 - [799,123] ----D- C:\Program Files (x86)\Common Files

O43 - CFD: 17/10/2010 - 10:04:16 - [3,798] ----D- C:\Program Files (x86)\ConduitEngine

O43 - CFD: 04/03/2011 - 15:48:30 - [0,684] ----D- C:\Program Files (x86)\Coral Clock 3D Screensaver

O43 - CFD: 15/01/2012 - 12:55:48 - [483,552] ----D- C:\Program Files (x86)\Cuisine Delinia

O43 - CFD: 02/04/2011 - 08:48:30 - [9,431] ----D- C:\Program Files (x86)\DebugMode

O43 - CFD: 14/12/2011 - 09:11:44 - [24,198] ----D- C:\Program Files (x86)\deepinvent

O43 - CFD: 10/05/2011 - 07:43:22 - [1,837] ----D- C:\Program Files (x86)\dessin

O43 - CFD: 07/11/2010 - 08:59:42 - [0] ----D- C:\Program Files (x86)\directx

O43 - CFD: 04/04/2011 - 07:01:48 - [0,912] ----D- C:\Program Files (x86)\dirtoprint

O43 - CFD: 29/06/2011 - 10:08:12 - [0,935] ----D- C:\Program Files (x86)\DVD Shrink

O43 - CFD: 13/08/2010 - 15:22:42 - [13,067] ----D- C:\Program Files (x86)\DVDVideoSoft

O43 - CFD: 02/10/2011 - 07:58:20 - [6,627] ----D- C:\Program Files (x86)\Easy Driver Pro

O43 - CFD: 30/01/2012 - 07:38:02 - [151,049] ----D- C:\Program Files (x86)\Emsisoft Anti-Malware

O43 - CFD: 22/08/2011 - 05:19:00 - [39,898] ----D- C:\Program Files (x86)\eRightSoft

O43 - CFD: 27/07/2010 - 16:52:40 - [7,237] ----D- C:\Program Files (x86)\FamilySearch

O43 - CFD: 22/01/2012 - 17:09:50 - [3,303] ----D- C:\Program Files (x86)\FlashGet

O43 - CFD: 09/07/2010 - 16:32:34 - [4,235] ----D- C:\Program Files (x86)\FlashGet Network

O43 - CFD: 31/08/2011 - 08:19:52 - [0,000] ----D- C:\Program Files (x86)\FLV Cutter

O43 - CFD: 07/08/2010 - 10:10:56 - [4,748] ----D- C:\Program Files (x86)\Free Fire Screensaver

O43 - CFD: 21/01/2012 - 10:08:56 - [13,812] ----D- C:\Program Files (x86)\Free FLV Converter

O43 - CFD: 28/10/2011 - 17:28:26 - [2,563] ----D- C:\Program Files (x86)\Free MOV 2 AVI

O43 - CFD: 27/08/2011 - 09:30:18 - [11,132] ----D- C:\Program Files (x86)\Free Video Cutter

O43 - CFD: 29/07/2010 - 07:41:50 - [1,702] ----D- C:\Program Files (x86)\FSL

O43 - CFD: 21/02/2011 - 17:53:56 - [27,843] ----D- C:\Program Files (x86)\GeoVid

O43 - CFD: 01/10/2011 - 15:20:14 - [-2024,894] ----D- C:\Program Files (x86)\gerorando

O43 - CFD: 02/08/2010 - 18:36:24 - [108,634] ----D- C:\Program Files (x86)\GIMP-2.0

O43 - CFD: 31/12/2011 - 07:52:54 - [203,534] ----D- C:\Program Files (x86)\Google

O43 - CFD: 20/09/2011 - 05:50:20 - [0] ----D- C:\Program Files (x86)\gérorando

O43 - CFD: 09/08/2010 - 18:49:34 - [0,564] ----D- C:\Program Files (x86)\HD Tune

O43 - CFD: 11/10/2011 - 12:00:04 - [81,827] ----D- C:\Program Files (x86)\Hercules

O43 - CFD: 11/10/2011 - 12:00:04 - [58,799] --H-D- C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 16/12/2011 - 03:23:46 - [6,087] ----D- C:\Program Files (x86)\Internet Explorer

O43 - CFD: 28/10/2011 - 13:36:02 - [173,548] ----D- C:\Program Files (x86)\Java

O43 - CFD: 05/12/2011 - 14:16:18 - [87,689] ----D- C:\Program Files (x86)\jeux

O43 - CFD: 22/02/2011 - 20:21:46 - [18,170] ----D- C:\Program Files (x86)\Kyodai Mahjongg 2006

O43 - CFD: 05/04/2011 - 13:40:42 - [1,180] ----D- C:\Program Files (x86)\Lame For Audacity

O43 - CFD: 01/12/2011 - 08:09:06 - [38,464] ----D- C:\Program Files (x86)\Lavasoft

O43 - CFD: 29/11/2011 - 16:22:48 - [30,289] ----D- C:\Program Files (x86)\MaCuisineLapeyre

O43 - CFD: 31/12/2011 - 04:42:14 - [628,440] ----D- C:\Program Files (x86)\MAGIX

O43 - CFD: 30/01/2012 - 13:54:44 - [11,490] ----D- C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 13/08/2010 - 16:18:38 - [9,438] ----D- C:\Program Files (x86)\Micro Application

O43 - CFD: 14/09/2010 - 11:09:42 - [38,002] ----D- C:\Program Files (x86)\Microsoft Analysis Services

O43 - CFD: 21/02/2011 - 17:54:06 - [1276,129] ----D- C:\Program Files (x86)\Microsoft Office

O43 - CFD: 28/10/2009 - 17:58:28 - [7,431] ----D- C:\Program Files (x86)\Microsoft Office Suite Activation Assistant

O43 - CFD: 17/03/2011 - 19:39:00 - [430,192] ----D- C:\Program Files (x86)\Microsoft Picture It! 10

O43 - CFD: 14/10/2011 - 02:25:56 - [36,633] ----D- C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 27/02/2011 - 08:42:56 - [1,722] ----D- C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 14/09/2010 - 11:13:54 - [0,757] ----D- C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 14/09/2010 - 11:14:12 - [0,312] ----D- C:\Program Files (x86)\Microsoft Synchronization Services

O43 - CFD: 23/01/2010 - 20:42:20 - [1,568] ----D- C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 16/12/2010 - 03:02:58 - [138,959] ----D- C:\Program Files (x86)\Microsoft Works

O43 - CFD: 14/09/2010 - 11:13:54 - [7,789] ----D- C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 19/03/2011 - 13:05:18 - [8,904] ----D- C:\Program Files (x86)\Movie Maker 2.6

O43 - CFD: 02/09/2011 - 11:43:12 - [28,463] ----D- C:\Program Files (x86)\Moyea

O43 - CFD: 10/02/2012 - 07:54:38 - [39,143] ----D- C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 02/04/2011 - 08:17:42 - [1,099] ----D- C:\Program Files (x86)\MP3Gain

O43 - CFD: 14/08/2010 - 10:41:24 - [0,484] ----D- C:\Program Files (x86)\MPG CUT

O43 - CFD: 14/09/2010 - 11:14:36 - [0,025] ----D- C:\Program Files (x86)\MSBuild

O43 - CFD: 09/07/2010 - 22:31:56 - [0] ----D- C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 05/02/2012 - 08:23:00 - [1696,858] ----D- C:\Program Files (x86)\Nero

O43 - CFD: 08/07/2010 - 20:36:16 - [6,959] ----D- C:\Program Files (x86)\NETGEAR

O43 - CFD: 03/10/2011 - 10:19:58 - [0] ----D- C:\Program Files (x86)\Nouveau dossier

O43 - CFD: 26/07/2010 - 18:21:02 - [0,004] ----D- C:\Program Files (x86)\Oberon Media

O43 - CFD: 05/07/2010 - 14:47:52 - [0,102] ----D- C:\Program Files (x86)\OEM

O43 - CFD: 09/08/2010 - 15:51:08 - [1,538] ----D- C:\Program Files (x86)\OfficeRecovery

O43 - CFD: 27/07/2010 - 16:50:12 - [4,928] ----D- C:\Program Files (x86)\ONES Trial (F)

O43 - CFD: 28/03/2011 - 13:31:26 - [411,121] ----D- C:\Program Files (x86)\OpenOffice.org 3

O43 - CFD: 08/08/2010 - 17:22:18 - [68,532] ----D- C:\Program Files (x86)\Packard Bell

O43 - CFD: 13/10/2011 - 16:17:54 - [597,686] ----D- C:\Program Files (x86)\Packard Bell GameZone

O43 - CFD: 17/07/2011 - 16:26:50 - [5,923] ----D- C:\Program Files (x86)\PC Inspector File Recovery

O43 - CFD: 02/10/2011 - 08:23:24 - [0,156] ----D- C:\Program Files (x86)\PC VGA Camera

O43 - CFD: 29/07/2010 - 16:27:44 - [34,792] ----D- C:\Program Files (x86)\PDF EDITEUR Iceni

O43 - CFD: 30/09/2011 - 19:21:46 - [68,660] ----D- C:\Program Files (x86)\PDF to WORD

O43 - CFD: 15/03/2011 - 07:19:44 - [25,639] ----D- C:\Program Files (x86)\PDFCreator

O43 - CFD: 27/12/2011 - 08:04:34 - [31,148] ----D- C:\Program Files (x86)\Photo Art Studio

O43 - CFD: 24/11/2011 - 16:43:06 - [4,017] ----D- C:\Program Files (x86)\Photo filtre

O43 - CFD: 31/12/2010 - 12:50:26 - [2,630] ----D- C:\Program Files (x86)\Photo Notifier and Animation Creator

O43 - CFD: 24/11/2011 - 16:44:22 - [14,108] ----D- C:\Program Files (x86)\PhotoFiltre

O43 - CFD: 24/11/2011 - 16:48:10 - [16,577] ----D- C:\Program Files (x86)\PhotoFiltre Studio X

O43 - CFD: 06/07/2011 - 10:24:46 - [0] ----D- C:\Program Files (x86)\PRTG Network Monitor

O43 - CFD: 09/09/2011 - 16:56:52 - [12,046] ----D- C:\Program Files (x86)\PSPad editor

O43 - CFD: 17/09/2011 - 16:03:10 - [72,190] ----D- C:\Program Files (x86)\QuickTime

O43 - CFD: 29/07/2010 - 06:30:50 - [0,538] ----D- C:\Program Files (x86)\Raptr

O43 - CFD: 28/10/2009 - 17:37:26 - [3,202] ----D- C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 06:32:40 - [37,345] ----D- C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 21/03/2011 - 11:28:16 - [2,127] ----D- C:\Program Files (x86)\Replisting

O43 - CFD: 31/08/2011 - 11:59:32 - [0,044] ----D- C:\Program Files (x86)\Riva

O43 - CFD: 07/11/2010 - 09:02:50 - [242,700] ----D- C:\Program Files (x86)\Roxio

O43 - CFD: 03/01/2011 - 08:09:42 - [2,504] ----D- C:\Program Files (x86)\RSBR-Software

O43 - CFD: 07/09/2011 - 07:21:24 - [75,299] ----D- C:\Program Files (x86)\ScanSoft

O43 - CFD: 01/12/2011 - 07:48:04 - [0,930] ----D- C:\Program Files (x86)\Search Settings

O43 - CFD: 17/03/2011 - 16:33:16 - [60,769] ----D- C:\Program Files (x86)\Serif

O43 - CFD: 09/04/2011 - 15:00:36 - [8,122] ----D- C:\Program Files (x86)\SopCast

O43 - CFD: 11/11/2010 - 14:33:52 - [59,410] ----D- C:\Program Files (x86)\Spybot - Search & Destroy

O43 - CFD: 22/04/2011 - 10:02:34 - [63,813] ----D- C:\Program Files (x86)\TechSmith

O43 - CFD: 28/10/2009 - 17:37:38 - [0] --H-D- C:\Program Files (x86)\Temp

O43 - CFD: 15/04/2007 - 05:14:00 - [0,403] ----D- C:\Program Files (x86)\Tools

O43 - CFD: 18/01/2011 - 13:57:42 - [0,370] ----D- C:\Program Files (x86)\Trend Micro

O43 - CFD: 04/03/2011 - 15:49:18 - [0,688] ----D- C:\Program Files (x86)\Tropical Fish 3D Screensaver

O43 - CFD: 09/02/2012 - 07:51:26 - [75,612] ----D- C:\Program Files (x86)\TuneUp Utilities 2012

O43 - CFD: 14/07/2009 - 05:57:08 - [0] --H-D- C:\Program Files (x86)\Uninstall Information

O43 - CFD: 09/04/2011 - 15:40:08 - [9,945] ----D- C:\Program Files (x86)\Veetle

O43 - CFD: 18/11/2011 - 16:14:34 - [82,968] ----D- C:\Program Files (x86)\VideoLAN

O43 - CFD: 30/07/2010 - 15:51:12 - [0] ----D- C:\Program Files (x86)\VIRTUAL

O43 - CFD: 21/01/2012 - 09:55:42 - [6,398] ----D- C:\Program Files (x86)\VirtualDubMOD

O43 - CFD: 06/07/2011 - 07:44:40 - [1,564] ----D- C:\Program Files (x86)\Vistumbler

O43 - CFD: 05/02/2012 - 10:35:04 - [18,210] ----D- C:\Program Files (x86)\Vuze

O43 - CFD: 17/10/2010 - 10:04:16 - [3,933] ----D- C:\Program Files (x86)\Vuze_Remote

O43 - CFD: 03/10/2011 - 10:24:26 - [18,848] ----D- C:\Program Files (x86)\webcam

O43 - CFD: 19/01/2010 - 08:57:52 - [0,500] ----D- C:\Program Files (x86)\Windows Defender

O43 - CFD: 09/12/2011 - 13:20:34 - [62,267] ----D- C:\Program Files (x86)\Windows Live

O43 - CFD: 07/07/2011 - 05:44:32 - [5,895] ----D- C:\Program Files (x86)\Windows Mail

O43 - CFD: 07/07/2011 - 05:44:32 - [4,791] ----D- C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 06:32:40 - [11,632] ----D- C:\Program Files (x86)\Windows NT

O43 - CFD: 07/07/2011 - 05:44:32 - [4,213] ----D- C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 07/07/2011 - 05:44:32 - [0,181] ----D- C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 07/07/2011 - 05:44:32 - [6,039] ----D- C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 02/04/2011 - 07:54:28 - [3,207] ----D- C:\Program Files (x86)\wink

O43 - CFD: 09/07/2010 - 16:28:14 - [3,707] ----D- C:\Program Files (x86)\WinRAR

O43 - CFD: 06/04/2011 - 17:17:24 - [0] ----D- C:\Program Files (x86)\Wondershare

O43 - CFD: 27/04/2011 - 16:09:58 - [98,383] ----D- C:\Program Files (x86)\Xilisoft

O43 - CFD: 30/12/2011 - 12:22:38 - [16,151] ----D- C:\Program Files (x86)\XnView

O43 - CFD: 28/10/2011 - 17:40:30 - [0,812] ----D- C:\Program Files (x86)\XviD

O43 - CFD: 02/10/2011 - 08:25:16 - [31,727] ----D- C:\Program Files (x86)\Yahoo!

O43 - CFD: 22/04/2011 - 09:55:04 - [2,706] ----D- C:\Program Files (x86)\Zeallsoft

O43 - CFD: 10/02/2012 - 13:04:48 - [10,100] ----D- C:\Program Files (x86)\ZHPDiag

O43 - CFD: 08/02/2012 - 17:18:40 - [335,434] ----D- C:\Program Files (x86)\Zylom Games

O43 - CFD: 07/11/2010 - 08:59:40 - [5,369] ----D- C:\Program Files (x86)\Common Files\Adaptec Shared

O43 - CFD: 01/08/2010 - 19:53:36 - [66,665] ----D- C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 24/07/2010 - 15:51:38 - [59,370] ----D- C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 30/11/2011 - 06:08:26 - [0,710] ----D- C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 08/01/2012 - 18:59:42 - [69,693] ----D- C:\Program Files (x86)\Common Files\DVDVideoSoft

O43 - CFD: 21/02/2011 - 17:54:00 - [5,550] ----D- C:\Program Files (x86)\Common Files\GeoVid

O43 - CFD: 07/09/2011 - 07:21:24 - [13,496] ----D- C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 05/07/2011 - 08:12:58 - [1,201] ----D- C:\Program Files (x86)\Common Files\Java

O43 - CFD: 23/01/2010 - 20:37:30 - [0,622] ----D- C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 31/12/2011 - 04:40:28 - [11,209] ----D- C:\Program Files (x86)\Common Files\MAGIX Services

O43 - CFD: 31/12/2011 - 04:43:54 - [1,700] ----D- C:\Program Files (x86)\Common Files\MAGIX Shared

O43 - CFD: 09/12/2011 - 13:18:36 - [364,462] ----D- C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 17/03/2011 - 16:33:20 - [0,622] ----D- C:\Program Files (x86)\Common Files\MSSoap

O43 - CFD: 05/02/2012 - 08:18:22 - [54,977] ----D- C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 08/08/2010 - 17:22:04 - [0,338] ----D- C:\Program Files (x86)\Common Files\Oberon Media

O43 - CFD: 02/10/2011 - 08:23:26 - [13,901] ----D- C:\Program Files (x86)\Common Files\PAC7311

O43 - CFD: 23/01/2010 - 20:37:18 - [4,031] ----D- C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 07/11/2010 - 09:03:32 - [35,363] ----D- C:\Program Files (x86)\Common Files\Roxio Shared

O43 - CFD: 07/09/2011 - 07:21:28 - [0,148] ----D- C:\Program Files (x86)\Common Files\ScanSoft Shared

O43 - CFD: 14/07/2009 - 04:20:10 - [0,003] ----D- C:\Program Files (x86)\Common Files\Services

O43 - CFD: 23/01/2010 - 20:37:18 - [0,324] ----D- C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 14/07/2009 - 04:20:10 - [39,200] ----D- C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 31/08/2011 - 11:59:40 - [0,094] ----D- C:\Program Files (x86)\Common Files\SWF Studio

O43 - CFD: 09/07/2010 - 16:17:26 - [0] ----D- C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 07/12/2011 - 03:03:00 - [16,743] ----D- C:\Program Files (x86)\Common Files\System

O43 - CFD: 23/01/2010 - 20:38:08 - [0] ----D- C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 23/01/2010 - 20:27:46 - [32,593] ----D- C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 01mn 05s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.A2254EA2A2B55E85A0239AB9919C6676] - 10/02/2012 - 12:53:11 ---A- . (...) -- C:\AdwCleaner[R1].txt [8097]

O44 - LFC:[MD5.77CEAF333E43A5ED7BAB174F20A942E8] - 10/02/2012 - 12:51:21 ---A- . (...) -- C:\Windows\WindowsUpdate.log [1741548]

O44 - LFC:[MD5.D74E3C688AA4F552EB9F55CB8EA67170] - 10/02/2012 - 08:04:33 ---A- . (...) -- C:\Windows\setupact.log [56]

O44 - LFC:[MD5.DF1C68FA29A6BF758E6B2DB8B01B1B1F] - 10/02/2012 - 08:04:29 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.33430B7F14F5A2DB069A9A65B637C370] - 10/02/2012 - 08:04:25 ---A- . (...) -- C:\Windows\PFRO.log [356]

O44 - LFC:[MD5.B1CDEB9F08B8D2E8D548A6CDDC0D2BD3] - 10/02/2012 - 08:04:25 ---A- . (...) -- C:\aaw7boot.log [33461]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 09/02/2012 - 10:33:59 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.32F0D82457EA6B45AB72F6DA47418BD8] - 07/02/2012 - 11:17:06 ---A- . (.DVDVideoSoft Ltd. - Free Video to DVD Converter 5.0.4.1228 Setu.) -- C:\FreeVideoToDVDConverter (1).exe.8v3mnzp.partial [12713718]

O44 - LFC:[MD5.CC6227267BADDAD6648D0118C064D86D] - 07/02/2012 - 11:16:36 ---A- . (.DVDVideoSoft Ltd. - Free Video to DVD Converter 5.0.4.1228 Setu.) -- C:\FreeVideoToDVDConverter.exe [19734712]

O44 - LFC:[MD5.3AED0614480A776AC62AD0341829CFD7] - 07/02/2012 - 07:43:10 ---A- . (...) -- C:\winrar-x64-410.exe [1637578]

O44 - LFC:[MD5.0F78458D5C402D3013B71DC49A5C873A] - 07/02/2012 - 07:42:48 ---A- . (...) -- C:\winrar-x64-410fr.exe [1707708]

O44 - LFC:[MD5.0178BE3EA5E0A8B08E2922E0009481F7] - 07/02/2012 - 07:40:39 ---A- . (.Mozilla - Firefox.) -- C:\Firefox Setup 10.0.exe [15920560]

O44 - LFC:[MD5.FE9121BBC500368C4EC554589206C94A] - 06/02/2012 - 14:25:48 ---A- . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\SysNative\TURegOpt.exe [34624]

O44 - LFC:[MD5.FE9121BBC500368C4EC554589206C94A] - 06/02/2012 - 14:25:48 RSHAD . (.TuneUp Software - TuneUp Registry Optimization Boot Applicati.) -- C:\Windows\system32\TURegOpt.exe [34624]

O44 - LFC:[MD5.9C54C9F1B6DC210A318CC3E6B316A13C] - 06/02/2012 - 14:25:44 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\SysNative\authuitu.dll [25920]

O44 - LFC:[MD5.9C54C9F1B6DC210A318CC3E6B316A13C] - 06/02/2012 - 14:25:44 ---A- . (.TuneUp Software - TuneUp WinLogon Extension.) -- C:\Windows\system32\authuitu.dll [25920]

O44 - LFC:[MD5.4FE7B5757279D82C4D171E9F7FD52A75] - 05/02/2012 - 07:55:37 RSHAD . (.Nero AG - Nero Backup Volume Upper Filter Driver for.) -- C:\Windows\system32\drivers\NBVolUp.sys [15920]

O44 - LFC:[MD5.7B2D90BBBBED11C8DFBA441D34AE901E] - 05/02/2012 - 07:55:33 RSHAD . (.Nero AG - Nero Backup Volume Filter Driver for the Di.) -- C:\Windows\system32\drivers\NBVol.sys [72240]

O44 - LFC:[MD5.C7BC96C3711C0D269DA26D1F0ECEC547] - 04/02/2012 - 17:21:57 ---A- . (...) -- C:\Windows\NeroDigital.ini [69]

O44 - LFC:[MD5.1F04158AE91716EBCB90D02D9F840FA7] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.73B4C684890EFAE24D0E2D04B8E5ED5A] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107256]

O44 - LFC:[MD5.B808BF841CB8315055405795D2383915] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [131648]

O44 - LFC:[MD5.D5BCDCE07E03324059064A7355E38AA9] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [618936]

O44 - LFC:[MD5.28F78D435DB805EF82E3D447AEC51597] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [707220]

O44 - LFC:[MD5.1F04158AE91716EBCB90D02D9F840FA7] - 29/01/2012 - 19:11:55 ---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.73B4C684890EFAE24D0E2D04B8E5ED5A] - 29/01/2012 - 19:11:55 RSHAD . (...) -- C:\Windows\system32\perfc009.dat [107256]

O44 - LFC:[MD5.B808BF841CB8315055405795D2383915] - 29/01/2012 - 19:11:55 RSHAD . (...) -- C:\Windows\system32\perfc00C.dat [131648]

O44 - LFC:[MD5.D5BCDCE07E03324059064A7355E38AA9] - 29/01/2012 - 19:11:55 RSHAD . (...) -- C:\Windows\system32\perfh009.dat [618936]

O44 - LFC:[MD5.28F78D435DB805EF82E3D447AEC51597] - 29/01/2012 - 19:11:55 RSHAD . (...) -- C:\Windows\system32\perfh00C.dat [707220]

O44 - LFC:[MD5.CA823754BAAE252C4A6B871E176C1348] - 23/01/2012 - 17:35:46 ---A- . (...) -- C:\Windows\CSTBox.INI [46956]

~ Scan Files in 00mn 07s

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" [Enabled] .(...) -- C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\system32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\system32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\system32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\system32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\system32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\system32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\system32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\system32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - photoshop elements 7.0.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

O50 - IFEO:Image File Execution Options - photoshopelementseditor.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

O50 - IFEO:Image File Execution Options - photoshopelementsorganizer.exe - "C:\Program Files (x86)\TuneUp Utilities 2012\TUAutoReactivator64.exe"

~ Scan IFEO in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{76b78963-df85-11df-9958-00262d1c9dd9}\AutoRun\command. (...) -- K:\LaunchU3.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.tscc"="C:\Windows\SysWOW64\tsccvid64.dll" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"tsccvid64.dll"="TechSmith Screen Capture Codec (64-bit)" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (.Adobe Systems Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe

O53 - SMSR:HKLM\...\startupreg\BCSSync [Key] . (.Microsoft Corporation - Microsoft Office 2010 component.) -- C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe

O53 - SMSR:HKLM\...\startupreg\CamserviceOG [Key] . (.Guillemot Corporation S.A. - Hercules Xtra Controller Main Application.) -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCtrl.exe

O53 - SMSR:HKLM\...\startupreg\CanonMyPrinter [Key] . (.CANON INC. - Canon My Printer.) -- C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

O53 - SMSR:HKLM\...\startupreg\CanonSolutionMenuEx [Key] . (.CANON INC. - Canon Solution Menu EX.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.exe

O53 - SMSR:HKLM\...\startupreg\Malwarebytes' Anti-Malware [Key] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

O53 - SMSR:HKLM\...\startupreg\Messenger (Yahoo!) [Key] . (...) -- C:\Program Files\Yahoo!\MESSEN~1\YahooMessenger.exe (.not file.)

O53 - SMSR:HKLM\...\startupreg\Motor_Tracking_Tool [Key] . (.Microsoft Corporation - Capture Application (Sample).) -- C:\Windows\twain_32\USB2.0 Motor Tracking Camera\Motor_Tracking_Tool.exe

O53 - SMSR:HKLM\...\startupreg\NBAgent [Key] . (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe

O53 - SMSR:HKLM\...\startupreg\PDF3 Registry Controller [Key] . (.ScanSoft, Inc. - PDF Converter Registry Controller.) -- C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\RegistryController.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files (x86)\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\ScanSoft PDF Converter 3.0-reminder [Key] . (.ScanSoft, Inc. - Ereg.) -- C:\Program Files (x86)\ScanSoft\PDF Converter 3.0\Ereg\Ereg.exe

O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Spigot, Inc. - Search Settings application.) -- C:\Program Files (x86)\Search Settings\SearchSettings.exe

O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Scansoft, Inc. - SSBkgdUpdate.) -- C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

O53 - SMSR:HKLM\...\startupreg\STICAP [Key] . (.Pas de propriétaire - SnapTrap MFC Application.) -- C:\Windows\twain_32\USB2.0 Motor Tracking Camera\SnapTrap.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O53 - SMSR:HKLM\...\startupreg\Windows Mobile Device Center [Key] . (.Microsoft Corporation - Gestionnaire pour appareils Windows Mobile.) -- C:\Windows\WindowsMobile\wmdc.exe

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\system32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLinkedConnections"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKCU\...\policies\Explorer] - "CDRAutoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.597F78224EE9224EA1A13D6350CED962] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys [339536]

O58 - SDL:[MD5.E109549C90F62FB570B9540C4B148E54] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) -- C:\Windows\system32\drivers\adpu320.sys [182864]

O58 - SDL:[MD5.5812713A477A3AD7363C7438CA2EE038] - 14/07/2009 - 02:52:21 RSHAD . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys [15440]

O58 - SDL:[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\Windows\system32\drivers\amdsata.sys [107904]

O58 - SDL:[MD5.F67F933E79241ED32FF46A4F29B5120B] - 14/07/2009 - 02:52:20 RSHAD . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows -.) -- C:\Windows\system32\drivers\amdsbs.sys [194128]

O58 - SDL:[MD5.540DAF1CEA6094886D72126FD7C33048] - 11/03/2011 - 07:41:12 RSHAD . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\Windows\system32\drivers\amdxata.sys [27008]

O58 - SDL:[MD5.C484F8CEB1717C540242531DB7845C4E] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys [87632]

O58 - SDL:[MD5.019AF6924AEFE7839F61C830227FE79C] - 14/07/2009 - 02:52:21 RSHAD . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys [97856]

O58 - SDL:[MD5.CE6D8BCC4787704EA4FEEB92B0D0CAF8] - 28/11/2011 - 18:51:53 RSHAD . (.AVAST Software - avast! File System Access Blocking Driver.) -- C:\Windows\system32\drivers\aswFsBlk.sys [24408]

O58 - SDL:[MD5.78C8F46F4BD5F9DCFE2AF5DFEA33F334] - 28/11/2011 - 18:54:44 RSHAD . (.AVAST Software - avast! Filtering TDI driver.) -- C:\Windows\system32\drivers\aswFW.sys [140120]

O58 - SDL:[MD5.0DEBEB2E3FBD0BF5343125CCE617F105] - 28/11/2011 - 18:52:11 RSHAD . (.AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\system32\drivers\aswMonFlt.sys [66904]

O58 - SDL:[MD5.518B8D447A1975AB46DA093A2E743256] - 28/06/2010 - 21:10:45 RSHAD . (.ALWIL Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis.sys [12368]

O58 - SDL:[MD5.A985FA77A3262BC119E6E520CDA645B0] - 28/11/2011 - 18:53:28 RSHAD . (.AVAST Software - avast! Filtering NDIS driver.) -- C:\Windows\system32\drivers\aswNdis2.sys [258392]

O58 - SDL:[MD5.952EDC2E81F85D1781958D4128BF59F8] - 28/11/2011 - 18:52:22 RSHAD . (.AVAST Software - avast! TDI RDR Driver.) -- C:\Windows\system32\drivers\aswRdr.sys [42328]

O58 - SDL:[MD5.DD383E2AC941C545A85AB72503DA6C12] - 28/11/2011 - 18:54:06 RSHAD . (.AVAST Software - avast! Virtualization Driver.) -- C:\Windows\system32\drivers\aswSnx.sys [591192]

O58 - SDL:[MD5.EF5403FB8B2DCB791EC365FDF6040A4A] - 28/11/2011 - 18:53:58 RSHAD . (.AVAST Software - avast! self protection module.) -- C:\Windows\system32\drivers\aswSP.sys [304472]

O58 - SDL:[MD5.34165DA5C6B30C0F9D61246BF8A28040] - 28/11/2011 - 18:52:20 RSHAD . (.AVAST Software - avast! TDI Filter Driver.) -- C:\Windows\system32\drivers\aswTdi.sys [58712]

O58 - SDL:[MD5.FC0E8778C000291CAF60EB88C011E931] - 25/09/2011 - 08:27:11 RSHAD . (...) -- C:\Windows\system32\drivers\atksgt.sys [314016]

O58 - SDL:[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - 10/06/2009 - 21:34:23 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60a.sys [270848]

O58 - SDL:[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys [18432]

O58 - SDL:[MD5.B114D3098E9BDB8BEA8B053685831BE6] - 10/06/2009 - 21:41:06 RSHAD . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys [8704]

O58 - SDL:[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - 14/07/2009 - 02:19:07 RSHAD . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys [286720]

O58 - SDL:[MD5.A6ECA2151B08A09CACECA35C07F05B42] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys [47104]

O58 - SDL:[MD5.B79968002C277E869CF38BD22CD61524] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys [14976]

O58 - SDL:[MD5.A87528880231C54E75EA7A44943B38BF] - 10/06/2009 - 21:41:10 RSHAD . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys [14720]

O58 - SDL:[MD5.3E5B191307609F7514148C6832BB0842] - 10/06/2009 - 21:34:28 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\Windows\system32\drivers\bxvbda.sys [468480]

O58 - SDL:[MD5.E19D3F095812725D88F9001985B94EDD] - 14/07/2009 - 02:52:31 RSHAD . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys [17488]

O58 - SDL:[MD5.0E5DA5369A0FCAEA12456DD852545184] - 14/07/2009 - 02:47:48 RSHAD . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys [530496]

O58 - SDL:[MD5.DC5D737F51BE844D8C82C695EB17372F] - 10/06/2009 - 21:34:33 RSHAD . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\Windows\system32\drivers\evbda.sys [3286016]

O58 - SDL:[MD5.0F210048C6BFBFBC0F50816BCE40B575] - 01/05/2008 - 20:25:51 RSHAD . (.FTDI Ltd. - FTDIBUS USB Driver.) -- C:\Windows\system32\drivers\ftdibus.sys [68800]

O58 - SDL:[MD5.F2523EF6460FC42405B12248338AB2F0] - 10/06/2009 - 21:31:59 RSHAD . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys [31232]

O58 - SDL:[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - 20/11/2010 - 14:33:35 RSHAD . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys [78720]

O58 - SDL:[MD5.4B7423FCC37664954460AC3E71752B62] - 08/02/2009 - 23:43:10 RSHAD . (.Guillemot Corporation - Filter Driver for the Hercules Webcams (MJPG).) -- C:\Windows\system32\drivers\hxctlflt.sys [111104]

O58 - SDL:[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - 11/03/2011 - 07:41:26 RSHAD . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\Windows\system32\drivers\iaStorV.sys [410496]

O58 - SDL:[MD5.5C18831C61933628F5BB0EA2675B9D21] - 14/07/2009 - 02:48:04 RSHAD . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys [44112]

O58 - SDL:[MD5.5BE640E88814B77A9E84B4549B5DCC2C] - 01/10/2008 - 15:44:06 ---A- . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\system32\drivers\jswpslwfx.sys [26624]

O58 - SDL:[MD5.C8B3131857931AE76798A741CC52B021] - 03/11/2011 - 12:06:56 RSHAD . (.Lavasoft AB - Boot Driver.) -- C:\Windows\system32\drivers\Lbd.sys [69376]

O58 - SDL:[MD5.156AB2E56DC3CA0B582E3362E07CDED7] - 25/09/2011 - 08:27:10 RSHAD . (...) -- C:\Windows\system32\drivers\lirsgt.sys [43680]

O58 - SDL:[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys [114752]

O58 - SDL:[MD5.1047184A9FDC8BDBFF857175875EE810] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys [106560]

O58 - SDL:[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas2.sys [65600]

O58 - SDL:[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys [115776]

O58 - SDL:[MD5.79DA94B35371B9E7104460C7693DCB2C] - 10/12/2011 - 15:24:08 RSHAD . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys [23152]

O58 - SDL:[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for.) -- C:\Windows\system32\drivers\megasas.sys [35392]

O58 - SDL:[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - 14/07/2009 - 02:48:04 RSHAD . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\Windows\system32\drivers\MegaSR.sys [284736]

O58 - SDL:[MD5.7B2D90BBBBED11C8DFBA441D34AE901E] - 13/07/2011 - 13:59:54 RSHAD . (.Nero AG - Nero Backup Volume Filter Driver for the Disk Stack.) -- C:\Windows\system32\drivers\NBVol.sys [72240]

O58 - SDL:[MD5.4FE7B5757279D82C4D171E9F7FD52A75] - 13/07/2011 - 13:59:54 RSHAD . (.Nero AG - Nero Backup Volume Upper Filter Driver for the Disk Stack.) -- C:\Windows\system32\drivers\NBVolUp.sys [15920]

O58 - SDL:[MD5.77889813BE4D166CDAB78DDBA990DA92] - 14/07/2009 - 02:48:26 RSHAD . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys [51264]

O58 - SDL:[MD5.9573223E205907247AE6D948E3453770] - 17/08/2011 - 10:04:34 RSHAD . (.Nokia - Nokia USB Phone Bus Driver.) -- C:\Windows\system32\drivers\nmwcdnsux64.sys [171008]

O58 - SDL:[MD5.AD37248BD442D41C9A896E53EB8A85EE] - 21/08/2009 - 21:24:04 RSHAD . (.NVIDIA Corporation - NVIDIA HDMI Audio Driver.) -- C:\Windows\system32\drivers\nvhda64v.sys [84512]

O58 - SDL:[MD5.AAF5559039E99D0CC22E25255F3DC06E] - 03/04/2010 - 21:55:32 RSHAD . (.NVIDIA Corporation - NVIDIA Windows Kernel Mode Driver, Version 197.45.) -- C:\Windows\system32\drivers\nvlddmkm.sys [13807976]

O58 - SDL:[MD5.A85B4F2EF3A7304A5399EF0526423040] - 10/06/2009 - 21:35:35 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvm62x64.sys [408960]

O58 - SDL:[MD5.956A1F47826514C1EA0C295FE13C7377] - 30/04/2009 - 06:06:58 RSHAD . (.NVIDIA Corporation - NVIDIA MCP Networking Function Driver..) -- C:\Windows\system32\drivers\nvmf6264.sys [339360]

O58 - SDL:[MD5.0A92CB65770442ED0DC44834632F66AD] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) -- C:\Windows\system32\drivers\nvraid.sys [148352]

O58 - SDL:[MD5.AFDE3015BB8D76E26BEC3B287C5443A0] - 24/04/2009 - 20:07:36 RSHAD . (.NVIDIA Corporation - NVIDIA nForce SMU Microcontroller Driver.) -- C:\Windows\system32\drivers\nvsmu.sys [28704]

O58 - SDL:[MD5.DAB0E87525C10052BF65F06152F37E4A] - 11/03/2011 - 07:41:34 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys [166272]

O58 - SDL:[MD5.7C7EEF51979658CE15BBC04F96A77D56] - 29/04/2009 - 12:09:24 RSHAD . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor64.sys [239136]

O58 - SDL:[MD5.304E6AC43613A9C43896C4300009442B] - 28/11/2006 - 20:46:20 RSHAD . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver (AMD64).) -- C:\Windows\system32\drivers\PCAMp50a64.sys [43328]

O58 - SDL:[MD5.18B6869E23937175144E6F1D3CB85FC2] - 28/11/2006 - 20:46:20 RSHAD . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) -- C:\Windows\system32\drivers\PCASp50a64.sys [41280]

O58 - SDL:[MD5.CD33CB6FECF65520466F95AB89CC4AF5] - 06/07/2011 - 10:23:16 RSHAD . (.microOLAP Technologies LTD - PSSDK Driver Protocol v4.2 64bit.) -- C:\Windows\system32\drivers\pssdk42.sys [53312]

O58 - SDL:[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - 14/07/2009 - 02:45:46 RSHAD . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys [1524816]

O58 - SDL:[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - 14/07/2009 - 02:45:45 RSHAD . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys [128592]

O58 - SDL:[MD5.BC64B75E8E0A0B8982AB773483164E72] - 20/07/2009 - 11:52:38 RSHAD . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHD64.sys [1831968]

O58 - SDL:[MD5.FD833BEE2FD9BEFDC0AFD1941A306D9E] - 04/07/2011 - 17:39:39 RSHAD . (.Sunbelt Software - 64-bit Anti-Rootkit Engine.) -- C:\Windows\system32\drivers\SBREDrv.sys [55384]

O58 - SDL:[MD5.3EA8A16169C26AFBEB544E0E48421186] - 10/06/2009 - 21:37:19 RSHAD . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys [23040]

O58 - SDL:[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - 14/07/2009 - 02:45:45 RSHAD . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\Windows\system32\drivers\sisraid2.sys [43584]

O58 - SDL:[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - 14/07/2009 - 02:45:46 RSHAD . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys [80464]

O58 - SDL:[MD5.1D0639EAF910AD2C3F0DADC4C4B5CCB0] - 16/07/2008 - 09:59:32 RSHAD . (.Pas de propriétaire - USBCAMD for Sonix UVC.) -- C:\Windows\system32\drivers\sncduvc.sys [35840]

O58 - SDL:[MD5.BA2E864CDC01731A4F144019FB3BF598] - 22/04/2009 - 14:46:06 RSHAD . (.Pas de propriétaire - UVC Camera Streaming Driver.) -- C:\Windows\system32\drivers\snp2uvc.sys [3552384]

O58 - SDL:[MD5.F3817967ED533D08327DC73BC4D5542A] - 14/07/2009 - 02:45:55 RSHAD . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\Windows\system32\drivers\stexstor.sys [24656]

O58 - SDL:[MD5.5D66F58CD73F19C59D8C80202473D721] - 18/11/2010 - 18:13:36 RSHAD . (.Windows ® DDK provider - Virtual Audio Device Driver.) -- C:\Windows\system32\drivers\vad.sys [24992]

O58 - SDL:[MD5.E5689D93FFE4E5D66C0178761240DD54] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys [17488]

O58 - SDL:[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - 14/07/2009 - 02:45:55 RSHAD . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\Windows\system32\drivers\vsmraid.sys [161872]

O58 - SDL:[MD5.B972C12DE88299E78F6656A31046DD99] - 21/10/2009 - 11:01:34 RSHAD . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\Windows\system32\drivers\WN111v2w7x.sys [767488]

O58 - SDL:[MD5.2DB1A116F5FE2FDD53C8873033E9C9F1] - 05/11/2004 - 14:38:54 ---A- . (.Pas de propriétaire - Universal Serial Bus Camera Driver.) -- C:\Windows\SysWOW64\drivers\Camd930b.sys [24966]

O58 - SDL:[MD5.05B3E03FAE950179439EA892ABF9E9EE] - 30/06/2005 - 16:02:24 ---A- . (.Pas de propriétaire - Video Streaming and Capture Device Driver.) -- C:\Windows\SysWOW64\drivers\Capt930b.sys [362112]

O58 - SDL:[MD5.63B2C29ED56955EC615FFDA839F57792] - 07/11/2010 - 08:59:39 ---A- . (.Roxio - CDR4VSD CDR Helper.) -- C:\Windows\SysWOW64\drivers\Cdr4vsd.sys [66000]

O58 - SDL:[MD5.9C2904A447255FB8B84F3B7C24A807FC] - 07/11/2010 - 08:59:39 ---A- . (.Roxio - CDRAL for Windows NT Kernel Driver.) -- C:\Windows\SysWOW64\drivers\cdralwnt.sys [27388]

O58 - SDL:[MD5.2782A4549CC6558C52B0753126B2A833] - 16/11/2006 - 13:36:18 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\SysWOW64\drivers\DNIMP50.sys [21504]

O58 - SDL:[MD5.B222622709A919C91CB54A90CF7CEEFC] - 16/11/2006 - 13:36:28 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\SysWOW64\drivers\DNISP50.sys [20480]

O58 - SDL:[MD5.5BE640E88814B77A9E84B4549B5DCC2C] - 01/10/2008 - 15:44:06 ---A- . (.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) -- C:\Windows\SysWOW64\drivers\jswpslwfx.sys [26624]

O58 - SDL:[MD5.36CF3653D367CBC72A38625543F3D4D1] - 29/06/2005 - 01:38:00 ---A- . (.Prassi Technology - PzWDM.sys.) -- C:\Windows\SysWOW64\drivers\PzWDM.sys [15172]

~ Scan Drivers in 00mn 08s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: HiJackThis - (.Trend Micro.) [HKLM] -- {45A66726-69BC-466B-A7A4-12FCBA4883D7}

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFsBlk.sys (aswFsBlk) .(.AVAST Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswFW.sys (aswFW) .(.AVAST Software - avast! Filtering TDI driver.) - LEGACY_ASWFW

O64 - Services: CurCS - 28/11/2011 - C:\Windows\system32\drivers\aswMonFlt.sys (aswMonFlt) .(.AVAST Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswNdis2.sys (aswNdis2) .(.AVAST Software - avast! Filtering NDIS driver.) - LEGACY_ASWNDIS2

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswRdr.sys (aswRdr) .(.AVAST Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSnx.sys (aswSnx) .(.AVAST Software - avast! Virtualization Driver.) - LEGACY_ASWSNX

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswSP.sys (aswSP) .(.AVAST Software - avast! self protection module.) - LEGACY_ASWSP

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\aswTdi.sys (aswTdi) .(.AVAST Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI

O64 - Services: CurCS - 25/09/2011 - C:\Windows\system32\DRIVERS\atksgt.sys - atksgt (atksgt) .(...) - LEGACY_ATKSGT

O64 - Services: CurCS - 21/07/2011 - C:\Program Files\ma-config.com\Drivers\driverhardwarev2x64.sys (driverhardwarev2x64) .(.CybelSoft - Driver NT Ma-Config.com.) - LEGACY_DRIVERHARDWAREV2X64

O64 - Services: CurCS - 01/10/2008 - C:\Windows\system32\DRIVERS\jswpslwfx.sys (JSWPSLWF) .(.Atheros Communications, Inc. - Atheros Security NDIS 6.0 Filter Driver.) - LEGACY_JSWPSLWF

O64 - Services: CurCS - 01/12/2011 - C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys - Lavasoft helper driver (Lavasoft Kernexplorer) .(...) - LEGACY_LAVASOFT_KERNEXPLORER

O64 - Services: CurCS - 03/11/2011 - C:\Windows\system32\DRIVERS\Lbd.sys (Lbd) .(.Lavasoft AB - Boot Driver.) - LEGACY_LBD

O64 - Services: CurCS - 25/09/2011 - C:\Windows\system32\DRIVERS\lirsgt.sys - lirsgt (lirsgt) .(...) - LEGACY_LIRSGT

O64 - Services: CurCS - 10/12/2011 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 13/07/2011 - C:\Windows\system32\DRIVERS\NBVol.sys (NBVol) .(.Nero AG - Nero Backup Volume Filter Driver for the Di.) - LEGACY_NBVOL

O64 - Services: CurCS - 13/07/2011 - C:\Windows\system32\DRIVERS\NBVolUp.sys (NBVolUp) .(.Nero AG - Nero Backup Volume Upper Filter Driver for.) - LEGACY_NBVOLUP

O64 - Services: CurCS - 28/11/2006 - C:\Windows\system32\Drivers\PCASp50a64.sys (PCASp50a64) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver (AMD64).) - LEGACY_PCASP50A64

O64 - Services: CurCS - 06/07/2011 - C:\Windows\system32\Drivers\pssdk42.sys (PSSDK42) .(.microOLAP Technologies LTD - PSSDK Driver Protocol v4.2 64bit.) - LEGACY_PSSDK42

O64 - Services: CurCS - ??\??\???? - C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 06/12/2011 - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUpUtilitiesDrv) .(.TuneUp Software - TuneUp Utilities Driver.) - LEGACY_TUNEUPUTILITIESDRV

O64 - Services: CurCS - 01/07/2010 - C:\Program Files\Unlocker\UnlockerDriver5.sys - UnlockerDriver5 (UnlockerDriver5) .(...) - LEGACY_UNLOCKERDRIVER5

~ Scan Services in 00mn 00s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\system32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (.Mozilla Corporation - Firefox Helper.) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("browser.search.defaulturl", "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17434");

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.bbDpng", 3);

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.cntry", "FR");

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.hdrMd5", "0BC2749CD72611C8568BCB752EEEABB4");

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.lastActv", "3");

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.lastDP", 3);

O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} - (Google) - Google

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\system32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\system32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\system32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\system32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\system32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\system32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\system32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\system32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\system32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\system32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\system32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\system32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2420736]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\system32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\system32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\system32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\system32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\system32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\system32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\system32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\system32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\system32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\system32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\system32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\system32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\system32\bdesvc.dll [100864]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.A07DDBC85B7C29FFFDDC69EABBD4ABB8] [sPRF][10/02/2012] (...) -- C:\Users\bernard\AppData\Local\Temp\Uninst.bat [472]

[MD5.2AB52DCFE85A7AF0A3C78AE6741C6C61] [sPRF][02/11/2011] (...) -- C:\Users\bernard\AppData\Roaming\wklnhst.dat [1244]

[MD5.ED324284FA119EF0F240AC9E2262D666] [sPRF][28/05/2011] (.Microsoft Corporation - Windows Media Component Setup Application.) -- C:\Users\bernard\Desktop\wmpfirefoxplugin.exe [318904]

[MD5.2C1BA2C1E68E39936676FF13563FDE13] [sPRF][07/08/2010] (.Gelios Software - 3D Fish School 4 Screen Saver Setup.) -- C:\Program Files\3dfishd.exe [3745169]

[MD5.D0EE79AC0041E0994D6CB3A7C7F59C4C] [sPRF][01/03/2011] (...) -- C:\Program Files\4400fvst641213ea15.exe [12894032]

[MD5.FCD1B1472302FC7283147F4DF471F402] [sPRF][04/02/2009] (...) -- C:\Program Files\7-zip_7-zip_4.65_francais_11161.exe [939956]

[MD5.22C66536E142FC55E97574CADF78B294] [sPRF][07/10/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\amazingadventuresaroundtheworlddownload.exe [67718416]

[MD5.2E19857E9FFD395FAA6686959624297A] [sPRF][28/01/2010] (...) -- C:\Program Files\AmazonMP3Installer-fr_FR.exe [1008760]

[MD5.ABC9883331FEA3B3A86C8B48BFD2CF66] [sPRF][24/08/2011] (...) -- C:\Program Files\aresregular216_installer.exe [2512861]

[MD5.D59F24B86431EEB25281BCE7817783F1] [sPRF][08/04/2011] (.Pas de propriétaire - Audacity Setup.) -- C:\Program Files\audacity-win-1.2.6.exe [2228534]

[MD5.7C5B2630C7B36B944F2CB181D59005E5] [sPRF][05/04/2011] (.Audacity Team - Audacity 1.3 Beta (Unicode) Setup.) -- C:\Program Files\audacity-win-unicode-1.3.12.exe [11873890]

[MD5.DF8E412902BE41D4B30E53825ADF14F2] [sPRF][22/03/2011] (...) -- C:\Program Files\AutoCADLT_2012_French_Win_64bit_Trial.exe [1020453792]

[MD5.4143EF4D37EF883BDDF8B9126D8672D3] [sPRF][17/11/2010] (.Online Media Technologies Ltd. - AVS Video ReMaker Setup.) -- C:\Program Files\AVSVideoReMaker.exe [34375056]

[MD5.D92F85A913BB868886540E5BB2740EB3] [sPRF][15/05/2008] (...) -- C:\Program Files\axcrypt_axcrypt_1.7.2126.0_francais_12208.exe [1518672]

[MD5.8150E64628F4193ACD6D30D4EF0DE5F3] [sPRF][07/11/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\bigcityadventuretmvancouverdownload.exe [85350304]

[MD5.1C10BA73E68F9C33BB703FA1D0389D0B] [sPRF][20/07/2005] (...) -- C:\Program Files\camstudio_camstudio_2.0_francais_10618.exe [1534122]

[MD5.1ECE18E8DF69E5C8FF75691CC51D02E7] [sPRF][09/05/2011] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup306.exe [3063136]

[MD5.82F2E5319269F65ECE59EFEAD05FA3BC] [sPRF][09/07/2011] (.Piriform Ltd - CCleaner Installer.) -- C:\Program Files\ccsetup308.exe [3216552]

[MD5.6CED7AE3064BADD6FE796A4223C3294D] [sPRF][17/04/2010] (.Canneverbe Limited - CDBurnerXP.) -- C:\Program Files\cdbxp_setup_4.3.0.2064.exe [6562373]

[MD5.3CAEFA15AAA2D453E7E31B725547DE38] [sPRF][09/10/2008] (...) -- C:\Program Files\cdlpwin141fr.exe [10204496]

[MD5.7B667BFA76960F2442897F91FAA649D2] [sPRF][15/03/2011] (.Smart Soft - Convertisseur PDF Setup (Trial Version).) -- C:\Program Files\convertisseur-pdf.exe [14464456]

[MD5.01C0500630CD6E784A7A00873E377A38] [sPRF][01/03/2011] (...) -- C:\Program Files\cstbwin5012aea15us.exe [16360280]

[MD5.D8EE4C36686C8D239367F03BD51477E2] [sPRF][06/04/2011] (.RegNow.com - RegNow Download Manager.) -- C:\Program Files\Download_leawo_ppt2dvd_aff.exe [367232]

[MD5.F439FBA45F4C6BA3BCA5329719B53F83] [sPRF][29/03/2008] (.DVD Shrink - DVD Shrink Setup.) -- C:\Program Files\dvdshrink32setup_FR.exe [1128203]

[MD5.A31156B8D80A68E8F4354C63E0747BEB] [sPRF][07/04/2010] (...) -- C:\Program Files\emule_emule_0.50a_francais_10876.exe [3389035]

[MD5.2ED1DF29FAD3C085451E7D74CA5A06DB] [sPRF][02/04/2011] (...) -- C:\Program Files\FastStoneCapture-5.3Fr.exe [1342556]

[MD5.ED1066B495BE523FBE66A6D0AAEB372B] [sPRF][29/08/2011] (.spgsoft.com - FLV Cutter Setup.) -- C:\Program Files\FLVCutterSetup.exe [8265676]

[MD5.22044CE6D0E713BA92C2BE9EA0D23B3D] [sPRF][18/03/2010] (.Moyea Software Co., LTD - Moyea FLV Editor Lite Setup.) -- C:\Program Files\FlvEditor_Lite.exe [13541464]

[MD5.88DD1ED461FB451E71FEF8BDE76161F4] [sPRF][07/08/2010] (.Laconic Software - Free Fire Screensaver.) -- C:\Program Files\free-fire-screensaver-downloadcom.exe [5003812]

[MD5.55CB0A9F7766E3271E70A8AB0F182CDF] [sPRF][23/10/2009] (.Koyote Soft - Free FLV Converter Setup.) -- C:\Program Files\free-flv-converter_free_flv_converter_6.7.3_francais_75618.exe [6343638]

[MD5.70E20EEE5C60EBDA902C97B013AD824B] [sPRF][01/09/2011] (.Free-PDF-to-Word.com - Free PDF to Word Converter Setup.) -- C:\Program Files\free-pdf-to-word-converter.exe [599032]

[MD5.D0EE8A5AED4E9D2E0DA6D65E2202E97C] [sPRF][04/06/2010] (...) -- C:\Program Files\FreeMOV2AVI.exe [4301562]

[MD5.BEC86095AE546A23092FC8270C839803] [sPRF][21/08/2011] (.DVDVideoSoft Ltd. - Free Studio 5.1.7 Setup.) -- C:\Program Files\FreeStudio.exe [74002984]

[MD5.53B0AEEAD3FA0C461422DD6124CC443D] [sPRF][13/09/2010] (.DVDVideoSoft Limited. - Free Video Dub 1.8 Setup.) -- C:\Program Files\FreeVideoDub.exe [11436728]

[MD5.2EF31599188D0101946305D6B2D585FF] [sPRF][07/09/2010] (.FrostWire, LLC - The Fastest File Sharing Application on Earth.) -- C:\Program Files\frostwire_frostwire_4.20.9_anglais_19033.exe [8236303]

[MD5.84251AB03175CD6D5AC378602BE6F529] [sPRF][21/05/2010] (...) -- C:\Program Files\fru-2.0.32775-setup.exe [736936]

[MD5.9CA3D86408CD753890CBFC474DC54FD7] [sPRF][08/08/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\gardenscapestmdownload.exe [126570856]

[MD5.1929BFDB50895949FC2A4230E0FBBC93] [sPRF][19/03/2011] (...) -- C:\Program Files\Google Updater.exe [1252976]

[MD5.33B3C89A9F5600F3D7D9C96AE4579F2C] [sPRF][06/07/2011] (.Google - Google Desktop.) -- C:\Program Files\GoogleDesktopSetup.exe [2021360]

[MD5.F342AB0DE87C04F671FFCD09512DF26C] [sPRF][16/03/2010] (.Google Inc. - Setup.) -- C:\Program Files\GoogleEarthPluginSetup.exe [562864]

[MD5.D3A3A327CB6F2B2FBC034D52CA1E41E1] [sPRF][13/10/2010] (.Google Inc. - Setup.) -- C:\Program Files\GoogleEarthSetup.exe [568648]

[MD5.457419DE176232EFC883B41B8D102872] [sPRF][08/03/2010] (.Trend Micro - Trend Micro HouseCall updater and launcher.) -- C:\Program Files\HousecallLauncher.exe [1840232]

[MD5.2BAFACCE341968A6E76F7CAE4ABC5F4C] [sPRF][08/03/2011] (.Microsoft Corporation - Programme d’installation Windows Internet Explorer 9.) -- C:\Program Files\IE9-Windows7-x64-fra.exe [1129776]

[MD5.2634BE13A8DD3F43589DC41D21A0F39C] [sPRF][31/12/2010] (.Pas de propriétaire - IncrediMail Installer.) -- C:\Program Files\incredimail_install.exe [449360]

[MD5.AE5BF72A76AC28E964F2031AD3822941] [sPRF][22/04/2011] (.inkscape.org - Inkscape.) -- C:\Program Files\Inkscape-0.48.0-1.exe [34662316]

[MD5.2812146F8B2E127D6D9A83954A1FFBD5] [sPRF][03/03/2011] (.Microsoft Corporation - Windows Live Messenger 2011.) -- C:\Program Files\Installation_Messenger2011.exe [2543912]

[MD5.754591B96B9E4DFC5DBF2136F8DFDE87] [sPRF][12/08/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r82.) -- C:\Program Files\install_flash_player_ax.exe [2826192]

[MD5.8FE2EC083AFFB610DD07FEDEAE390E74] [sPRF][02/04/2011] (...) -- C:\Program Files\jing_setup.exe [6892808]

[MD5.49779EA184C4C9C8C5599AC08F43F77E] [sPRF][08/08/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\joanjadeandthegatesofxibalbadownload.exe [112330256]

[MD5.51E79A54516D2953D4D8431E90010BB9] [sPRF][08/04/2011] (.Audacity Team - LADSPA_plugins-win Setup.) -- C:\Program Files\LADSPA_plugins-win-0.4.15.exe [1512927]

[MD5.3DE12862D13635E908B4ACA6C323762B] [sPRF][19/03/2010] (.Pas de propriétaire - LAME for Audacity Setup.) -- C:\Program Files\Lame_v3.98.3_for_Audacity_on_Windows.exe [427046]

[MD5.15228DF744A19A94C80CD3EFD79C0806] [sPRF][01/03/2011] (...) -- C:\Program Files\lide25vst6411011afr.exe [4149072]

[MD5.E888D4CED56A625DB44B7BF83DF85242] [sPRF][07/12/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\lostcityofzdownload.exe [129163712]

[MD5.DF7507AAF7991CE25565CB9175B166E2] [sPRF][23/12/2010] (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Program Files\mbam-setup.exe [7734208]

[MD5.F00B612313D34C8ABB87E24D3B7DC790] [sPRF][17/05/2010] (...) -- C:\Program Files\mediacoder_mediacoder_0.7.3.4668_francais_19581.exe [25434813]

[MD5.612472010F331C10EA4F2A0F235D020F] [sPRF][25/11/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\milliondollarquestdownload.exe [110551912]

[MD5.A285D4D8D165E2D27328C7F76F13B291] [sPRF][08/01/2005] (...) -- C:\Program Files\mp3gain-win-full-1_2_5.exe [1978007]

[MD5.1DC5299682600A05BFBD3BA72171E16E] [sPRF][28/09/2010] (.Yahoo! Inc. - Yahoo! Messenger Suite Install Bootstrapper Setup.) -- C:\Program Files\msgr10fr.exe [421224]

[MD5.F01F3AD53EDAEA50665DC10B13A1C83D] [sPRF][07/01/2010] (.My Health Software - My Blood Pressure Setup.) -- C:\Program Files\MyBPSetup.exe [2809376]

[MD5.1CA0ED493CD5E2C104C81809E1DBB913] [sPRF][17/04/2010] (.Nero AG - Pas de description.) -- C:\Program Files\Nero-10.0.13100_trial.exe [306708552]

[MD5.03B5820124EF8888F5FBDA02A1FB4CA9] [sPRF][19/03/2011] (.Futixu - NODouble Installation.) -- C:\Program Files\NODouble_Setup.exe [2891848]

[MD5.9207E1052AEC9258AB35B40C65E5FF52] [sPRF][18/11/2009] (.Georgy Berdyshev - CDex - Open Source Digital Audio CD Extractor.) -- C:\Program Files\ns son assiette.exe [8697544]

[MD5.51CCA6FDD7672B91D2F2E2813A55226B] [sPRF][09/02/2010] (.InstallShield Software Corporation - PackageForTheWeb Stub.) -- C:\Program Files\PafSetup.exe [6038784]

[MD5.FDAF07B58D0EE9E7C1B833DD56D3A70B] [sPRF][21/10/2010] (...) -- C:\Program Files\PandaCloudAntivirus.exe [308448]

[MD5.B9474117C8800C08BD33DD1EA464B048] [sPRF][01/11/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\paparazzidownload.exe [56443728]

[MD5.523124817377308B91180FB5CD50AD94] [sPRF][24/10/2008] (.InstallShield Software Corporation - InstallShield ® Setup Launcher.) -- C:\Program Files\pci_filerecovery.exe [6113439]

[MD5.72B62A4168B237B0B8F68F225A7AFAAD] [sPRF][14/03/2011] (.pdfforge GbR - PDFCreator is the easy way of creating PDFs..) -- C:\Program Files\PDFCreator-1_2_0_setup.exe [17694240]

[MD5.FD1EAC4474C24F473F99853DF51EEA03] [sPRF][06/03/2010] (...) -- C:\Program Files\pf-setup.exe [1804015]

[MD5.238F2CE00DF428DE0A678DB6E677800D] [sPRF][07/04/2011] (.Anthropics Technology Ltd. - Portrait Professional 9 Trial Installer.) -- C:\Program Files\PortraitProfessionalTrialSetup.exe [31547616]

[MD5.9BC70C572C46E8E1D080EEC586A78761] [sPRF][16/02/2011] (.Wondershare Software - Wondershare PPT2DVD Pro Setup.) -- C:\Program Files\ppt2dvd_trial6.exe [20270740]

[MD5.9EEA340F71702A8B04CAB0FA8CE44C02] [sPRF][19/11/2008] (.GeoVid - Presentation To Video Converter Setup.) -- C:\Program Files\presentation-to-video.exe [21017585]

[MD5.F20468B5ED143DDEF84AE2D1BFE4EC98] [sPRF][09/09/2011] (.Jan Fiala - PSPad editor Setup.) -- C:\Program Files\pspad454inst_en.exe [4407262]

[MD5.1A80F29ADC7A77F58B87D1A289B91BB2] [sPRF][23/03/2005] (.InstallShield Software Corporation - Setup.exe.) -- C:\Program Files\replisting.exe [2716781]

[MD5.897B3E3073447D76DD864F73F8B231E2] [sPRF][24/10/2006] (...) -- C:\Program Files\S6A04mux.exe [16199680]

[MD5.F921CD80EE7190C607B75C1F35075223] [sPRF][01/03/2011] (...) -- C:\Program Files\s7107MUx.exe [12810240]

[MD5.4EC327CA31808CE55C2409545EC61CF4] [sPRF][19/12/2010] (...) -- C:\Program Files\SearchElf_1.2.exe [2488656]

[MD5.490B9CF8C517674F8CB30F1E0B20D67F] [sPRF][01/08/2011] (.Pas de propriétaire - AVAST Software Setup Engine.) -- C:\Program Files\setup_ais.exe [79910344]

[MD5.CE4E41A3F21AC45FBFC271B71D30EBC1] [sPRF][14/03/2011] (.Koyote Soft - Free FLV Converter Setup.) -- C:\Program Files\Setup_FreeFlvConverter (2).exe [6482143]

[MD5.5766527B9405328606AAB641D99C4DE9] [sPRF][22/04/2011] (.Koyote Soft - Free FLV Converter Setup.) -- C:\Program Files\Setup_FreeFlvConverter (3).exe [6377078]

[MD5.733233FC38B0BD08D043CE46EEFE1A60] [sPRF][19/05/2011] (.Koyote Soft - Free FLV Converter Setup.) -- C:\Program Files\Setup_FreeFlvConverter(1).exe [6343997]

[MD5.94D41CFB11474EC02301FEB401D8E9BA] [sPRF][14/08/2010] (.Koyote Soft - Free FLV Converter Setup.) -- C:\Program Files\Setup_FreeFlvConverter.exe [6171283]

[MD5.820F01EC5F5946021D3B68A70CB05F06] [sPRF][19/05/2011] (.Koyote soft - Free Videos To DVD Setup.) -- C:\Program Files\Setup_MoviesToDVD.exe [6889408]

[MD5.E1C4319D36D1AE4809AB925DA7837DE3] [sPRF][07/04/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_multi-timer.exe [287040]

[MD5.E7E8807361A57FC425E99D27D6AB08FC] [sPRF][06/07/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_vistumbler.exe [287040]

[MD5.5861CC386653B02DF8C7D039B3AA492D] [sPRF][06/07/2011] (...) -- C:\Program Files\SoftonicDownloader_pour_wifi-sistr.exe [287040]

[MD5.54ACBA9CFD7154C02CEACF6310CF3CFA] [sPRF][26/01/2009] (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\spybotsd162.exe [16409960]

[MD5.6147607552A799CF18D1D9F0119835E0] [sPRF][04/06/2010] (.Movavi - Setup Launcher.) -- C:\Program Files\suitesetupen.exe [82023568]

[MD5.636671D857BD6836BA8748CB1CBC5282] [sPRF][05/05/2010] (.eRightSoft - TIN Setup.) -- C:\Program Files\super_super_v2010.build.38_anglais_19891.exe [29426427]

[MD5.88A8EC54BA6A8BF6C37E0D31B2F25C07] [sPRF][01/07/2011] (.eRightSoft - SUPER © v2011.build.49 (July 1st, 2011) Setup.) -- C:\Program Files\super_super_v2011_build_49_anglais_19891.exe [40497982]

[MD5.0A27CCBC6ABF20061F463D670DC77E93] [sPRF][23/03/2011] (.NCH Software - Switch - Convertisseur de fichiers audio.) -- C:\Program Files\switchsetup.exe [484408]

[MD5.2DDA52A7E228BAE5A18323E9B19D7B94] [sPRF][28/04/2010] (.Pas de propriétaire - Setup Application.) -- C:\Program Files\Tensio-Logiciel-installation.exe [8938795]

[MD5.7D8A5EEA0A1FE6CB5635B330A19661D0] [sPRF][07/11/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\thescruffsdownload.exe [70175368]

[MD5.E3D06E59B57AE002FA5C5230F21EEDBD] [sPRF][13/11/2010] (.Pas de propriétaire - GameInst Application.) -- C:\Program Files\thetudorsdownload.exe [192819424]

[MD5.D0A67988DD37B46B68B532CF483BA036] [sPRF][22/04/2011] (...) -- C:\Program Files\TomsDownloader4720.exe [126593]

[MD5.9ACC3083C60CA46C28D926DEA5F0742C] [sPRF][31/05/2010] (.TuneUp Software - TuneUp Utilities.) -- C:\Program Files\TU2010TrialFR.exe [20790600]

[MD5.F7D4E31914FABE1CB3BD35BD200D3DD7] [sPRF][13/08/2010] (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 10.1 r82.) -- C:\Program Files\uninstall_flash_player.exe [232912]

[MD5.B432447CF8E8C7A613FF0116402B67F9] [sPRF][07/07/2010] (...) -- C:\Program Files\unlocker1.9.0.exe [1015869]

[MD5.7558AF9F8B25F61D95CEBE2CEFBCE0EC] [sPRF][21/08/2011] (.Pas de propriétaire - AVAST Software Setup Engine.) -- C:\Program Files\vpsupd.exe [42214848]

[MD5.47C30BC6C5161307EA9B8B12BA8B5AF9] [sPRF][07/06/2011] (.Atribune.org - VundoFix.exe.) -- C:\Program Files\VundoFix.exe [119808]

[MD5.1223AE1F01709BA34BF1730EE12D7665] [sPRF][18/03/2011] (...) -- C:\Program Files\wcwsetup_fr.exe [1132594]

[MD5.C42C233F53E0345EDA97F8BFD06DEBD3] [sPRF][20/11/2009] (.Microsoft Corporation - Win32 Cabinet Self-Extractor.) -- C:\Program Files\Windows7UpgradeAdvisorSetup.exe [8672032]

[MD5.FFFF26EF4BFD98477BDD9DB7485C8808] [sPRF][17/03/2010] (...) -- C:\Program Files\winrar-x64-393fr.exe [1605923]

[MD5.D0CC1B699E914DC4E0D5F36218C66082] [sPRF][04/03/2011] (.Microsoft Corporation - Windows Live Installer.) -- C:\Program Files\wlsetup-custom.exe [1266512]

[MD5.64281AF23447705DAB84E1A198D920C7] [sPRF][23/09/2010] (.Microsoft Corporation - Windows Live Installer.) -- C:\Program Files\wlsetup-web.exe [1289576]

[MD5.0D77C6114AD9AF91D44888CCA1C2114F] [sPRF][17/03/2010] (...) -- C:\Program Files\wrar393fr.exe [1439435]

[MD5.FCE23FBF8A4495ECC17CACFE11A2D544] [sPRF][03/03/2010] (.Inekman - Xtremsplit v1.2.) -- C:\Program Files\Xtremsplit.exe [305664]

[MD5.5159B8DF31AD5F7DC8F59BE2A216670A] [sPRF][17/06/2011] (.Mozilla - Firefox.) -- C:\Program Files\yahoo_firefox_4.0.1_setup_fr.exe [12858136]

[MD5.2BAE32BCB62687A830DDFC8C9489DEFC] [sPRF][23/07/2010] (.GroupFetch - guru's Yahoo Group Downloader Shareware Setup.) -- C:\Program Files\ydownloader.exe [3421604]

[MD5.2BAE32BCB62687A830DDFC8C9489DEFC] [sPRF][23/07/2010] (.GroupFetch - guru's Yahoo Group Downloader Shareware Setup.) -- C:\Program Files\ydownloader_setup.exe [3421604]

[MD5.3FEA9D2EDF23B0283C7A66C8DEA380BD] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player Module.) -- C:\Windows\Downloaded Program Files\dwusplay.dll [24576]

[MD5.CDBE35EA59BC9223E4F800BD1DB82D27] [sPRF][25/07/2002] (.InstallShield Software Corporation - InstallShield Update Service Setup Player.) -- C:\Windows\Downloaded Program Files\dwusplay.exe [196608]

[MD5.3217F1F7D2F34FFAAE55F53AC3C4920F] [sPRF][16/10/2003] (.InstallShield Software Corporation - InstallShield Update Service Web Agent.) -- C:\Windows\Downloaded Program Files\isusweb.dll [299008]

[MD5.6644D824EA5FC0363BF6DF1BCC728A93] [sPRF][10/01/2011] (.Progimed - Lit la carte vitale pour récupérer des informations nécessaires au bon fonctionnement du site "serveur de résultat".) -- C:\Windows\Downloaded Program Files\SRConnect.dll [62224]

~ Scan Files in 00mn 44s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "{1050CFD3-7B50-4076-AE0F-3510F1E26C9B}" | In - Public - P6 - FALSE | .(.Adobe Systems Incorporated - Adobe Photoshop Elements 7.0 (component).) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "{FE8E6D3E-C86B-468B-B5E4-0B0C1C2666D3}" | In - Public - P17 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "TCP Query User{BDC318EA-D463-4C2E-9E46-C16C8B941B20}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P6 - TRUE | .(.Google.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe

O87 - FAEL: "UDP Query User{EDA14657-5E7B-41E1-A471-74E05123FA35}C:\program files (x86)\google\google earth\client\googleearth.exe" | In - Public - P17 - TRUE | .(.Google.) -- C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe

O87 - FAEL: "{9D8B3323-994A-4117-970D-6E93F58CA9AF}" |In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\FrostWire\FrostWire.exe (.not file.)

O87 - FAEL: "{7EEAA4F0-FF57-4EDE-8F35-24B2A959B422}" |In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\FrostWire\FrostWire.exe (.not file.)

O87 - FAEL: "TCP Query User{90AB6D58-2866-479A-894B-E8D2CDEB732A}J:\program files\frostwire\frostwire.exe" |In - Public - P6 - TRUE | .(...) -- J:\program files\frostwire\frostwire.exe (.not file.)

O87 - FAEL: "UDP Query User{AD2A4880-9A87-42FB-BE05-274E59BE15C0}J:\program files\frostwire\frostwire.exe" |In - Public - P17 - TRUE | .(...) -- J:\program files\frostwire\frostwire.exe (.not file.)

O87 - FAEL: "TCP Query User{AB5968CF-96E3-45E0-8A76-19B123380651}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P6 - TRUE | .(...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

O87 - FAEL: "UDP Query User{8B70BD26-07C7-41DB-B2F0-E403939ECA3F}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Public - P17 - TRUE | .(...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

O87 - FAEL: "TCP Query User{876C580A-76E0-42AE-9299-639ED30179D4}J:\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- J:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "UDP Query User{78CC4F25-CE4E-4912-AC46-A7B7FCB73F75}J:\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- J:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "{0792A45B-A03D-4444-A22B-5720BAD7E570}" | In - Public - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "{68D839D9-CD46-4522-B001-3E30C2A2CCAA}" | In - Public - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "TCP Query User{4AE54F57-88EF-4911-B296-FB1FF72024E4}K:\program files\emule\emule.exe" |In - Public - P6 - TRUE | .(...) -- K:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "UDP Query User{53F52543-B5C5-4F06-BC68-3CC741A2621A}K:\program files\emule\emule.exe" |In - Public - P17 - TRUE | .(...) -- K:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "{C014CD60-2AAC-4554-8281-EFFE6D279262}" | In - Public - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe

O87 - FAEL: "{AAD3A753-C562-4192-88D2-22704144CCB0}" | In - Public - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe

O87 - FAEL: "TCP Query User{FEFF4DFE-6F22-456A-A5C8-6B1C2C18112A}K:\pdfedit.exe" |In - Public - P6 - TRUE | .(...) -- K:\pdfedit.exe (.not file.)

O87 - FAEL: "UDP Query User{4BBBDF79-18FA-479A-BDF3-2D3C1DB6D751}K:\pdfedit.exe" |In - Public - P17 - TRUE | .(...) -- K:\pdfedit.exe (.not file.)

O87 - FAEL: "TCP Query User{1642BD55-2F87-485B-A23F-438F3550F582}F:\pdfedit.exe" |In - Public - P6 - TRUE | .(...) -- F:\pdfedit.exe (.not file.)

O87 - FAEL: "UDP Query User{85D15DE3-5AE1-4ED6-B12E-975D7B0262B4}F:\pdfedit.exe" |In - Public - P17 - TRUE | .(...) -- F:\pdfedit.exe (.not file.)

O87 - FAEL: "TCP Query User{95D6E35A-6F8A-4B32-BE88-7A3F5E8A53D2}C:\program files (x86)\sopcast\sopcast.exe" | In - Public - P6 - TRUE | .(.www.sopcast.com - SopCast Main Application.) -- C:\Program Files (x86)\SopCast\SopCast.exe

O87 - FAEL: "UDP Query User{7E6F9990-F2D5-4C3A-9483-E84A3F869673}C:\program files (x86)\sopcast\sopcast.exe" | In - Public - P17 - TRUE | .(.www.sopcast.com - SopCast Main Application.) -- C:\Program Files (x86)\SopCast\SopCast.exe

O87 - FAEL: "TCP Query User{F3E63060-F9D2-4514-AA55-0D93B6971317}C:\program files (x86)\sopcast\adv\sopadver.exe" | In - Public - P6 - TRUE | .(.www.sopcast.com - SopCast Adver.) -- C:\Program Files (x86)\SopCast\adv\SopAdver.exe

O87 - FAEL: "UDP Query User{1EF2A2F5-4A8A-4042-8250-56892DF182ED}C:\program files (x86)\sopcast\adv\sopadver.exe" | In - Public - P17 - TRUE | .(.www.sopcast.com - SopCast Adver.) -- C:\Program Files (x86)\SopCast\adv\SopAdver.exe

O87 - FAEL: "TCP Query User{6164434B-F576-47C2-BD40-3B9B94743285}C:\Program Files (x86)\mozilla firefox\firefox.exe" | In - Public - P6 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O87 - FAEL: "UDP Query User{08D3577F-15CC-47F8-AAC6-AB2D6D07DF01}C:\Program Files (x86)\mozilla firefox\firefox.exe" | In - Public - P17 - TRUE | .(.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O87 - FAEL: "TCP Query User{CEEE7111-85F3-40FE-A1BA-D40944BA4DD5}C:\program files (x86)\Yahoo!\messenger\YahooMessenger.exe" | In - Private - P6 - TRUE | .(.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "UDP Query User{918529D8-B1C9-47AF-B100-ECD4BA669B1E}C:\program files (x86)\Yahoo!\messenger\YahooMessenger.exe" | In - Private - P17 - TRUE | .(.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "TCP Query User{C9326639-C82B-461D-8056-F88796445BD5}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P6 - TRUE | .(.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe

O87 - FAEL: "UDP Query User{91437D67-F6D9-4F6D-B167-DF73FD2A84CC}C:\program files (x86)\java\jre6\bin\javaw.exe" | In - Private - P17 - TRUE | .(.Sun Microsystems, Inc..) -- C:\Program Files (x86)\Java\jre6\bin\javaw.exe

O87 - FAEL: "TCP Query User{454A17FC-939D-4571-A6DC-9382D131AD8A}F:\program files\emule\emule.exe" |In - Private - P6 - TRUE | .(...) -- F:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "UDP Query User{AF597243-56D5-47F9-8FCC-41932EE3665B}F:\program files\emule\emule.exe" |In - Private - P17 - TRUE | .(...) -- F:\program files\emule\emule.exe (.not file.)

O87 - FAEL: "TCP Query User{DCEBBC6C-EC94-46BE-A29B-11434F7D3282}F:\pdfedit.exe" |In - Private - P6 - TRUE | .(...) -- F:\pdfedit.exe (.not file.)

O87 - FAEL: "UDP Query User{5B26D90E-5079-4661-861F-308E730DBA3E}F:\pdfedit.exe" |In - Private - P17 - TRUE | .(...) -- F:\pdfedit.exe (.not file.)

O87 - FAEL: "{342ED958-4D7F-4D21-A823-60B04C1DB4E6}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "TCP Query User{0CA6CA40-8868-4CE5-AF13-60A0A5CC03F5}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe" | In - Private - P6 - TRUE | .(.Rene-Gilles Deberdt - Kyodai Mahjongg.) -- C:\Program Files (x86)\Kyodai Mahjongg 2006\kmj.exe

O87 - FAEL: "UDP Query User{1A0E6204-720F-4207-8BB5-9619F9E6AE3D}C:\program files (x86)\kyodai mahjongg 2006\kmj.exe" | In - Private - P17 - TRUE | .(.Rene-Gilles Deberdt - Kyodai Mahjongg.) -- C:\Program Files (x86)\Kyodai Mahjongg 2006\kmj.exe

O87 - FAEL: "{E269BA2B-F571-4A8A-8287-F733025D14B9}" | In - Private - P6 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "{2159419F-E906-481C-B548-7C3AEBF51B48}" | In - Private - P17 - TRUE | .(.CybelSoft - Service de détection matériel.) -- C:\Program Files\ma-config.com\x64\maconfservice.exe

O87 - FAEL: "TCP Query User{DE06E492-76B4-4F80-B949-5A3AF0EDB937}E:\fscommand\updater.exe" |In - Private - P6 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)

O87 - FAEL: "UDP Query User{502A2C19-B08B-4C5B-A16D-2C4A7CA4CC60}E:\fscommand\updater.exe" |In - Private - P17 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.)

O87 - FAEL: "TCP Query User{223C8693-9B2B-42D2-A04F-DC9DCCCB2EAE}C:\program files (x86)\hercules\deluxe optical glass\xtrctrl.exe" | In - Public - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCtrl

O87 - FAEL: "UDP Query User{DC490232-B8B8-4D37-9E70-8D07542B1903}C:\program files (x86)\hercules\deluxe optical glass\xtrctrl.exe" | In - Public - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCtr

O87 - FAEL: "TCP Query User{74249978-2EF5-496D-B88E-E92B8AA94C2B}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

O87 - FAEL: "UDP Query User{D70855BA-CE5C-4ACC-8CCF-4C14010B46F1}C:\program files (x86)\videolan\vlc\vlc.exe" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

O87 - FAEL: "TCP Query User{76135E94-588D-49C0-BD3E-1DE6CC18081A}C:\program files (x86)\hercules\deluxe optical glass\xtrctrl.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCtr

O87 - FAEL: "UDP Query User{26C674E0-4EE4-40CA-98CA-E25C21C5DDED}C:\program files (x86)\hercules\deluxe optical glass\xtrctrl.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Deluxe Optical Glass\XtrCt

O87 - FAEL: "TCP Query User{DA3C26A7-175E-4BE2-B466-0A6148773B3B}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Private - P6 - TRUE | .(.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

O87 - FAEL: "UDP Query User{2B35066D-EF89-423C-BB91-A975A07A151B}C:\program files (x86)\mozilla firefox\plugin-container.exe" | In - Private - P17 - TRUE | .(.Mozilla Corporation.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

O87 - FAEL: "TCP Query User{8139B4E1-CFA5-4933-9F16-6A8E3FBB093B}C:\users\bernard\appdata\local\google\chrome\application\chrome.exe" | In - Private - P6 - TRUE | .(.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O87 - FAEL: "UDP Query User{88D8626D-E69C-4F2D-974F-A7A645D48FA6}C:\users\bernard\appdata\local\google\chrome\application\chrome.exe" | In - Private - P17 - TRUE | .(.Google Inc..) -- C:\Users\bernard\AppData\Local\Google\Chrome\Application\chrome.exe

O87 - FAEL: "TCP Query User{C5D48912-C51F-48E3-AAF0-A08852801936}C:\program files (x86)\sopcast\sopcast.exe" | In - Private - P6 - TRUE | .(.www.sopcast.com - SopCast Main Application.) -- C:\Program Files (x86)\SopCast\SopCast.exe

O87 - FAEL: "UDP Query User{7F0B947F-03B8-43A7-9AF4-575318FAAC00}C:\program files (x86)\sopcast\sopcast.exe" | In - Private - P17 - TRUE | .(.www.sopcast.com - SopCast Main Application.) -- C:\Program Files (x86)\SopCast\SopCast.exe

O87 - FAEL: "TCP Query User{84AD0D44-70B4-4444-A185-A560578B1D40}C:\program files (x86)\sopcast\adv\sopadver.exe" | In - Private - P6 - TRUE | .(.www.sopcast.com - SopCast Adver.) -- C:\Program Files (x86)\SopCast\adv\SopAdver.exe

O87 - FAEL: "UDP Query User{34D16EEE-02F3-4BA6-9DDC-085616D00BD5}C:\program files (x86)\sopcast\adv\sopadver.exe" | In - Private - P17 - TRUE | .(.www.sopcast.com - SopCast Adver.) -- C:\Program Files (x86)\SopCast\adv\SopAdver.exe

O87 - FAEL: "{4247B043-C87F-4C4A-914D-2A87B5AB922E}" | In - Private - P6 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe

O87 - FAEL: "{106C94A2-E45E-481D-AB48-E4DD00905553}" | In - Private - P17 - TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program Files (x86)\Vuze\Azureus.exe

O87 - FAEL: "TCP Query User{A40DC25E-4BE3-4EC4-99CD-D270A6E969B6}C:\program files (x86)\hercules\webcam station evolution se\stationevse.exe" | In - Private - P6 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Webcam Station E

O87 - FAEL: "UDP Query User{0670D35E-4447-4D40-838D-0600B8154A86}C:\program files (x86)\hercules\webcam station evolution se\stationevse.exe" | In - Private - P17 - TRUE | .(.Guillemot Corporation S.A..) -- C:\Program Files (x86)\Hercules\Webcam Station

~ Scan Firewall in 00mn 02s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 9071 - (05/02/2012)

Clés trouvées (Keys found) : 34

Valeurs trouvées (Values found) : 1

Dossiers trouvés (Folders found) : 15

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Microsoft\Internet Explorer\lowregistry\search settings] =>PUP.Dealio

[HKLM\Software\Classes\Applications\iMeshV10.exe] =>PUP.iMesh

[HKLM\Software\WOW6432Node\Classes\AppID\eoenginebho.dll] =>PUP.Eorezo

[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] =>Adware.Hotbar

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5f05c28d-dea9-4ad6-a73a-064175988eab}] =>PUP.Dealio

[HKLM\Software\WOW6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] =>Toolbar.AskSBar

[HKLM\Software\WOW6432Node\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}] =>PUP.Eorezo

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}] =>PUP.Dealio

[HKLM\Software\WOW6432Node\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}] =>PUP.Eorezo

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}] =>Adware.IMBooster

[HKLM\Software\WOW6432Node\Application Updater] =>PUP.Dealio

[HKCU\Software\Ask.com] =>Toolbar.AskBar

[HKCU\Software\Ask.com] =>Toolbar.AskBarDis

[HKCU\Software\AppDataLow\Software\AskToolbar] =>Toolbar.AskTBar

[HKCU\Software\AppDataLow\Software\conduitEngine] =>Toolbar.Conduit

[HKLM\Software\WOW6432Node\conduitEngine] =>Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\Fun Web Products] =>Adware.MyWebSearch

[HKCU\Software\AppDataLow\Software\FunWebProducts] =>Adware.MyWebSearch

[HKCU\Software\Iminent] =>Adware.IMBooster

[HKLM\Software\WOW6432Node\Iminent] =>Adware.IMBooster

[HKLM\Software\WOW6432Node\OfferBox] =>PUP.OfferBox

[HKLM\Software\WOW6432Node\Search Settings] =>PUP.Dealio

[HKCU\Software\AppDataLow\Toolbar] =>Toolbar.Conduit

[HKLM\Software\Wow6432Node\eRightSoft\OpenCandy] =>Adware.OpenCandy

[HKLM\Software\Classes\Toolbar.CT2504091] =>Toolbar.Agent

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D} =>Toolbar.Conduit

C:\ProgramData\Trymedia =>Adware.Trymedia

C:\Users\bernard\AppData\Roaming\OfferBox =>PUP.OfferBox

C:\Users\bernard\AppData\Roaming\OpenCandy =>Adware.OpenCandy

C:\Users\bernard\AppData\Local\MediaGet2 =>PUP.MediaGet

C:\Users\bernard\AppData\Local\OpenCandy =>Adware.OpenCandy

C:\Users\bernard\AppData\LocalLow\ConduitEngine =>Toolbar.Conduit

C:\Users\bernard\AppData\LocalLow\FunWebProducts =>Adware.MyWebSearch

C:\Users\bernard\AppData\LocalLow\MyWebSearch =>Adware.MyWebSearch

C:\Users\bernard\AppData\LocalLow\Vuze_Remote =>Toolbar.Conduit

C:\Program Files (x86)\Application Updater =>PUP.Dealio

C:\Program Files (x86)\ConduitEngine =>Toolbar.Conduit

C:\Program Files (x86)\Search Settings =>PUP.Dealio

C:\Program Files (x86)\Vuze_Remote =>Toolbar.Conduit

~ Scan Additionnel in 00mn 06s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 12/10/2011 3045688 | C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (a2AntiMalware) . (.Emsi Software GmbH.) - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe

SS - | Disabled 08/12/2008 169312 | (AdobeActiveFileMonitor7.0) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe

SR - | Auto 28/11/2011 44768 | (avast! Antivirus) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

SR - | Auto 28/11/2011 127192 | (avast! Firewall) . (.AVAST Software.) - C:\Program Files\Alwil Software\Avast5\afwServ.exe

SS - | Auto 27/08/2009 1253376 | (Fabs) . (.MAGIX AG.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

SS - | Demand 07/08/2008 3276800 | (FirebirdServerMAGIXInstance) . (.MAGIX®.) - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

SS - | Demand 23/01/2010 651720 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SR - | Auto 625184 | (ForceWare Intelligent Application Manager (IAM)) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe

SS - | Demand 06/07/2011 30192 | Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) . (.Google.) - C:\Program Files (x86)\Google\Google Desktop Search\GoogleDesktop.exe

SR - | Auto 28/08/2009 1150496 | (Greg_Service) . (.Acer Incorporated.) - C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe

SS - | Auto 10/07/2010 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 10/07/2010 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Auto 10/10/2011 194104 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 29/02/2008 942080 | (jswpsapi) . (.Atheros Communications, Inc..) - C:\Program Files (x86)\NETGEAR\WN111v2\jswpsapi.exe

SR - | Auto 03/11/2011 2152152 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe

SS - | Demand 08/08/2011 421376 | (maconfservice) . (.CybelSoft.) - C:\Program Files\ma-config.com\x64\maconfservice.exe

SR - | Auto 24/12/2011 652872 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SR - | Auto 23/09/2011 641832 | C:\Program Files (x86)\Nero\Update\NASvc.exe (NAUpdate) . (.Nero AG.) - C:\Program Files (x86)\Nero\Update\NASvc.exe

SR - | Auto 207904 | (nSvcIp) . (...) - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe

SR - | Auto 03/04/2010 159336 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 44312 | (OberonGameConsoleService) . (...) - C:\Program Files (x86)\Packard Bell GameZone\GameConsole\OberonGameConsoleService.exe

SR - | Auto 06/02/2012 2143552 | (TuneUp.UtilitiesSvc) . (.TuneUp Software.) - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe

SR - | Auto 04/07/2009 240160 | (Updater Service) . (.Acer.) - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 09s

 

 

 

End of the scan (2315 lines in 03mn 37s)(0)

Lien vers le commentaire
Partager sur d’autres sites
pear Devil Member !

pear

Posté(e)
Posté(e)

Logiquement, le nettoyage par Adwcleaner aurait dù être fait avant le lancement de Zhpdiag.

 

Ad_Aware est obsolète.Lavasoft qui le distribuait n'existe plus.

Désinstallez le.

 

 

Vous devez trouver sur le bureau ou ,sinon, dans le dossier où vous avez installé Zhpdiag ces 3 icônes .

zhp0710.png

Cliquer sur l'icône Zhpfix

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Copiez/Collez les lignes vertes dans le cadre ci dessous:

pour cela;

Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas

Ctrl+c mettre le tout en mémoire

Ctrl+v pour inscrire le texte dans le Document

Vous ne verrez rien avant d'avoir Cliqué sur le H- PanelHelper.jpg

 

PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...)

R3 - URLSearchHook: (no name) [64Bits] - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} . (...) (No version) -- (.not file.) => Infection PUP (PUP.Dealio)

O42 - Logiciel: Search Settings v1.2.3 - (.Spigot, Inc..) [HKLM] -- {5F05C28D-DEA9-4AD6-A73A-064175988EAB} => Infection BT (PUP.Dealio)

[HKCU\Software\AppDataLow\Software\Fun Web Products] => Infection BT (Adware.MyWebSearch)

[HKCU\Software\AppDataLow\Software\FunWebProducts] => Infection BT (Adware.MyWebSearch)

[HKCU\Software\AppDataLow\Software\MyWebSearch] => Infection BT (Adware.MyWebSearch)

[HKCU\Software\Iminent] => Infection PUP (Adware.IMBooster)

[HKLM\Software\Application Updater] => Infection PUP (PUP.Dealio)

[HKLM\Software\Iminent] => Infection PUP (Adware.IMBooster)

[HKLM\Software\Mircrosoft] => Infection FakeAlert (Trojan.FakeAlert)

[HKLM\Software\OfferBox] => Infection PUP (PUP.OfferBox)

[HKLM\Software\Search Settings] => Infection PUP (PUP.Dealio)

O43 - CFD: 27/04/2011 - 20:17:34 - [0] ----D- C:\ProgramData\Trymedia => Infection BT (Adware.Trymedia)

O43 - CFD: 01/03/2011 - 19:56:00 - [0,235] ----D- C:\Users\bernard\AppData\Roaming\OfferBox => Infection PUP (PUP.OfferBox)

O43 - CFD: 22/08/2011 - 05:19:00 - [12,178] ----D- C:\Users\bernard\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy)

O43 - CFD: 14/09/2011 - 03:43:26 - [0] ----D- C:\Users\bernard\AppData\Local\MediaGet2 => Infection PUP (PUP.MediaGet)

O43 - CFD: 22/08/2011 - 06:11:36 - [0] ----D- C:\Users\bernard\AppData\Local\OpenCandy => Infection PUP (Adware.OpenCandy)

O43 - CFD: 01/12/2011 - 07:48:04 - [0,000] ----D- C:\Program Files (x86)\Application Updater => Infection PUP (PUP.Dealio)

O43 - CFD: 01/12/2011 - 07:48:04 - [0,930] ----D- C:\Program Files (x86)\Search Settings => Infection PUP (PUP.Dealio)

O53 - SMSR:HKLM\...\startupreg\SearchSettings [Key] . (.Spigot, Inc. - Search Settings application.) -- C:\Program Files (x86)\Search Settings\SearchSettings.exe => Infection BT (PUP.Dealio)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("browser.search.defaulturl", "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17434"); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.bbDpng", 3); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.cntry", "FR"); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.hdrMd5", "0BC2749CD72611C8568BCB752EEEABB4"); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.lastActv", "3"); => Infection BT (Toolbar.Babylon)

O69 - SBI: prefs.js [bernard - 012xr9iy.default] user_pref("extensions.BabylonToolbar.lastDP", 3); => Infection BT (Toolbar.Babylon)

[HKCU\Software\Microsoft\Internet Explorer\lowregistry\search settings] => Infection BT (PUP.Dealio)

[HKLM\Software\Classes\Applications\iMeshV10.exe] => Infection PUP (PUP.iMesh)

[HKLM\Software\WOW6432Node\Classes\AppID\eoenginebho.dll] => Infection PUP (PUP.Eorezo)

[HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}] => Infection BT (Adware.Hotbar)

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5f05c28d-dea9-4ad6-a73a-064175988eab}] => Infection BT (PUP.Dealio)

[HKLM\Software\WOW6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}] => Infection BT (Adware.BHO)

[HKLM\Software\WOW6432Node\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}] => Infection PUP (PUP.Eorezo)

[HKLM\Software\WOW6432Node\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}] => Infection PUP (PUP.Dealio)

[HKLM\Software\WOW6432Node\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}] => Infection PUP (PUP.Eorezo)

[HKLM\Software\WOW6432Node\Application Updater] => Infection PUP (PUP.Dealio)

[HKLM\Software\WOW6432Node\Iminent] => Infection PUP (Adware.IMBooster)

[HKLM\Software\WOW6432Node\OfferBox] => Infection PUP (PUP.OfferBox)

[HKLM\Software\WOW6432Node\Search Settings] => Infection PUP (PUP.Dealio)

[HKLM\Software\Wow6432Node\eRightSoft\OpenCandy] => Infection PUP (Adware.OpenCandy)

C:\ProgramData\Trymedia => Infection BT (Adware.Trymedia)

C:\Users\bernard\AppData\Roaming\OfferBox => Infection PUP (PUP.OfferBox)

C:\Users\bernard\AppData\Roaming\OpenCandy => Infection PUP (Adware.OpenCandy)

C:\Users\bernard\AppData\Local\MediaGet2 => Infection PUP (PUP.MediaGet)

C:\Users\bernard\AppData\Local\OpenCandy => Infection PUP (Adware.OpenCandy)

C:\Users\bernard\AppData\LocalLow\FunWebProducts => Infection BT (Adware.MyWebSearch)

C:\Users\bernard\AppData\LocalLow\MyWebSearch => Infection BT (Adware.MyWebSearch)

C:\Program Files (x86)\Application Updater => Infection PUP (PUP.Dealio)

C:\Program Files (x86)\Search Settings => Infection PUP (PUP.Dealio)

 

PROCESSUS SUPERFLU DU SYSTEME

R3 - URLSearchHook: (no name) [64Bits] - {90eee664-34b1-422a-a782-779af65cdf6d} . (...) (No version) -- (.not file.) => Fichier absent

O4 - Global Startup: C:\Users\bernard\Desktop\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe => Safer Net Working®Spybot S&D

O4 - Global Startup: C:\Users\bernard\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk . (.Safer Networking Limited.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe => Safer Net Working®Spybot S&D

O23 - Service: Lavasoft Ad-Aware Service (Lavasoft Ad-Aware Service) . (.Lavasoft Limited - Ad-Aware Service Application.) - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe => Lavasoft®Ad-Aware Service

[MD5.98070A7FCE5B4AFB24A142C6F4C25CC1] [APT] [Ad-Aware Update (Weekly)] (.Lavasoft Limited.) -- C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe

[MD5.00000000000000000000000000000000] [APT] [{3ECA4DEF-94B3-4CF9-BFD5-13E615D3BDE0}] (...) -- J:\FLV PlayerFCSetup.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{FD3E89B6-753B-4330-8434-749949E818D8}] (...) -- C:\Program Files (x86)\Games\3 Days - Zoo Mystery\ThreeDays.exe (.not file.) => Fichier absent

O41 - Driver: (SASDIFSV) . (. - .) - C:\Users\bernard\AppData\Local\Temp\SAS_SelfExtract\SASDIFSV64.sys (.not file.) => Fichier absent

O41 - Driver: (SASKUTIL) . (. - .) - C:\Users\bernard\AppData\Local\Temp\SAS_SelfExtract\SASKUTIL64.sys (.not file.) => Fichier absent

O42 - Logiciel: Spybot - Search & Destroy - (.Safer Networking Limited.) [HKLM] -- {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1 => Safer Networking Limited Spybot - S&D

[HKLM\Software\Amazon]

O43 - CFD: 02/08/2010 - 05:55:10 - [0,002] ----D- C:\ProgramData\Partner => Game

O43 - CFD: 06/02/2012 - 08:38:34 - [64,446] ----D- C:\ProgramData\Spybot - Search & Destroy => Spybot - Search & Destroy

O43 - CFD: 10/09/2010 - 07:59:00 - [0,010] ----D- C:\Users\bernard\AppData\Roaming\Amazon

O43 - CFD: 13/01/2012 - 12:30:36 - [0] ----D- C:\Users\bernard\AppData\Local\{0360B2B1-93CE-4543-9BEF-E3493819AC8F} => Empty Folder not necessary

O43 - CFD: 31/08/2011 - 12:24:06 - [0] ----D- C:\Users\bernard\AppData\Local\{0C5A6F3F-040F-4ED7-86FC-F0D6055BDB96} => Empty Folder not necessary

O43 - CFD: 06/02/2012 - 14:02:00 - [0] ----D- C:\Users\bernard\AppData\Local\{131B4FDB-3102-42A3-B659-19BD6DE1AF8A} => Empty Folder not necessary

O43 - CFD: 27/01/2011 - 14:32:28 - [0] ----D- C:\Users\bernard\AppData\Local\{1B28A109-617F-4C50-907A-BB491CD42933} => Empty Folder not necessary

O43 - CFD: 14/01/2012 - 14:35:54 - [0] ----D- C:\Users\bernard\AppData\Local\{304ABB31-5B90-4ECA-90E6-EACA97A27364} => Empty Folder not necessary

O43 - CFD: 31/08/2011 - 12:23:40 - [0] ----D- C:\Users\bernard\AppData\Local\{37291D6B-6090-42A7-8103-BE4B409BFB18} => Empty Folder not necessary

O43 - CFD: 17/01/2012 - 08:43:08 - [0] ----D- C:\Users\bernard\AppData\Local\{3C07F9D2-3EE0-45D7-81BB-727169BFF70A} => Empty Folder not necessary

O43 - CFD: 12/01/2012 - 19:40:20 - [0] ----D- C:\Users\bernard\AppData\Local\{409C9C15-BCEC-4C52-A3FF-3647D8E1212D} => Empty Folder not necessary

O43 - CFD: 14/01/2012 - 14:36:40 - [0] ----D- C:\Users\bernard\AppData\Local\{4C73F278-8BBF-49AD-8C55-A3F1129C8A15} => Empty Folder not necessary

O43 - CFD: 24/09/2011 - 09:43:08 - [0] ----D- C:\Users\bernard\AppData\Local\{4DEE2A70-5DA5-4570-8BBF-0A0178B40717} => Empty Folder not necessary

O43 - CFD: 21/01/2012 - 09:37:58 - [0] ----D- C:\Users\bernard\AppData\Local\{50098926-4D96-4090-864A-2E8E0B4FCA3C} => Empty Folder not necessary

O43 - CFD: 12/01/2012 - 19:41:20 - [0] ----D- C:\Users\bernard\AppData\Local\{8B6F87D2-A618-4EAB-B480-351951A28694} => Empty Folder not necessary

O43 - CFD: 15/01/2012 - 10:11:52 - [0] ----D- C:\Users\bernard\AppData\Local\{8D792FD7-ABB8-43E5-B77C-8D5F9C21E3DC} => Empty Folder not necessary

O43 - CFD: 09/12/2011 - 13:28:06 - [0] ----D- C:\Users\bernard\AppData\Local\{91961C03-32D7-42CA-8934-9B1374C9A704} => Empty Folder not necessary

O43 - CFD: 13/01/2012 - 12:30:24 - [0] ----D- C:\Users\bernard\AppData\Local\{B12B588A-0494-4D83-9C45-3DA4F7F10772} => Empty Folder not necessary

O43 - CFD: 17/01/2012 - 08:42:18 - [0] ----D- C:\Users\bernard\AppData\Local\{B1E6C1EC-6046-481B-BC0D-04AFD8684B60} => Empty Folder not necessary

O43 - CFD: 09/01/2012 - 14:44:16 - [0] ----D- C:\Users\bernard\AppData\Local\{B83410FE-BA10-4310-999A-07D4A04EC913} => Empty Folder not necessary

O43 - CFD: 15/01/2012 - 10:11:42 - [0] ----D- C:\Users\bernard\AppData\Local\{C3522912-325C-478A-9CF2-C1D2477EB885} => Empty Folder not necessary

O43 - CFD: 21/02/2011 - 07:15:16 - [0] ----D- C:\Users\bernard\AppData\Local\{CEECE7A0-950F-499F-A495-C95C11723995} => Empty Folder not necessary

O43 - CFD: 28/01/2011 - 09:35:54 - [0] ----D- C:\Users\bernard\AppData\Local\{D8F61B7A-25E5-4568-A189-96D019187B0A} => Empty Folder not necessary

O43 - CFD: 06/02/2012 - 13:59:26 - [0] ----D- C:\Users\bernard\AppData\Local\{DA2814C3-BAFC-44FA-B0C5-071BD023CBF6} => Empty Folder not necessary

O43 - CFD: 24/09/2011 - 09:42:40 - [0] ----D- C:\Users\bernard\AppData\Local\{DBD15310-E99C-4808-A721-61D4A9CF3B77} => Empty Folder not necessary

O43 - CFD: 09/01/2012 - 14:44:04 - [0] ----D- C:\Users\bernard\AppData\Local\{E2EE1E0B-AEBC-41B5-88F8-5B9E009E4CF6} => Empty Folder not necessary

O43 - CFD: 09/12/2011 - 13:28:18 - [0] ----D- C:\Users\bernard\AppData\Local\{ED105CC8-991B-4A4A-8141-7F4B98EDC4EF} => Empty Folder not necessary

O43 - CFD: 21/01/2012 - 09:38:38 - [0] ----D- C:\Users\bernard\AppData\Local\{F115C979-851D-4873-9493-A554F52A5C54} => Empty Folder not necessary

O43 - CFD: 26/02/2011 - 09:56:44 - [0] ----D- C:\Users\bernard\AppData\Local\{FC4A9932-E1C0-4039-9B68-5F217A172817} => Empty Folder not necessary

O43 - CFD: 10/09/2010 - 14:38:36 - [5,078] ----D- C:\Program Files (x86)\Amazon

O43 - CFD: 11/11/2010 - 14:33:52 - [59,410] ----D- C:\Program Files (x86)\Spybot - Search & Destroy => Spybot - Search & Destroy

O52 - TDSD: \Drivers32\"vidc.tscc"="C:\Windows\SysWOW64\tsccvid64.dll" . (...) -- (.not file.) => Fichier absent

O52 - TDSD: \drivers.desc\"tsccvid64.dll"="TechSmith Screen Capture Codec (64-bit)" . (.TechSmith Corporation - TechSmith Screen Capture Codec.) -- (.not file.) => Fichier absent

[MD5.54ACBA9CFD7154C02CEACF6310CF3CFA] [sPRF][26/01/2009] (.Safer Networking Limited - Spybot - Search & Destroy.) -- C:\Program Files\spybotsd162.exe [16409960]

O87 - FAEL: "TCP Query User{FEFF4DFE-6F22-456A-A5C8-6B1C2C18112A}K:\pdfedit.exe" |In - Public - P6 - TRUE | .(...) -- K:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "UDP Query User{4BBBDF79-18FA-479A-BDF3-2D3C1DB6D751}K:\pdfedit.exe" |In - Public - P17 - TRUE | .(...) -- K:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "TCP Query User{1642BD55-2F87-485B-A23F-438F3550F582}F:\pdfedit.exe" |In - Public - P6 - TRUE | .(...) -- F:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "UDP Query User{85D15DE3-5AE1-4ED6-B12E-975D7B0262B4}F:\pdfedit.exe" |In - Public - P17 - TRUE | .(...) -- F:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "TCP Query User{DCEBBC6C-EC94-46BE-A29B-11434F7D3282}F:\pdfedit.exe" |In - Private - P6 - TRUE | .(...) -- F:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "UDP Query User{5B26D90E-5079-4661-861F-308E730DBA3E}F:\pdfedit.exe" |In - Private - P17 - TRUE | .(...) -- F:\pdfedit.exe (.not file.) => Fichier absent

O87 - FAEL: "TCP Query User{DE06E492-76B4-4F80-B949-5A3AF0EDB937}E:\fscommand\updater.exe" |In - Private - P6 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.) => Fichier absent

O87 - FAEL: "UDP Query User{502A2C19-B08B-4C5B-A16D-2C4A7CA4CC60}E:\fscommand\updater.exe" |In - Private - P17 - TRUE | .(...) -- E:\fscommand\updater.exe (.not file.) => Fichier absent

SR - | Auto 03/11/2011 2152152 | (Lavasoft Ad-Aware Service) . (.Lavasoft Limited.) - C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe => Lavasoft®Ad-Aware Service

 

TOOLBAR INUTILE (Navigateur internet)

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.1.8) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

R3 - URLSearchHook: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.2.1.8) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O2 - BHO: Conduit Engine [64Bits] - {30F9B915-B755-4826-820B-08FBA6BD249D} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll

O2 - BHO: Vuze Remote Toolbar [64Bits] - {ba14329e-9550-4989-b3f2-9732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program Files (x86)\Vuze_Remote\tbVuze.dll

O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine => Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\AskToolbar] => Toolbar.Ask

[HKCU\Software\AppDataLow\Software\Conduit] => Toolbar.Conduit

[HKCU\Software\AppDataLow\Software\conduitEngine] => Toolbar.Conduit

[HKCU\Software\AppDataLow\Toolbar] => Toolbar.Conduit

[HKCU\Software\Ask.com] => Toolbar.Ask

[HKLM\Software\Elf_1.13] => Toolbar.Conduit

O43 - CFD: 17/10/2010 - 10:04:16 - [3,798] ----D- C:\Program Files (x86)\ConduitEngine => Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}] => Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}] => Toolbar.Conduit

[HKLM\Software\WOW6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}] => Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] => Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}] => Toolbar.Conduit

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}] => Toolbar.Conduit

[HKLM\Software\WOW6432Node\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}] => Toolbar.Conduit

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}] => Toolbar.Conduit

[HKCU\Software\Ask.com] => Toolbar.Ask

[HKCU\Software\Ask.com] => Toolbar.Ask

[HKCU\Software\AppDataLow\Software\AskToolbar] => Toolbar.Ask

[HKCU\Software\AppDataLow\Software\conduitEngine] => Toolbar.Conduit

[HKLM\Software\WOW6432Node\conduitEngine] => Toolbar.Conduit

[HKCU\Software\AppDataLow\Toolbar] => Toolbar.Conduit

[HKLM\Software\Classes\Toolbar.CT2504091] => Toolbar.Agent

[HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D} => Toolbar.Conduit

C:\Users\bernard\AppData\LocalLow\ConduitEngine => Toolbar.Conduit

C:\Users\bernard\AppData\LocalLow\Vuze_Remote => Toolbar.Conduit

C:\Program Files (x86)\ConduitEngine => Toolbar.Conduit

 

PROCESSUS INUTILE (Au démarrage du système)

O53 - SMSR:HKLM\...\startupreg\SSBkgdUpdate [Key] . (.Scansoft, Inc. - SSBkgdUpdate.) -- C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe

 

 

 

EmptyFlash

EmptyTemp

FirewallRaz

110926125340285987.jpg

 

 

Cliquer sur "OK", ce qui fait apparaître un carré à gauche de chaque ligne.

110515101159971677.jpg

Cliquer sur "Tous" puis sur "Nettoyer" .

Redémarrer pour achever le nettoyage.

Un rapport apparait:

Capture1Rapport.JPG

Si le rapport n'apparait pas,cliquer surPanelRapport.jpg

Copier-coller le rapport de suppression dans la prochaine réponse.

Lien vers le commentaire
Partager sur d’autres sites
seppi c moi Member

seppi c moi

Posté(e)
  • Auteur
Posté(e)

Bonjour,

J'avais oublié de préciser je suis assez novice et j'ai la hantise de evoir reinstaller Windows 7 j'ai trop à perdre et j'avais pas lu qu'il fallait faire "nettoyage" avec Adwcleaner.

Jai doncdésinstallé AD AWARE.

Faut il que je fasse le nettoyage avec adwcleaner avant de coller les lignes vertes dans Zhpdiag ?

Merci à tout de suite

Lien vers le commentaire
Partager sur d’autres sites
pear Devil Member !

pear

Posté(e)
Posté(e)
le rapport de suppression ne s'est pas affiché

 

 

Si le rapport n'apparait pas,cliquer surPanelRapport.jpg

Copier-coller le rapport de suppression dans la prochaine réponse.

 

Sinon, recherchez Zhpfix

et si vous ne trouvez toujours pas, relancez Zhpdiag que l'on puisse voir si c'est propre.

Lien vers le commentaire
Partager sur d’autres sites
seppi c moi Member

seppi c moi

Posté(e)
  • Auteur
Posté(e)

Euh ??? c'est çà ???

 

Rapport de ZHPFix 1.12.3380 par Nicolas Coolman, Update du 05/02/2011

Fichier d'export Registre :

Run by bernard at 11/02/2012 15:19:15

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Web site : ZHPFix Fix de rapport

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

 

========== Logiciel(s) ==========

ABSENT Software Key: {5F05C28D-DEA9-4AD6-A73A-064175988EAB}

ABSENT Software Key: {B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

ABSENT Software Key: conduitEngine

 

========== Processus mémoire ==========

SUPPRIME Memory Process: C:\Program Files\spybotsd162.exe

 

========== Clé(s) du Registre ==========

SUPPRIME Key: HKCU\Software\AppDataLow\Software\Fun Web Products

SUPPRIME Key: HKCU\Software\AppDataLow\Software\FunWebProducts

SUPPRIME Key: HKCU\Software\AppDataLow\Software\MyWebSearch

SUPPRIME Key: HKCU\Software\Iminent

ABSENT Key: HKLM\Software\Application Updater

ABSENT Key: HKLM\Software\Iminent

ABSENT Key: HKLM\Software\Mircrosoft

ABSENT Key: HKLM\Software\OfferBox

ABSENT Key: HKLM\Software\Search Settings

SUPPRIME Key**: StartupReg: SearchSettings

SUPPRIME Key: HKCU\Software\Microsoft\Internet Explorer\lowregistry\search settings

SUPPRIME Key: HKLM\Software\Classes\Applications\iMeshV10.exe

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\eoenginebho.dll

SUPPRIME Key: HKLM\Software\Classes\TypeLib\{2D5E2D34-BED5-4B9F-9793-A31E26E6806E}

SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5f05c28d-dea9-4ad6-a73a-064175988eab}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\AppID\{AFBB7970-789A-4264-BA70-E8127DECE400}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\Interface\{DF76E9B7-35EC-46FC-AF56-5B79DED9D64F}

SUPPRIME Key: HKLM\Software\WOW6432Node\Application Updater

SUPPRIME Key: HKLM\Software\WOW6432Node\Iminent

SUPPRIME Key: HKLM\Software\WOW6432Node\OfferBox

SUPPRIME Key: HKLM\Software\WOW6432Node\Search Settings

SUPPRIME Key: HKLM\Software\Wow6432Node\eRightSoft\OpenCandy

ABSENT Key: Service: Lavasoft Ad-Aware Service

SUPPRIME Driver Key: SASDIFSV

SUPPRIME Driver Key: SASKUTIL

ABSENT Key: HKLM\Software\Amazon

ABSENT Key: CLSID BHO: {30F9B915-B755-4826-820B-08FBA6BD249D}

ABSENT Key: CLSID BHO: {ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key: HKCU\Software\AppDataLow\Software\AskToolbar

SUPPRIME Key: HKCU\Software\AppDataLow\Software\Conduit

SUPPRIME Key: HKCU\Software\AppDataLow\Software\conduitEngine

SUPPRIME Key: HKCU\Software\AppDataLow\Toolbar

SUPPRIME Key: HKCU\Software\Ask.com

ABSENT Key: HKLM\Software\Elf_1.13

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key: HKLM\Software\WOW6432Node\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key: HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME Key: HKLM\Software\WOW6432Node\conduitEngine

SUPPRIME Key: HKLM\Software\Classes\Toolbar.CT2504091

SUPPRIME Key**: StartupReg: SSBkgdUpdate

 

========== Valeur(s) du Registre ==========

SUPPRIME URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D}

SUPPRIME URLSearchHook: {90eee664-34b1-422a-a782-779af65cdf6d}

SUPPRIME TDSD Value: vidc.tscc

SUPPRIME TDSD Value: tsccvid64.dll

SUPPRIME TCP Query User{FEFF4DFE-6F22-456A-A5C8-6B1C2C18112A}K:/pdfedit.exe

SUPPRIME UDP Query User{4BBBDF79-18FA-479A-BDF3-2D3C1DB6D751}K:/pdfedit.exe

SUPPRIME TCP Query User{1642BD55-2F87-485B-A23F-438F3550F582}F:/pdfedit.exe

SUPPRIME UDP Query User{85D15DE3-5AE1-4ED6-B12E-975D7B0262B4}F:/pdfedit.exe

SUPPRIME TCP Query User{DCEBBC6C-EC94-46BE-A29B-11434F7D3282}F:/pdfedit.exe

SUPPRIME UDP Query User{5B26D90E-5079-4661-861F-308E730DBA3E}F:/pdfedit.exe

SUPPRIME TCP Query User{DE06E492-76B4-4F80-B949-5A3AF0EDB937}E:/fscommand/updater.exe

SUPPRIME UDP Query User{502A2C19-B08B-4C5B-A16D-2C4A7CA4CC60}E:/fscommand/updater.exe

SUPPRIME URLSearchHook: {ba14329e-9550-4989-b3f2-9732e92d17cc}

SUPPRIME [HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]:{30F9B915-B755-4826-820B-08FBA6BD249D}

SUPPRIME FirewallRaz (SP) : C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe

ABSENT Valeur Domain Profile: FirewallRaz :

SUPPRIME FirewallRaz (Public) : {9D8B3323-994A-4117-970D-6E93F58CA9AF}

SUPPRIME FirewallRaz (Public) : {7EEAA4F0-FF57-4EDE-8F35-24B2A959B422}

SUPPRIME FirewallRaz (Public) : TCP Query User{90AB6D58-2866-479A-894B-E8D2CDEB732A}J:\program files\frostwire\frostwire.exe

SUPPRIME FirewallRaz (Public) : UDP Query User{AD2A4880-9A87-42FB-BE05-274E59BE15C0}J:\program files\frostwire\frostwire.exe

SUPPRIME FirewallRaz (Public) : TCP Query User{876C580A-76E0-42AE-9299-639ED30179D4}J:\program files\emule\emule.exe

SUPPRIME FirewallRaz (Public) : UDP Query User{78CC4F25-CE4E-4912-AC46-A7B7FCB73F75}J:\program files\emule\emule.exe

SUPPRIME FirewallRaz (Public) : TCP Query User{4AE54F57-88EF-4911-B296-FB1FF72024E4}K:\program files\emule\emule.exe

SUPPRIME FirewallRaz (Public) : UDP Query User{53F52543-B5C5-4F06-BC68-3CC741A2621A}K:\program files\emule\emule.exe

SUPPRIME FirewallRaz (None) : {AF2BADB7-AB84-4B2C-99F9-43A7497AE23D}

SUPPRIME FirewallRaz (Private) : TCP Query User{454A17FC-939D-4571-A6DC-9382D131AD8A}F:\program files\emule\emule.exe

SUPPRIME FirewallRaz (Private) : UDP Query User{AF597243-56D5-47F9-8FCC-41932EE3665B}F:\program files\emule\emule.exe

 

========== Préférences navigateur ==========

SUPPRIME Mozilla Pref: user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

SUPPRIME Mozilla Pref: user_pref("browser.search.defaulturl", "http://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=17434");

SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.bbDpng", 3);

SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.cntry", "FR");

SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.hdrMd5", "0BC2749CD72611C8568BCB752EEEABB4");

SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.lastActv", "3");

SUPPRIME Mozilla Pref: user_pref("extensions.BabylonToolbar.lastDP", 3);

 

========== Dossier(s) ==========

SUPPRIME Folder: C:\ProgramData\Trymedia

SUPPRIME Folder: C:\Users\bernard\AppData\Roaming\OfferBox

SUPPRIME Folder: C:\Users\bernard\AppData\Roaming\OpenCandy

SUPPRIME Folder: C:\Users\bernard\AppData\Local\MediaGet2

SUPPRIME Folder: C:\Users\bernard\AppData\Local\OpenCandy

SUPPRIME Folder: C:\Program Files (x86)\Application Updater

SUPPRIME Folder: C:\Program Files (x86)\Search Settings

SUPPRIME Folder: c:\users\bernard\appdata\locallow\funwebproducts

SUPPRIME Folder: c:\users\bernard\appdata\locallow\mywebsearch

SUPPRIME Folder: C:\ProgramData\Partner

SUPPRIME Folder: C:\ProgramData\Spybot - Search & Destroy

SUPPRIME Folder: C:\Users\bernard\AppData\Roaming\Amazon

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{0360B2B1-93CE-4543-9BEF-E3493819AC8F}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{0C5A6F3F-040F-4ED7-86FC-F0D6055BDB96}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{131B4FDB-3102-42A3-B659-19BD6DE1AF8A}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{1B28A109-617F-4C50-907A-BB491CD42933}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{304ABB31-5B90-4ECA-90E6-EACA97A27364}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{37291D6B-6090-42A7-8103-BE4B409BFB18}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{3C07F9D2-3EE0-45D7-81BB-727169BFF70A}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{409C9C15-BCEC-4C52-A3FF-3647D8E1212D}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{4C73F278-8BBF-49AD-8C55-A3F1129C8A15}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{4DEE2A70-5DA5-4570-8BBF-0A0178B40717}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{50098926-4D96-4090-864A-2E8E0B4FCA3C}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{8B6F87D2-A618-4EAB-B480-351951A28694}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{8D792FD7-ABB8-43E5-B77C-8D5F9C21E3DC}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{91961C03-32D7-42CA-8934-9B1374C9A704}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{B12B588A-0494-4D83-9C45-3DA4F7F10772}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{B1E6C1EC-6046-481B-BC0D-04AFD8684B60}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{B83410FE-BA10-4310-999A-07D4A04EC913}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{C3522912-325C-478A-9CF2-C1D2477EB885}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{CEECE7A0-950F-499F-A495-C95C11723995}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{D8F61B7A-25E5-4568-A189-96D019187B0A}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{DA2814C3-BAFC-44FA-B0C5-071BD023CBF6}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{DBD15310-E99C-4808-A721-61D4A9CF3B77}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{E2EE1E0B-AEBC-41B5-88F8-5B9E009E4CF6}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{ED105CC8-991B-4A4A-8141-7F4B98EDC4EF}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{F115C979-851D-4873-9493-A554F52A5C54}

SUPPRIME Folder: C:\Users\bernard\AppData\Local\{FC4A9932-E1C0-4039-9B68-5F217A172817}

SUPPRIME Folder: C:\Program Files (x86)\Amazon

SUPPRIME Folder: C:\Program Files (x86)\Spybot - Search & Destroy

SUPPRIME Folder: C:\Program Files (x86)\ConduitEngine

SUPPRIME Folder: c:\users\bernard\appdata\locallow\conduitengine

SUPPRIME Folder: c:\users\bernard\appdata\locallow\vuze_remote

SUPPRIME Flash Cookies: 1

SUPPRIME Temporaires Windows: : 78

 

========== Fichier(s) ==========

ABSENT File: c:\program files (x86)\search settings\searchsettings.exe

ABSENT Folder/File: c:\programdata\trymedia

ABSENT Folder/File: c:\users\bernard\appdata\roaming\offerbox

ABSENT Folder/File: c:\users\bernard\appdata\roaming\opencandy

ABSENT Folder/File: c:\users\bernard\appdata\local\mediaget2

ABSENT Folder/File: c:\users\bernard\appdata\local\opencandy

ABSENT Folder/File: c:\program files (x86)\application updater

SUPPRIME File: c:\users\bernard\desktop\spybot - search & destroy.lnk

SUPPRIME Reboot c:\program files (x86)\spybot - search & destroy\spybotsd.exe

SUPPRIME File: c:\users\bernard\appdata\roaming\microsoft\internet explorer\quick launch\spybot - search & destroy.lnk

SUPPRIME File: c:\program files\spybotsd162.exe

SUPPRIME File: c:\program files (x86)\vuze_remote\tbvuze.dll

SUPPRIME Flash Cookies: 0

SUPPRIME Temporaires Windows: : 339

 

========== Tache planifiée ==========

SUPPRIME Task: Ad-Aware Update (Weekly)

SUPPRIME Task: {3ECA4DEF-94B3-4CF9-BFD5-13E615D3BDE0}

SUPPRIME Task: {FD3E89B6-753B-4330-8434-749949E818D8}

 

========== Autre ==========

NON TRAITE PROCESSUS MALWARE (Rootkit, trojan, ver, spyware, adware,...)

NON TRAITE PROCESSUS SUPERFLU DU SYSTEME

NON TRAITE TOOLBAR INUTILE (Navigateur internet)

NON TRAITE PROCESSUS INUTILE (Au démarrage du système)

 

 

========== Récapitulatif ==========

1 : Processus mémoire

47 : Clé(s) du Registre

27 : Valeur(s) du Registre

45 : Dossier(s)

14 : Fichier(s)

3 : Logiciel(s)

7 : Préférences navigateur

3 : Tache planifiée

4 : Autre

 

 

End of clean in 01mn 25s

 

========== Chemin de fichier rapport ==========

Lien vers le commentaire
Partager sur d’autres sites

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...