Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Trojan.gen

casimir2004

Par casimir2004
dans Analyses et éradication malwares

 Partager

Messages recommandés

casimir2004 Power Member

casimir2004

Posté(e)
  • Auteur
Posté(e)

Malwarebytes Anti-Malware (Essai) 1.61.0.1400

www.malwarebytes.org

 

Version de la base de données: v2012.07.11.09

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Famille Meyer :: FAMILLEMEYER-HP [administrateur]

 

Protection: Activé

 

11/07/2012 22:41:53

mbam-log-2012-07-11 (22-41-53).txt

 

Type d'examen: Examen complet

Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM

Options d'examen désactivées: P2P

Elément(s) analysé(s): 417379

Temps écoulé: 47 minute(s), 40 seconde(s)

 

Processus mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Module(s) mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Clé(s) du Registre détectée(s): 0

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre détectée(s): 0

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre détecté(s): 0

(Aucun élément nuisible détecté)

 

Dossier(s) détecté(s): 0

(Aucun élément nuisible détecté)

 

Fichier(s) détecté(s): 1

C:\Users\Famille Meyer\Desktop\Setup.exe (PUP.Bundle.Installer.OI) -> Mis en quarantaine et supprimé avec succès.

 

(fin)

Lien vers le commentaire
Partager sur d’autres sites

casimir2004 Power Member

casimir2004

Posté(e)
  • Auteur
Posté(e)

Bonjour, toujours le même pb Trojan

 

Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\682f974f.exe

____________________________

____________________________

Sur les ordinateurs à partir du :

13/07/2012 à 20:17:12

Dernière utilisation :

13/07/2012 à 20:17:12

Elément de démarrage :

Non

Lancé :

Non

____________________________

____________________________

Peu d'utilisateurs

Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier.

____________________________

Elevée

Ce fichier représente un risque élevé.

____________________________

Détails menace

Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support.

____________________________

Origine

Téléchargé à partir de URL non disponible

 

____________________________

Actions de fichier

Fichier : c:\users\famille meyer\appdata\local\temp\682f974f.exe

Bloqués

____________________________

Empreinte numérique de fichier - SHA :

cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5

____________________________

Empreinte numérique de fichier - MD5 :

b8f062cf2dd72e7c4254f825ebb28a35

____________________________

Lien vers le commentaire
Partager sur d’autres sites
casimir2004 Power Member

casimir2004

Posté(e)
  • Auteur
Posté(e)

Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012

Run by Famille Meyer at 13/07/2012 20:47:37

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

MFIE: Mozilla Firefox 8.0 v8.0

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 3Q6C9

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 6103 MB (67% free)

System Restore: Activé (Enable)

System drive C: has 1298 GB (93%) free of 1384 GB

 

---\\ Logged in mode

~ Computer Name: FAMILLEMEYER-HP

~ User Name: Famille Meyer

~ All Users Names: UpdatusUser, Rémy, HomeGroupUser$, Famille Meyer, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Famille Meyer\AppData\Roaming\

~ %Desktop% : C:\Users\Famille Meyer\Desktop\

~ %Favorites% : C:\Users\Famille Meyer\Favorites\

~ %LocalAppData% : C:\Users\Famille Meyer\AppData\Local\

~ %StartMenu% : C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 1298 Go of 1384 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ CD-ROM drive (Not Inserted)

K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

L:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 13:05:28.) -- C:\Windows\System32\wininet.dll [1392128]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 2/303

~ Mes musiques (My Musics) : 2/345

~ Mes Videos (My Videos) : 1/6

~ Mes Favoris (My Favorites) : 1/287

~ Mes Documents (My Documents) : 1/1844

~ Mon Bureau (My Desktop) : 1/11

~ Menu demarrer (Programs) : 1/35

~ Scan Hidden Files in 00mn 01s

 

 

 

---\\ Processus lancés

[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008] [PID.]

[MD5.4FF9D0D5FEC26D9F2312A8C15CA59C8F] - (.Pas de propriétaire - Monitor LED Key.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [53248] [PID.3312]

[MD5.69764A6475A4C54732E6A07CE6EF8BE2] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe [762736] [PID.4444]

[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.4452]

[MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.4468]

[MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.4480]

[MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4508]

[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4868]

[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696] [PID.5004]

[MD5.4298DB2F9FE4FE4C96AC4528542680F8] - (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992] [PID.5028]

[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5040]

[MD5.DA614F3014897FE46D6E4A2D483CDDD2] - (.BUFFALO INC. - NAS Function Scheduling Application.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe [206128] [PID.4120]

[MD5.EDCB55CF7135CCF9818EEC413FB39410] - (.Hewlett-Packard - HP LED INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe [2068992] [PID.4212]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3676]

[MD5.47D1F0444CE33A0CA42409A88896CD8D] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.2716]

[MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3838464] [PID.6548]

[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]

[MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.]

[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.]

[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.E38775922D4A4C05B5D96733AB4CE169] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824] [PID.]

[MD5.15E5ABD9E03D57671BB74EB5CBAB8019] - (.BUFFALO INC. - NAS Power Management Service.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251184] [PID.]

[MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.]

[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.]

[MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.]

[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.]

[MD5.FF7E8BC3A8B90F03BD20588B5840154F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504] [PID.]

[MD5.02C298382359653BEC4C737C2AB7F9C5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Preferences

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\prefs.js

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [Famille Meyer - wun2jzbg.default] www.free.fr

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 22

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) [64Bits] - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} Clé orpheline

O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [VX3000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

O4 - HKLM\..\Wow6432Node\Run: [LaunchHPOSIAPP] . (.Hewlett-Packard - Launch a application..) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Wow6432Node\Run: [bATINDICATOR] . (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAut

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\Super Architect 3D Expert CAD - 18 Tools.lnk . (...) -- C:\Program Files (x86)\Easy Computing\ECStart.exe (.not file.)

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Rémy\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\BUFFALO NAS Navigator2.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\CyberLink DVD Suite Deluxe.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\eMule.lnk . (.http://emulemorph.sourceforge.net.) -- C:\Program Files (x86)\eMule\eMule.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\HomePlayer.lnk . (...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\LS-CHLC80.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\TomTom HOME 2.lnk . (.TomTom International B.V..) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WinRAR.lnk . (...) -- C:\Program Files (x86)\WinRAR\WinRAR.exe (.not file.)

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MIF5BA~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

~ Scan Objets ActiveX in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: tv [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: vbscript [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd - Mirics FlexiTV DVBT 2.1.0rc11: R.03.46.48.0.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe

O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

O23 - Service: NAS PM Service (NasPmService) . (...) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (.not file.)

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.8.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Intel® Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFamille Meyer.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job

[MD5.5E1A953C6472E7BB644892A4D0DF5E72] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.57CFD2E9CC23E1C6B0584B7AFCAB2EBA] [APT] [elbyExecuteWithUAC] (...) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\executeWithUAC.exe

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFamille Meyer] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFAMILLEMEYER-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.00000000000000000000000000000000] [APT] [{24B1BFB5-835C-453D-A4BD-BE49B9FF2EDE}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.B64BAF38F446B9F521D820671B42E7EB] [APT] [{2DEE240E-0F76-4AB2-A085-5306E5A02421}] (.A. Brochard.) -- C:\Program Files (x86)\PS3 Media Server\PMS.exe

[MD5.00000000000000000000000000000000] [APT] [{41238FFF-6187-475E-B2A6-DFF4400B6637}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{74BB5DC9-1E9B-4404-BAFE-C5E1412C8F2D}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7698F5AF-0E3A-42E3-B198-15195B7792FB}] (...) -- J:\Installer.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{9DDE89E2-9135-4B15-90CA-3FFFC8A4E38F}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{CAF82E2D-534E-4B54-8583-855396CC401A}] (...) -- C:\Users\Famille Meyer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6VUX14H\CFWebU.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D039FAB9-2070-434E-B1CD-F14DCD025651}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{DB441831-4D64-4155-95E6-7EC3E731477F}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{EA64C32B-8DC0-4F72-8A35-8FCD4719F606}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe

[MD5.7A14C25B7EC229B7F8B3E457779C83CC] [APT] [HP Total Care Tune-Up] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe

[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.A87F567F053191361B617D7908F8E062] [APT] [update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe

~ Scan Scheduled Task in 00mn 05s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys

O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120712.001\IDSvia64.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.sys

O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\System32\DRIVERS\SymIMv.sys

O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.sys

O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120711.001\IDSvia64.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: BUFFALO NAS Navigator2 - (.Pas de propriétaire.) [HKLM] -- UN060501

O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2

O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU_BOBTV.FR

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}

O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM] -- FileZilla Client

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}

O42 - Logiciel: HP MAINSTREAM KEYBOARD - (.Hewlett-Packard.) [HKLM] -- {B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP Product Detection - (.HP.) [HKLM] -- {A436F67F-687E-4736-BD2B-537121A804CF}

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- HP Remote Solution

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- {C611CF88-969D-43E6-A877-D6D6439DD081}

O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}

O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {6F44AF95-3CDE-4513-AD3F-6D45F17BF324}

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}

O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}

O42 - Logiciel: HomePlayer 1.5.9d - (.HomePlayer.) [HKLM] -- HomePlayer

O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678

O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {41CB4C45-5559-4D7B-98F6-E469444F1549}

O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D}

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Java 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Mira version 2.7.0.1 - (.Pas de propriétaire.) [HKLM] -- Mira_is1

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr)

O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}

O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- N360

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {34610DE0-3C13-42CA-8E32-01FFA38AB6E8}

O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM] -- PDF Complete

O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PlayStation®Network Downloader - (.Sony Computer Entertainment Inc..) [HKLM] -- {B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}

O42 - Logiciel: PlayStation®Store - (.Sony Computer Entertainment Inc..) [HKLM] -- {0E532C84-4275-41B3-9D81-D4A1A20D8EE7}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM] -- {912CED74-88D3-4C5B-ACB0-13231864975D}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{27609E26-63D9-4180-BD50-08837BD3B1DC}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E34960DB-2A93-45DB-A208-02650F7AB09C}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{293FB6BE-D3EB-4162-B522-F9108040B9FE}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3069CE04-082C-4669-9BA1-E6AA66330C1F}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{075C2272-0881-46D3-B3A5-1D83D6940270}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: TomTom HOME 2.8.3.2499 - (.TomTom.) [HKLM] -- TomTom HOME

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B689F89-5E1C-4DA9-B2B1-7B3843275596}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{E425BC5B-458F-4084-9C7D-2BE4020BFA35}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-B - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6C4E1D7E-EEB2-4EDE-8B39-9844D8AD9273}

O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive

O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: eMule MorphXT 12.6 - (.Morph team.) [HKLM] -- eMule MorphXT_is1

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AppDataLow\Software\MarkAny]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\Hewlett-Packard]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\AdwCleaner]

[HKLM\Software\Alcohol Soft]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DT Soft]

[HKLM\Software\Easy Computing]

[HKLM\Software\EasyBits]

[HKLM\Software\Elaborate Bytes]

[HKLM\Software\Electronic Arts]

[HKLM\Software\FileZilla 3]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\LEDPointer]

[HKLM\Software\LOXANE]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\LogMeIn Rescue]

[HKLM\Software\MELCO INC]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Myfree Codec]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NewspaperDirect]

[HKLM\Software\Norton PC Checkup]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PDFComplete]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Samsung]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Sony]

[HKLM\Software\Symantec]

[HKLM\Software\TomTom]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Win32 Services]

[HKLM\Software\Windows]

[HKLM\Software\hauppauge]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect

O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft

O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO

O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2

O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR

O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes

O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule

O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google

O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer

O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp

O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games

O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando

O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel

O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java

O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny

O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam

O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec

O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect

O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360

O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services

O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete

O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server

O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung

O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris

O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony

O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install

O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp

O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box

O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare

O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Application Data

O43 - CFD: 28/03/2012 - 19:25:21 - [0,001] ----D C:\ProgramData\Autodesk

O43 - CFD: 17/11/2011 - 20:05:28 - [0,162] ----D C:\ProgramData\CyberLink

O43 - CFD: 13/11/2011 - 18:41:17 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Documents

O43 - CFD: 20/05/2012 - 18:24:11 - [0,000] ----D C:\ProgramData\Electronic Arts

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Favorites

O43 - CFD: 16/11/2011 - 19:56:49 - [152,398] ----D C:\ProgramData\Hewlett-Packard

O43 - CFD: 17/11/2011 - 20:06:29 - [0,001] ----D C:\ProgramData\LightScribe

O43 - CFD: 04/07/2012 - 19:35:21 - [0,004] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 01/07/2012 - 22:57:38 - [0] ----D C:\ProgramData\Media Center Programs

O43 - CFD: 04/07/2012 - 19:27:35 - [129,221] -S--D C:\ProgramData\Microsoft

O43 - CFD: 11/07/2012 - 20:23:18 - [0,062] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 20/10/2010 - 03:11:49 - [0] ----D C:\ProgramData\NewspaperDirect

O43 - CFD: 05/07/2012 - 20:58:41 - [656,653] ----D C:\ProgramData\Norton

O43 - CFD: 05/07/2012 - 20:48:22 - [1,422] ----D C:\ProgramData\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:28 - [0,598] ----D C:\ProgramData\NVIDIA

O43 - CFD: 20/10/2010 - 02:43:24 - [0,582] ----D C:\ProgramData\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 16:51:04 - [0] ----D C:\ProgramData\PC Suite

O43 - CFD: 13/11/2011 - 12:06:46 - [0] ----D C:\ProgramData\PCSettings

O43 - CFD: 07/07/2012 - 10:26:51 - [0] ----D C:\ProgramData\PDFC

O43 - CFD: 20/10/2010 - 02:51:29 - [3,376] ----D C:\ProgramData\Ralink Driver

O43 - CFD: 13/11/2011 - 18:59:03 - [25,323] ----D C:\ProgramData\Recovery

O43 - CFD: 13/11/2011 - 18:37:33 - [10,632] ----D C:\ProgramData\Samsung

O43 - CFD: 06/12/2011 - 21:09:34 - [0] ----D C:\ProgramData\Sony Corporation

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Start Menu

O43 - CFD: 06/12/2011 - 20:16:34 - [0,000] ----D C:\ProgramData\Sun

O43 - CFD: 17/11/2011 - 22:47:40 - [0] ----D C:\ProgramData\Symantec

O43 - CFD: 20/10/2010 - 03:01:10 - [0,469] ----D C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Templates

O43 - CFD: 22/12/2011 - 11:19:08 - [0,394] ----D C:\ProgramData\TomTom

O43 - CFD: 13/11/2011 - 11:08:41 - [0,272] ----D C:\ProgramData\WildTangent

O43 - CFD: 20/10/2010 - 03:02:01 - [5,467] ----D C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}

O43 - CFD: 20/10/2010 - 02:48:46 - [33,439] ----D C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}

O43 - CFD: 07/02/2012 - 22:35:50 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

O43 - CFD: 16/11/2011 - 20:01:20 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}

O43 - CFD: 13/11/2011 - 11:47:27 - [16,902] ----D C:\Users\Famille Meyer\AppData\Roaming\Adobe

O43 - CFD: 28/03/2012 - 19:25:21 - [0,008] ----D C:\Users\Famille Meyer\AppData\Roaming\Autodesk

O43 - CFD: 17/11/2011 - 20:25:09 - [0,122] ----D C:\Users\Famille Meyer\AppData\Roaming\CyberLink

O43 - CFD: 28/05/2012 - 08:42:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 19/11/2011 - 21:25:10 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\Day 1 Studios

O43 - CFD: 26/06/2012 - 20:42:59 - [0,024] ----D C:\Users\Famille Meyer\AppData\Roaming\FileZilla

O43 - CFD: 16/11/2011 - 19:56:58 - [0,173] ----D C:\Users\Famille Meyer\AppData\Roaming\Hewlett-Packard

O43 - CFD: 09/07/2012 - 18:50:27 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\HP Support Assistant

O43 - CFD: 16/11/2011 - 20:03:15 - [0,030] ----D C:\Users\Famille Meyer\AppData\Roaming\hpqLog

O43 - CFD: 09/07/2012 - 18:50:27 - [0,014] ----D C:\Users\Famille Meyer\AppData\Roaming\HpUpdate

O43 - CFD: 13/11/2011 - 11:03:54 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Identities

O43 - CFD: 13/11/2011 - 11:04:12 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Intel Corporation

O43 - CFD: 13/11/2011 - 11:47:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Macromedia

O43 - CFD: 04/07/2012 - 19:35:24 - [0,006] ----D C:\Users\Famille Meyer\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Media Center Programs

O43 - CFD: 28/04/2012 - 13:43:00 - [85,552] -S--D C:\Users\Famille Meyer\AppData\Roaming\Microsoft

O43 - CFD: 13/11/2011 - 13:01:02 - [12,411] ----D C:\Users\Famille Meyer\AppData\Roaming\Mozilla

O43 - CFD: 16/12/2011 - 21:35:32 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\NASNaviator2

O43 - CFD: 13/11/2011 - 16:50:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\PC Suite

O43 - CFD: 13/11/2011 - 18:39:52 - [27,953] ----D C:\Users\Famille Meyer\AppData\Roaming\Samsung

O43 - CFD: 06/12/2011 - 21:10:02 - [16,731] ----D C:\Users\Famille Meyer\AppData\Roaming\Sony

O43 - CFD: 04/07/2012 - 20:42:41 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Temp

O43 - CFD: 18/11/2011 - 18:45:19 - [0,036] ----D C:\Users\Famille Meyer\AppData\Roaming\Tific

O43 - CFD: 13/11/2011 - 18:07:10 - [1,476] ----D C:\Users\Famille Meyer\AppData\Roaming\TomTom

O43 - CFD: 12/07/2012 - 20:55:17 - [0,380] ----D C:\Users\Famille Meyer\AppData\Roaming\vlc

O43 - CFD: 16/11/2011 - 20:00:23 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\WinBatch

O43 - CFD: 13/11/2011 - 15:37:57 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\WinRAR

O43 - CFD: 27/12/2011 - 18:33:08 - [6,004] ----D C:\Users\Famille Meyer\AppData\Local\AliensVsPredator

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Application Data

O43 - CFD: 13/11/2011 - 12:57:57 - [1,245] ----D C:\Users\Famille Meyer\AppData\Local\Apps

O43 - CFD: 13/07/2012 - 20:31:42 - [0] ----D C:\Users\Famille Meyer\AppData\Local\CrashDumps

O43 - CFD: 17/11/2011 - 20:25:06 - [0,043] ----D C:\Users\Famille Meyer\AppData\Local\CyberLink

O43 - CFD: 13/11/2011 - 12:58:07 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Deployment

O43 - CFD: 11/07/2012 - 20:58:16 - [0,425] ----D C:\Users\Famille Meyer\AppData\Local\Diagnostics

O43 - CFD: 06/12/2011 - 21:09:42 - [237,831] ----D C:\Users\Famille Meyer\AppData\Local\Downloaded Installations

O43 - CFD: 21/05/2012 - 19:17:10 - [0] ----D C:\Users\Famille Meyer\AppData\Local\ElevatedDiagnostics

O43 - CFD: 13/11/2011 - 13:33:19 - [290,243] ----D C:\Users\Famille Meyer\AppData\Local\Google

O43 - CFD: 28/02/2012 - 23:37:32 - [56,267] ----D C:\Users\Famille Meyer\AppData\Local\Hewlett-Packard

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Historique

O43 - CFD: 03/07/2012 - 11:16:03 - [113,460] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft

O43 - CFD: 13/11/2011 - 20:04:35 - [0,194] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft Help

O43 - CFD: 13/11/2011 - 13:00:52 - [10,364] ----D C:\Users\Famille Meyer\AppData\Local\Mozilla

O43 - CFD: 04/07/2012 - 21:07:51 - [7,468] ----D C:\Users\Famille Meyer\AppData\Local\NPE

O43 - CFD: 13/11/2011 - 11:04:08 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PDFC

O43 - CFD: 17/11/2011 - 20:25:05 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PowerCinema

O43 - CFD: 20/02/2012 - 20:03:39 - [0,050] ----D C:\Users\Famille Meyer\AppData\Local\Samsung

O43 - CFD: 06/12/2011 - 21:10:41 - [0,007] ----D C:\Users\Famille Meyer\AppData\Local\Sony

O43 - CFD: 05/07/2012 - 21:37:41 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\Symantec

O43 - CFD: 13/07/2012 - 20:46:41 - [0,683] ----D C:\Users\Famille Meyer\AppData\Local\Temp

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Temporary Internet Files

O43 - CFD: 13/11/2011 - 18:07:10 - [1,889] ----D C:\Users\Famille Meyer\AppData\Local\TomTom

O43 - CFD: 16/11/2011 - 19:55:46 - [5,940] ----D C:\Users\Famille Meyer\AppData\Local\VirtualStore

O43 - CFD: 26/11/2011 - 11:54:58 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\WBFSManager

O43 - CFD: 13/07/2012 - 20:14:54 - [0,004] ----D C:\Users\Famille Meyer\AppData\Local\Windows Live

O43 - CFD: 04/07/2012 - 19:18:19 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{168B06B3-1EA0-4E48-9EE6-D0C1E7E39E49}

O43 - CFD: 11/07/2012 - 15:19:34 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{16999B7A-EA63-4B7A-AC45-EF883A680AB0}

O43 - CFD: 07/07/2012 - 13:27:06 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{1F88DF9A-2A26-4C15-8EE4-C388055A3A27}

O43 - CFD: 09/07/2012 - 18:42:29 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{23C22838-64E7-458C-8979-FEB66ED5D15D}

O43 - CFD: 05/07/2012 - 20:42:25 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{264792B2-A124-4FF4-94F9-54482D7DF235}

O43 - CFD: 11/07/2012 - 15:19:46 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{2BD34C31-7EBC-4CD6-8C87-4CD39525A412}

O43 - CFD: 13/07/2012 - 20:14:38 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{452C0DB5-E3F0-44DB-9811-2628F978CA2F}

O43 - CFD: 05/07/2012 - 20:42:36 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{4CC781EB-07F5-4666-B6D1-68619A0286DC}

O43 - CFD: 07/07/2012 - 13:27:17 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{5B5B847C-1841-40C0-8342-88E7EF4513D2}

O43 - CFD: 10/07/2012 - 20:47:55 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{77C4A752-58D3-4D18-8CA9-099B7209C3EC}

O43 - CFD: 12/07/2012 - 16:56:51 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{81ABAAB4-D18F-4ACE-AC06-9F31BA1648AA}

O43 - CFD: 12/07/2012 - 16:56:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{87802E59-3F9B-4EF8-918B-33E374F2FB08}

O43 - CFD: 09/07/2012 - 18:42:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8A0069C5-7F23-4E3C-ADD3-8CB022509354}

O43 - CFD: 10/07/2012 - 20:47:44 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8AF4AA1F-1C1A-467F-BA22-0B81C5A151B2}

O43 - CFD: 04/07/2012 - 19:18:04 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{930F0D4A-5ADD-4994-806A-4E19BE53CF23}

O43 - CFD: 03/07/2012 - 23:17:33 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{B27F61BF-6A5F-4CE0-A165-339DD1D50737}

O43 - CFD: 12/07/2012 - 03:20:20 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C1E70EB4-5EC4-4F40-BC84-79C3A23F7F35}

O43 - CFD: 08/07/2012 - 14:27:39 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C37425C6-9B2A-4DF2-8CA3-E1ACAF33D21D}

O43 - CFD: 08/07/2012 - 14:27:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C38A4200-E8EE-4AE1-9169-769049D7C683}

O43 - CFD: 13/07/2012 - 20:14:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{CB78448A-2C83-499C-A358-B7612EA45196}

O43 - CFD: 12/07/2012 - 03:20:31 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{EED1BADB-45E5-4031-8E14-45908B12922E}

O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 11/07/2012 - 20:47:20 - [0,000] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 16/12/2011 - 21:36:53 - [0,002] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO

O43 - CFD: 13/11/2011 - 12:58:58 - [0,005] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

O43 - CFD: 13/11/2011 - 15:31:05 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomePlayer

O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 13/11/2011 - 12:10:11 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

O43 - CFD: 11/07/2012 - 20:47:20 - [0,003] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 13/11/2011 - 15:33:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager

O43 - CFD: 13/11/2011 - 15:37:23 - [0,003] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect

O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft

O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO

O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2

O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR

O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes

O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule

O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google

O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer

O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp

O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games

O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando

O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel

O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java

O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny

O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam

O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec

O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect

O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360

O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services

O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete

O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server

O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung

O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris

O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony

O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install

O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp

O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box

O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare

O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 00mn 04s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.B26D138E294B7F3EB60736F6FF69BEE7] - 13/07/2012 - 19:17:12 ----- . (...) -- C:\Windows\WindowsUpdate.log [1783759]

O44 - LFC:[MD5.75536F897E885FE4D89296A907F84484] - 13/07/2012 - 19:13:16 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.D0F93C09ECF43ACF09EFCE2B98054552] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107566]

O44 - LFC:[MD5.03EA8E56EF19F34121E3A101F6BA6635] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132162]

O44 - LFC:[MD5.670E14657112792486A37AB57345C8E3] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [619246]

O44 - LFC:[MD5.6D750593199E36D7666E5B92E2A3C5C4] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [707548]

O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.4E696120E4625D03FACDA45F963BD3D6] - 11/07/2012 - 20:36:39 ---A- . (...) -- C:\AdwCleaner[s1].txt [4540]

O44 - LFC:[MD5.D9049468326C11A54563AE65D4DD251F] - 11/07/2012 - 20:34:31 ---A- . (...) -- C:\AdwCleaner[R1].txt [5458]

O44 - LFC:[MD5.6CAA7426E0F1FA2C974ABFBF53C1939B] - 11/07/2012 - 19:26:13 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [419696]

O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 11/07/2012 - 19:23:08 ---A- . (...) -- C:\Windows\win.ini [478]

O44 - LFC:[MD5.0AC7E54445F7FEC27046E4FF3807CF6A] - 10/07/2012 - 20:03:19 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.C2DC69FDA8AF0E107C6421F66B3B7C08] - 02/07/2012 - 18:06:27 ---A- . (...) -- C:\img2-001.raw [921624]

~ Scan Files in 00mn 13s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{17480f40-388c-11e1-9fb3-6c626d5b4a28}\AutoRun\command. (...) -- K:\run.bat (.not file.)

O51 - MPSK:{b9c56442-2032-11e1-93b3-6c626d5b4a28}\AutoRun\command. (...) -- K:\Startme.exe (.not file.)

O51 - MPSK:{cddfc161-0df4-11e1-8018-6c626d5b4a28}\AutoRun\command. (...) -- J:\autorun.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53) (None)

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.D0D4F3CA1D3A4400E1F40F36A800CD12] - 01/05/2010 - 07:50:00 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18136]

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {28912588-0B9D-48B1-BDA5-5FFEC9C71158} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - (AlloCine) - http://www.allocine.fr

O69 - SBI: SearchScopes [HKCU] {76685F19-2182-412B-87ED-8D3C8F4A89EF} - (Wikipedia) - Wikipédia, l'encyclopédie libre

O69 - SBI: SearchScopes [HKCU] {B08C0E91-95A4-42DF-9964-D043983A285A} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - (Dailymotion) - Dailymotion - Watch, publish, share videos

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

~ Scan Services in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{CFEF55E8-8E17-4836-A151-5E8D261FAEFB}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe

O87 - FAEL: "{94BC8B49-B819-48E3-8BEB-DBE3A6617C88}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe

O87 - FAEL: "{9983EFFF-988E-447D-8DD8-57AB34A5ACFC}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe

O87 - FAEL: "{E3C0D7B6-3E7E-4757-9DDA-85D5C7572DA9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe

O87 - FAEL: "{C5C4113C-1946-4FE3-B84B-3D63B2737C56}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe

O87 - FAEL: "{F17FE936-5A73-4807-B364-E9672C228585}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{6F040ED0-95D5-4915-BEC5-CB0D4B5FC043}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{64DBCDD1-B6D4-4BCD-8A2B-15F1C71E1C71}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{8EEFC00D-F0BC-41D2-9819-9F9F2535FA2F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{2CDDAF0B-576F-46C8-A515-40A82860D816}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O87 - FAEL: "{A4B0ED14-3C58-4D21-8877-B5EA7A28C72D}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O87 - FAEL: "{AD253646-791F-4BBF-BE4C-76780556D3A5}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe

O87 - FAEL: "{3A73484B-B52D-4407-82AA-5C6B69D1E5AE}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe

O87 - FAEL: "{DD1AC9D9-B2F7-46D9-9CD8-4B3EED343326}" | Out - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "{E2E1A16C-11D1-4865-8B54-F5A0891FFAAC}" | In - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "{7C72CAC3-D7FF-41C3-B202-691A665CFB36}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

O87 - FAEL: "{129AA54E-463F-44B1-AEB6-48559BAA0739}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

O87 - FAEL: "{55D84BD4-7905-4BBC-8D23-02B4C8F51DC6}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe

O87 - FAEL: "{3CCDB9D2-91F7-44F5-9955-4525B2FC2460}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe

O87 - FAEL: "{7CDA954F-ABD3-4C43-B3A5-209874896C26}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O87 - FAEL: "{8A29C95C-AB57-45CE-BD35-580805F1FF46}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O87 - FAEL: "{DA3D29C1-B065-4A52-9139-8E1F7EE978B0}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{8A4AF84B-B7AA-436F-85D0-EF6D58FA0761}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

~ Scan Firewall in 00mn 00s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 11/07/2012 250056 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe

SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SR - | Auto 15/07/2010 2641920 | (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe

SR - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 01/10/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SS - | Auto 17/04/2011 130008 | (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

SR - | Auto 15/05/2009 251184 | C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (NasPmService) . (.BUFFALO INC..) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe

SR - | Auto 05/08/2011 1016936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 05/08/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SR - | Auto 15/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

SS - | Demand 11/11/2008 620544 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SR - | Auto 23/01/2012 92592 | (TrkWks) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SS - | Auto 23/01/2012 92592 | (TrustedInstaller) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SR - | Auto 01/10/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 04s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

~ Scan Emulateurs in 00mn 04s

 

 

 

End of the scan (1309 lines in 00mn 42s)(0)

 

Rapport de ZHPDiag v1.31.105 par Nicolas Coolman, Update du 25/06/2012

Run by Famille Meyer at 13/07/2012 20:47:37

Web site : ZHPDiag Outil de diagnostic

Web site : Blog de NicolasCoolman - ZebHelpProcess - Skyrock.com

State : Version à jour.

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421 (Defaut)

MFIE: Mozilla Firefox 8.0 v8.0

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_SLP channel

System Locked Preinstallation (OEM_SLP) : OK

Windows ID Activation : OK

~ Windows Partial Key : 3Q6C9

Windows License : OK

~ Windows Remaining Initializations Number : 3

Software Protection Service (Protection logicielle) : OK

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 6103 MB (67% free)

System Restore: Activé (Enable)

System drive C: has 1298 GB (93%) free of 1384 GB

 

---\\ Logged in mode

~ Computer Name: FAMILLEMEYER-HP

~ User Name: Famille Meyer

~ All Users Names: UpdatusUser, Rémy, HomeGroupUser$, Famille Meyer, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\Famille Meyer\AppData\Roaming\

~ %Desktop% : C:\Users\Famille Meyer\Desktop\

~ %Favorites% : C:\Users\Famille Meyer\Favorites\

~ %LocalAppData% : C:\Users\Famille Meyer\AppData\Local\

~ %StartMenu% : C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 1298 Go of 1384 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 13 Go)

E:\ CD-ROM drive (Not Inserted)

G:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

H:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

I:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

J:\ CD-ROM drive (Not Inserted)

K:\ Floppy drive, Flash card reader, USB Key (Not Inserted)

L:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: Modified

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.5A45FA344F4AD99D903F4B20E43B89EC] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.02/06/2012 - 13:05:28.) -- C:\Windows\System32\wininet.dll [1392128]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.A2F74975097F52A00745F9637451FDD8] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.11/03/2011 - 07:41:34.) -- C:\Windows\system32\Drivers\ntfs.sys [1659776]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 2/303

~ Mes musiques (My Musics) : 2/345

~ Mes Videos (My Videos) : 1/6

~ Mes Favoris (My Favorites) : 1/287

~ Mes Documents (My Documents) : 1/1844

~ Mon Bureau (My Desktop) : 1/11

~ Menu demarrer (Programs) : 1/35

~ Scan Hidden Files in 00mn 01s

 

 

 

---\\ Processus lancés

[MD5.E78A365CC3E0FBFC018A33DCE01909F8] - (.Symantec Corporation - Symantec Service Framework.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe [130008] [PID.]

[MD5.4FF9D0D5FEC26D9F2312A8C15CA59C8F] - (.Pas de propriétaire - Monitor LED Key.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe [53248] [PID.3312]

[MD5.69764A6475A4C54732E6A07CE6EF8BE2] - (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe [762736] [PID.4444]

[MD5.554A50B5310E702029D3A675459108FF] - (.Hewlett-Packard - hpsysdrv.) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768] [PID.4452]

[MD5.6DCFADDA4F2A6D3396D13F0554D672E8] - (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe [884584] [PID.4468]

[MD5.C98EF7E083579C0D588D0E909F48A90A] - (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [247728] [PID.4480]

[MD5.984F6749E0741C3F22D86C91B46177BE] - (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [21432] [PID.4508]

[MD5.2A21FE60A9BC5247BD8C57409A2B97F8] - (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456] [PID.4868]

[MD5.25107F58D1B8F60D67D1EE95798C0DE8] - (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696] [PID.5004]

[MD5.4298DB2F9FE4FE4C96AC4528542680F8] - (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992] [PID.5028]

[MD5.98A078F838A70F84E1BD490D7C7675F4] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254696] [PID.5040]

[MD5.DA614F3014897FE46D6E4A2D483CDDD2] - (.BUFFALO INC. - NAS Function Scheduling Application.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe [206128] [PID.4120]

[MD5.EDCB55CF7135CCF9818EEC413FB39410] - (.Hewlett-Packard - HP LED INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe [2068992] [PID.4212]

[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (...) -- ysWOW64\rundll32.exe [0] [PID.3676]

[MD5.47D1F0444CE33A0CA42409A88896CD8D] - (.Hewlett-Packard - HP Advisor.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1590840] [PID.2716]

[MD5.BE955BAB4EFC2A28BE2692D102FFC85A] - (...) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [3838464] [PID.6548]

[MD5.CA793DCC1D5F619021EF1D37CC7A831E] - (.EasyBits Software AS - Shared EasyBits services for Windows.) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232] [PID.]

[MD5.28DDEEEC44E988657B732CF404D504CB] - (.Microsoft Corporation - Windows Live Family Safety Service.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [1492840] [PID.]

[MD5.BCC4A8B2E2E902F52E7F2E7D8E125765] - (.Hewlett-Packard Company - HP Quick Synchronization Service.) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [94264] [PID.]

[MD5.7550D101BF49FDB1F92666A233EE36C4] - (.Hewlett-Packard Company - LightScribe Service.) -- c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728] [PID.]

[MD5.E38775922D4A4C05B5D96733AB4CE169] - (.Intel Corporation - Local Manageability Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [268824] [PID.]

[MD5.15E5ABD9E03D57671BB74EB5CBAB8019] - (.BUFFALO INC. - NAS Power Management Service.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251184] [PID.]

[MD5.BDF850D185B2344C7811B79E49050188] - (.PDF Complete Inc - Dispatcher.) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416] [PID.]

[MD5.E5C796B621F6FBA8616511063D7F0FFE] - (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe [370688] [PID.]

[MD5.3199A477F0F06EEDE41BD55179F8EB05] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.]

[MD5.31A0E93CDF29007D6C6FFFB632F375ED] - (.Intel Corporation - IAStorDataSvc.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [13336] [PID.]

[MD5.FF7E8BC3A8B90F03BD20588B5840154F] - (.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2214504] [PID.]

[MD5.02C298382359653BEC4C737C2AB7F9C5] - (.Intel Corporation - User Notification Service.) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2320920] [PID.]

~ Scan Processes Running in 00mn 00s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default\Preferences

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Google

G0 - GCSP: Preference [user Data\Default] Google

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\Famille Meyer\AppData\Roaming\Mozilla\Firefox\Profiles\wun2jzbg.default\prefs.js

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Famille Meyer] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml

M0 - MFSP: prefs.js [Famille Meyer - wun2jzbg.default] www.free.fr

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Freebox, la meilleure offre ADSL : Internet, Téléphone, Télévision

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Hotmail.fr, Messenger, Skype, Sydrive, Actualité, Sport, People, Femmes - MSN France

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Google Inc. - Google Update.) (No version) -- (.not file.)

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 0

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 22

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: (no name) [64Bits] - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} Clé orpheline

O2 - BHO: Symantec NCO BHO [64Bits] - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} . (.Symantec Corporation - coIEPlugIn.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention [64Bits] - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} . (.Symantec Corporation - IPS Browser Helper DLL.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.dll

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\

O2 - BHO: Windows Live Messenger Companion Helper [64Bits] - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [VX3000] . (.Microsoft Corporation - Microsoft LifeCam Device Application.) -- C:\Windows\vVX3000.exe

O4 - HKLM\..\Run: [hpsysdrv] . (.Hewlett-Packard - hpsysdrv.) -- c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [fssui] . (.Microsoft Corporation - Windows Live Family Safety Filter.) -- C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKCU\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

O4 - HKCU\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKCU\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAutoMntSrv.exe

O4 - HKLM\..\Wow6432Node\Run: [VirtualCloneDrive] . (.Elaborate Bytes AG - Virtual CloneDrive Daemon.) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

O4 - HKLM\..\Wow6432Node\Run: [PDF Complete] . (.PDF Complete Inc - Sentry for PDF.) -- C:\Program Files (x86)\PDF Complete\pdfsty.exe

O4 - HKLM\..\Wow6432Node\Run: [LifeCam] . (.Microsoft Corporation - LifeExp.exe.) -- C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe

O4 - HKLM\..\Wow6432Node\Run: [LaunchHPOSIAPP] . (.Hewlett-Packard - Launch a application..) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe

O4 - HKLM\..\Wow6432Node\Run: [iAStorIcon] . (.Intel Corporation - IAStorIcon.) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Wow6432Node\Run: [bATINDICATOR] . (.Hewlett-Packard - HP BATTERY INDICATOR.) -- C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe

O4 - HKLM\..\Wow6432Node\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-20\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [TomTomHOME.exe] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [KiesPDLR] . (.Pas de propriétaire - KiesPDLR.) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [HPAdvisorDock] . (.Pas de propriétaire - HP Advisor Dock.) -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [Google Update] . (.Google Inc. - Programme d'installation de Google.) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [DAEMON Tools Lite] . (.DT Soft Ltd - DAEMON Tools Lite.) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

O4 - HKUS\S-1-5-21-138286456-3482806532-3217213568-1007-138286456-3482806532-3217213568-1000\..\Run: [AlcoholAutomount] . (.Alcohol Soft Development Team - Alcohol Virtual Drive Auto-mount Service.) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 52\AxAut

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\Super Architect 3D Expert CAD - 18 Tools.lnk . (...) -- C:\Program Files (x86)\Easy Computing\ECStart.exe (.not file.)

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Rémy\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Rémy\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\BUFFALO NAS Navigator2.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\CyberLink DVD Suite Deluxe.lnk . (.CyberLink Corp..) -- C:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\PS.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\eMule.lnk . (.http://emulemorph.sourceforge.net.) -- C:\Program Files (x86)\eMule\eMule.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\HomePlayer.lnk . (...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\LS-CHLC80.lnk . (.BUFFALO INC..) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\TomTom HOME 2.lnk . (.TomTom International B.V..) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOME.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WBFS Manager 3.0.lnk . (...) -- C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe

O4 - Global Startup: C:\Users\Famille Meyer\Desktop\WinRAR.lnk . (...) -- C:\Program Files (x86)\WinRAR\WinRAR.exe (.not file.)

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE

O4 - Global Startup: C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk . (.Samsung.) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)

O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files (x86)\MIF5BA~1\Office12\EXCEL.exe

~ Scan IE Menu Contextuel in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} () - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

~ Scan Objets ActiveX in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CCS\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS1\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{519748DD-21BF-4E33-9D06-4746F25BE2BF}: DhcpNameServer = 212.27.40.240 212.27.40.241

O17 - HKLM\System\CS2\Services\Tcpip\..\{FF5F8B7B-3237-4476-9C6F-26A0E2694508}: DhcpNameServer = 212.27.40.240 212.27.40.241

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: dvd [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (...) --

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: its [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mhtml [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (...) --

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: tv [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: vbscript [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (...) --

O18 - Handler: wlmailhtml [64Bits] - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll

O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (...) --

O18 - Filter: text/xml [64Bits] - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Hauppauge MSi2500 DVBT Service (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd - Mirics FlexiTV DVBT 2.1.0rc11: R.03.46.48.0.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe

O23 - Service: HP Support Assistant Service (HP Support Assistant Service) . (.Hewlett-Packard Company - HP Support Assistant Service.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) . (.Hewlett-Packard Company - HP Quick Synchronization Service.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) . (.Intel Corporation - IAStorDataSvc.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: LightScribeService Direct Disc Labeling (LightScribeService) . (.Hewlett-Packard Company - LightScribe Service.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Intel® Management and Security Applica (LMS) . (.Intel Corporation - Local Manageability Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Norton 360 (N360) . (.Symantec Corporation - Symantec Service Framework.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

O23 - Service: NAS PM Service (NasPmService) . (...) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (.not file.)

O23 - Service: NVIDIA Display Driver Service (nvsvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 275.8.) - C:\Windows\system32\nvvsvc.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PDF Document Manager (pdfcDispatcher) . (.PDF Complete Inc - Dispatcher.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) . (.StarWind Software - StarWind iSCSI Target (Alcohol Edition).) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Intel® Management & Security Applicati (UNS) . (.Intel Corporation - User Notification Service.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFamille Meyer.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\HPCeeScheduleForFAMILLEMEYER-HP$.job

[MD5.5E1A953C6472E7BB644892A4D0DF5E72] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.57CFD2E9CC23E1C6B0584B7AFCAB2EBA] [APT] [elbyExecuteWithUAC] (...) -- C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\executeWithUAC.exe

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [FacebookUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (...) -- C:\Users\Famille Meyer\AppData\Local\Facebook\Update\FacebookUpdate.exe (.not file.)

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1000UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001Core] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskUserS-1-5-21-138286456-3482806532-3217213568-1001UA] (.Google Inc..) -- C:\Users\Famille Meyer\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFamille Meyer] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.BEAEC745256D3158495FEE10BA673E7C] [APT] [HPCeeScheduleForFAMILLEMEYER-HP$] (.Hewlett-Packard.) -- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

[MD5.ED5D30F5D177A12E1A67401440DEA36D] [APT] [servicePlan] (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe

[MD5.00000000000000000000000000000000] [APT] [{24B1BFB5-835C-453D-A4BD-BE49B9FF2EDE}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.B64BAF38F446B9F521D820671B42E7EB] [APT] [{2DEE240E-0F76-4AB2-A085-5306E5A02421}] (.A. Brochard.) -- C:\Program Files (x86)\PS3 Media Server\PMS.exe

[MD5.00000000000000000000000000000000] [APT] [{41238FFF-6187-475E-B2A6-DFF4400B6637}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{74BB5DC9-1E9B-4404-BAFE-C5E1412C8F2D}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7698F5AF-0E3A-42E3-B198-15195B7792FB}] (...) -- J:\Installer.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{9DDE89E2-9135-4B15-90CA-3FFFC8A4E38F}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{CAF82E2D-534E-4B54-8583-855396CC401A}] (...) -- C:\Users\Famille Meyer\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F6VUX14H\CFWebU.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D039FAB9-2070-434E-B1CD-F14DCD025651}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{DB441831-4D64-4155-95E6-7EC3E731477F}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{EA64C32B-8DC0-4F72-8A35-8FCD4719F606}] (...) -- E:\AUTORUN.exe (.not file.)

[MD5.1DB8C2220EFDBA97F671F46F6A8DE51E] [APT] [HP Support Assistant Quick Start] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe

[MD5.7A14C25B7EC229B7F8B3E457779C83CC] [APT] [HP Total Care Tune-Up] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe

[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Health Analysis] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.0757398E1539E633CEC5179A3BCA5F4F] [APT] [PC Tuneup] (.Hewlett-Packard Company.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

[MD5.A87F567F053191361B617D7908F8E062] [APT] [update Check] (.Hewlett-Packard.) -- C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Analyzer 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe

[MD5.FDA6B888126372205BA642775AEB486E] [APT] [Norton Error Processor 5.2.2.3] (.Symantec Corporation.) -- C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe

~ Scan Scheduled Task in 00mn 05s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (BHDrvx64) . (.Symantec Corporation - BASH Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120711.002\BHDrvx64.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (eeCtrl) . (.Symantec Corporation - Symantec Eraser Control Driver.) - C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

O41 - Driver: (ElbyCDIO) . (.Elaborate Bytes AG - ElbyCD Windows x64 I/O driver.) - C:\Windows\System32\Drivers\ElbyCDIO.sys

O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120712.001\IDSvia64.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (SRTSPX) . (.Symantec Corporation - Symantec AutoProtect.) - C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.sys

O41 - Driver: (SymIM) . (.Symantec Corporation - NDIS 6.0 Filter Driver for Windows Vista.) - C:\Windows\System32\DRIVERS\SymIMv.sys

O41 - Driver: (SymIRON) . (.Symantec Corporation - Iron Driver.) - C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.sys

O41 - Driver: (SymNetS) . (.Symantec Corporation - Network Security Driver.) - C:\Windows\system32\Drivers\N360x64\0502020.003\SYMNETS.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: (IDSVia64) . (.Symantec Corporation - IDS Core Driver.) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120711.001\IDSvia64.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: BUFFALO NAS Navigator2 - (.Pas de propriétaire.) [HKLM] -- UN060501

O42 - Logiciel: Camfrog Web Advanced 2.0 ActiveX Plugin (remove only) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU2

O42 - Logiciel: CamfrogWEB Advanced ActiveX Plugin (www.bobtv.fr) - (.Pas de propriétaire.) [HKLM] -- CFWebAdvancedU_BOBTV.FR

O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}

O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: CyberLink DVD Suite Deluxe - (.CyberLink Corp..) [HKLM] -- {1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}

O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: DVD Menu Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}

O42 - Logiciel: Facebook Video Calling 1.2.0.159 - (.Skype Limited.) [HKLM] -- {7CAC6A44-C3DE-4153-ACA6-7524602C789E}

O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM] -- FileZilla Client

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}

O42 - Logiciel: HP Advisor - (.Hewlett-Packard.) [HKLM] -- {40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}

O42 - Logiciel: HP Customer Experience Enhancements - (.Hewlett-Packard.) [HKLM] -- {07FA4960-B038-49EB-891B-9F95930AA544}

O42 - Logiciel: HP MAINSTREAM KEYBOARD - (.Hewlett-Packard.) [HKLM] -- {B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart DVD - (.Hewlett-Packard.) [HKLM] -- {DCCAD079-F92C-44DA-B258-624FC6517A5A}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Music - (.Hewlett-Packard.) [HKLM] -- {91A34181-9FAD-43AB-A35F-E7A8945B7E1C}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Photo - (.Hewlett-Packard.) [HKLM] -- {6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {D12E3E7F-1B13-4933-A915-16C7DD37A095}

O42 - Logiciel: HP Product Detection - (.HP.) [HKLM] -- {A436F67F-687E-4736-BD2B-537121A804CF}

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- HP Remote Solution

O42 - Logiciel: HP Remote Solution - (.Hewlett-Packard.) [HKLM] -- {C611CF88-969D-43E6-A877-D6D6439DD081}

O42 - Logiciel: HP Setup - (.Hewlett-Packard.) [HKLM] -- {72D90DB3-A16A-4545-B555-868471101833}

O42 - Logiciel: HP Support Assistant - (.Hewlett-Packard Company.) [HKLM] -- {6F44AF95-3CDE-4513-AD3F-6D45F17BF324}

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM] -- {DE77FE3F-A33D-499A-87AD-5FC406617B40}

O42 - Logiciel: Hewlett-Packard ACLM.NET v1.1.2.0 - (.Hewlett-Packard.) [HKLM] -- {6F340107-F9AA-47C6-B54C-C3A19F11553F}

O42 - Logiciel: HomePlayer 1.5.9d - (.HomePlayer.) [HKLM] -- HomePlayer

O42 - Logiciel: Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2461678

O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {41CB4C45-5559-4D7B-98F6-E469444F1549}

O42 - Logiciel: IGN Rando - (.Pas de propriétaire.) [HKLM] -- {8C4450E1-14A7-4F89-936A-335A216D3C7D}

O42 - Logiciel: Intel® Management Engine Components - (.Intel Corporation.) [HKLM] -- {65153EA5-8B6E-43B6-857B-C6E4FC25798A}

O42 - Logiciel: Intel® Rapid Storage Technology - (.Intel Corporation.) [HKLM] -- {3E29EE6C-963A-4aae-86C1-DC237C4A49FC}

O42 - Logiciel: Java 6 Update 33 - (.Oracle.) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216033FF}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LabelPrint - (.CyberLink Corp..) [HKLM] -- {C59C179C-668D-49A9-B6EA-0121CCFC1243}

O42 - Logiciel: LightScribe System Software - (.LightScribe.) [HKLM] -- {46BA053F-57B3-4153-BDB6-D37EEC8B12D7}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}

O42 - Logiciel: MSVCRT_amd64 - (.Microsoft.) [HKLM] -- {D0B44725-3666-492D-BEF6-587A14BD9BD9}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}

O42 - Logiciel: Microsoft Corporation - (.Microsoft Corporation.) [HKLM] -- {B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-002A-040C-1000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_PROPLUS_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}

O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_PROPLUS_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}

O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook Connector - (.Microsoft Corporation.) [HKLM] -- {95140000-007A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- PROPLUS

O42 - Logiciel: Microsoft Office Professional Plus 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_PROPLUS_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{928D7B99-2BEA-49F9-83B8-20FA57860643}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_PROPLUS_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_PROPLUS_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}

O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_PROPLUS_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}

O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {7299052b-02a4-4627-81f2-1818da5d550d}

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Mira version 2.7.0.1 - (.Pas de propriétaire.) [HKLM] -- Mira_is1

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Movie Theme Pack for HP MediaSmart Video - (.Hewlett-Packard.) [HKLM] -- {3023EBDA-BF1B-4831-B347-E5018555F26E}

O42 - Logiciel: Mozilla Firefox 8.0 (x86 fr) - (.Mozilla.) [HKLM] -- Mozilla Firefox 8.0 (x86 fr)

O42 - Logiciel: MusicStation - (.Hewlett-Packard.) [HKLM] -- MusicStationNetstaller

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM] -- {B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}

O42 - Logiciel: Norton 360 - (.Symantec Corporation.) [HKLM] -- N360

O42 - Logiciel: PC Connectivity Solution - (.Nokia.) [HKLM] -- {34610DE0-3C13-42CA-8E32-01FFA38AB6E8}

O42 - Logiciel: PDF Complete Special Edition - (.PDF Complete, Inc.) [HKLM] -- PDF Complete

O42 - Logiciel: PS3 Media Server - (.Pas de propriétaire.) [HKLM] -- PS3 Media Server

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PhotoNow! - (.CyberLink Corp..) [HKLM] -- {D36DD326-7280-11D8-97C8-000129760CBE}

O42 - Logiciel: PlayStation®Network Downloader - (.Sony Computer Entertainment Inc..) [HKLM] -- {B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}

O42 - Logiciel: PlayStation®Store - (.Sony Computer Entertainment Inc..) [HKLM] -- {0E532C84-4275-41B3-9D81-D4A1A20D8EE7}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: Power2Go - (.CyberLink Corp..) [HKLM] -- {40BF1E83-20EB-11D8-97C5-0009C5020658}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PowerDirector - (.CyberLink Corp..) [HKLM] -- {CB099890-1D5F-11D5-9EA9-0050BAE317E1}

O42 - Logiciel: PressReader - (. NewspaperDirect Inc..) [HKLM] -- {912CED74-88D3-4C5B-ACB0-13231864975D}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Recovery Manager - (.CyberLink Corp..) [HKLM] -- {44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- InstallShield_{758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Samsung Kies - (.Samsung Electronics Co., Ltd..) [HKLM] -- {758C8301-2696-4855-AF45-534B1200980A}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2478663

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2518870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2539636

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2572078

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2604121

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2633870

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656351

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656368v2

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2656405

O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2686827

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596666) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{27609E26-63D9-4180-BD50-08837BD3B1DC}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5DD3FF90-B302-45B2-A188-C5EA7ACD5D46}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{D33B9EF5-3801-496A-A2D6-B7F4BE972D75}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E34960DB-2A93-45DB-A208-02650F7AB09C}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{293FB6BE-D3EB-4162-B522-F9108040B9FE}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{31C0F635-15AD-4AA3-A3C6-B542B403D0EE}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3069CE04-082C-4669-9BA1-E6AA66330C1F}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{2B3C041A-A7F2-4A24-968D-4BEB6A123D15}

O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2598041) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{ABB5F56F-FC55-4C7E-9622-B8A1E670BAFC}

O42 - Logiciel: Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B4C12F08-B0EF-4CC4-AD5F-381DD62BF640}

O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Editi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{7BCF7F6B-4AC0-4915-83B2-5CFF6BE9BF77}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}

O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edi - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}

O42 - Logiciel: Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edit - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{5A8732F0-C20F-4A9B-A2A9-66FE7A586C35}

O42 - Logiciel: Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{075C2272-0881-46D3-B3A5-1D83D6940270}

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2478663

O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client P - (.Microsoft Corporation.) [HKLM] -- {4B5F58F7-C7D1-3CE3-9B37-B657F0852643}.KB2518870

O42 - Logiciel: TomTom HOME 2.8.3.2499 - (.TomTom.) [HKLM] -- TomTom HOME

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523

O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217

O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{8B689F89-5E1C-4DA9-B2B1-7B3843275596}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition - (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_PROPLUS_{E425BC5B-458F-4084-9C7D-2BE4020BFA35}

O42 - Logiciel: Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2687310) 32-B - (.Microsoft.) [HKLM] -- {90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6C4E1D7E-EEB2-4EDE-8B39-9844D8AD9273}

O42 - Logiciel: VLC media player 2.0.1 - (.VideoLAN.) [HKLM] -- VLC media player

O42 - Logiciel: VirtualCloneDrive - (.Elaborate Bytes.) [HKLM] -- VirtualCloneDrive

O42 - Logiciel: WBFS Manager 3.0 - (.AlexDP.) [HKLM] -- WBFS Manager 3.0

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite

O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {76810709-A7D3-468D-9167-A1780C1E766C}

O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}

O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}

O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}

O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}

O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}

O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}

O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}

O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}

O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}

O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}

O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}

O42 - Logiciel: eMule MorphXT 12.6 - (.Morph team.) [HKLM] -- eMule MorphXT_is1

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\AppDataLow\Software\MarkAny]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\Hewlett-Packard]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\AdwCleaner]

[HKLM\Software\Alcohol Soft]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\CyberLink]

[HKLM\Software\DT Soft]

[HKLM\Software\Easy Computing]

[HKLM\Software\EasyBits]

[HKLM\Software\Elaborate Bytes]

[HKLM\Software\Electronic Arts]

[HKLM\Software\FileZilla 3]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Khronos]

[HKLM\Software\LEDPointer]

[HKLM\Software\LOXANE]

[HKLM\Software\Licenses]

[HKLM\Software\LightScribe]

[HKLM\Software\LogMeIn Rescue]

[HKLM\Software\MELCO INC]

[HKLM\Software\Macromedia]

[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MimarSinan]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Myfree Codec]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NewspaperDirect]

[HKLM\Software\Norton PC Checkup]

[HKLM\Software\Norton]

[HKLM\Software\ODBC]

[HKLM\Software\PC Connectivity Solution]

[HKLM\Software\PDFComplete]

[HKLM\Software\Policies]

[HKLM\Software\Realtek Semiconductor Corp.]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Samsung]

[HKLM\Software\Sony Corporation]

[HKLM\Software\Sony]

[HKLM\Software\Symantec]

[HKLM\Software\TomTom]

[HKLM\Software\Valve]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Win32 Services]

[HKLM\Software\Windows]

[HKLM\Software\hauppauge]

[HKLM\Software\mozilla.org]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect

O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft

O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO

O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2

O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR

O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes

O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule

O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google

O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer

O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp

O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games

O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando

O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel

O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java

O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny

O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam

O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec

O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect

O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360

O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services

O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete

O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server

O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung

O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris

O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony

O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install

O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp

O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box

O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare

O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Application Data

O43 - CFD: 28/03/2012 - 19:25:21 - [0,001] ----D C:\ProgramData\Autodesk

O43 - CFD: 17/11/2011 - 20:05:28 - [0,162] ----D C:\ProgramData\CyberLink

O43 - CFD: 13/11/2011 - 18:41:17 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Desktop

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Documents

O43 - CFD: 20/05/2012 - 18:24:11 - [0,000] ----D C:\ProgramData\Electronic Arts

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Favorites

O43 - CFD: 16/11/2011 - 19:56:49 - [152,398] ----D C:\ProgramData\Hewlett-Packard

O43 - CFD: 17/11/2011 - 20:06:29 - [0,001] ----D C:\ProgramData\LightScribe

O43 - CFD: 04/07/2012 - 19:35:21 - [0,004] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 01/07/2012 - 22:57:38 - [0] ----D C:\ProgramData\Media Center Programs

O43 - CFD: 04/07/2012 - 19:27:35 - [129,221] -S--D C:\ProgramData\Microsoft

O43 - CFD: 11/07/2012 - 20:23:18 - [0,062] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 20/10/2010 - 03:11:49 - [0] ----D C:\ProgramData\NewspaperDirect

O43 - CFD: 05/07/2012 - 20:58:41 - [656,653] ----D C:\ProgramData\Norton

O43 - CFD: 05/07/2012 - 20:48:22 - [1,422] ----D C:\ProgramData\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:28 - [0,598] ----D C:\ProgramData\NVIDIA

O43 - CFD: 20/10/2010 - 02:43:24 - [0,582] ----D C:\ProgramData\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 16:51:04 - [0] ----D C:\ProgramData\PC Suite

O43 - CFD: 13/11/2011 - 12:06:46 - [0] ----D C:\ProgramData\PCSettings

O43 - CFD: 07/07/2012 - 10:26:51 - [0] ----D C:\ProgramData\PDFC

O43 - CFD: 20/10/2010 - 02:51:29 - [3,376] ----D C:\ProgramData\Ralink Driver

O43 - CFD: 13/11/2011 - 18:59:03 - [25,323] ----D C:\ProgramData\Recovery

O43 - CFD: 13/11/2011 - 18:37:33 - [10,632] ----D C:\ProgramData\Samsung

O43 - CFD: 06/12/2011 - 21:09:34 - [0] ----D C:\ProgramData\Sony Corporation

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Start Menu

O43 - CFD: 06/12/2011 - 20:16:34 - [0,000] ----D C:\ProgramData\Sun

O43 - CFD: 17/11/2011 - 22:47:40 - [0] ----D C:\ProgramData\Symantec

O43 - CFD: 20/10/2010 - 03:01:10 - [0,469] ----D C:\ProgramData\Temp

O43 - CFD: 14/07/2009 - 07:08:56 - [0] ----D C:\ProgramData\Templates

O43 - CFD: 22/12/2011 - 11:19:08 - [0,394] ----D C:\ProgramData\TomTom

O43 - CFD: 13/11/2011 - 11:08:41 - [0,272] ----D C:\ProgramData\WildTangent

O43 - CFD: 20/10/2010 - 03:02:01 - [5,467] ----D C:\ProgramData\{0D9D262D-4BA2-4BC3-9CD3-4D1A9AE63E18}

O43 - CFD: 20/10/2010 - 02:48:46 - [33,439] ----D C:\ProgramData\{0F47B255-CF9F-48C5-B558-B7DAF9345268}

O43 - CFD: 07/02/2012 - 22:35:50 - [45,653] ----D C:\ProgramData\{A8DA1505-E615-42BB-BB77-74D5CC91FE7E}

O43 - CFD: 16/11/2011 - 20:01:20 - [45,266] ----D C:\ProgramData\{D3B41B92-9BC2-43EB-916A-4FA9E8191837}

O43 - CFD: 13/11/2011 - 11:47:27 - [16,902] ----D C:\Users\Famille Meyer\AppData\Roaming\Adobe

O43 - CFD: 28/03/2012 - 19:25:21 - [0,008] ----D C:\Users\Famille Meyer\AppData\Roaming\Autodesk

O43 - CFD: 17/11/2011 - 20:25:09 - [0,122] ----D C:\Users\Famille Meyer\AppData\Roaming\CyberLink

O43 - CFD: 28/05/2012 - 08:42:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 19/11/2011 - 21:25:10 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\Day 1 Studios

O43 - CFD: 26/06/2012 - 20:42:59 - [0,024] ----D C:\Users\Famille Meyer\AppData\Roaming\FileZilla

O43 - CFD: 16/11/2011 - 19:56:58 - [0,173] ----D C:\Users\Famille Meyer\AppData\Roaming\Hewlett-Packard

O43 - CFD: 09/07/2012 - 18:50:27 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\HP Support Assistant

O43 - CFD: 16/11/2011 - 20:03:15 - [0,030] ----D C:\Users\Famille Meyer\AppData\Roaming\hpqLog

O43 - CFD: 09/07/2012 - 18:50:27 - [0,014] ----D C:\Users\Famille Meyer\AppData\Roaming\HpUpdate

O43 - CFD: 13/11/2011 - 11:03:54 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Identities

O43 - CFD: 13/11/2011 - 11:04:12 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Intel Corporation

O43 - CFD: 13/11/2011 - 11:47:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Macromedia

O43 - CFD: 04/07/2012 - 19:35:24 - [0,006] ----D C:\Users\Famille Meyer\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 09:44:38 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Media Center Programs

O43 - CFD: 28/04/2012 - 13:43:00 - [85,552] -S--D C:\Users\Famille Meyer\AppData\Roaming\Microsoft

O43 - CFD: 13/11/2011 - 13:01:02 - [12,411] ----D C:\Users\Famille Meyer\AppData\Roaming\Mozilla

O43 - CFD: 16/12/2011 - 21:35:32 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\NASNaviator2

O43 - CFD: 13/11/2011 - 16:50:56 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\PC Suite

O43 - CFD: 13/11/2011 - 18:39:52 - [27,953] ----D C:\Users\Famille Meyer\AppData\Roaming\Samsung

O43 - CFD: 06/12/2011 - 21:10:02 - [16,731] ----D C:\Users\Famille Meyer\AppData\Roaming\Sony

O43 - CFD: 04/07/2012 - 20:42:41 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Temp

O43 - CFD: 18/11/2011 - 18:45:19 - [0,036] ----D C:\Users\Famille Meyer\AppData\Roaming\Tific

O43 - CFD: 13/11/2011 - 18:07:10 - [1,476] ----D C:\Users\Famille Meyer\AppData\Roaming\TomTom

O43 - CFD: 12/07/2012 - 20:55:17 - [0,380] ----D C:\Users\Famille Meyer\AppData\Roaming\vlc

O43 - CFD: 16/11/2011 - 20:00:23 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\WinBatch

O43 - CFD: 13/11/2011 - 15:37:57 - [0,000] ----D C:\Users\Famille Meyer\AppData\Roaming\WinRAR

O43 - CFD: 27/12/2011 - 18:33:08 - [6,004] ----D C:\Users\Famille Meyer\AppData\Local\AliensVsPredator

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Application Data

O43 - CFD: 13/11/2011 - 12:57:57 - [1,245] ----D C:\Users\Famille Meyer\AppData\Local\Apps

O43 - CFD: 13/07/2012 - 20:31:42 - [0] ----D C:\Users\Famille Meyer\AppData\Local\CrashDumps

O43 - CFD: 17/11/2011 - 20:25:06 - [0,043] ----D C:\Users\Famille Meyer\AppData\Local\CyberLink

O43 - CFD: 13/11/2011 - 12:58:07 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Deployment

O43 - CFD: 11/07/2012 - 20:58:16 - [0,425] ----D C:\Users\Famille Meyer\AppData\Local\Diagnostics

O43 - CFD: 06/12/2011 - 21:09:42 - [237,831] ----D C:\Users\Famille Meyer\AppData\Local\Downloaded Installations

O43 - CFD: 21/05/2012 - 19:17:10 - [0] ----D C:\Users\Famille Meyer\AppData\Local\ElevatedDiagnostics

O43 - CFD: 13/11/2011 - 13:33:19 - [290,243] ----D C:\Users\Famille Meyer\AppData\Local\Google

O43 - CFD: 28/02/2012 - 23:37:32 - [56,267] ----D C:\Users\Famille Meyer\AppData\Local\Hewlett-Packard

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Historique

O43 - CFD: 03/07/2012 - 11:16:03 - [113,460] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft

O43 - CFD: 13/11/2011 - 20:04:35 - [0,194] ----D C:\Users\Famille Meyer\AppData\Local\Microsoft Help

O43 - CFD: 13/11/2011 - 13:00:52 - [10,364] ----D C:\Users\Famille Meyer\AppData\Local\Mozilla

O43 - CFD: 04/07/2012 - 21:07:51 - [7,468] ----D C:\Users\Famille Meyer\AppData\Local\NPE

O43 - CFD: 13/11/2011 - 11:04:08 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PDFC

O43 - CFD: 17/11/2011 - 20:25:05 - [0] ----D C:\Users\Famille Meyer\AppData\Local\PowerCinema

O43 - CFD: 20/02/2012 - 20:03:39 - [0,050] ----D C:\Users\Famille Meyer\AppData\Local\Samsung

O43 - CFD: 06/12/2011 - 21:10:41 - [0,007] ----D C:\Users\Famille Meyer\AppData\Local\Sony

O43 - CFD: 05/07/2012 - 21:37:41 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\Symantec

O43 - CFD: 13/07/2012 - 20:46:41 - [0,683] ----D C:\Users\Famille Meyer\AppData\Local\Temp

O43 - CFD: 13/11/2011 - 09:56:59 - [0] ----D C:\Users\Famille Meyer\AppData\Local\Temporary Internet Files

O43 - CFD: 13/11/2011 - 18:07:10 - [1,889] ----D C:\Users\Famille Meyer\AppData\Local\TomTom

O43 - CFD: 16/11/2011 - 19:55:46 - [5,940] ----D C:\Users\Famille Meyer\AppData\Local\VirtualStore

O43 - CFD: 26/11/2011 - 11:54:58 - [0,003] ----D C:\Users\Famille Meyer\AppData\Local\WBFSManager

O43 - CFD: 13/07/2012 - 20:14:54 - [0,004] ----D C:\Users\Famille Meyer\AppData\Local\Windows Live

O43 - CFD: 04/07/2012 - 19:18:19 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{168B06B3-1EA0-4E48-9EE6-D0C1E7E39E49}

O43 - CFD: 11/07/2012 - 15:19:34 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{16999B7A-EA63-4B7A-AC45-EF883A680AB0}

O43 - CFD: 07/07/2012 - 13:27:06 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{1F88DF9A-2A26-4C15-8EE4-C388055A3A27}

O43 - CFD: 09/07/2012 - 18:42:29 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{23C22838-64E7-458C-8979-FEB66ED5D15D}

O43 - CFD: 05/07/2012 - 20:42:25 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{264792B2-A124-4FF4-94F9-54482D7DF235}

O43 - CFD: 11/07/2012 - 15:19:46 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{2BD34C31-7EBC-4CD6-8C87-4CD39525A412}

O43 - CFD: 13/07/2012 - 20:14:38 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{452C0DB5-E3F0-44DB-9811-2628F978CA2F}

O43 - CFD: 05/07/2012 - 20:42:36 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{4CC781EB-07F5-4666-B6D1-68619A0286DC}

O43 - CFD: 07/07/2012 - 13:27:17 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{5B5B847C-1841-40C0-8342-88E7EF4513D2}

O43 - CFD: 10/07/2012 - 20:47:55 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{77C4A752-58D3-4D18-8CA9-099B7209C3EC}

O43 - CFD: 12/07/2012 - 16:56:51 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{81ABAAB4-D18F-4ACE-AC06-9F31BA1648AA}

O43 - CFD: 12/07/2012 - 16:56:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{87802E59-3F9B-4EF8-918B-33E374F2FB08}

O43 - CFD: 09/07/2012 - 18:42:40 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8A0069C5-7F23-4E3C-ADD3-8CB022509354}

O43 - CFD: 10/07/2012 - 20:47:44 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{8AF4AA1F-1C1A-467F-BA22-0B81C5A151B2}

O43 - CFD: 04/07/2012 - 19:18:04 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{930F0D4A-5ADD-4994-806A-4E19BE53CF23}

O43 - CFD: 03/07/2012 - 23:17:33 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{B27F61BF-6A5F-4CE0-A165-339DD1D50737}

O43 - CFD: 12/07/2012 - 03:20:20 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C1E70EB4-5EC4-4F40-BC84-79C3A23F7F35}

O43 - CFD: 08/07/2012 - 14:27:39 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C37425C6-9B2A-4DF2-8CA3-E1ACAF33D21D}

O43 - CFD: 08/07/2012 - 14:27:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{C38A4200-E8EE-4AE1-9169-769049D7C683}

O43 - CFD: 13/07/2012 - 20:14:50 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{CB78448A-2C83-499C-A358-B7612EA45196}

O43 - CFD: 12/07/2012 - 03:20:31 - [0] ----D C:\Users\Famille Meyer\AppData\Local\{EED1BADB-45E5-4031-8E14-45908B12922E}

O43 - CFD: 14/07/2009 - 06:54:32 - [0,014] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 11/07/2012 - 20:47:20 - [0,000] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 16/12/2011 - 21:36:53 - [0,002] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BUFFALO

O43 - CFD: 13/11/2011 - 12:58:58 - [0,005] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

O43 - CFD: 13/11/2011 - 15:31:05 - [0] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HomePlayer

O43 - CFD: 14/07/2009 - 06:49:38 - [0,001] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 13/11/2011 - 12:10:11 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

O43 - CFD: 11/07/2012 - 20:47:20 - [0,003] R---D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 13/11/2011 - 15:33:29 - [0,001] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WBFS Manager

O43 - CFD: 13/11/2011 - 15:37:23 - [0,003] ----D C:\Users\Famille Meyer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR

O43 - CFD: 26/06/2012 - 18:57:42 - [0] ----D C:\Program Files (x86)\3D Home Architect

O43 - CFD: 13/11/2011 - 18:45:45 - [9,137] ----D C:\Program Files (x86)\Alcohol Soft

O43 - CFD: 16/12/2011 - 21:35:26 - [9,607] ----D C:\Program Files (x86)\BUFFALO

O43 - CFD: 26/04/2012 - 19:21:05 - [9,876] ----D C:\Program Files (x86)\CFWebAdvancedU2

O43 - CFD: 25/04/2012 - 21:16:14 - [6,226] ----D C:\Program Files (x86)\CFWebAdvancedU_BOBTV.FR

O43 - CFD: 26/06/2012 - 18:57:36 - [457,731] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 20/10/2010 - 02:56:48 - [1283,782] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 17/11/2011 - 22:25:30 - [23,312] ----D C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 13/11/2011 - 15:03:04 - [2,075] ----D C:\Program Files (x86)\Elaborate Bytes

O43 - CFD: 13/11/2011 - 18:13:38 - [15,549] ----D C:\Program Files (x86)\eMule

O43 - CFD: 14/01/2012 - 21:33:55 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 13/11/2011 - 13:33:18 - [97,372] ----D C:\Program Files (x86)\Google

O43 - CFD: 07/02/2012 - 22:36:57 - [1509,127] ----D C:\Program Files (x86)\Hewlett-Packard

O43 - CFD: 13/11/2011 - 15:31:31 - [135,712] ----D C:\Program Files (x86)\HomePlayer

O43 - CFD: 20/10/2010 - 02:52:30 - [4,390] ----D C:\Program Files (x86)\Hp

O43 - CFD: 26/11/2011 - 22:50:42 - [16,749] ----D C:\Program Files (x86)\HP Games

O43 - CFD: 13/11/2011 - 18:58:04 - [1090,986] ----D C:\Program Files (x86)\IGN Rando

O43 - CFD: 26/06/2012 - 19:05:29 - [158,201] ----D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 20/10/2010 - 02:51:38 - [30,430] ----D C:\Program Files (x86)\Intel

O43 - CFD: 11/07/2012 - 20:24:47 - [4,918] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 09/07/2012 - 21:39:26 - [84,568] ----D C:\Program Files (x86)\Java

O43 - CFD: 13/11/2011 - 16:43:11 - [2,414] ----D C:\Program Files (x86)\MarkAny

O43 - CFD: 04/07/2012 - 19:27:35 - [0] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 13/11/2011 - 15:51:13 - [0,764] ----D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 13/11/2011 - 13:31:29 - [28,015] ----D C:\Program Files (x86)\Microsoft LifeCam

O43 - CFD: 13/11/2011 - 18:37:07 - [560,287] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 12/05/2012 - 23:44:48 - [36,641] ----D C:\Program Files (x86)\Microsoft Silverlight

O43 - CFD: 13/11/2011 - 09:59:33 - [1,745] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 13/11/2011 - 14:38:36 - [0,014] ----D C:\Program Files (x86)\Microsoft Visual Studio

O43 - CFD: 13/11/2011 - 14:34:37 - [1,323] ----D C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 13/11/2011 - 17:04:06 - [3,554] ----D C:\Program Files (x86)\Microsoft Works

O43 - CFD: 13/11/2011 - 14:38:20 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 13/11/2011 - 13:00:48 - [36,395] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 13/11/2011 - 14:38:42 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 13/11/2011 - 13:39:40 - [0] ----D C:\Program Files (x86)\MSXML 4.0

O43 - CFD: 08/01/2012 - 14:37:19 - [10,467] ----D C:\Program Files (x86)\MyFree Codec

O43 - CFD: 20/10/2010 - 03:11:49 - [7,167] ----D C:\Program Files (x86)\NewspaperDirect

O43 - CFD: 13/11/2011 - 12:09:08 - [117,587] ----D C:\Program Files (x86)\Norton 360

O43 - CFD: 05/07/2012 - 20:58:44 - [12,111] ----D C:\Program Files (x86)\NortonInstaller

O43 - CFD: 17/12/2011 - 15:05:03 - [86,310] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 13/11/2011 - 10:00:15 - [19,342] R---D C:\Program Files (x86)\Online Services

O43 - CFD: 13/11/2011 - 16:47:14 - [17,635] ----D C:\Program Files (x86)\PC Connectivity Solution

O43 - CFD: 20/10/2010 - 02:50:08 - [36,253] ----D C:\Program Files (x86)\PDF Complete

O43 - CFD: 20/01/2012 - 18:17:49 - [89,816] ----D C:\Program Files (x86)\PS3 Media Server

O43 - CFD: 20/10/2010 - 02:50:16 - [46,195] ----D C:\Program Files (x86)\Realtek

O43 - CFD: 14/07/2009 - 07:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 13/11/2011 - 16:47:36 - [262,894] ----D C:\Program Files (x86)\Samsung

O43 - CFD: 22/06/2012 - 20:36:17 - [7,319] ----D C:\Program Files (x86)\SoftChris

O43 - CFD: 06/12/2011 - 21:13:06 - [6,347] ----D C:\Program Files (x86)\Sony

O43 - CFD: 06/12/2011 - 21:08:04 - [0,061] ----D C:\Program Files (x86)\Sony Media Go Install

O43 - CFD: 20/10/2010 - 02:50:26 - [0] ----D C:\Program Files (x86)\Temp

O43 - CFD: 13/11/2011 - 18:07:04 - [48,338] ----D C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 13/11/2011 - 18:07:07 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 29/05/2012 - 19:36:31 - [0,416] ----D C:\Program Files (x86)\Tomtomax Maxi-Box

O43 - CFD: 14/07/2009 - 06:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 13/11/2011 - 15:12:02 - [88,799] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 16/11/2011 - 19:49:23 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 02/07/2012 - 18:34:47 - [177,421] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 16/11/2011 - 19:49:23 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 16/11/2011 - 19:49:23 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 07:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 16/11/2011 - 19:49:23 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 13/11/2011 - 16:32:50 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 16/11/2011 - 19:49:24 - [5,717] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 13/07/2012 - 20:47:44 - [12,849] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/07/2012 - 22:57:58 - [0,400] ----D C:\Program Files (x86)\Common Files\BioWare

O43 - CFD: 13/11/2011 - 14:38:36 - [0,089] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 14/04/2012 - 20:25:36 - [7,919] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 20/02/2012 - 20:11:10 - [1,201] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 20/10/2010 - 03:02:55 - [36,729] ---AD C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 20/10/2010 - 03:02:46 - [0,049] ---AD C:\Program Files (x86)\Common Files\LS Getting Started

O43 - CFD: 02/07/2012 - 18:26:45 - [229,228] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 20/10/2010 - 02:51:10 - [0,159] ----D C:\Program Files (x86)\Common Files\postureAgent

O43 - CFD: 13/11/2011 - 16:43:19 - [57,501] ----D C:\Program Files (x86)\Common Files\Samsung

O43 - CFD: 14/07/2009 - 05:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 06/12/2011 - 21:09:57 - [0,326] ----D C:\Program Files (x86)\Common Files\Sony Shared

O43 - CFD: 14/07/2009 - 05:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 19/11/2011 - 09:20:38 - [0,400] ----D C:\Program Files (x86)\Common Files\Steam

O43 - CFD: 13/11/2011 - 17:12:02 - [6,430] ----D C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 16/11/2011 - 19:49:23 - [45,619] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 13/11/2011 - 09:57:36 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 20/01/2012 - 22:46:38 - [32,479] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

~ Scan Program Folder in 00mn 04s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.B26D138E294B7F3EB60736F6FF69BEE7] - 13/07/2012 - 19:17:12 ----- . (...) -- C:\Windows\WindowsUpdate.log [1783759]

O44 - LFC:[MD5.75536F897E885FE4D89296A907F84484] - 13/07/2012 - 19:13:16 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.D0F93C09ECF43ACF09EFCE2B98054552] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [107566]

O44 - LFC:[MD5.03EA8E56EF19F34121E3A101F6BA6635] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [132162]

O44 - LFC:[MD5.670E14657112792486A37AB57345C8E3] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [619246]

O44 - LFC:[MD5.6D750593199E36D7666E5B92E2A3C5C4] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [707548]

O44 - LFC:[MD5.75994EDA81FBACFAED1CCB01C7FC489C] - 12/07/2012 - 15:57:23 ---A- . (...) -- C:\Windows\System32\PerfStringBackup.INI [1557650]

O44 - LFC:[MD5.4E696120E4625D03FACDA45F963BD3D6] - 11/07/2012 - 20:36:39 ---A- . (...) -- C:\AdwCleaner[s1].txt [4540]

O44 - LFC:[MD5.D9049468326C11A54563AE65D4DD251F] - 11/07/2012 - 20:34:31 ---A- . (...) -- C:\AdwCleaner[R1].txt [5458]

O44 - LFC:[MD5.6CAA7426E0F1FA2C974ABFBF53C1939B] - 11/07/2012 - 19:26:13 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [419696]

O44 - LFC:[MD5.2465EBC8CD6E412CDC1AB9FEF40BCAE6] - 11/07/2012 - 19:23:08 ---A- . (...) -- C:\Windows\win.ini [478]

O44 - LFC:[MD5.0AC7E54445F7FEC27046E4FF3807CF6A] - 10/07/2012 - 20:03:19 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.C2DC69FDA8AF0E107C6421F66B3B7C08] - 02/07/2012 - 18:06:27 ---A- . (...) -- C:\img2-001.raw [921624]

~ Scan Files in 00mn 13s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\livessp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51)

O51 - MPSK:{17480f40-388c-11e1-9fb3-6c626d5b4a28}\AutoRun\command. (...) -- K:\run.bat (.not file.)

O51 - MPSK:{b9c56442-2032-11e1-93b3-6c626d5b4a28}\AutoRun\command. (...) -- K:\Startme.exe (.not file.)

O51 - MPSK:{cddfc161-0df4-11e1-8018-6c626d5b4a28}\AutoRun\command. (...) -- J:\autorun.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53) (None)

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKCU\...\Policies\System] - "LogonHoursAction"=2

O55 - MWPS:[HKCU\...\Policies\System] - "DontDisplayLogonHoursWarnings"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=145

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktop"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoActiveDesktopChanges"=1

O56 - MWPE:[HKLM\...\policies\Explorer] - "ForceActiveDesktopOn"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "EnableShellExecuteHooks"=1

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - 14/07/2009 - 02:52:21 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\System32\Drivers\adp94xx.sys [491088]

O58 - SDL:[MD5.D0D4F3CA1D3A4400E1F40F36A800CD12] - 01/05/2010 - 07:50:00 ---A- . (.Devguru Co., Ltd - Device Error Recovery SDK(x86).) -- C:\Windows\SysWOW64\drivers\dgderdrv.sys [18136]

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: ZHPDiag 1.31 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] {28912588-0B9D-48B1-BDA5-5FFEC9C71158} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - (AlloCine) - http://www.allocine.fr

O69 - SBI: SearchScopes [HKCU] {76685F19-2182-412B-87ED-8D3C8F4A89EF} - (Wikipedia) - Wikipédia, l'encyclopédie libre

O69 - SBI: SearchScopes [HKCU] {B08C0E91-95A4-42DF-9964-D043983A285A} [DefaultScope] - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - (Dailymotion) - Dailymotion - Watch, publish, share videos

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136192]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

~ Scan Services in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{CFEF55E8-8E17-4836-A151-5E8D261FAEFB}" | In - None - P6 - TRUE | .(.CyberLink Corp. - PowerDirector.) -- c:\Program Files (x86)\CyberLink\PowerDirector\PDR8.exe

O87 - FAEL: "{94BC8B49-B819-48E3-8BEB-DBE3A6617C88}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP DVDSmart Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\HPDVDSmart.exe

O87 - FAEL: "{9983EFFF-988E-447D-8DD8-57AB34A5ACFC}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Photo Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Photo\HPMediaSmartPhoto.exe

O87 - FAEL: "{E3C0D7B6-3E7E-4757-9DDA-85D5C7572DA9}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Video.) -- C:\Program Files (x86)\Hewlett-Packard\MediaSmart\Video\HPMediaSmartVideo.exe

O87 - FAEL: "{C5C4113C-1946-4FE3-B84B-3D63B2737C56}" | In - None - P6 - TRUE | .(.CyberLink Corp. - HP MediaSmart Music Main Program.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\HPTouchSmartMusic.exe

O87 - FAEL: "{F17FE936-5A73-4807-B364-E9672C228585}" |Out - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{6F040ED0-95D5-4915-BEC5-CB0D4B5FC043}" |In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{64DBCDD1-B6D4-4BCD-8A2B-15F1C71E1C71}" |Out - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{8EEFC00D-F0BC-41D2-9819-9F9F2535FA2F}" |In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{2CDDAF0B-576F-46C8-A515-40A82860D816}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O87 - FAEL: "{A4B0ED14-3C58-4D21-8877-B5EA7A28C72D}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\HomePlayer.exe

O87 - FAEL: "{AD253646-791F-4BBF-BE4C-76780556D3A5}" | In - Private - P6 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe

O87 - FAEL: "{3A73484B-B52D-4407-82AA-5C6B69D1E5AE}" | In - Private - P17 - TRUE | .(...) -- C:\Program Files (x86)\HomePlayer\VLC\vlc.exe

O87 - FAEL: "{DD1AC9D9-B2F7-46D9-9CD8-4B3EED343326}" | Out - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "{E2E1A16C-11D1-4865-8B54-F5A0891FFAAC}" | In - None - P17 - TRUE | .(.http://emulemorph.sourceforge.net - eMule.) -- C:\Program Files (x86)\eMule\emule.exe

O87 - FAEL: "{7C72CAC3-D7FF-41C3-B202-691A665CFB36}" | In - Private - P6 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

O87 - FAEL: "{129AA54E-463F-44B1-AEB6-48559BAA0739}" | In - Private - P17 - TRUE | .(.Musiccity Co.Ltd. - MUZAoDApp Module.) -- C:\Windows\SysWOW64\muzapp.exe

O87 - FAEL: "{55D84BD4-7905-4BBC-8D23-02B4C8F51DC6}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe

O87 - FAEL: "{3CCDB9D2-91F7-44F5-9955-4525B2FC2460}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasInst.exe

O87 - FAEL: "{7CDA954F-ABD3-4C43-B3A5-209874896C26}" | In - Private - P6 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O87 - FAEL: "{8A29C95C-AB57-45CE-BD35-580805F1FF46}" | In - Private - P17 - TRUE | .(.BUFFALO INC. - NASNaviator2.) -- C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe

O87 - FAEL: "{DA3D29C1-B065-4A52-9139-8E1F7EE978B0}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{8A4AF84B-B7AA-436F-85D0-EF6D58FA0761}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

~ Scan Firewall in 00mn 00s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SS - | Demand 11/07/2012 250056 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SR - | Auto 30/12/1899 0 | (ezSharedSvc) . (.EasyBits Software AS.) - C:\Windows\System32\ezSharedSvcHost.exe

SS - | Auto 13/11/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 13/11/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SR - | Auto 15/07/2010 2641920 | (hcwD3bda_dvbt) . (.Mirics Semiconductor Ltd.) - C:\Windows\system32\hauppauge\hcwD3dvb\DVBT\DVBService.exe

SR - | Auto 09/09/2011 86072 | (HP Support Assistant Service) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

SR - | Auto 28/03/2011 94264 | (HPDrvMntSvc.exe) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

SS - | Demand 28/03/2011 799800 | (hpqwmiex) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

SR - | Auto 04/03/2010 13336 | (IAStorDataMgrSvc) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

SS - | Demand 04/04/2005 69632 | (IDriverT) . (.Macrovision Corporation.) - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

SR - | Auto 19/05/2010 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 01/10/2009 268824 | (LMS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

SS - | Auto 17/04/2011 130008 | (N360) . (.Symantec Corporation.) - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe

SR - | Auto 15/05/2009 251184 | C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe0 (NasPmService) . (.BUFFALO INC..) - C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe

SR - | Auto 05/08/2011 1016936 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SR - | Auto 05/08/2011 2214504 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

SR - | Auto 15/10/2009 635416 | (pdfcDispatcher) . (.PDF Complete Inc.) - C:\Program Files (x86)\PDF Complete\pdfsvc.exe

SS - | Demand 11/11/2008 620544 | (ServiceLayer) . (.Nokia..) - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

SR - | Auto 23/12/2009 370688 | (StarWindServiceAE) . (.StarWind Software.) - C:\Program Files (x86)\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE.exe

SR - | Auto 23/01/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SR - | Auto 23/01/2012 92592 | (TrkWks) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SS - | Auto 23/01/2012 92592 | (TrustedInstaller) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SR - | Auto 01/10/2009 2320920 | (UNS) . (.Intel Corporation.) - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

SS - | Demand 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

~ Scan Services in 00mn 04s

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O42 - Logiciel: DAEMON Tools Lite - (.DT Soft Ltd.) [HKLM] -- DAEMON Tools Lite

~ Scan Emulateurs in 00mn 04s

 

 

 

End of the scan (1309 lines in 00mn 42s)(0)

Lien vers le commentaire
Partager sur d’autres sites
casimir2004 Power Member

casimir2004

Posté(e)
  • Auteur
Posté(e)

======= RAPPORT D'AD-REMOVER 2.0.0.2,G | UNIQUEMENT XP/VISTA/7 =======

 

Mis à jour par TeamXscript le 12/04/11

Contact: AdRemover[DOT]contact[AT]gmail[DOT]com

Site web: webmail http://webmail.ovh.net

 

C:\Program Files (x86)\Ad-Remover\main.exe (SCAN [1]) -> Lancé à 20:59:41 le 13/07/2012, Mode normal

 

Microsoft Windows 7 Édition Familiale Premium Service Pack 1 (X64)

Famille Meyer@FAMILLEMEYER-HP (Hewlett-Packard HPE-450fr)

 

============== RECHERCHE ==============

 

 

 

 

 

============== SCAN ADDITIONNEL ==============

 

**** Mozilla Firefox Version [8.0 (fr)] ****

 

HKLM_MozillaPlugins\@camfrogweb.com/Camfrog Web Plugin,version=2,0 (x)

HKLM_MozillaPlugins\@playstation.com/PsndlCheck,version=1.00 (x)

Searchplugins\bing.xml ( hxxp://www.bing.com/search)

Components\browsercomps.dll (Mozilla Foundation)

HKLM_Extensions|{BBDA0591-3099-440a-AA10-41764D9DB4DB} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn\

HKLM_Extensions|{2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_9_4

 

-- C:\Users\Famille Meyer\AppData\Roaming\Mozilla\FireFox\Profiles\wun2jzbg.default --

Prefs.js - browser.startup.homepage, www.free.fr

Prefs.js - browser.startup.homepage_override.buildID, 20111104165243

Prefs.js - browser.startup.homepage_override.mstone, rv:8.0

 

-- C:\Users\Rémy\AppData\Roaming\Mozilla\FireFox\Profiles\77of9r4z.default --

 

========================================

 

**** Google Chrome Version [20.0.1132.57] ****

 

 

-- C:\Users\Famille Meyer\AppData\Local\Google\Chrome\User Data\Default --

Preferences - homepage: hxxp://www.google.com/

Preferences - homepage_is_newtabpage: false

Preferences - urls_to_restore_on_startup: hxxp://www.google.com/

Preferences - default_search_provider: "Google" (Activé: true) (?)

Preferences - homepage: hxxp://www.google.com/

Preferences - homepage_is_newtabpage: false

Plugin - Remoting Viewer (Activé: true) (internal-remoting-viewer) (x)

Plugin - "Remoting Viewer" (Activé: true)

Plugin - Native Client (Activé: true) (C:\Users\Famille Meyer\AppData\Local\Google\Chrome\Application\19.0.1084.52\ppGoogleNaClPluginChrome.dll) (x)

Plugin - "Native Client" (Activé: true)

Plugin - "Camfrog Web FF Plugin" (Activé: true)

Plugin - "Java" (Activé: true)

Plugin - "PlayStation®Network Downloader Check Plug-in" (Activé: true)

Plugin - VLC Web Plugin (Activé: true) (C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll)

Plugin - "VLC Web Plugin" (Activé: true)

Plugin - "Silverlight" (Activé: true)

Preferences - urls_to_restore_on_startup: hxxp://www.google.com/

 

========================================

 

**** Internet Explorer Version [9.0.8112.16421] ****

 

HKCU_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPDSK/3

HKCU_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKCU_Main|Start Page - hxxp://www.free.fr/

HKLM_Main|Default_Page_URL - hxxp://g.uk.msn.com/HPDSK/3

HKLM_Main|Default_Search_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Search Page - hxxp://go.microsoft.com/fwlink/?LinkId=54896

HKLM_Main|Start Page - hxxp://g.uk.msn.com/HPDSK/3

HKCU_SearchScopes\{28912588-0B9D-48B1-BDA5-5FFEC9C71158} - "Yahoo! Search" (hxxp://search.yahoo.fr/search?p={searchTerms}&ei=utf-8&fr=b2ie7)

HKCU_SearchScopes\{5B8E1DDB-D1D6-40F1-8BB7-0C03A974E4E7} - "AlloCine" (hxxp://www.allocine.fr/recherche/?motcle={searchTerms})

HKCU_SearchScopes\{65861B09-E98E-4EAB-96A1-552F2A5DA828} - "?" (?)

HKCU_SearchScopes\{6751C177-539E-4B0D-AB2C-E54730B14D38} - "?" (?)

HKCU_SearchScopes\{76685F19-2182-412B-87ED-8D3C8F4A89EF} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})

HKCU_SearchScopes\{BC46B2AB-336A-4FAA-BF7C-29080F6134C4} - "Dailymotion" (hxxp://www.dailymotion.com/relevance/search/{searchTerms}/1)

HKLM_SearchScopes\{76685F19-2182-412B-87ED-8D3C8F4A89EF} - "Wikipedia" (hxxp://fr.wikipedia.org/wiki/Special:Search?search={searchTerms})

HKCU_ElevationPolicy\{AB2E3005-0F5E-49B7-910B-14AA1E8C69BC} - C:\Program Files (x86)\eMule\eMule.exe (http://emulemorph.sourceforge.net)

HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)

HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)

HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)

HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)

BHO\{1E8A6170-7264-4D0F-BEAE-D42A53123C75} (?)

 

========================================

 

C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)

C:\Program Files (x86)\Ad-Remover\Backup: 1 Fichier(s)

 

C:\Ad-Report-SCAN[1].txt - 13/07/2012 21:00:04 (4795 Octet(s))

 

Fin à: 21:00:35, 13/07/2012

 

============== E.O.F ==============

Lien vers le commentaire
Partager sur d’autres sites
casimir2004 Power Member

casimir2004

Posté(e)
  • Auteur
Posté(e) (modifié)

Bonjour,

 

Norton 360 indique à chaque démmarrage du pc la présence e ce virus.

 

Comment faire pour le supprimer svp?

 

Merci d'avance

Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\682f974f.exe

____________________________

____________________________

Sur les ordinateurs à partir du :

17/07/2012 à 19:05:50

Dernière utilisation :

17/07/2012 à 19:05:50

Elément de démarrage :

Non

Lancé :

Non

____________________________

____________________________

Peu d'utilisateurs

Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier.

____________________________

Elevée

Ce fichier représente un risque élevé.

____________________________

Détails menace

Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support.

____________________________

Origine

Téléchargé à partir de URL non disponible

 

____________________________

Actions de fichier

Fichier : c:\users\famille meyer\appdata\local\temp\682f974f.exe

Bloqués

____________________________

Empreinte numérique de fichier - SHA :

cd0d3effe84bcc2e72606b337263839ae3284dadf0f143cf2d189a03b6d9a7b5

____________________________

Empreinte numérique de fichier - MD5 :

b8f062cf2dd72e7c4254f825ebb28a35

 

Chemin d'accès complet : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx

____________________________

____________________________

Sur les ordinateurs à partir du :

17/07/2012 à 19:05:33

Dernière utilisation :

17/07/2012 à 19:05:33

Elément de démarrage :

Non

Lancé :

Non

____________________________

____________________________

Peu d'utilisateurs

Des centaines d'utilisateurs de la communauté Norton ont utilisé ce fichier.

____________________________

Elevée

Ce fichier représente un risque élevé.

____________________________

Détails menace

Type de menace : Virus. Programmes qui infectent d´autres programmes, fichiers ou zones d´un ordinateur en s´insérant ou en s´attachant à ce support.

____________________________

Origine

Téléchargé à partir de URL non disponible

 

____________________________

Actions de fichier

Fichier : c:\users\famille meyer\appdata\local\temp\_132deb6_.ocx

Bloqués

____________________________

Empreinte numérique de fichier - SHA :

d8e36fb552cf9313e6e867ab9da8e1fe61a21b09a51cca5f5ce88cd1fec5e6ee

____________________________

Empreinte numérique de fichier - MD5 :

45ce07e5671bd3f93a62ed0e20676abc

____________________________

 

 

malwear etc rien n'y fait...

____________________________

Modifié par casimir2004
Lien vers le commentaire
Partager sur d’autres sites
  • 2 semaines après...

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...