Aller au contenu
  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Périphériques de stockage bloqués


Messages recommandés

Bonjour,

 

Superbe collection de saletés !

 

1) Télécharger RogueKiller (by tigzy) sur le bureau

 

Quitter tous les programmes

Lancer RogueKiller.exe.

Patienter le temps du Prescan ...

Cliquer sur Scan.

Cliquer sur Rapport et copier/coller le contenu

 

Nettoyage

 

Dans l'onglet "Registre", décocher les lignes que vous avez volontairement modifiées

(Si vous n'avez rien modifié ,vous n'avez donc pas de raison valable d'en décocher. )

Cliquer sur Suppression. Cliquer sur Rapport et copier/coller le contenu

Cliquer sur Host RAZ. Cliquer sur Rapport et copier/coller le contenu

Cliquer sur Proxy RAZ. Cliquer sur Rapport [/b]et copier/coller le contenu

Cliquer sur DNS RAZ. Cliquer sur Rapport[/b]etcopier/coller le contenu

Cliquer sur Racc. RAZ. Cliquer sur Rapport[/b] et copier coller le contenu du notepad

Dans l'onglet Driver, réparer les index SSDT suivants en faisant un clic droit sur leur ligne => Restaurer SSDT

Sauf avis contraire, ne touchez pas aux index SSDT

(Liste des index)

 

Note. Le bouton Suppression ne sera pas accessible tant que le scan n'aura pas été fait

Il y aura 6 rapports à poster.

 

2)Télécharger AdwCleaner

Sous Vista et Windows 7-> Exécuter en tant qu'administrateur

 

Cliquez sur Recherche et postez le rapport généré C:\AdwCleaner[R1].txt

110906042614938066.jpg

 

3)Nettoyage

Relancez AdwCleaner avec droits administrateur

Cliquez sur Suppression et postez le rapport C:\AdwCleaner[s1].txt

 

4)

Téléchargez MBAM

Avant de lancer Mbam

Vous devez d'abord désactiver vos protections mais vous ne savez pas comment faire

Cliquer ici

Branchez tous les supports amovibles avant de faire ce scan (clé usb/disque dur externe etc)

Exécuter avec droits d'administrateur.

Sous Vista , désactiver l'Uac

 

Double cliquez sur l'icône Download_mbam-setup.exe pour lancer le processus d'installation.

Enregistrez le sur le bureau .

Fermer toutes les fenêtres et programmes

Suivez les indications (en particulier le choix de la langue et l'autorisation d'accession à Internet)

N'apportez aucune modification aux réglages par défaut et, en fin d'installation,

Vérifiez que les options Update et Launch soient cochées

MBAM démarrera automatiquement et enverra un message demandant de mettre à jour le programme avant de lancer une analyse.

cliquer sur OK pour fermer la boîte de dialogue..

Dans l'onglet "mise à jour", cliquez sur le bouton Recherche de mise à jour:

mbam.jpg

Si le pare-feu demande l'autorisation de connecter MBAM, acceptez.

Une fois la mise à jour terminée, allez dans l'onglet Recherche.

Sélectionnez "Exécuter un examen complet"

Cliquez sur "Rechercher"

.L' analyse prendra un certain temps, soyez patient !

A la fin , un message affichera :

L'examen s'est terminé normalement.

Et un fichier Mbam.log apparaitra

 

 

Sélectionnez tout et cliquez sur Supprimer la sélection ,

MBAM va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine.

puis ouvrir le Bloc-notes et y copier le rapport d'analyse qui peut être retrouvé sous l'onglet Rapports/logs.

Copiez-collez ce rapport dans la prochaine réponse.

 

Ensuite, nouveau rapport Zhpdiag, svp

Modifié par pear
Lien vers le commentaire
Partager sur d’autres sites

voici les rapports selon vos instructions. Je ne sais pas s'il fallait les afficher ici. En tout cas encore merci pour votre aide.

 

 

 

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : Recherche -- Date : 09/01/2013 12:59:29

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Entrees de registre : 8 ¤¤¤

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> TROUVÉ

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyEnable (1) -> TROUVÉ

[HJ] HKLM\[...]\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ

[HJ] HKLM\[...]\Wow6432Node\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> TROUVÉ

[HJ] HKLM\[...]\Services\Microsoft\System : EnableLUA (0) -> TROUVÉ

[HJ] HKLM\[...]\Wow6432Node\Services\Microsoft\System : EnableLUA (0) -> TROUVÉ

[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ

[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> TROUVÉ

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

 

127.0.0.1 localhost

::1 localhost

 

 

¤¤¤ MBR Verif: ¤¤¤

 

+++++ PhysicalDrive0: ST31500341AS +++++

--- User ---

[MBR] 23c9b4a0f25a899ace268a52fe2af635

[bSP] ceb84c3e7b096f62a58a22cb4210973b : Windows 7/8 MBR Code

Partition table:

0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 94 Mo

1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 716879 Mo

2 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 1468375040 | Size: 702001 Mo

3 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2906073088 | Size: 11817 Mo

User = LL1 ... OK!

User = LL2 ... OK!

 

Termine : << RKreport[1]_S_09012013_125929.txt >>

RKreport[1]_S_09012013_125929.txt

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : Suppression -- Date : 09/01/2013 13:01:56

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Entrees de registre : 6 ¤¤¤

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> NON SUPPRIMÉ, UTILISER PROXY RAZ

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyEnable (1) -> NON SUPPRIMÉ, UTILISER PROXY RAZ

[HJ] HKLM\[...]\Services\Microsoft\System : ConsentPromptBehaviorAdmin (0) -> REMPLACÉ (2)

[HJ] HKLM\[...]\Services\Microsoft\System : EnableLUA (0) -> REMPLACÉ (1)

[HJ DESK] HKCU\[...]\Services\Microsoft\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)

[HJ DESK] HKCU\[...]\Services\Microsoft\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REMPLACÉ (0)

 

¤¤¤ Fichiers / Dossiers particuliers: ¤¤¤

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : HOSTS RAZ -- Date : 09/01/2013 13:09:41

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Entrees de registre : 0 ¤¤¤

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

¤¤¤ Fichier HOSTS: ¤¤¤

--> C:\Windows\system32\drivers\etc\hosts

 

127.0.0.1 localhost

::1 localhost

 

 

¤¤¤ Nouveau fichier HOSTS: ¤¤¤

 

 

Termine : << RKreport[4]_H_09012013_130941.txt >>

RKreport[1]_S_09012013_125929.txt ; RKreport[2]_D_09012013_130156.txt ; RKreport[3]_H_09012013_130709.txt ; RKreport[4]_H_09012013_130941.txt

 

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : Proxy RAZ -- Date : 09/01/2013 13:10:22

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Entrees de registre : 2 ¤¤¤

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyServer (hxxp=127.0.0.1:8877;hxxps=127.0.0.1:8877) -> SUPPRIMÉ

[PROXY IE] HKCU\[...]\Services\Microsoft\Internet Settings : ProxyEnable (1) -> REMPLACÉ (0)

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

Termine : << RKreport[5]_PR_09012013_131022.txt >>

RKreport[1]_S_09012013_125929.txt ; RKreport[2]_D_09012013_130156.txt ; RKreport[3]_H_09012013_130709.txt ; RKreport[4]_H_09012013_130941.txt ; RKreport[5]_PR_09012013_131022.txt

 

 

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : DNS RAZ -- Date : 09/01/2013 13:11:17

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Entrees de registre : 0 ¤¤¤

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

Termine : << RKreport[6]_DN_09012013_131117.txt >>

RKreport[1]_S_09012013_125929.txt ; RKreport[2]_D_09012013_130156.txt ; RKreport[3]_H_09012013_130709.txt ; RKreport[4]_H_09012013_130941.txt ; RKreport[5]_PR_09012013_131022.txt ;

RKreport[6]_DN_09012013_131117.txt

 

RogueKiller V8.4.3 _x64_ [Jan 8 2013] par Tigzy

mail : tigzyRK<at>gmail<dot>com

Remontees : [RogueKiller] Remontées

Site Web : Télécharger RogueKiller (Site Officiel)

Blog : tigzy-RK

 

Systeme d'exploitation : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Demarrage : Mode normal

Utilisateur : JC [Droits d'admin]

Mode : Raccourcis RAZ -- Date : 09/01/2013 13:13:40

 

¤¤¤ Processus malicieux : 0 ¤¤¤

 

¤¤¤ Driver : [NON CHARGE] ¤¤¤

 

¤¤¤ Attributs de fichiers restaures: ¤¤¤

Bureau: Success 1 / Fail 0

Lancement rapide: Success 0 / Fail 0

Programmes: Success 16 / Fail 0

Menu demarrer: Success 1 / Fail 0

Dossier utilisateur: Success 470 / Fail 0

Mes documents: Success 0 / Fail 0

Mes favoris: Success 0 / Fail 0

Mes images: Success 0 / Fail 0

Ma musique: Success 0 / Fail 0

Mes videos: Success 0 / Fail 0

Disques locaux: Success 1848 / Fail 0

Sauvegarde: [NOT FOUND]

 

Lecteurs:

[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored

[D:] \Device\HarddiskVolume3 -- 0x3 --> Restored

[E:] \Device\HarddiskVolume1 -- 0x3 --> Restored

[F:] \Device\HarddiskVolume4 -- 0x3 --> Restored

[G:] \Device\CdRom0 -- 0x5 --> Skipped

 

Termine : << RKreport[7]_SC_09012013_131340.txt >>

RKreport[1]_S_09012013_125929.txt ; RKreport[2]_D_09012013_130156.txt ; RKreport[3]_H_09012013_130709.txt ; RKreport[4]_H_09012013_130941.txt ; RKreport[5]_PR_09012013_131022.txt ;

RKreport[6]_DN_09012013_131117.txt ; RKreport[7]_SC_09012013_131340.txt

 

 

 

dans DRIVER, il n'y a rien.

 

# AdwCleaner v2.105 - Rapport créé le 09/01/2013 à 13:35:31

# Mis à jour le 08/01/2013 par Xplode

# Système d'exploitation : Windows 7 Home Premium Service Pack 1 (64 bits)

# Nom d'utilisateur : JC - JC-PC

# Mode de démarrage : Normal

# Exécuté depuis : D:\téléchargements\adwcleaner.exe

# Option [Recherche]

 

 

***** [services] *****

 

 

***** [Fichiers / Dossiers] *****

 

Dossier Présent : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph

 

***** [Registre] *****

 

Clé Présente : HKCU\Software\InstallCore

Clé Présente : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}

Clé Présente : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL

Clé Présente : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater

 

***** [Navigateurs] *****

 

-\\ Internet Explorer v9.0.8112.16457

 

[OK] Le registre ne contient aucune entrée illégitime.

 

-\\ Mozilla Firefox v14.0.1 (fr)

 

Fichier : C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\8svqb8s7.default\prefs.js

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

-\\ Google Chrome v23.0.1271.97

 

Fichier : C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Preferences

 

[OK] Le fichier ne contient aucune entrée illégitime.

 

*************************

 

AdwCleaner[R2].txt - [1354 octets] - [09/01/2013 13:35:31]

 

########## EOF - C:\AdwCleaner[R2].txt - [1414 octets] ##########

 

[.ShellClassInfo]

[email protected]%SystemRoot%\system32\shell32.dll,-21787

 

Malwarebytes Anti-Malware (Essai) 1.70.0.1100

www.malwarebytes.org

 

Version de la base de données: v2013.01.09.06

 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

JC :: JC-PC [administrateur]

 

Protection: Désactivé

 

09/01/2013 14:15:12

mbam-log-2013-01-09 (14-15-12).txt

 

Type d'examen: Examen complet (C:\|E:\|F:\|G:\|)

Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM

Options d'examen désactivées: P2P

Elément(s) analysé(s): 626397

Temps écoulé: 2 heure(s), 12 minute(s), 46 seconde(s)

 

Processus mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Module(s) mémoire détecté(s): 0

(Aucun élément nuisible détecté)

 

Clé(s) du Registre détectée(s): 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Video Downloader (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès.

 

Valeur(s) du Registre détectée(s): 0

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre détecté(s): 0

(Aucun élément nuisible détecté)

 

Dossier(s) détecté(s): 0

(Aucun élément nuisible détecté)

 

Fichier(s) détecté(s): 4

C:\CS5\Adobe Creative Suite Master Collection CS5 (keygen + activators .Ita)\activator 2\keygen.exe (Riskware.Tool.CK) -> Mis en quarantaine et supprimé avec succès.

C:\Program Files (x86)\NoAdware5.0\nutils.dll (Rogue.Agent) -> Mis en quarantaine et supprimé avec succès.

C:\Program Files (x86)\Sorensoft\Power Disc Lock 7.0\SSPDTest.mau (Malware.Packer.Gen) -> Mis en quarantaine et supprimé avec succès.

C:\Program Files (x86)\vGrabber-software\Uninstall.exe (PUP.BundleInstaller.VG) -> Mis en quarantaine et supprimé avec succès.

 

(fin)

 

Rapport de ZHPDiag v1.34.19 par Nicolas Coolman, Update du 09/01/2013

Run by JC at 09/01/2013 16:33:08

State : Version à jour.

UAC : Deactivate by user

 

 

---\\ Web Browser

MSIE: Internet Explorer v9.0.8112.16421

MFIE: Mozilla Firefox 17.0.1 v17.0.1 (Defaut)

 

---\\ Windows Product Information

~ Langage: Français

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

Windows Server License Manager Script : OK

~ Windows® 7, OEM_COA_SLP channel

Windows ID Activation : OK

~ Windows Partial Key : T2TT8

Windows License : OK

~ Windows Remaining Initializations Number : 4

Software Protection Service (Protection logicielle) : OK

Key Management Service client information : KO

Windows Automatic Updates : OK

Windows Activation Technologies : OK

 

---\\ System Information

~ Processor: Intel64 Family 6 Model 30 Stepping 5, GenuineIntel

~ Operating System: 64 Bits

Boot mode: Normal (Normal boot)

Total RAM: 8151 MB (63% free)

System Restore: Activé (Enable)

System drive C: has 567 GB (80%) free of 700 GB

 

---\\ Logged in mode

~ Computer Name: JC-PC

~ User Name: JC

~ All Users Names: UpdatusUser, JC, Administrateur,

~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89

Logged in as Administrator

 

---\\ Environnement Variables

~ System Unit : C:\

~ %AppData% : C:\Users\JC\AppData\Roaming\

~ %Desktop% : C:\Users\JC\Desktop\

~ %Favorites% : C:\Users\JC\Favorites\

~ %LocalAppData% : C:\Users\JC\AppData\Local\

~ %StartMenu% : C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\

~ %Windir% : C:\Windows\

~ %System% : C:\Windows\System32\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 567 Go of 700 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 393 Go of 686 Go)

E:\ Hard drive, Flash drive, Thumb drive (Free 0 Go of 0 Go)

F:\ Hard drive, Flash drive, Thumb drive (Free 2 Go of 12 Go)

G:\ CD-ROM drive (Free 0 Go of 3 Go)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : OK

~ Scan Security Center in 00mn 00s

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - (.Microsoft Corporation - Explorateur Windows.) (.25/02/2011 - 07:19:30.) -- C:\Windows\Explorer.exe [2871808]

[MD5.94355C28C1970635A31B3FE52EB7CEBA] - (.Microsoft Corporation - Application de démarrage de Windows.) (.14/07/2009 - 02:39:52.) -- C:\Windows\System32\Wininit.exe [129024]

[MD5.5121DB613E10A46A3C5085B479026AA7] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.14/11/2012 - 07:04:11.) -- C:\Windows\System32\wininet.dll [1392128]

[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.20/11/2010 - 14:25:30.) -- C:\Windows\System32\Winlogon.exe [390656]

[MD5.067FA52BFB59A56110A12312EF9AF243] - (.Microsoft Corporation - Bibliothèque de licences.) (.20/11/2010 - 14:27:26.) -- C:\Windows\System32\sppcomapi.dll [232448]

[MD5.1C7857B62DE5994A75B054A9FD4C3825] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.28/12/2011 - 04:59:24.) -- C:\Windows\system32\Drivers\AFD.sys [498688]

[MD5.02062C0B390B7729EDC9E69C680A6F3C] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.14/07/2009 - 02:52:21.) -- C:\Windows\system32\Drivers\atapi.sys [24128]

[MD5.B8BD2BB284668C84865658C77574381A] - (.Microsoft Corporation - CD-ROM File System Driver.) (.14/07/2009 - 00:19:47.) -- C:\Windows\system32\Drivers\Cdfs.sys [92160]

[MD5.F036CE71586E93D94DAB220D7BDF4416] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.20/11/2010 - 10:19:21.) -- C:\Windows\system32\Drivers\Cdrom.sys [147456]

[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.20/11/2010 - 10:26:32.) -- C:\Windows\system32\Drivers\DfsC.sys [102400]

[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.20/11/2010 - 11:43:43.) -- C:\Windows\system32\Drivers\HDAudBus.sys [122368]

[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - (.Microsoft Corporation - Pilote de port i8042.) (.14/07/2009 - 00:19:57.) -- C:\Windows\system32\Drivers\i8042prt.sys [105472]

[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - (.Microsoft Corporation - IP Network Address Translator.) (.14/07/2009 - 01:10:03.) -- C:\Windows\system32\Drivers\IpNat.sys [116224]

[MD5.A5D9106A73DC88564C825D317CAC68AC] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.27/04/2011 - 03:40:40.) -- C:\Windows\system32\Drivers\MRxSmb.sys [158208]

[MD5.09594D1089C523423B32A4229263F068] - (.Microsoft Corporation - MBT Transport driver.) (.20/11/2010 - 10:23:20.) -- C:\Windows\system32\Drivers\netBT.sys [261632]

[MD5.E453ACF4E7D44E5530B5D5F2B9CA8563] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.31/08/2012 - 19:19:35.) -- C:\Windows\system32\Drivers\ntfs.sys [1659760]

[MD5.0086431C29C35BE1DBC43F52CC273887] - (.Microsoft Corporation - Pilote de port parallèle.) (.14/07/2009 - 01:00:41.) -- C:\Windows\system32\Drivers\Parport.sys [97280]

[MD5.471815800AE33E6F1C32FB1B97C490CA] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.20/11/2010 - 11:52:35.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [129536]

[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - (.Microsoft Corporation - SMB Transport driver.) (.14/07/2009 - 01:09:09.) -- C:\Windows\system32\Drivers\smb.sys [93184]

[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - (.Microsoft Corporation - TDI Translation Driver.) (.20/11/2010 - 10:21:56.) -- C:\Windows\system32\Drivers\tdx.sys [119296]

[MD5.0D08D2F3B3FF84E433346669B5E0F639] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.20/11/2010 - 14:34:02.) -- C:\Windows\system32\Drivers\volsnap.sys [295808]

~ Scan Generic Processes in 00mn 00s

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 0/547

~ Mes musiques (My Musics) : 0/1

~ Mes Videos (My Videos) : 0/16

~ Mes Favoris (My Favorites) : 0/29

~ Mes Documents (My Documents) : 0/1781

~ Mon Bureau (My Desktop) : 0/106

~ Menu demarrer (Programs) : 0/49

~ Scan Hidden Files in 00mn 02s

 

 

 

---\\ Processus lancés

[MD5.90D909E329CDDF97BFCCD6E7E1731F20] - (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe [148864] [PID.2512]

[MD5.0883882382800C6454E59E6030AF35EC] - (.Orange - Executable Orange Inside.) -- C:\Users\JC\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe [1511424] [PID.3284]

[MD5.7C886F0E504B5280EEC45777056133EF] - (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe [269440] [PID.3960]

[MD5.4A746F2B804133CE26F87515B3D8FD06] - (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3673808] [PID.2612]

[MD5.E1E4780C87DACC69BE77DA4A1B3EC692] - (.ALWIL Software - avast! service GUI component.) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe [79224] [PID.1696]

[MD5.8D3AEF4278F58810A43D5685CEEEE524] - (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\dist\ST2.exe [14081408] [PID.4848]

[MD5.651A1ED3DA47FDB32F634E0C970DB35D] - (...) -- C:\Program Files (x86)\Expat Shield\bin\openvpntray.exe [653640] [PID.4128]

[MD5.5744FFF8E72D105C138DAE9E17BB29FE] - (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe [916960] [PID.892]

[MD5.C142445B59C1DABA31F6397A34C42C74] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe [16864] [PID.3684]

[MD5.26807EED9A80328943CD8385BC7E6991] - (.Adobe Systems, Inc. - Adobe Flash Player 11.5 r502.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_135.exe [1807800] [PID.2808]

[MD5.339DFA98DDDA7DDF735CE21C82E6F1DD] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe [824232] [PID.3384]

[MD5.0105EC1D0C014DC112E15AA65CCF702B] - (.Microsoft Corporation - Microsoft Access.) -- C:\Program Files (x86)\Microsoft Office\Office14\MSACCESS.exe [13996384] [PID.4616]

[MD5.0F3AA1E262FC566E4A652CFE837DF10F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [4969984] [PID.5056]

[MD5.3CA72CEA90DF8DA569D35CEC89676749] - (.ALWIL Software - avast! Antivirus updating service.) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [17272] [PID.1388]

[MD5.6A0A14F60654DF588F55160CB1B6DA8D] - (.ALWIL Software - avast! antivirus service.) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe [144760] [PID.1440]

[MD5.D19C4EE2AC7C47B8F5F84FFF1A789D8A] - (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [63960] [PID.1932]

[MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files (x86)\Bonjour\mDNSResponder.exe [229376] [PID.1956]

[MD5.507942B5BFDBB8EFD0E03BDE9F72BC86] - (...) -- C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe [331608] [PID.1984]

[MD5.2CFEA9C337B699ACA38487E8A7438F35] - (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe [363336] [PID.2028]

[MD5.564BAB77CD96CE0E3FD5BBCDDED142DF] - (...) -- C:\Program Files (x86)\Expat Shield\bin\hsswd.exe [329544] [PID.1084]

[MD5.1ACAA67676E9E7BDA5E0C41B6E0DECAF] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [398184] [PID.1332]

[MD5.C7F5C284B6F46FCAF6910EA4E644700B] - (.Nero AG - Nero BackItUp.) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe [935208] [PID.1824]

[MD5.940E626BC470367D5407C839B2CA696A] - (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\Notation.exe [54912] [PID.2100]

[MD5.79AFB20A741152D24D967C75407E0332] - (.Advernet - SavdmMonitor.) -- C:\Program Files (x86)\Notation\NotationMonitor.exe [33920] [PID.2196]

[MD5.E7483BE1E7A6FB16FC9AD6B54F99DEE4] - (.Protexis Inc. - PsiService PsiService.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [185632] [PID.2336]

[MD5.2AF094B1CE4725E4551F38FDA2348637] - (.Pas de propriétaire - RichVideo Module.) -- C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [171040] [PID.2364]

[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.2388]

[MD5.83682F469A3D65E8B6F06C28212318BD] - (.TomTom - Windows Service for TomTom HOME.) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [92592] [PID.2560]

[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392] [PID.2628]

[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.2732]

[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.3068]

~ Scan Processes Running in 00mn 02s

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Users\JC\AppData\Local\Google\Chrome\User Data\Default\Preferences

~ Scan Google Browser in 00mn 00s

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\8svqb8s7.default\prefs.js

C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\ii5omqwu.default\prefs.js (.not file.)

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\bing.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [JC] -- C:\Program Files (x86)\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -- C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll

P2 - FPN: [HKLM] [@divx.com/DivX VOD Helper,version=1.0.0] - (.DivX, LLC. - DivX VOD Helper Plug-in.) -- C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll

P2 - FPN: [HKLM] [@java.com/DTPlugin,version=1.6.0_37] - (.Oracle Corporation - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Windows\system32\npdeployJava1.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_37 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeAuthz,version=14.0] - (.Microsoft Corporation - Office Authorization plug-in for NPAPI browsers.) -- C:\Program Files\Microsoft Office\Office14\NPAUTHZ.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Users\JC\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Users\JC\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll

P2 - FPN: [HKCU] [intel.com/AppUp] - (...) -- C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (.not file.)

~ Scan Firefox Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Search Microsoft.com

R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = res://ieframe.dll/tabswelcome.htm

R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Search,SearchAssistant = Bing

R3 - URLSearchHook: (no name) [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\SysWOW64\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1

~ Scan IE Browser in 00mn 00s

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

~ Scan Proxy management in 00mn 00s

 

 

 

---\\ Analyse des lignes F0, F1, F2, F3 - IniFiles, Autoloading programs

F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\Windows\explorer.exe

F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Redirection du fichier Hosts (O1)

~ Le fichier hosts est sain (The hosts file is clean).

~ Scan Hosts File in 00mn 00s

~ Nombre de lignes (Lines number): 21

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: ContributeBHO Class [64Bits] - {074C1DC5-9320-4A9A-947D-C042949C6216} . (.Adobe Systems, Inc. - Contribute IE Plugin.) -- C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll

O2 - BHO: AcroIEHelperStub [64Bits] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> [64Bits] - {326E768D-4182-46FD-9C16-1449A49795F4} . (.DivX, LLC - DivX Plus Web Player HTML5 <video> version.) -- C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHT

O2 - BHO: Expat Shield Class [64Bits] - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} . (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll

O2 - BHO: Canon Easy-WebPrint EX BHO [64Bits] - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} . (.CANON INC. - Easy-WebPrint EX.) -- C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll

O2 - BHO: Spybot-S&D IE Protection [64Bits] - {53707962-6F74-2D53-2644-206D7942484F} . (.Safer-Networking Ltd. - Blocks URLs that could install spyware, mal.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper [64Bits] - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live [64Bits] - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin

O2 - BHO: Adobe PDF Conversion Toolbar Helper [64Bits] - {AE7CD045-E861-484f-8273-0445EE161910} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: URLRedirectionBHO [64Bits] - {B4F3A835-0E21-4959-BA22-42B3008E02FF} . (.Microsoft Corporation - Microsoft Office Document Cache Handler.) -- C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.dll

O2 - BHO: Java Plug-In 2 SSV Helper [64Bits] - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Oracle Corporation - Java Platform SE binary.) -- C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: SmartSelect [64Bits] - {F4971EE7-DAA0-4053-9964-665D8EE6A077} . (.Adobe Systems Incorporated - Adobe PDF Toolbar for Internet Explorer.) -- C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll

O2 - BHO: SingleInstance Class [64Bits] - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

~ Scan BHO in 00mn 00s

 

 

 

---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [MacrokeyManager] . (.Pas de propriétaire - Macro Key Manager MFC Application.) -- C:\Windows\System32\WTMKM.exe

O4 - HKLM\..\Run: [spywareTerminatorShield] . (.Crawler.com - Spyware Terminator 2012 Realtime Shield.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe

O4 - HKLM\..\Run: [spywareTerminatorUpdater] . (.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

O4 - HKCU\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKCU\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\JC\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe

O4 - HKCU\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe

O4 - HKLM\..\Wow6432Node\Run: [avast!] . (.ALWIL Software - avast! service GUI component.) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe

O4 - HKLM\..\Wow6432Node\RunOnce: [Malwarebytes Anti-Malware (cleanup)] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll

O4 - HKUS\S-1-5-18\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe

O4 - HKUS\S-1-5-18\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe

O4 - HKUS\S-1-5-21-85900175-3947571270-1107209466-1001\..\Run: [sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe

O4 - HKUS\S-1-5-21-85900175-3947571270-1107209466-1001\..\Run: [OrangeInside] . (.Orange - Executable Orange Inside.) -- C:\Users\JC\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe

O4 - HKUS\S-1-5-21-85900175-3947571270-1107209466-1001\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe

~ Scan Application in 00mn 00s

 

 

 

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\EVEREST Ultimate Edition.lnk . (...) -- C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe (.not file.)

O4 - Global Startup: C:\Users\UpdatusUser\Desktop\HijackThis.lnk . (.Trend Micro Inc..) -- C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

O4 - Global Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\JC\Desktop\Assistance Livebox.lnk . (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe

O4 - Global Startup: C:\Users\JC\Desktop\C.lnk - Clé orpheline

O4 - Global Startup: C:\Users\JC\Desktop\D.lnk - Clé orpheline

O4 - Global Startup: C:\Users\JC\Desktop\Google Chrome.lnk . (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Chrome\Application\chrome.exe

O4 - Global Startup: C:\Users\JC\Desktop\Lecteur de CD.lnk - Clé orpheline

O4 - Global Startup: C:\Users\JC\Desktop\Microsoft Access 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe

O4 - Global Startup: C:\Users\JC\Desktop\Microsoft Money.lnk . (.Microsoft® Corporation.) -- C:\Program Files (x86)\Microsoft Money 2005\MNYCoreFiles\msmoney.exe

O4 - Global Startup: C:\Users\JC\Desktop\Microsoft Outlook 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe

O4 - Global Startup: C:\Users\JC\Desktop\Microsoft Word 2010.lnk . (...) -- C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe

O4 - Global Startup: C:\Users\JC\Desktop\universalis2010.lnk . (...) -- C:\Program Files (x86)\Encyclopaedia Universalis 2010\Encyclopaedia Universalis 2010\universalis2010.exe

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk . (.Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Video Converter.lnk . (...) -- C:\Program Files (x86)\VideoConverter\VideoConverter.exe

O4 - Global Startup: C:\Users\JC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk . (.Yahoo! Inc..) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

~ Scan Global Startup in 00mn 00s

 

 

 

---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)

O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no

~ Scan IE Control Panel in 00mn 00s

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Envoyer à OneNote [64Bits] - {2670000A-7350-4f3c-8081-5663EE0C6C49} -- C:\Program Files (x86)\MICROS~2\Office14\ONBttnIE.dll (.not file.)

O9 - Extra button: Notes &liées OneNote [64Bits] - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -- C:\Program Files (x86)\MICROS~2\Office14\ONBTTN~1.dll (.not file.)

~ Scan IE Extra Buttons in 00mn 00s

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

~ Scan Winsock in 00mn 00s

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{8126CFC0-5BF8-45E1-8C1E-40A1B6BC776C}: DhcpNameServer = 8.8.8.8

O17 - HKLM\System\CCS\Services\Tcpip\..\{A2305F2A-C913-451C-B4EC-93B42C6E0CB3}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{E06AAF37-A35B-43A1-9B70-FDA4F33179FB}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{8126CFC0-5BF8-45E1-8C1E-40A1B6BC776C}: DhcpNameServer = 10.203.24.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{A2305F2A-C913-451C-B4EC-93B42C6E0CB3}: DhcpNameServer = 192.168.0.254

O17 - HKLM\System\CS1\Services\Tcpip\..\{8126CFC0-5BF8-45E1-8C1E-40A1B6BC776C}: DhcpDomain = hshld.com

O17 - HKLM\System\CS2\Services\Tcpip\..\{8126CFC0-5BF8-45E1-8C1E-40A1B6BC776C}: DhcpNameServer = 8.8.8.8

O17 - HKLM\System\CS2\Services\Tcpip\..\{A2305F2A-C913-451C-B4EC-93B42C6E0CB3}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{E06AAF37-A35B-43A1-9B70-FDA4F33179FB}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{8126CFC0-5BF8-45E1-8C1E-40A1B6BC776C}: DhcpNameServer = 8.8.8.8

O17 - HKLM\System\CS3\Services\Tcpip\..\{A2305F2A-C913-451C-B4EC-93B42C6E0CB3}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CS3\Services\Tcpip\..\{E06AAF37-A35B-43A1-9B70-FDA4F33179FB}: DhcpNameServer = 192.168.1.1

~ Scan Domain in 00mn 00s

 

 

 

---\\ Protocole additionnel (O18)

O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: livecall [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\system32\inetcomm.dll

O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\system32\urlmon.dll

O18 - Handler: ms-help [64Bits] - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll

O18 - Handler: msnim [64Bits] - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll

O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\msvidctl.dll

O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll

O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll

O18 - Filter: text/xml [64Bits] - {807573E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.dll

~ Scan Protocole Additionnel in 00mn 00s

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.

~ Scan SSODL in 00mn 00s

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: SAS Core Service (!SASCORE) . (.SUPERAntiSpyware.com - Core Service.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) . (.ALWIL Software - avast! Antivirus updating service.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus (avast! Antivirus) . (.ALWIL Software - avast! antivirus service.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

O23 - Service: Expat Shield Service (ExpatShieldService) . (...) - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

O23 - Service: Expat Shield Routing Service (ExpatSrv) . (.AnchorFree Inc. - Pas de description.) - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

O23 - Service: Expat Shield Monitoring Service (ExpatWd) . (...) - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe

O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: (MBAMScheduler) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

O23 - Service: (MBAMService) . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: Nero BackItUp Scheduler 4.0 (Nero BackItUp Scheduler 4.0) . (.Nero AG - Nero BackItUp.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

O23 - Service: (Notation) . (.Advernet - Notation.) - C:\Program Files (x86)\Notation\Notation.exe

O23 - Service: NotationMonitor (NotationMonitor) . (.Advernet - SavdmMonitor.) - C:\Program Files (x86)\Notation\NotationMonitor.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) . (.NVIDIA Corporation - NVIDIA Settings Update Manager.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Orange update Core Service (Orange update Core Service) . (.France Telecom SA - Orange [email protected]) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O23 - Service: PDAgent (PDAgent) . (.Raxco Software, Inc. - PDAgent Module.) - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe

O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. - PsiService PsiService.) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) . (.Pas de propriétaire - RichVideo Module.) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe

O23 - Service: Spyware Terminator 2012 Realtime Shield (ST2012_Svc) . (.Crawler.com - Spyware Terminator 2012 Realtime Shield Ser.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

~ Scan Services in 00mn 00s

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

~ Scan Desktop Component in 00mn 00s

 

 

 

---\\ BootExecute (O34)

O34 - HKLM BootExecute: (PDBoot.exe) - File not found

O34 - HKLM BootExecute: (autocheck autochk *) - File not found

O34 - HKLM BootExecute: (sdnclean64.exe) - File not found

~ Scan Keys in 00mn 00s

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Adobe Flash Player Updater.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\NeroLiveEpgUpdate-JC-PC_JC.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Registration3.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc Update3.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SpeedMaxPc.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 104ea28e-1c30-4d55-9499-309aba7c037c.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 51d5827f-793a-4076-b3d9-75d93da36785.job

[MD5.95CE557D16A75606CCC2D7F3B0B0BCCB] [APT] [Adobe Flash Player Updater] (.Adobe Systems Incorporated.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[MD5.5447AF432CDA61159ADDE218C468FFD9] [APT] [AdobeAAMUpdater-1.0-JC-PC-JC] (.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

[MD5.90D909E329CDDF97BFCCD6E7E1731F20] [APT] [AssistanceLivebox] (...) -- C:\Program Files (x86)\Orange\Assistance Livebox\AssistanceLivebox.exe

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001Core] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001UA] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.15DA71C12A4E8824839FF1C64EB6B7BA] [APT] [NeroLiveEpgUpdate-JC-PC_JC] (.Nero AG.) -- C:\Program Files (x86)\Nero\Nero 9\Nero Live\NeroLive.exe

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeLogonTaskS-1-5-21-85900175-3947571270-1107209466-1001] (...) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RealUpgradeScheduledTaskS-1-5-21-85900175-3947571270-1107209466-1001] (...) -- C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_DEFAULT] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_UPDATES] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.)

[MD5.4EE51F2AAC8DB7B1973C9D7F5B8DCB81] [APT] [speedMaxPc] (.SpeedMaxPc.) -- C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe

[MD5.35DD2A44BA05F0D447520BB265E91810] [APT] [speedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\Update3.exe

[MD5.00000000000000000000000000000000] [APT] [spyHunter4Startup] (...) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (.not file.)

[MD5.9B4DD5C7508F8F75803DDF3BAA4C5139] [APT] [sUPERAntiSpyware Scheduled Task 104ea28e-1c30-4d55-9499-309aba7c037c] (.SUPERAdBlocker.com.) -- C:\Program Files\SUPERAntiSpyware\SASTask.exe

[MD5.9B4DD5C7508F8F75803DDF3BAA4C5139] [APT] [sUPERAntiSpyware Scheduled Task 51d5827f-793a-4076-b3d9-75d93da36785] (.SUPERAdBlocker.com.) -- C:\Program Files\SUPERAntiSpyware\SASTask.exe

[MD5.00000000000000000000000000000000] [APT] [TuneUpUtilities_Task_BkGndMaintenance2012] (...) -- C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{0EEC9130-5653-4991-BCFF-7C43A3FEEAFD}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{1B7DBD10-55E2-4ABA-8A52-5A109AD96403}] (...) -- C:\Hahneman\hahneman.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{20462EBF-B212-43E2-B44D-79E77CAACB0F}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{3BE1A0B6-0F88-4FEF-B956-1B58F09DF4DC}] (...) -- C:\Hahneman\hahneman.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{3C182F72-B6BE-421A-88F7-8A63D97B46EC}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{3C99C734-9CA1-49D0-9480-05CE90EDCCF8}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{4182F12F-8786-44D4-82DD-8FF9AFF6559E}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{565A9461-03CE-4FA2-AA2F-F2C513EA9C64}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{5ACB7F14-DA72-477E-89F0-65C5D0D28C84}] (...) -- L:\programmes\winrar\Crack.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{5E8C670D-8A96-40BA-B1F3-58E4DDAB301C}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7D2E14ED-4742-4D91-AC62-486878CB0006}] (...) -- G:\autorun.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{7DA551D3-5541-4067-B390-38AE05302049}] (...) -- C:\Hahneman\hahneman.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{8FCE59AA-54F5-4F06-8BCA-504F0020C250}] (...) -- G:\autorun.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{933BC85E-7BBF-4458-930C-7D09F290344A}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{AE82027C-C5B8-4BB9-8A53-D5436A836B6E}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{B6C8D19E-974A-4592-8057-E2EBE82F3690}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.5012780E5E899DB8CCB1F311E6C57899] [APT] [{B9CF411D-95EA-45F6-9B9D-CF3A6D339543}] (.Adobe Systems, Inc..) -- C:\flash\Formation.exe

[MD5.00000000000000000000000000000000] [APT] [{BA3291D2-D096-4C40-975F-5ACDBBD04D97}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C0490A7C-8085-4AD9-8087-ECDCD5FB416D}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C32E47AF-F29E-4073-88BE-6F32C322233C}] (...) -- N:\avast\KeyMaker.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C3840F15-E0C1-4C23-B99A-384E87DDC12F}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{C80C17E1-387A-4E6B-AD79-3B33664F0733}] (...) -- N:\Autodesk 3Ds Maxsign 2011.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D0A79E50-D36B-4021-8BC4-4496CF15EB66}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{D67B535B-48BE-441F-AE9E-38A6020A1400}] (...) -- C:\Program Files (x86)\Winamp\winamp.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{DBA2962D-0676-4349-A18F-88FC8B6EF1B2}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{E2A6B52B-9D2A-4F9B-8585-AADC15415CA7}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.5012780E5E899DB8CCB1F311E6C57899] [APT] [{E8755055-C192-4F04-9710-8AF32465128C}] (.Adobe Systems, Inc..) -- C:\flash\Formation.exe

[MD5.00000000000000000000000000000000] [APT] [{E9C03FC7-4E75-4B77-9106-D8CDF7A43F66}] (...) -- G:\INSTexeC.exe (.not file.)

[MD5.00000000000000000000000000000000] [APT] [{F3A43613-D384-4713-8892-2014868D8141}] (...) -- C:\Program Files (x86)\Winamp\winamp.exe (.not file.)

[MD5.0883882382800C6454E59E6030AF35EC] [APT] [orangeinside] (.Orange.) -- C:\Users\JC\AppData\Roaming\Orange\OrangeInside\one\OrangeInside.exe

~ Scan Scheduled Task in 00mn 06s

 

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Microsoft Windows Media Player [64Bits] - >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Internet Explorer [64Bits] - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: Browser Customizations [64Bits] - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll

O40 - ASIC: Java (Sun) [64Bits] - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

O40 - ASIC: Microsoft Windows Media Player 12.0 [64Bits] - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\SysWOW64\wmpdxm.dll

O40 - ASIC: Themes Setup [64Bits] - {2C7339CF-2B09-4501-B3F3-F3508C9228ED} . (.Microsoft Corporation - API Windows Theme.) -- C:\Windows\System32\themeui.dll

O40 - ASIC: Microsoft Windows [64Bits] - {44BBA840-CC51-11CF-AAFA-00AA00B6015C} . (.Microsoft Corporation - Windows Mail.) -- C:\Program Files (x86)\Windows Mail\WinMail.exe

O40 - ASIC: Browsing Enhancements [64Bits] - {630b1da0-b465-11d1-9948-00c04f98bbc9} . (.Microsoft Corporation - Extension Shell dossier FTP Microsoft Internet Explorer..) -- C:\Windows\System32\msieftp.dll

O40 - ASIC: Microsoft Windows Media Player [64Bits] - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Ressources du Lecteur Windows Media.) -- C:\Windows\System32\wmploc.dll

O40 - ASIC: Windows Desktop Update [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4340} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O40 - ASIC: Web Platform Customizations [64Bits] - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe

O40 - ASIC: (no name) [64Bits] - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll

~ Scan Active Setup in 00mn 00s

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: C:\Windows\System32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\Windows\system32\drivers\afd.sys

O41 - Driver: (AvgLdx64) . (.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - C:\Windows\system32\Drivers\avgldx64.sys

O41 - Driver: (AvgMfx64) . (.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - C:\Windows\system32\Drivers\avgmfx64.sys

O41 - Driver: (AvgTdiA) . (.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - C:\Windows\system32\Drivers\avgtdia.sys

O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\Windows\System32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\System32\DRIVERS\cdrom.sys

O41 - Driver: C:\Windows\System32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\Windows\System32\Drivers\dfsc.sys

O41 - Driver: C:\Windows\System32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\Windows\System32\drivers\discache.sys

O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\Windows\system32\drivers\mssmbios.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\Windows\System32\DRIVERS\netbios.sys

O41 - Driver: C:\Windows\System32\drivers\netbt.sys (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\Windows\System32\DRIVERS\netbt.sys

O41 - Driver: (NetworkX) . (. - .) - C:\Windows\system32\ckldrv.sys (.not file.)

O41 - Driver: C:\Windows\System32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\Windows\System32\drivers\nsiproxy.sys

O41 - Driver: C:\Windows\System32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\Windows\System32\DRIVERS\pacer.sys

O41 - Driver: C:\Windows\System32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\Windows\System32\DRIVERS\rdbss.sys

O41 - Driver: C:\Windows\System32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\Windows\System32\DRIVERS\RDPCDD.sys

O41 - Driver: C:\Windows\System32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\Windows\System32\drivers\rdpencdd.sys

O41 - Driver: C:\Windows\System32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\Windows\System32\drivers\rdprefmp.sys

O41 - Driver: (SASDIFSV) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV64.SYS.) - C:\Program Files\SUPERAntiSpyware\SASDIFSV64.sys

O41 - Driver: (SASKUTIL) . (.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL64.SYS.) - C:\Program Files\SUPERAntiSpyware\SASKUTIL64.sys

O41 - Driver: C:\Windows\System32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\Windows\System32\DRIVERS\tdx.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\Windows\system32\drivers\termdd.sys

O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\Windows\system32\drivers\vga.sys

O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\Windows\System32\DRIVERS\vwififlt.sys

O41 - Driver: C:\Windows\System32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\Windows\System32\DRIVERS\wanarp.sys

O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\Windows\System32\DRIVERS\wfplwf.sys

O41 - Driver: C:\Windows\System32\drivers\ws2ifsl.sys (ws2ifsl) . (.Microsoft Corporation - Couche IFS Winsock2.) - C:\Windows\system32\drivers\ws2ifsl.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\Windows\system32\drivers\cdrom.sys

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: ABBYY FineReader 9.0 Professional Edition - (.ABBYY.) [HKLM][64Bits] -- {F9000000-0001-0000-0000-074957833700}

O42 - Logiciel: Add or Remove Adobe Premiere Pro CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {96F9B265-1367-4E1A-B8B9-F8530EF3AA62}

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe AIR

O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1798D459-6B8B-474B-868D-1229EADA3B95}

O42 - Logiciel: Adobe Acrobat 9 Pro - English, Français, Deutsch - (.Adobe Systems.) [HKLM][64Bits] -- {AC76BA86-1033-F400-7760-000000000004}

O42 - Logiciel: Adobe Acrobat 9.5.2 - CPSID_83708 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-1033-F400-7760-000000000004}_952

O42 - Logiciel: Adobe After Effects CS3 Presets - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {4B215C29-1A3E-4736-92AA-10C83FA56EB9}

O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}

O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}

O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}

O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Community Help - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}

O42 - Logiciel: Adobe Creative Suite 5 Master Collection - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}

O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

O42 - Logiciel: Adobe Encore CS5 Third Party Royalty Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0E3C6C75-872D-4B0D-B0B2-31C717250691}

O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

O42 - Logiciel: Adobe Flash Player 11 Plugin - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {04AF207D-9A77-465A-8B76-991F6AB66245}

O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {54793AA1-5001-42F4-ABB6-C364617C6078}

O42 - Logiciel: Adobe Media Encoder CS4 Importer - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {270F9094-DF19-40C9-9DBE-E2DD37614FDD}

O42 - Logiciel: Adobe Media Encoder CS5 Dolby X64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {5DDABB74-A879-4BE7-A4C6-FD41793942DB}

O42 - Logiciel: Adobe Media Encoder CS5 PCI X64 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {F9C71630-0EE3-475C-9E2B-ED95AE197DBD}

O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O42 - Logiciel: Adobe Media Player - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}

O42 - Logiciel: Adobe MotionPicture Color Files - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {6B708481-748A-4EB4-97C1-CD386244FF77}

O42 - Logiciel: Adobe OnLocation CS5 Royalty Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {7816FDDE-40D4-482D-AD7D-97858985DB3E}

O42 - Logiciel: Adobe Photoshop CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {15FEDA5F-141C-4127-8D7E-B962D1742728}

O42 - Logiciel: Adobe Premiere Elements 8.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- PremElem80

O42 - Logiciel: Adobe Premiere Elements 8.0 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A0E583D1-23F7-4C35-9620-B169D7715E4B}

O42 - Logiciel: Adobe Premiere Pro CS5 Third Party Royalty Content - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {565DE707-5798-4FC3-8DF6-0F58A348A9B0}

O42 - Logiciel: Adobe Reader X (10.1.4) - Français - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {083286D9-7F95-4CE6-B0CD-667BA492D30E}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {14AFE241-FC6E-4FDB-BCA0-7AD6F4974171}

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {2C294A0B-DF22-4023-B168-8C7645B10019}

O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}

O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}

O42 - Logiciel: Adobe XMP DVA Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {0224CACC-994D-45F8-B973-D65056EA9C2F}

O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {802771A9-A856-4A41-ACF7-1450E523C923}

O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM][64Bits] -- {EB879750-CCBD-4013-BFD5-0294D4DA5BD0}

O42 - Logiciel: Archiveur WinRAR - (.Pas de propriétaire.) [HKLM][64Bits] -- WinRAR archiver

O42 - Logiciel: Assistance Livebox - (.Orange.) [HKLM][64Bits] -- Assistance Livebox

O42 - Logiciel: CANON iMAGE GATEWAY Task for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- CANON iMAGE GATEWAY Task

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM][64Bits] -- CCleaner

O42 - Logiciel: CD-LabelPrint - (.Pas de propriétaire.) [HKLM][64Bits] -- MediaNavigation.CDLabelPrint

O42 - Logiciel: CPUID CPU-Z 1.57 - (.Pas de propriétaire.) [HKLM][64Bits] -- CPUID CPU-Z_is1

O42 - Logiciel: Canon Easy-WebPrint EX - (.Pas de propriétaire.) [HKLM][64Bits] -- Easy-WebPrint EX

O42 - Logiciel: Canon IJ Network Scan Utility - (.Pas de propriétaire.) [HKLM][64Bits] -- Canon_IJ_Network_Scan_UTILITY

O42 - Logiciel: Canon IJ Network Tool - (.Pas de propriétaire.) [HKLM][64Bits] -- Canon_IJ_Network_UTILITY

O42 - Logiciel: Canon Internet Library for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- Canon Internet Library for ZoomBrowser EX

O42 - Logiciel: Canon MOV Decoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Decoder

O42 - Logiciel: Canon MOV Encoder - (.Canon Inc..) [HKLM][64Bits] -- Canon MOV Encoder

O42 - Logiciel: Canon MP Navigator EX 3.0 - (.Pas de propriétaire.) [HKLM][64Bits] -- MP Navigator EX 3.0

O42 - Logiciel: Canon MP640 series MP Drivers - (.Pas de propriétaire.) [HKLM][64Bits] -- {1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series

O42 - Logiciel: Canon MovieEdit Task for ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- MovieEditTask

O42 - Logiciel: Canon Utilities Digital Photo Professional 3.8 - (.Canon Inc..) [HKLM][64Bits] -- DPP

O42 - Logiciel: Canon Utilities EOS Utility - (.Canon Inc..) [HKLM][64Bits] -- EOS Utility

O42 - Logiciel: Canon Utilities Easy-PhotoPrint EX - (.Pas de propriétaire.) [HKLM][64Bits] -- Easy-PhotoPrint EX

O42 - Logiciel: Canon Utilities My Printer - (.Pas de propriétaire.) [HKLM][64Bits] -- CanonMyPrinter

O42 - Logiciel: Canon Utilities PhotoStitch - (.Canon Inc..) [HKLM][64Bits] -- PhotoStitch

O42 - Logiciel: Canon Utilities Picture Style Editor - (.Canon Inc..) [HKLM][64Bits] -- Picture Style Editor

O42 - Logiciel: Canon Utilities Solution Menu - (.Pas de propriétaire.) [HKLM][64Bits] -- CanonSolutionMenu

O42 - Logiciel: Canon Utilities WFT Utility - (.Canon Inc..) [HKLM][64Bits] -- WFTK

O42 - Logiciel: Canon Utilities ZoomBrowser EX - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX

O42 - Logiciel: Canon ZoomBrowser EX Memory Card Utility - (.Canon Inc..) [HKLM][64Bits] -- ZoomBrowser EX Memory Card Utility

O42 - Logiciel: Configuration DivX - (.DivX, LLC.) [HKLM][64Bits] -- DivX Setup

O42 - Logiciel: Core FTP Pro 2.1 - (.Pas de propriétaire.) [HKLM][64Bits] -- Core FTP Pro 2.1

O42 - Logiciel: Corel Shell Extension - 64Bit - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF011}

O42 - Logiciel: CorelDRAW Graphics SUite X4 - ICA - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF010}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - (.Corel Corporation.) [HKLM][64Bits] -- {44A27085-0616-4181-A0C3-81C7ECA17F73}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Capture - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF012}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Content - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF016}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Draw - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF013}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Filters - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF017}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - FontNav - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF019}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - IPM - (.Corel Corporation.) [HKLM][64Bits] -- {9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang BR - (.Corel Corporation.) [HKLM][64Bits] -- {1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang DE - (.Corel Corporation.) [HKLM][64Bits] -- {AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang EN - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF100}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang ES - (.Corel Corporation.) [HKLM][64Bits] -- {D2827848-7D2A-4547-9AD1-C965FB3E6344}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang FR - (.Corel Corporation.) [HKLM][64Bits] -- {9D306690-3173-42CD-94C6-9EF9318AF24B}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang IT - (.Corel Corporation.) [HKLM][64Bits] -- {D0160DD3-6F62-4F1E-B999-6C68D3AE7390}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - Lang NL - (.Uw bedrijfsnaam.) [HKLM][64Bits] -- {A6C27FFF-75EF-4B5B-A64E-F9E128994908}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - PP - (.Corel Corporation.) [HKLM][64Bits] -- {7F05E704-30A6-421A-97A7-8EEB1C7FF014}

O42 - Logiciel: CorelDRAW Graphics Suite X4 - VBA - (.Corel Corporation.) [HKLM][64Bits] -- {BF439B41-0252-48DE-8B8B-0430CB26A181}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - (.Corel Corporation.) [HKLM][64Bits] -- _{7F05E704-30A6-421A-97A7-8EEB1C7FF010}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- _{CE2DA11A-917F-4CF5-AB55-755EC115DD10}

O42 - Logiciel: CorelDRAW® Graphics Suite X4 - Windows Shell Extension - (.Corel Corporation.) [HKLM][64Bits] -- {CE2DA11A-917F-4CF5-AB55-755EC115DD10}

O42 - Logiciel: DTS Plug-in - (.Nero AG.) [HKLM][64Bits] -- {0b75512f-a5a7-4de0-a825-96a21c6fc84e}

O42 - Logiciel: DivX Converter - (.DivX, Inc..) [HKLM][64Bits] -- {B13A7C41581B411290FBC0395694E2A9}

O42 - Logiciel: DivX Plus DirectShow Filters - (.DivX, Inc..) [HKLM][64Bits] -- DivX Plus DirectShow Filters

O42 - Logiciel: DriverAgent by eSupport.com - (.Pas de propriétaire.) [HKLM][64Bits] -- DriverAgent.exe

O42 - Logiciel: Encyclopaedia Universalis 2010 - (.Encyclopaedia Universalis.) [HKLM][64Bits] -- Encyclopaedia Universalis 2010

O42 - Logiciel: Expat Shield 2.24 - (.AnchorFree.) [HKLM][64Bits] -- ExpatShield

O42 - Logiciel: FileZilla Client 3.5.3 - (.FileZilla Project.) [HKLM][64Bits] -- FileZilla Client

O42 - Logiciel: Free Notes & Office Ink - (. .) [HKLM][64Bits] -- {556F2137-B772-43BB-9A45-E0275234DD16}

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU][64Bits] -- Google Chrome

O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM][64Bits] -- {2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Gracenote Plug-in - (.Nero AG.) [HKLM][64Bits] -- {103963d3-a6bb-46eb-a934-e172c9d9392c}

O42 - Logiciel: IsoBuster 2.5 - (.Smart Projects.) [HKLM][64Bits] -- IsoBuster_is1

O42 - Logiciel: Java 7 Update 9 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83217009FF}

O42 - Logiciel: Java 6 Update 37 (64-bit) - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F86416037FF}

O42 - Logiciel: Java 6 Update 37 - (.Oracle.) [HKLM][64Bits] -- {26A24AE4-039D-4CA4-87B4-2F83216037FF}

O42 - Logiciel: JavaFX 2.1.1 - (.Oracle Corporation.) [HKLM][64Bits] -- {1111706F-666A-4037-7777-211328764D10}

O42 - Logiciel: LameACM - (.Pas de propriétaire.) [HKLM][64Bits] -- LameACM

O42 - Logiciel: Le Petit Robert 2009 - (.Le Robert.) [HKLM][64Bits] -- PR1CD2009

O42 - Logiciel: Licensing Service Install - (.Protexis Inc..) [HKLM][64Bits] -- {AF72E557-0647-4DE5-ACDA-ECFB38D5D732}

O42 - Logiciel: LightScribe System Software 1.14.17.1 - (.LightScribe.) [HKLM][64Bits] -- {0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM][64Bits] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM][64Bits] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM][64Bits] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: Malwarebytes Anti-Malware version 1.70.0.1100 - (.Malwarebytes Corporation.) [HKLM][64Bits] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Micro Application - Tarot Divinatoire - (.Pas de propriétaire.) [HKLM][64Bits] -- Tarot Divinatoire

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM][64Bits] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM][64Bits] -- Money2005b

O42 - Logiciel: Microsoft Windows Media Video 9 VCM - (.Pas de propriétaire.) [HKLM][64Bits] -- WMV9_VCM

O42 - Logiciel: Microsoft_VC80_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}

O42 - Logiciel: Microsoft_VC80_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {925D058B-564A-443A-B4B2-7E90C6432E55}

O42 - Logiciel: Microsoft_VC80_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {92D58719-BBC1-4CC3-A08B-56C9E884CC2C}

O42 - Logiciel: Microsoft_VC80_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86 - (.Adobe.) [HKLM][64Bits] -- {D92BBB52-82FF-42ED-8A3C-4E062F944AB7}

O42 - Logiciel: Microsoft_VC80_MFCLOC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {1E9FC118-651D-4934-97BE-E53CAE5C7D45}

O42 - Logiciel: Microsoft_VC80_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {D1A19B02-817E-4296-A45B-07853FD74D57}

O42 - Logiciel: Microsoft_VC80_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}

O42 - Logiciel: Microsoft_VC90_ATL_x86 - (.Adobe.) [HKLM][64Bits] -- {033E378E-6AD3-4AD5-BDEB-CBD69B31046C}

O42 - Logiciel: Microsoft_VC90_ATL_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {8557397C-A42D-486F-97B3-A2CBC2372593}

O42 - Logiciel: Microsoft_VC90_CRT_x86 - (.Adobe.) [HKLM][64Bits] -- {08D2E121-7F6A-43EB-97FD-629B44903403}

O42 - Logiciel: Microsoft_VC90_CRT_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}

O42 - Logiciel: Microsoft_VC90_MFC_x86 - (.Adobe.) [HKLM][64Bits] -- {635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}

O42 - Logiciel: Microsoft_VC90_MFC_x86_x64 - (.Adobe.) [HKLM][64Bits] -- {A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}

O42 - Logiciel: Mises à jour NVIDIA 1.7.12 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update

O42 - Logiciel: Mozilla Firefox 17.0.1 (x86 fr) - (.Mozilla.) [HKLM][64Bits] -- Mozilla Firefox 17.0.1 (x86 fr)

O42 - Logiciel: Mozilla Maintenance Service - (.Mozilla.) [HKLM][64Bits] -- MozillaMaintenanceService

O42 - Logiciel: NVIDIA 3D Vision Controller Driver - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA StereoUSB Driver

O42 - Logiciel: NVIDIA Display Control Panel - (.NVIDIA Corporation.) [HKLM][64Bits] -- NVIDIA Display Control Panel

O42 - Logiciel: NVIDIA Logiciel système PhysX 9.11.0621 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX

O42 - Logiciel: NVIDIA PhysX - (.NVIDIA Corporation.) [HKLM][64Bits] -- {7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}

O42 - Logiciel: NVIDIA Pilote du contrôleur 3D Vision 285.62 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB

O42 - Logiciel: NVIDIA Pilote graphique 296.19 - (.NVIDIA Corporation.) [HKLM][64Bits] -- {B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver

O42 - Logiciel: Nero 9 - (.Nero AG.) [HKLM][64Bits] -- {daf433f1-2f4c-450b-9c3e-36bdb4e3cf73}

O42 - Logiciel: Nero BackItUp 4 - (.Nero AG.) [HKLM][64Bits] -- {96e1add9-fba4-400d-89a4-0b44a2801a30}

O42 - Logiciel: Nero MediaHome 4 - (.Nero AG.) [HKLM][64Bits] -- {45f513d7-cb73-4463-b2bc-f1bd4fd0b71b}

O42 - Logiciel: Nero Move it - (.Nero AG.) [HKLM][64Bits] -- {aade0dda-960e-4d14-b849-c5765099618b}

O42 - Logiciel: Nitro PDF Reader - (.Nitro PDF Software.) [HKLM][64Bits] -- {645C0B00-A449-4A9C-9925-44A214071DE3}

O42 - Logiciel: NoAdware v5.0 - (.Pas de propriétaire.) [HKLM][64Bits] -- NoAdware 5.0_is1

O42 - Logiciel: Notation - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3}

O42 - Logiciel: Orange Inside - (.Orange.) [HKCU][64Bits] -- Orange Inside

O42 - Logiciel: Orange Installeur version 1.2.5.0 - (.Orange.) [HKLM][64Bits] -- {D13FE823-C575-4451-AC37-E645A67AA581}_1.2.5.0

O42 - Logiciel: Orange update - (.Orange.) [HKLM][64Bits] -- OrangeUpdateManager

O42 - Logiciel: PDF Creator - (.Pas de propriétaire.) [HKLM][64Bits] -- PDF Creator

O42 - Logiciel: PDF Creator Packages - (.Pas de propriétaire.) [HKCU][64Bits] -- PDF Creator Packages

O42 - Logiciel: PDF Settings CS5 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {A78FE97A-C0C8-49CE-89D0-EDD524A17392}

O42 - Logiciel: PDFCreator - (.Frank Heindörfer, Philip Chinery.) [HKLM][64Bits] -- {0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}

O42 - Logiciel: PVSonyDll - (.NVIDIA Corporation.) [HKLM][64Bits] -- {3D3E663D-4E7E-4577-A560-7ECDDD45548A}

O42 - Logiciel: PerfectDisk 10 Professional - (.Raxco Software Inc..) [HKLM][64Bits] -- {7B738CD9-D107-48C7-8E65-2E6639A39C8D}

O42 - Logiciel: Picasa 3 - (.Google, Inc..) [HKLM][64Bits] -- Picasa 3

O42 - Logiciel: Pilote vidéo Pinnacle - (.Pinnacle Systems.) [HKLM][64Bits] -- {6DE721A5-5E89-4D74-994C-652BB3C0672E}

O42 - Logiciel: Pinnacle Studio 15 - (.Pinnacle Systems.) [HKLM][64Bits] -- {1362E602-9625-42D3-B57F-CDA9D26F9DA8}

O42 - Logiciel: Pinnacle Studio 15 Ultimate Collection Plugins - (.Pinnacle Systems.) [HKLM][64Bits] -- {BC7BED89-618B-4E89-8ADF-75D47F276223}

O42 - Logiciel: Pinnacle Studio Bonus Content - (.Pinnacle Systems.) [HKLM][64Bits] -- {FC030CB5-46A6-4229-AD6E-0AC869F509C8}

O42 - Logiciel: Power Disc Lock 7.0 - (.Sorensoft.) [HKLM][64Bits] -- {86EE065A-62F8-45ED-9B4A-3511C42DA8FC}

O42 - Logiciel: PowerDVD - (.CyberLink.) [HKLM][64Bits] -- InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}

O42 - Logiciel: Product Key Explorer 2.1.2 - (.Nsasoft, LLC..) [HKLM][64Bits] -- Product Key Explorer_is1

O42 - Logiciel: PxMergeModule - (.Your Company Name.) [HKLM][64Bits] -- {024521CF-C07E-4F8E-8481-0D75695E03AF}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM][64Bits] -- {AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}

O42 - Logiciel: Reader Library by Sony - (.Sony.) [HKLM][64Bits] -- {B70E5793-F912-4C62-AFE2-C4F0B078FD31}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Revo Uninstaller 1.92 - (.VS Revo Group.) [HKLM][64Bits] -- Revo Uninstaller

O42 - Logiciel: SUPERAntiSpyware - (.SUPERAntiSpyware.com.) [HKLM][64Bits] -- {CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}

O42 - Logiciel: SmartSound Quicktracks for Premiere Elements 8.0 - (.SmartSound Software Inc.) [HKLM][64Bits] -- InstallShield_{4685A344-6718-4923-AA9D-158A0A2E1CFB}

O42 - Logiciel: SmartSound Quicktracks for Premiere Elements 8.0 - (.SmartSound Software Inc.) [HKLM][64Bits] -- {4685A344-6718-4923-AA9D-158A0A2E1CFB}

O42 - Logiciel: Sothink SWF Decompiler - (.SourceTec Software Co., LTD.) [HKLM][64Bits] -- {BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1

O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM][64Bits] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46}

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM][64Bits] -- {AC76BA86-7AD7-5464-3428-900000000004}

O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {83B952C7-F8F3-4CA3-B4C5-33C85B24E478}

O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1

O42 - Logiciel: Spyware Terminator 2012 - (.Crawler.com.) [HKLM][64Bits] -- {56736259-613E-4A3B-B428-6235F2E76F44}_is1

O42 - Logiciel: Tablet Driver With Macrokey Manager - (.Pas de propriétaire.) [HKLM][64Bits] -- RmTablet

O42 - Logiciel: TomTom HOME 2.8.4.2596 - (.TomTom.) [HKLM][64Bits] -- TomTom HOME

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM][64Bits] -- {8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}

O42 - Logiciel: Tomtomax Maxi-Box V2.0.24 - (.Tomtomax et KoakDesign.) [HKLM][64Bits] -- {A10F672B-01C4-498F-ADBD-3E5B144284B7}_is1

O42 - Logiciel: Trend Micro Anti-Spyware - (.Trend Micro Incorporated..) [HKLM][64Bits] -- {319D9385-EEC1-4ae5-BFD1-C5DE1E063F30}

O42 - Logiciel: Uniblue PowerSuite - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- {793A260C-CDBF-499C-ABBA-B51E8E076867}_is1

O42 - Logiciel: Uniblue RegistryBooster - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- {E63E34A7-E552-412B-9E40-FD6FC5227ABA}_is1

O42 - Logiciel: Uniblue SpeedUpMyPC - (.Uniblue Systems Ltd.) [HKLM][64Bits] -- {E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1

O42 - Logiciel: VC80CRTRedist - 8.0.50727.6195 - (.DivX, Inc.) [HKLM][64Bits] -- {933B4015-4618-4716-A828-5289FC03165F}

O42 - Logiciel: VLC media player 2.0.5 - (.VideoLAN.) [HKLM][64Bits] -- VLC media player

O42 - Logiciel: Visual C++ 8.0 Runtime Setup Package (x64) - (.AVG Technologies CZ, s.r.o..) [HKLM][64Bits] -- {2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}

O42 - Logiciel: Votre PC prend la parole - (.Nom de société par défaut.) [HKLM][64Bits] -- {1335A7E0-6055-47B8-92FC-714D65117CAA}

O42 - Logiciel: Votre PC prend la parole dans Word - (.MEDIADICO.) [HKLM][64Bits] -- {487717A3-FD70-46E0-95E3-6B5BF05F3BCA}

O42 - Logiciel: WinPcap 4.1.2 - (.CACE Technologies.) [HKLM][64Bits] -- WinPcapInst

O42 - Logiciel: WinZip - (.WinZip Computing, Inc..) [HKLM][64Bits] -- WinZip

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM][64Bits] -- {69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

O42 - Logiciel: Wondershare PDF Converter (Build 3.0.0) - (.Wondershare Software.) [HKLM][64Bits] -- {C004CE24-FF62-4A54-ADB8-D0C32A1DFCD4}_is1

O42 - Logiciel: Yahoo! Messenger - (.Yahoo! Inc..) [HKLM][64Bits] -- Yahoo! Messenger

O42 - Logiciel: Yahoo! Search Protection - (.Pas de propriétaire.) [HKLM][64Bits] -- Yahoo! Search Defender

O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM][64Bits] -- Yahoo! Software Update

O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM][64Bits] -- Yahoo! Companion

O42 - Logiciel: avast! Antivirus v4.8 - (.Alwil Software.) [HKLM][64Bits] -- avast!

O42 - Logiciel: calibre - (.Kovid Goyal.) [HKLM][64Bits] -- {31758AE2-D16E-4E1E-A448-945EF61B48A8}

O42 - Logiciel: eDownloader - (.eDownloader.) [HKLM][64Bits] -- eDownloader 1.0.0

O42 - Logiciel: eDownloader - (.eDownloader.) [HKLM][64Bits] -- {8848B3CD-4464-414F-953C-966678634540}

O42 - Logiciel: eMule - (.Pas de propriétaire.) [HKLM][64Bits] -- eMule

O42 - Logiciel: mp3PRO Plug-in - (.Nero AG.) [HKLM][64Bits] -- {1e8033de-3da7-4efa-baa9-02b9e986589c}

O42 - Logiciel: msvcrt_installer - (.SAH.) [HKLM][64Bits] -- {6068A42A-C1CF-45F2-9859-5DB16287FE5D}

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B}

O42 - Logiciel: swMSM - (.Adobe Systems, Inc.) [HKLM][64Bits] -- {612C34C7-5E90-47D8-9B5C-0F717DD82726}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ABBYY]

[HKCU\Software\ACD Systems]

[HKCU\Software\ALWIL Software]

[HKCU\Software\ASProtect]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\AlterGeo]

[HKCU\Software\AppDataLow\Software\Canon]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Orange]

[HKCU\Software\AppDataLow\Software\Yahoo]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\Apple Inc.]

[HKCU\Software\Ashampoo]

[HKCU\Software\Avg]

[HKCU\Software\CDDB]

[HKCU\Software\CanonBJ]

[HKCU\Software\Canon]

[HKCU\Software\Canon_Inc_IC]

[HKCU\Software\ChicaLogic, Inc.]

[HKCU\Software\ChicaLogic]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Corel]

[HKCU\Software\Cyberlink]

[HKCU\Software\DAMN]

[HKCU\Software\DT Soft]

[HKCU\Software\Digital River]

[HKCU\Software\DivXNetworks]

[HKCU\Software\DivX]

[HKCU\Software\FSPro Labs]

[HKCU\Software\FTPWare]

[HKCU\Software\File Helper]

[HKCU\Software\Google]

[HKCU\Software\Haali]

[HKCU\Software\IM Providers]

[HKCU\Software\Imagineer Systems Ltd]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\KovidsBrain]

[HKCU\Software\LAventure]

[HKCU\Software\LMSOFT]

[HKCU\Software\Lake]

[HKCU\Software\Lavalys]

[HKCU\Software\Licenses]

[HKCU\Software\LightScribe]

[HKCU\Software\LinuxLive]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\MCAFEE]

[HKCU\Software\Macromedia]

[HKCU\Software\MainConcept (Adobe2)]

[HKCU\Software\MainConcept]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MediaNavigation]

[HKCU\Software\Mindscape]

[HKCU\Software\Minnetonka Audio Software]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Nico Mak Computing]

[HKCU\Software\Nitro PDF]

[HKCU\Software\NoAdware5]

[HKCU\Software\ODBC]

[HKCU\Software\OrangeInside]

[HKCU\Software\PACE Anti-Piracy]

[HKCU\Software\PDFCreator]

[HKCU\Software\PerformerSoft LLC]

[HKCU\Software\Pinnacle Systems]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Raxco]

[HKCU\Software\RealNetworks]

[HKCU\Software\Realtek]

[HKCU\Software\Red Giant Software]

[HKCU\Software\RedGiantSoftware]

[HKCU\Software\SUPERAntiSpyware.com]

[HKCU\Software\SWiSHzone.com]

[HKCU\Software\Safer Networking Limited]

[HKCU\Software\Secunia]

[HKCU\Software\Smart Projects]

[HKCU\Software\SolidDocuments]

[HKCU\Software\SourceTec]

[HKCU\Software\SpeedMaxPc]

[HKCU\Software\Spyware Terminator]

[HKCU\Software\Steganos]

[HKCU\Software\SubSystems]

[HKCU\Software\Sysinternals]

[HKCU\Software\Systweak]

[HKCU\Software\TeleCharger]

[HKCU\Software\TomTom]

[HKCU\Software\TrendMicro]

[HKCU\Software\Trolltech]

[HKCU\Software\TuneUp]

[HKCU\Software\Usbfix]

[HKCU\Software\VOB]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\WinRAR]

[HKCU\Software\WinZip Computing]

[HKCU\Software\Wow6432Node]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\eMule]

[HKCU\Software\kde.org]

[HKCU\Software\vgrabber.com]

[HKLM\Software\<company>]

[HKLM\Software\AGEIA Technologies]

[HKLM\Software\ATI Technologies]

[HKLM\Software\Adobe]

[HKLM\Software\Ashampoo]

[HKLM\Software\Audible]

[HKLM\Software\CUSTPDF Writer]

[HKLM\Software\Canon]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\DivX]

[HKLM\Software\EnigmaSoftwareGroup]

[HKLM\Software\File Helper]

[HKLM\Software\FileZilla 3]

[HKLM\Software\Google]

[HKLM\Software\IB Updater]

[HKLM\Software\Imagineer Systems Ltd]

[HKLM\Software\Intel]

[HKLM\Software\JavaSoft]

[HKLM\Software\Khronos]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Minnetonka Audio Software]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\Nitro PDF]

[HKLM\Software\Nucleous]

[HKLM\Software\ODBC]

[HKLM\Software\PACE Anti-Piracy]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Raxco]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\SUPERAntiSpyware.com]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Sonic]

[HKLM\Software\Spyware Terminator]

[HKLM\Software\Synthetic Aperture]

[HKLM\Software\TuneUp]

[HKLM\Software\Volatile]

[HKLM\Software\WNLT]

[HKLM\Software\Wow6432Node\ ]

[HKLM\Software\Wow6432Node\ABBYY]

[HKLM\Software\Wow6432Node\ACD Systems]

[HKLM\Software\Wow6432Node\AGEIA Technologies]

[HKLM\Software\Wow6432Node\ALWIL Software]

[HKLM\Software\Wow6432Node\Adobe]

[HKLM\Software\Wow6432Node\AdwCleaner]

[HKLM\Software\Wow6432Node\Ahead]

[HKLM\Software\Wow6432Node\AppDataLow]

[HKLM\Software\Wow6432Node\Apple Computer, Inc.]

[HKLM\Software\Wow6432Node\Apple Inc.]

[HKLM\Software\Wow6432Node\Audible]

[HKLM\Software\Wow6432Node\Avid]

[HKLM\Software\Wow6432Node\Avisynth]

[HKLM\Software\Wow6432Node\Bitstream]

[HKLM\Software\Wow6432Node\CDDB]

[HKLM\Software\Wow6432Node\Canon]

[HKLM\Software\Wow6432Node\Canon_Inc_IC]

[HKLM\Software\Wow6432Node\Caphyon]

[HKLM\Software\Wow6432Node\Classes]

[HKLM\Software\Wow6432Node\Clients]

[HKLM\Software\Wow6432Node\Corel]

[HKLM\Software\Wow6432Node\CyberLink]

[HKLM\Software\Wow6432Node\DAMN]

[HKLM\Software\Wow6432Node\DT Soft]

[HKLM\Software\Wow6432Node\Data fellows]

[HKLM\Software\Wow6432Node\Debug]

[HKLM\Software\Wow6432Node\DivXNetworks]

[HKLM\Software\Wow6432Node\DivX]

[HKLM\Software\Wow6432Node\FAST Multimedia]

[HKLM\Software\Wow6432Node\FSPro Labs]

[HKLM\Software\Wow6432Node\FTPWare]

[HKLM\Software\Wow6432Node\FileZilla 3]

[HKLM\Software\Wow6432Node\GPL Ghostscript]

[HKLM\Software\Wow6432Node\Google]

[HKLM\Software\Wow6432Node\HaaliMkx]

[HKLM\Software\Wow6432Node\Hide Files and Folders]

[HKLM\Software\Wow6432Node\IncrediMail]

[HKLM\Software\Wow6432Node\InstallShield]

[HKLM\Software\Wow6432Node\Intel]

[HKLM\Software\Wow6432Node\JavaSoft]

[HKLM\Software\Wow6432Node\JreMetrics]

[HKLM\Software\Wow6432Node\Khronos]

[HKLM\Software\Wow6432Node\Kodak]

[HKLM\Software\Wow6432Node\LAventure]

[HKLM\Software\Wow6432Node\LMSOFT]

[HKLM\Software\Wow6432Node\Lake]

[HKLM\Software\Wow6432Node\Licenses]

[HKLM\Software\Wow6432Node\LightScribe]

[HKLM\Software\Wow6432Node\MAXSOFT-OCRON]

[HKLM\Software\Wow6432Node\Macromedia]

[HKLM\Software\Wow6432Node\Macrovision]

[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware (Trial)]

[HKLM\Software\Wow6432Node\Malwarebytes' Anti-Malware]

[HKLM\Software\Wow6432Node\McAfee.com]

[HKLM\Software\Wow6432Node\Micro Application]

[HKLM\Software\Wow6432Node\MimarSinan]

[HKLM\Software\Wow6432Node\MozillaPlugins]

[HKLM\Software\Wow6432Node\Mozilla]

[HKLM\Software\Wow6432Node\NVIDIA Corporation]

[HKLM\Software\Wow6432Node\Nero]

[HKLM\Software\Wow6432Node\Neuxpower]

[HKLM\Software\Wow6432Node\Nico Mak Computing]

[HKLM\Software\Wow6432Node\Nitro PDF]

[HKLM\Software\Wow6432Node\ODBC]

[HKLM\Software\Wow6432Node\Oracle]

[HKLM\Software\Wow6432Node\Orange]

[HKLM\Software\Wow6432Node\PDFCreator]

[HKLM\Software\Wow6432Node\Pegasus Imaging]

[HKLM\Software\Wow6432Node\PegasusImaging]

[HKLM\Software\Wow6432Node\Pinnacle Systems]

[HKLM\Software\Wow6432Node\Policies]

[HKLM\Software\Wow6432Node\Protexis]

[HKLM\Software\Wow6432Node\RealNetworks]

[HKLM\Software\Wow6432Node\Red Giant Software]

[HKLM\Software\Wow6432Node\RegisteredApplications]

[HKLM\Software\Wow6432Node\S3R521]

[HKLM\Software\Wow6432Node\SECURITOO]

[HKLM\Software\Wow6432Node\SWiSHzone.com]

[HKLM\Software\Wow6432Node\Safer Networking Limited]

[HKLM\Software\Wow6432Node\Secunia]

[HKLM\Software\Wow6432Node\SmartSound Software]

[HKLM\Software\Wow6432Node\Sonic]

[HKLM\Software\Wow6432Node\Sony Corporation]

[HKLM\Software\Wow6432Node\SourceTec]

[HKLM\Software\Wow6432Node\SpeedMaxPc]

[HKLM\Software\Wow6432Node\Steganos]

[HKLM\Software\Wow6432Node\Swearware]

[HKLM\Software\Wow6432Node\Symantec]

[HKLM\Software\Wow6432Node\Systweak]

[HKLM\Software\Wow6432Node\TomTom]

[HKLM\Software\Wow6432Node\TrendMicro]

[HKLM\Software\Wow6432Node\TuneUp]

[HKLM\Software\Wow6432Node\Uniblue]

[HKLM\Software\Wow6432Node\Universalis]

[HKLM\Software\Wow6432Node\VideoLAN]

[HKLM\Software\Wow6432Node\Volatile]

[HKLM\Software\Wow6432Node\W3i]

[HKLM\Software\Wow6432Node\WinPcap]

[HKLM\Software\Wow6432Node\Windows]

[HKLM\Software\Wow6432Node\Wondershare]

[HKLM\Software\Wow6432Node\Xing Technology Corp.]

[HKLM\Software\Wow6432Node\Yahoo]

[HKLM\Software\Wow6432Node\calibre]

[HKLM\Software\Wow6432Node\eDownloader]

[HKLM\Software\Wow6432Node\emme]

[HKLM\Software\Wow6432Node\mozilla.org]

[HKLM\Software\Wow6432Node\webtogo]

[HKLM\Software\Wow6432Node]

[HKLM\Software\swearware]

~ Scan Softwares in 00mn 00s

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 01/01/2013 - 22:29:47 - [459,263] ----D C:\Program Files (x86)\ABBYY FineReader 9.0

O43 - CFD: 15/07/2011 - 10:18:18 - [896,508] ----D C:\Program Files (x86)\Adobe

O43 - CFD: 30/06/2011 - 12:01:48 - [2,891] ----D C:\Program Files (x86)\Adobe Media Player

O43 - CFD: 21/06/2011 - 14:09:06 - [0,098] ----D C:\Program Files (x86)\Ahead

O43 - CFD: 01/01/2013 - 22:30:09 - [0,309] ----D C:\Program Files (x86)\Bonjour

O43 - CFD: 19/05/2012 - 13:46:41 - [126,697] ----D C:\Program Files (x86)\Calibre2

O43 - CFD: 10/07/2012 - 08:19:51 - [578,904] ----D C:\Program Files (x86)\Canon

O43 - CFD: 08/01/2013 - 18:13:46 - [-1793,917] ----D C:\Program Files (x86)\Common Files

O43 - CFD: 21/10/2012 - 13:06:37 - [0,000] ----D C:\Program Files (x86)\Controle Parental

O43 - CFD: 02/07/2011 - 12:18:46 - [6,363] ----D C:\Program Files (x86)\CoreFTP

O43 - CFD: 07/06/2011 - 13:14:25 - [1420,750] ----D C:\Program Files (x86)\Corel

O43 - CFD: 06/06/2011 - 16:19:48 - [90,308] ----D C:\Program Files (x86)\CyberLink

O43 - CFD: 20/10/2012 - 13:24:29 - [11,186] ----D C:\Program Files (x86)\DAEMON Tools Lite

O43 - CFD: 01/01/2013 - 22:27:44 - [0,200] ----D C:\Program Files (x86)\DAMN NFO Viewer

O43 - CFD: 18/12/2011 - 12:39:40 - [134,530] ----D C:\Program Files (x86)\DivX

O43 - CFD: 01/01/2013 - 22:27:44 - [6,710] ----D C:\Program Files (x86)\Driver Mender

O43 - CFD: 19/06/2011 - 14:05:54 - [10,401] ----D C:\Program Files (x86)\eMule

O43 - CFD: 29/09/2011 - 12:06:26 - [-1556,620] ----D C:\Program Files (x86)\Encyclopaedia Universalis 2010

O43 - CFD: 23/01/2012 - 11:11:16 - [15,523] ----D C:\Program Files (x86)\Expat Shield

O43 - CFD: 30/12/2012 - 16:06:36 - [0,247] ----D C:\Program Files (x86)\File Scout

O43 - CFD: 01/01/2013 - 22:30:17 - [16,306] ----D C:\Program Files (x86)\FileZilla FTP Client

O43 - CFD: 10/11/2011 - 09:54:16 - [7,558] ----D C:\Program Files (x86)\Free Notes & Office Ink

O43 - CFD: 12/11/2011 - 09:43:16 - [122,846] ----D C:\Program Files (x86)\Google

O43 - CFD: 01/01/2013 - 14:18:31 - [7,701] ----D C:\Program Files (x86)\GPLGS

O43 - CFD: 21/10/2012 - 13:06:36 - [11,931] ----D C:\Program Files (x86)\InstallShield Installation Information

O43 - CFD: 01/01/2013 - 22:31:03 - [6,188] ----D C:\Program Files (x86)\Internet Explorer

O43 - CFD: 01/01/2013 - 22:27:48 - [208,881] ----D C:\Program Files (x86)\Java

O43 - CFD: 29/06/2011 - 13:29:38 - [0,073] ----D C:\Program Files (x86)\LameACM

O43 - CFD: 25/01/2012 - 11:51:08 - [0,039] ----D C:\Program Files (x86)\Lavalys

O43 - CFD: 02/01/2013 - 14:45:41 - [0] ----D C:\Program Files (x86)\lmsoft

O43 - CFD: 05/06/2011 - 23:24:30 - [14,942] ----D C:\Program Files (x86)\LooksBuilderSE

O43 - CFD: 01/11/2012 - 16:13:14 - [0,594] ----D C:\Program Files (x86)\LSHunter.TV

O43 - CFD: 07/01/2013 - 17:22:05 - [12,195] ----D C:\Program Files (x86)\Malwarebytes' Anti-Malware

O43 - CFD: 01/01/2013 - 22:27:51 - [637,745] ----D C:\Program Files (x86)\Micro Application

O43 - CFD: 22/06/2011 - 14:51:26 - [0,216] ----D C:\Program Files (x86)\Microsoft

O43 - CFD: 01/01/2013 - 22:27:51 - [38,002] ----D C:\Program Files (x86)\Microsoft Analysis Services

O43 - CFD: 10/06/2011 - 10:01:23 - [72,239] ----D C:\Program Files (x86)\Microsoft Money 2005

O43 - CFD: 01/01/2013 - 22:27:52 - [949,368] ----D C:\Program Files (x86)\Microsoft Office

O43 - CFD: 05/01/2013 - 14:05:29 - [0] ----D C:\Program Files (x86)\Microsoft Security Client

O43 - CFD: 01/01/2013 - 22:27:56 - [1,722] ----D C:\Program Files (x86)\Microsoft SQL Server Compact Edition

O43 - CFD: 01/01/2013 - 22:27:56 - [0,757] ----D C:\Program Files (x86)\Microsoft Sync Framework

O43 - CFD: 01/01/2013 - 22:27:56 - [0,312] ----D C:\Program Files (x86)\Microsoft Synchronization Services

O43 - CFD: 01/01/2013 - 22:27:56 - [1,314] ----D C:\Program Files (x86)\Microsoft Visual Studio 8

O43 - CFD: 19/07/2012 - 09:29:46 - [7,789] ----D C:\Program Files (x86)\Microsoft.NET

O43 - CFD: 09/01/2013 - 13:45:33 - [44,102] ----D C:\Program Files (x86)\Mozilla Firefox

O43 - CFD: 09/01/2013 - 13:45:35 - [0,322] ----D C:\Program Files (x86)\Mozilla Maintenance Service

O43 - CFD: 19/07/2012 - 09:30:25 - [0,025] ----D C:\Program Files (x86)\MSBuild

O43 - CFD: 08/07/2011 - 13:32:24 - [0] ----D C:\Program Files (x86)\My Company Name

O43 - CFD: 05/06/2011 - 20:17:37 - [1067,159] ----D C:\Program Files (x86)\Nero

O43 - CFD: 06/06/2011 - 13:41:20 - [60,822] ----D C:\Program Files (x86)\Nitro PDF

O43 - CFD: 09/01/2013 - 16:30:01 - [34,052] ----D C:\Program Files (x86)\NoAdware5.0

O43 - CFD: 02/01/2013 - 20:53:51 - [1,677] ----D C:\Program Files (x86)\Notation

O43 - CFD: 29/06/2011 - 11:24:39 - [1,850] ----D C:\Program Files (x86)\Nsasoft

O43 - CFD: 02/11/2012 - 18:54:08 - [86,445] ----D C:\Program Files (x86)\NVIDIA Corporation

O43 - CFD: 01/01/2013 - 22:27:56 - [33,207] ----D C:\Program Files (x86)\Oracle

O43 - CFD: 02/01/2013 - 21:31:35 - [245,817] ----D C:\Program Files (x86)\Orange

O43 - CFD: 06/01/2013 - 17:10:59 - [37,488] ----D C:\Program Files (x86)\PDFCreator

O43 - CFD: 05/06/2011 - 23:24:16 - [1356,456] ----D C:\Program Files (x86)\Pinnacle

O43 - CFD: 02/01/2013 - 11:03:25 - [72,326] ----D C:\Program Files (x86)\QuickTime

O43 - CFD: 11/07/2011 - 10:13:45 - [0,000] ----D C:\Program Files (x86)\Real

O43 - CFD: 14/07/2009 - 06:32:38 - [37,349] ----D C:\Program Files (x86)\Reference Assemblies

O43 - CFD: 05/06/2011 - 23:29:29 - [9,261] ----D C:\Program Files (x86)\Smart Projects

O43 - CFD: 01/01/2013 - 22:27:58 - [9,023] ----D C:\Program Files (x86)\SmartSound Software

O43 - CFD: 02/01/2013 - 20:53:06 - [3,221] ----D C:\Program Files (x86)\Software Installer

O43 - CFD: 06/06/2011 - 16:55:24 - [47,079] ----D C:\Program Files (x86)\Sony

O43 - CFD: 06/01/2013 - 16:54:25 - [9,071] ----D C:\Program Files (x86)\Sorensoft

O43 - CFD: 29/06/2011 - 11:29:41 - [17,549] ----D C:\Program Files (x86)\SourceTec

O43 - CFD: 08/01/2013 - 18:13:46 - [9,120] ----D C:\Program Files (x86)\SpeedMaxPc

O43 - CFD: 02/01/2013 - 15:01:12 - [152,667] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2

O43 - CFD: 08/01/2013 - 18:16:34 - [19,978] ----D C:\Program Files (x86)\Spyware Terminator

O43 - CFD: 26/06/2011 - 10:28:03 - [0] ----D C:\Program Files (x86)\TomTom HOME

O43 - CFD: 01/01/2013 - 22:30:22 - [47,565] ----D C:\Program Files (x86)\TomTom HOME 2

O43 - CFD: 26/06/2011 - 10:31:23 - [0,021] ----D C:\Program Files (x86)\TomTom International B.V

O43 - CFD: 09/01/2012 - 16:32:57 - [1,856] ----D C:\Program Files (x86)\Tomtomax Maxi-Box

O43 - CFD: 05/01/2013 - 19:12:23 - [80,733] ----D C:\Program Files (x86)\Trend Micro

O43 - CFD: 02/01/2013 - 15:24:31 - [53,124] ----D C:\Program Files (x86)\Uniblue

O43 - CFD: 14/07/2009 - 05:57:06 - [0] ----D C:\Program Files (x86)\Uninstall Information

O43 - CFD: 02/01/2013 - 13:08:42 - [0,004] ----D C:\Program Files (x86)\Unlocker

O43 - CFD: 09/01/2013 - 16:30:01 - [42,668] ----D C:\Program Files (x86)\vGrabber-software

O43 - CFD: 01/01/2013 - 22:27:58 - [13,520] ----D C:\Program Files (x86)\VideoConverter

O43 - CFD: 01/01/2013 - 22:27:58 - [153,333] ----D C:\Program Files (x86)\VideoLAN

O43 - CFD: 05/06/2011 - 20:26:32 - [6,497] ----D C:\Program Files (x86)\VS Revo Group

O43 - CFD: 01/01/2013 - 22:31:03 - [0,500] ----D C:\Program Files (x86)\Windows Defender

O43 - CFD: 22/06/2011 - 14:51:21 - [43,684] ----D C:\Program Files (x86)\Windows Live

O43 - CFD: 22/06/2011 - 14:51:10 - [0,234] ----D C:\Program Files (x86)\Windows Live SkyDrive

O43 - CFD: 05/01/2013 - 14:06:46 - [5,895] ----D C:\Program Files (x86)\Windows Mail

O43 - CFD: 05/01/2013 - 14:06:46 - [4,791] ----D C:\Program Files (x86)\Windows Media Player

O43 - CFD: 14/07/2009 - 06:32:38 - [11,632] ----D C:\Program Files (x86)\Windows NT

O43 - CFD: 05/01/2013 - 14:06:46 - [4,213] ----D C:\Program Files (x86)\Windows Photo Viewer

O43 - CFD: 05/01/2013 - 14:06:46 - [0,181] ----D C:\Program Files (x86)\Windows Portable Devices

O43 - CFD: 05/01/2013 - 14:06:46 - [25,584] ----D C:\Program Files (x86)\Windows Sidebar

O43 - CFD: 05/06/2011 - 19:52:17 - [3,635] ----D C:\Program Files (x86)\WinRAR

O43 - CFD: 01/01/2013 - 22:27:59 - [0,325] ----D C:\Program Files (x86)\WinZip

O43 - CFD: 05/07/2011 - 17:06:18 - [4,906] ----D C:\Program Files (x86)\WinZip1

O43 - CFD: 01/01/2013 - 22:27:59 - [26,228] ----D C:\Program Files (x86)\Wondershare

O43 - CFD: 01/01/2013 - 22:27:59 - [35,113] ----D C:\Program Files (x86)\Yahoo!

O43 - CFD: 07/06/2011 - 17:06:48 - [0,002] ----D C:\Program Files (x86)\Zero G Registry

O43 - CFD: 09/01/2013 - 16:33:18 - [11,246] ----D C:\Program Files (x86)\ZHPDiag

O43 - CFD: 01/01/2013 - 22:27:39 - [4,934] ----D C:\Program Files (x86)\Common Files\ABBYY

O43 - CFD: 20/06/2011 - 17:18:30 - [13,562] ----D C:\Program Files (x86)\Common Files\ACD Systems

O43 - CFD: 15/07/2011 - 10:14:44 - [1539,701] ----D C:\Program Files (x86)\Common Files\Adobe

O43 - CFD: 02/01/2013 - 11:01:02 - [43,938] ----D C:\Program Files (x86)\Common Files\Adobe AIR

O43 - CFD: 21/06/2011 - 14:02:11 - [22,200] ----D C:\Program Files (x86)\Common Files\Ahead

O43 - CFD: 06/06/2011 - 16:07:35 - [60,277] ----D C:\Program Files (x86)\Common Files\Apple

O43 - CFD: 06/06/2011 - 14:58:53 - [1,274] ----D C:\Program Files (x86)\Common Files\Canon

O43 - CFD: 06/06/2011 - 11:33:20 - [20,908] ----D C:\Program Files (x86)\Common Files\Corel

O43 - CFD: 19/07/2012 - 09:30:06 - [0,095] ----D C:\Program Files (x86)\Common Files\DESIGNER

O43 - CFD: 18/12/2011 - 12:38:20 - [23,581] ----D C:\Program Files (x86)\Common Files\DivX Shared

O43 - CFD: 01/01/2013 - 22:27:41 - [4,646] ----D C:\Program Files (x86)\Common Files\InstallShield

O43 - CFD: 01/01/2013 - 22:27:41 - [1,184] ----D C:\Program Files (x86)\Common Files\Java

O43 - CFD: 05/06/2011 - 20:13:49 - [28,832] ----D C:\Program Files (x86)\Common Files\LightScribe

O43 - CFD: 06/06/2011 - 18:40:46 - [0,827] ----D C:\Program Files (x86)\Common Files\Macrovision Shared

O43 - CFD: 05/01/2013 - 14:05:29 - [231,675] ----D C:\Program Files (x86)\Common Files\microsoft shared

O43 - CFD: 08/06/2011 - 11:27:26 - [196,660] ----D C:\Program Files (x86)\Common Files\Nero

O43 - CFD: 06/06/2011 - 13:41:20 - [15,773] ----D C:\Program Files (x86)\Common Files\Nitro PDF

O43 - CFD: 05/06/2011 - 23:19:21 - [0,383] ----D C:\Program Files (x86)\Common Files\Pegasus Imaging

O43 - CFD: 05/06/2011 - 23:22:41 - [1,394] ----D C:\Program Files (x86)\Common Files\Pinnacle

O43 - CFD: 07/06/2011 - 13:17:04 - [1,592] ----D C:\Program Files (x86)\Common Files\Protexis

O43 - CFD: 09/07/2011 - 17:37:24 - [4,628] ----D C:\Program Files (x86)\Common Files\PX Storage Engine

O43 - CFD: 14/07/2009 - 04:20:08 - [0,003] ----D C:\Program Files (x86)\Common Files\Services

O43 - CFD: 01/01/2013 - 22:27:44 - [0,355] ----D C:\Program Files (x86)\Common Files\Sonic Shared

O43 - CFD: 06/06/2011 - 16:55:24 - [0,627] ----D C:\Program Files (x86)\Common Files\Sony Shared

O43 - CFD: 29/06/2011 - 11:29:43 - [0,384] ----D C:\Program Files (x86)\Common Files\SourceTec

O43 - CFD: 14/07/2009 - 04:20:08 - [39,200] ----D C:\Program Files (x86)\Common Files\SpeechEngines

O43 - CFD: 08/01/2013 - 18:13:46 - [1,561] ----D C:\Program Files (x86)\Common Files\SpeedMaxPc

O43 - CFD: 28/06/2011 - 16:05:36 - [0,059] ----D C:\Program Files (x86)\Common Files\SWiSHzone.com

O43 - CFD: 02/01/2013 - 13:05:06 - [0] ----D C:\Program Files (x86)\Common Files\Symantec Shared

O43 - CFD: 05/01/2013 - 14:06:46 - [10,355] ----D C:\Program Files (x86)\Common Files\System

O43 - CFD: 22/06/2011 - 14:49:49 - [0] ----D C:\Program Files (x86)\Common Files\Windows Live

O43 - CFD: 03/01/2013 - 19:46:28 - [31,174] ----D C:\Program Files (x86)\Common Files\Wise Installation Wizard

O43 - CFD: 05/06/2011 - 23:19:17 - [0,302] ----D C:\Program Files (x86)\Common Files\Yahoo!

O43 - CFD: 09/06/2011 - 18:13:12 - [2,514] ----D C:\ProgramData\ABBYY

O43 - CFD: 20/06/2011 - 17:18:27 - [0,186] ----D C:\ProgramData\ACD Systems

O43 - CFD: 30/12/2012 - 16:21:37 - [934,220] ----D C:\ProgramData\Adobe

O43 - CFD: 21/06/2011 - 14:02:12 - [0] ----D C:\ProgramData\Ahead

O43 - CFD: 14/07/2011 - 23:03:53 - [0] ----D C:\ProgramData\ALM

O43 - CFD: 06/06/2011 - 16:07:29 - [37,124] ----D C:\ProgramData\Apple

O43 - CFD: 02/01/2013 - 11:03:09 - [25,485] ----D C:\ProgramData\Apple Computer

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Application Data

O43 - CFD: 01/01/2013 - 22:30:26 - [150,479] ----D C:\ProgramData\avg9

O43 - CFD: 02/01/2013 - 20:02:55 - [0,000] ----D C:\ProgramData\BDLogging

O43 - CFD: 05/06/2011 - 19:34:44 - [0] ----D C:\ProgramData\Bureau

O43 - CFD: 06/06/2011 - 13:44:56 - [20,517] ----D C:\ProgramData\CanonBJ

O43 - CFD: 06/02/2012 - 09:48:33 - [0,000] ----D C:\ProgramData\CanonIJ

O43 - CFD: 01/11/2011 - 22:19:23 - [0,000] ----D C:\ProgramData\CanonIJEGV

O43 - CFD: 09/06/2011 - 18:12:18 - [0,002] ----D C:\ProgramData\CanonIJScan

O43 - CFD: 30/06/2011 - 15:05:49 - [0,000] ----D C:\ProgramData\Common Files

O43 - CFD: 07/06/2011 - 13:17:05 - [63,347] ----D C:\ProgramData\Corel

O43 - CFD: 06/06/2011 - 16:23:50 - [0,011] ----D C:\ProgramData\CyberLink

O43 - CFD: 11/07/2011 - 10:45:24 - [0,001] ----D C:\ProgramData\DAEMON Tools Lite

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Desktop

O43 - CFD: 18/12/2011 - 12:39:34 - [7,028] ----D C:\ProgramData\DivX

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Documents

O43 - CFD: 01/01/2013 - 22:28:09 - [0,001] ----D C:\ProgramData\Driver Mender

O43 - CFD: 19/06/2011 - 14:06:33 - [0] ----D C:\ProgramData\eMule

O43 - CFD: 09/07/2011 - 17:38:47 - [0,344] ----D C:\ProgramData\eSellerate

O43 - CFD: 01/01/2013 - 22:28:09 - [0,000] ----D C:\ProgramData\f-secure

O43 - CFD: 05/06/2011 - 19:34:44 - [0] ----D C:\ProgramData\Favoris

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Favorites

O43 - CFD: 09/07/2011 - 17:50:11 - [0,113] ----D C:\ProgramData\FLEXnet

O43 - CFD: 06/06/2011 - 13:55:12 - [0] ----D C:\ProgramData\Hagel Technologies

O43 - CFD: 02/01/2013 - 20:31:51 - [0] ----D C:\ProgramData\hssff

O43 - CFD: 31/12/2011 - 19:31:18 - [0,001] ----D C:\ProgramData\Intel

O43 - CFD: 20/06/2011 - 18:19:57 - [0] ----D C:\ProgramData\kinoma

O43 - CFD: 02/01/2013 - 19:51:35 - [0,000] ----D C:\ProgramData\Lavasoft

O43 - CFD: 06/06/2011 - 12:48:17 - [1,034] ----D C:\ProgramData\Le Robert

O43 - CFD: 05/06/2011 - 20:22:56 - [0,006] ----D C:\ProgramData\LightScribe

O43 - CFD: 06/06/2011 - 14:33:55 - [18,246] ----D C:\ProgramData\Malwarebytes

O43 - CFD: 04/11/2011 - 09:39:45 - [0] ----D C:\ProgramData\McAfee

O43 - CFD: 05/06/2011 - 19:34:44 - [0] ----D C:\ProgramData\Menu Démarrer

O43 - CFD: 01/01/2013 - 22:28:09 - [37,701] ----D C:\ProgramData\MFAData

O43 - CFD: 02/01/2013 - 15:01:11 - [-70,124] -S-AD C:\ProgramData\Microsoft

O43 - CFD: 05/01/2013 - 14:05:31 - [0,588] ----D C:\ProgramData\Microsoft Help

O43 - CFD: 05/06/2011 - 19:34:44 - [0] ----D C:\ProgramData\Modèles

O43 - CFD: 02/01/2013 - 20:51:30 - [0,004] ----D C:\ProgramData\Mozilla

O43 - CFD: 17/06/2011 - 14:44:41 - [10,766] ----D C:\ProgramData\Nero

O43 - CFD: 06/06/2011 - 13:41:23 - [0,000] ----D C:\ProgramData\Nitro PDF

O43 - CFD: 02/01/2013 - 13:13:26 - [0,028] ----D C:\ProgramData\Norton

O43 - CFD: 02/01/2013 - 11:47:54 - [17,316] ----D C:\ProgramData\NortonInstaller

O43 - CFD: 02/11/2012 - 18:53:57 - [2,767] ----D C:\ProgramData\NVIDIA

O43 - CFD: 25/01/2012 - 12:50:08 - [0,929] ----D C:\ProgramData\NVIDIA Corporation

O43 - CFD: 01/01/2013 - 22:28:10 - [0,570] ----D C:\ProgramData\Orange

O43 - CFD: 08/07/2011 - 14:30:38 - [0,002] ----D C:\ProgramData\PACE Anti-Piracy

O43 - CFD: 05/06/2011 - 23:21:27 - [0,996] ----D C:\ProgramData\Pinnacle

O43 - CFD: 05/06/2011 - 23:19:17 - [0] ----D C:\ProgramData\Pinnacle Studio Plus

O43 - CFD: 05/06/2011 - 23:21:48 - [0,195] ----D C:\ProgramData\Pinnacle Studio Ultimate Collection

O43 - CFD: 06/06/2011 - 12:41:13 - [2,829] ----D C:\ProgramData\Raxco

O43 - CFD: 01/01/2013 - 22:28:10 - [0,051] ----D C:\ProgramData\Real

O43 - CFD: 30/11/2011 - 15:51:15 - [0,008] ----D C:\ProgramData\regid.1986-12.com.adobe

O43 - CFD: 09/07/2011 - 17:39:19 - [350,460] ----D C:\ProgramData\SmartSound Software Inc

O43 - CFD: 08/01/2013 - 17:06:06 - [0] ----D C:\ProgramData\SpeedMaxPc

O43 - CFD: 05/01/2013 - 20:08:51 - [11,118] ----D C:\ProgramData\Spybot - Search & Destroy

O43 - CFD: 09/01/2013 - 13:44:28 - [40,606] ----D C:\ProgramData\Spyware Terminator

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Start Menu

O43 - CFD: 05/06/2011 - 23:19:17 - [235,752] ----D C:\ProgramData\Studio 15

O43 - CFD: 13/06/2011 - 11:04:05 - [0,000] ----D C:\ProgramData\Sun

O43 - CFD: 06/01/2013 - 17:33:40 - [95,469] ----D C:\ProgramData\SUPERAntiSpyware.com

O43 - CFD: 08/01/2013 - 18:13:46 - [2,417] ----D C:\ProgramData\Tablet

O43 - CFD: 02/01/2013 - 21:32:38 - [0] ---AD C:\ProgramData\TEMP

O43 - CFD: 14/07/2009 - 06:08:56 - [0] ----D C:\ProgramData\Templates

O43 - CFD: 26/06/2011 - 10:31:49 - [0] ----D C:\ProgramData\TomTom

O43 - CFD: 06/02/2012 - 10:11:35 - [1,035] ----D C:\ProgramData\TuneUp Software

O43 - CFD: 25/01/2012 - 10:52:58 - [0] ----D C:\ProgramData\UAB

O43 - CFD: 02/01/2013 - 15:24:31 - [0] ----D C:\ProgramData\Uniblue

O43 - CFD: 07/06/2011 - 17:07:20 - [0,008] ----D C:\ProgramData\UniversalisV15

O43 - CFD: 04/07/2011 - 19:02:59 - [0,000] ----D C:\ProgramData\WinZip

O43 - CFD: 01/01/2013 - 22:28:10 - [0,581] ----D C:\ProgramData\Yahoo!

O43 - CFD: 20/09/2011 - 19:34:58 - [0,008] ----D C:\ProgramData\Yahoo! Companion

O43 - CFD: 06/06/2011 - 15:00:17 - [0] ----D C:\ProgramData\ZoomBrowser

O43 - CFD: 23/01/2012 - 11:00:44 - [25,619] -S--D C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

O43 - CFD: 02/07/2011 - 15:40:33 - [0,005] ----D C:\Users\JC\AppData\Roaming\ABBYY

O43 - CFD: 20/06/2011 - 17:19:16 - [0] ----D C:\Users\JC\AppData\Roaming\ACD Systems

O43 - CFD: 10/12/2011 - 14:04:44 - [956,101] ----D C:\Users\JC\AppData\Roaming\Adobe

O43 - CFD: 07/06/2011 - 11:06:08 - [0] ----D C:\Users\JC\AppData\Roaming\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1

O43 - CFD: 21/06/2011 - 14:03:30 - [0,010] ----D C:\Users\JC\AppData\Roaming\Ahead

O43 - CFD: 27/10/2012 - 06:30:45 - [0,021] ----D C:\Users\JC\AppData\Roaming\Apple Computer

O43 - CFD: 20/06/2011 - 18:40:13 - [0,001] ----D C:\Users\JC\AppData\Roaming\Ashampoo

O43 - CFD: 26/01/2012 - 14:40:20 - [0] ----D C:\Users\JC\AppData\Roaming\CACHE

O43 - CFD: 25/05/2012 - 13:16:32 - [4,443] ----D C:\Users\JC\AppData\Roaming\calibre

O43 - CFD: 17/01/2012 - 17:52:22 - [6,459] ----D C:\Users\JC\AppData\Roaming\Canon

O43 - CFD: 01/01/2013 - 22:28:20 - [2039,977] ----D C:\Users\JC\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 29/06/2011 - 14:33:27 - [0] ----D C:\Users\JC\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

O43 - CFD: 31/12/2011 - 19:26:53 - [0] ----D C:\Users\JC\AppData\Roaming\com.w3i.FlipToast

O43 - CFD: 01/01/2013 - 22:28:20 - [0,340] ----D C:\Users\JC\AppData\Roaming\com.w3i.musicrockstar

O43 - CFD: 09/07/2011 - 10:20:19 - [0,000] ----D C:\Users\JC\AppData\Roaming\CoreFTP

O43 - CFD: 07/06/2011 - 13:19:12 - [3,284] ----D C:\Users\JC\AppData\Roaming\Corel

O43 - CFD: 12/06/2011 - 12:57:36 - [0,005] ----D C:\Users\JC\AppData\Roaming\CyberLink

O43 - CFD: 21/11/2012 - 11:20:56 - [0] ----D C:\Users\JC\AppData\Roaming\DAEMON Tools Lite

O43 - CFD: 20/06/2011 - 16:56:55 - [0,214] ----D C:\Users\JC\AppData\Roaming\DivX

O43 - CFD: 08/01/2013 - 16:07:34 - [0,000] ----D C:\Users\JC\AppData\Roaming\DriverCure

O43 - CFD: 12/09/2012 - 19:19:44 - [0,024] ----D C:\Users\JC\AppData\Roaming\FileZilla

O43 - CFD: 05/06/2011 - 19:35:01 - [0] ----D C:\Users\JC\AppData\Roaming\Identities

O43 - CFD: 30/06/2011 - 11:02:35 - [1,529] ----D C:\Users\JC\AppData\Roaming\KompoZer

O43 - CFD: 30/06/2011 - 11:08:01 - [0,201] ----D C:\Users\JC\AppData\Roaming\kompozer.net

O43 - CFD: 01/01/2013 - 22:28:20 - [0,004] ----D C:\Users\JC\AppData\Roaming\LMSOFT

O43 - CFD: 05/06/2011 - 19:46:15 - [0,062] ----D C:\Users\JC\AppData\Roaming\Macromedia

O43 - CFD: 06/06/2011 - 14:34:18 - [1,130] ----D C:\Users\JC\AppData\Roaming\Malwarebytes

O43 - CFD: 14/07/2009 - 16:35:05 - [0] ----D C:\Users\JC\AppData\Roaming\Media Center Programs

O43 - CFD: 01/01/2013 - 15:39:19 - [14,046] -S--D C:\Users\JC\AppData\Roaming\Microsoft

O43 - CFD: 23/06/2011 - 15:50:30 - [16,793] ----D C:\Users\JC\AppData\Roaming\Mozilla

O43 - CFD: 17/06/2011 - 14:43:18 - [0,611] ----D C:\Users\JC\AppData\Roaming\Nero

O43 - CFD: 08/06/2011 - 11:22:11 - [0] ----D C:\Users\JC\AppData\Roaming\NeroDCTemplates

O43 - CFD: 09/06/2011 - 17:12:56 - [0] ----D C:\Users\JC\AppData\Roaming\NeroDigital

O43 - CFD: 06/12/2012 - 19:26:30 - [0,007] ----D C:\Users\JC\AppData\Roaming\Nitro PDF

O43 - CFD: 09/07/2011 - 17:50:10 - [0,000] ----D C:\Users\JC\AppData\Roaming\No Company Name

O43 - CFD: 25/01/2012 - 16:39:51 - [0,222] ----D C:\Users\JC\AppData\Roaming\NVIDIA

O43 - CFD: 01/01/2013 - 22:28:22 - [10,984] ----D C:\Users\JC\AppData\Roaming\Orange

O43 - CFD: 08/07/2011 - 14:30:38 - [0,002] ----D C:\Users\JC\AppData\Roaming\PACE Anti-Piracy

O43 - CFD: 01/01/2013 - 22:28:22 - [0,540] ----D C:\Users\JC\AppData\Roaming\PDFCreatorPackages

O43 - CFD: 21/10/2012 - 13:33:36 - [0] ----D C:\Users\JC\AppData\Roaming\PhotoFiltre

O43 - CFD: 02/01/2013 - 19:55:51 - [0] ----D C:\Users\JC\AppData\Roaming\QuickScan

O43 - CFD: 11/07/2011 - 10:13:43 - [0,158] ----D C:\Users\JC\AppData\Roaming\Real

O43 - CFD: 08/07/2011 - 14:33:27 - [0] ----D C:\Users\JC\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1

O43 - CFD: 08/01/2013 - 16:07:34 - [0] ----D C:\Users\JC\AppData\Roaming\SpeedMaxPc

O43 - CFD: 08/01/2013 - 15:48:33 - [0] ----D C:\Users\JC\AppData\Roaming\Spyware Terminator

O43 - CFD: 08/07/2011 - 13:53:33 - [0] ----D C:\Users\JC\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

O43 - CFD: 30/12/2012 - 16:06:54 - [0,056] ----D C:\Users\JC\AppData\Roaming\StatusWinks

O43 - CFD: 06/01/2013 - 17:33:52 - [3,399] ----D C:\Users\JC\AppData\Roaming\SUPERAntiSpyware.com

O43 - CFD: 28/06/2011 - 17:10:56 - [0] ----D C:\Users\JC\AppData\Roaming\SWiSH Max3

O43 - CFD: 01/07/2011 - 15:34:37 - [0] ----D C:\Users\JC\AppData\Roaming\SWiSH Max4

O43 - CFD: 07/01/2013 - 17:06:23 - [0] ----D C:\Users\JC\AppData\Roaming\Systweak

O43 - CFD: 01/01/2013 - 22:28:22 - [0,144] ----D C:\Users\JC\AppData\Roaming\Todae

O43 - CFD: 26/06/2011 - 10:31:28 - [92,474] ----D C:\Users\JC\AppData\Roaming\TomTom

O43 - CFD: 19/06/2011 - 15:22:41 - [3,453] ----D C:\Users\JC\AppData\Roaming\Tor

O43 - CFD: 23/01/2012 - 11:01:27 - [0,107] ----D C:\Users\JC\AppData\Roaming\TuneUp Software

O43 - CFD: 06/06/2011 - 14:13:21 - [1046,042] ----D C:\Users\JC\AppData\Roaming\Uniblue

O43 - CFD: 19/06/2011 - 15:22:41 - [0,001] ----D C:\Users\JC\AppData\Roaming\Vidalia

O43 - CFD: 21/10/2012 - 07:49:51 - [3,394] ----D C:\Users\JC\AppData\Roaming\vlc

O43 - CFD: 29/06/2011 - 19:35:01 - [0,001] ----D C:\Users\JC\AppData\Roaming\VSRevoGroup

O43 - CFD: 01/01/2013 - 22:28:22 - [0,896] ----D C:\Users\JC\AppData\Roaming\Yahoo!

O43 - CFD: 06/06/2011 - 15:08:10 - [0] ----D C:\Users\JC\AppData\Roaming\ZoomBrowser EX

O43 - CFD: 21/07/2011 - 09:33:26 - [2,854] ----D C:\Users\JC\AppData\Local\ABBYY

O43 - CFD: 20/06/2011 - 17:19:18 - [19,210] ----D C:\Users\JC\AppData\Local\ACD Systems

O43 - CFD: 02/08/2011 - 17:49:03 - [71,079] ----D C:\Users\JC\AppData\Local\Adobe

O43 - CFD: 06/06/2011 - 16:07:30 - [0] ----D C:\Users\JC\AppData\Local\Apple

O43 - CFD: 20/06/2011 - 18:19:58 - [0] ----D C:\Users\JC\AppData\Local\Apple Computer

O43 - CFD: 05/06/2011 - 19:34:55 - [0] ---AD C:\Users\JC\AppData\Local\Application Data

O43 - CFD: 05/06/2011 - 19:45:28 - [1,173] ----D C:\Users\JC\AppData\Local\Apps

O43 - CFD: 01/01/2013 - 15:01:07 - [0] ----D C:\Users\JC\AppData\Local\Avg2013

O43 - CFD: 06/06/2011 - 15:07:54 - [0,007] ----D C:\Users\JC\AppData\Local\CANON_INC

O43 - CFD: 07/01/2013 - 16:03:08 - [5,113] ----D C:\Users\JC\AppData\Local\CrashDumps

O43 - CFD: 21/10/2012 - 13:40:38 - [1,093] ----D C:\Users\JC\AppData\Local\CRE

O43 - CFD: 18/12/2011 - 12:45:17 - [0,000] ----D C:\Users\JC\AppData\Local\DDMSettings

O43 - CFD: 05/06/2011 - 19:45:38 - [0] ----D C:\Users\JC\AppData\Local\Deployment

O43 - CFD: 27/11/2012 - 14:02:07 - [0] ----D C:\Users\JC\AppData\Local\Diagnostics

O43 - CFD: 20/06/2011 - 17:13:20 - [72,619] ----D C:\Users\JC\AppData\Local\Downloaded Installations

O43 - CFD: 08/07/2011 - 14:30:38 - [0,001] ----D C:\Users\JC\AppData\Local\dXkoHgmB

O43 - CFD: 08/01/2013 - 16:13:45 - [0,420] ----D C:\Users\JC\AppData\Local\ElevatedDiagnostics

O43 - CFD: 19/06/2011 - 14:09:13 - [1,109] ----D C:\Users\JC\AppData\Local\eMule

O43 - CFD: 25/01/2012 - 12:14:36 - [0,631] ----D C:\Users\JC\AppData\Local\eSupport.com

O43 - CFD: 08/07/2011 - 14:30:38 - [0,001] ----D C:\Users\JC\AppData\Local\fxBgegJ2i

O43 - CFD: 23/10/2012 - 17:07:56 - [1504,643] ----D C:\Users\JC\AppData\Local\Google

O43 - CFD: 05/06/2011 - 19:34:55 - [0] ---AD C:\Users\JC\AppData\Local\Historique

O43 - CFD: 06/06/2011 - 16:54:20 - [0,002] ----D C:\Users\JC\AppData\Local\kinoma

O43 - CFD: 30/06/2011 - 11:08:01 - [2,428] ----D C:\Users\JC\AppData\Local\kompozer.net

O43 - CFD: 02/07/2011 - 09:07:54 - [0,024] ----D C:\Users\JC\AppData\Local\LooksBuilder

O43 - CFD: 02/01/2013 - 21:01:23 - [0] ----D C:\Users\JC\AppData\Local\Macromedia

O43 - CFD: 01/01/2013 - 15:01:07 - [0,374] ----D C:\Users\JC\AppData\Local\MFAData

O43 - CFD: 19/05/2012 - 12:25:26 - [0] ----D C:\Users\JC\AppData\Local\Micro Application

O43 - CFD: 10/11/2012 - 15:57:13 - [423,829] ----D C:\Users\JC\AppData\Local\Microsoft

O43 - CFD: 07/07/2012 - 17:53:00 - [1,615] ----D C:\Users\JC\AppData\Local\Microsoft Help

O43 - CFD: 01/01/2013 - 22:28:16 - [0,002] ----D C:\Users\JC\AppData\Local\Micro_Application

O43 - CFD: 23/06/2011 - 15:50:22 - [59,030] ----D C:\Users\JC\AppData\Local\Mozilla

O43 - CFD: 17/06/2011 - 14:41:44 - [0,075] ----D C:\Users\JC\AppData\Local\Nero

O43 - CFD: 02/01/2013 - 20:52:49 - [0,161] ----D C:\Users\JC\AppData\Local\Notation

O43 - CFD: 01/01/2013 - 22:28:17 - [0] ----D C:\Users\JC\AppData\Local\Orange

O43 - CFD: 08/07/2011 - 14:30:38 - [0] ----D C:\Users\JC\AppData\Local\PACE Anti-Piracy

O43 - CFD: 19/06/2011 - 14:48:12 - [0] ----D C:\Users\JC\AppData\Local\PackageAware

O43 - CFD: 01/01/2013 - 22:28:17 - [0,003] ----D C:\Users\JC\AppData\Local\PC_Drivers_Headquarters

O43 - CFD: 28/12/2011 - 18:26:45 - [36,584] ----D C:\Users\JC\AppData\Local\Pinnacle

O43 - CFD: 02/01/2013 - 15:00:30 - [0] ----D C:\Users\JC\AppData\Local\Programs

O43 - CFD: 02/01/2013 - 10:49:06 - [0] ----D C:\Users\JC\AppData\Local\Secunia PSI

O43 - CFD: 29/11/2011 - 12:50:59 - [0] ---AD C:\Users\JC\AppData\Local\snq4ermq

O43 - CFD: 20/06/2011 - 18:19:58 - [0,549] ----D C:\Users\JC\AppData\Local\Sony Corporation

O43 - CFD: 09/01/2013 - 14:53:32 - [11,803] ----D C:\Users\JC\AppData\Local\Temp

O43 - CFD: 05/06/2011 - 19:34:55 - [0] ---AD C:\Users\JC\AppData\Local\Temporary Internet Files

O43 - CFD: 26/06/2011 - 10:31:28 - [2,100] ----D C:\Users\JC\AppData\Local\TomTom

O43 - CFD: 01/01/2013 - 23:04:05 - [11,178] ----D C:\Users\JC\AppData\Local\VirtualStore

O43 - CFD: 25/06/2011 - 10:59:08 - [0] ----D C:\Users\JC\AppData\Local\Windows Live

O43 - CFD: 04/07/2011 - 19:02:39 - [0,250] ----D C:\Users\JC\AppData\Local\WinZip

O43 - CFD: 01/01/2013 - 22:28:19 - [2,036] ----D C:\Users\JC\AppData\Local\Xenocode

O43 - CFD: 14/07/2009 - 05:54:32 - [0,014] R---D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

O43 - CFD: 11/07/2012 - 16:56:57 - [0,000] R---D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

O43 - CFD: 01/01/2012 - 16:57:34 - [0] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserPlus

O43 - CFD: 12/06/2011 - 12:58:38 - [0,007] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD

O43 - CFD: 21/10/2012 - 07:46:04 - [0] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Détection de l'application Winamp

O43 - CFD: 23/10/2012 - 17:07:14 - [0,005] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

O43 - CFD: 05/10/2011 - 16:39:44 - [0,002] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GSP

O43 - CFD: 02/01/2013 - 14:45:41 - [0] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LMSOFT

O43 - CFD: 01/11/2012 - 16:13:13 - [0,002] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LSHunter.TV

O43 - CFD: 14/07/2009 - 05:49:38 - [0,001] R---D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

O43 - CFD: 01/01/2013 - 22:28:20 - [0,003] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Orange

O43 - CFD: 06/06/2011 - 11:18:24 - [0,005] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller

O43 - CFD: 08/01/2013 - 18:13:46 - [0,001] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc

O43 - CFD: 07/01/2013 - 12:16:10 - [0,003] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

O43 - CFD: 08/01/2013 - 18:18:55 - [0,000] R---D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

O43 - CFD: 02/01/2013 - 14:55:37 - [0,001] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Converter

O43 - CFD: 23/06/2012 - 22:24:12 - [0,003] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Downloader

O43 - CFD: 05/06/2011 - 23:09:03 - [0,002] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM

~ Scan Program Folder in 01mn 18s

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.D9BD2C6B7F815B138CDD52BA6BFA94E2] - 09/01/2013 - 14:25:05 ---A- . (...) -- C:\Windows\WindowsUpdate.log [681579]

O44 - LFC:[MD5.D1105591362D83F0EBD1B090C135EBC3] - 09/01/2013 - 13:38:52 ---A- . (...) -- C:\Windows\setupact.log [942]

O44 - LFC:[MD5.23BA86CEF7EFDC4B6AE14A33585BFFBE] - 09/01/2013 - 13:38:50 -S-A- . (...) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.0B8F3C937CC099342A31AE851E729BDD] - 09/01/2013 - 13:37:53 ---A- . (...) -- C:\AdwCleaner[s3].txt [1550]

O44 - LFC:[MD5.692BF91932C0DB1A2032586C6A077DD5] - 09/01/2013 - 13:35:38 ---A- . (...) -- C:\AdwCleaner[R2].txt [1483]

O44 - LFC:[MD5.23C9B4A0F25A899ACE268A52FE2AF635] - 09/01/2013 - 11:27:54 ---A- . (...) -- C:\PhysicalDisk0_MBR.bin [512]

O44 - LFC:[MD5.BCAAF164EC5CFD66DE16DDEF0509AC7C] - 08/01/2013 - 18:15:25 ---A- . (...) -- C:\Windows\MEMORY.DMP [204558624]

O44 - LFC:[MD5.B9657A0AFF28C1CB114ACC0CB93EE4BB] - 08/01/2013 - 15:48:34 . (...) -- C:\Windows\System32\Drivers\stflt.sys []

O44 - LFC:[MD5.67F723BCBB483A17C115265C1D70C38C] - 07/01/2013 - 16:39:53 ---A- . (...) -- C:\Windows\PFRO.log [13886]

O44 - LFC:[MD5.A57BB1C0895072BAC3581CD752A9D914] - 07/01/2013 - 13:27:30 ---A- . (...) -- C:\Windows\ntbtlog.txt [247146]

O44 - LFC:[MD5.D2600D5000CFD439AA791E56BD763AD8] - 06/01/2013 - 17:10:41 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\pdfcmnnt.dll [80384]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2013 - 19:47:21 ----- . (...) -- C:\autoexec.bat [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2013 - 11:11:41 ---A- . (...) -- C:\Windows\SysNative\tmp.txt [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 03/01/2013 - 11:11:41 ---A- . (...) -- C:\Windows\System32\tmp.txt [0]

O44 - LFC:[MD5.FC041F7D1341EEE456F1FA1A256CD24F] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri - Search SharedTaskScheduler.) -- C:\Windows\SysNative\SrchSTS.exe [288417]

O44 - LFC:[MD5.FC041F7D1341EEE456F1FA1A256CD24F] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri - Search SharedTaskScheduler.) -- C:\Windows\System32\SrchSTS.exe [288417]

O44 - LFC:[MD5.D726E152E257A1AB819F88312EC69620] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri - VC CLSID Cleaner.) -- C:\Windows\SysNative\VCCLSID.exe [289144]

O44 - LFC:[MD5.D726E152E257A1AB819F88312EC69620] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri - VC CLSID Cleaner.) -- C:\Windows\System32\VCCLSID.exe [289144]

O44 - LFC:[MD5.61FD593673225697D091DE2DDD2E9E47] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - 404Fix.) -- C:\Windows\SysNative\404Fix.exe [82432]

O44 - LFC:[MD5.61FD593673225697D091DE2DDD2E9E47] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - 404Fix.) -- C:\Windows\System32\404Fix.exe [82432]

O44 - LFC:[MD5.C02562A732F0223082D4CCFC7D4F23DF] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - Agent.OMZ.Fix.) -- C:\Windows\SysNative\Agent.OMZ.Fix.exe [78336]

O44 - LFC:[MD5.C02562A732F0223082D4CCFC7D4F23DF] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - Agent.OMZ.Fix.) -- C:\Windows\System32\Agent.OMZ.Fix.exe [78336]

O44 - LFC:[MD5.799A9EA3FFB220780AE3D3C11B08D067] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - IEDFix.) -- C:\Windows\SysNative\IEDFix.exe [82944]

O44 - LFC:[MD5.799A9EA3FFB220780AE3D3C11B08D067] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - IEDFix.) -- C:\Windows\System32\IEDFix.exe [82944]

O44 - LFC:[MD5.9769AB38CB77C9914C25B8141A2A3FBE] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - IEDFix.C.) -- C:\Windows\SysNative\IEDFix.C.exe [82944]

O44 - LFC:[MD5.9769AB38CB77C9914C25B8141A2A3FBE] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - IEDFix.C.) -- C:\Windows\System32\IEDFix.C.exe [82944]

O44 - LFC:[MD5.81BC780E5FD520838C6A417840127635] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - VACFix.) -- C:\Windows\SysNative\VACFix.exe [87552]

O44 - LFC:[MD5.81BC780E5FD520838C6A417840127635] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - VACFix.) -- C:\Windows\System32\VACFix.exe [87552]

O44 - LFC:[MD5.CEBEF7E3612A75D15C73E8CA71D012AE] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - o4Patch.) -- C:\Windows\SysNative\o4Patch.exe [80384]

O44 - LFC:[MD5.CEBEF7E3612A75D15C73E8CA71D012AE] - 03/01/2013 - 11:10:00 ---A- . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\o4Patch.exe [80384]

O44 - LFC:[MD5.E417D888FDDE9A2290C369C82A7AEC3E] - 03/01/2013 - 11:10:00 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\SysNative\swreg.exe [135168]

O44 - LFC:[MD5.E417D888FDDE9A2290C369C82A7AEC3E] - 03/01/2013 - 11:10:00 ---A- . (.SteelWerX - Freeware implementation of REG.EXE.) -- C:\Windows\System32\swreg.exe [135168]

O44 - LFC:[MD5.EF5DC4CF7C39CFB4653859878C14D86C] - 03/01/2013 - 11:10:00 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\Windows\SysNative\swxcacls.exe [79360]

O44 - LFC:[MD5.EF5DC4CF7C39CFB4653859878C14D86C] - 03/01/2013 - 11:10:00 ---A- . (.SteelWerX - Freeware implementation of XCACLS.) -- C:\Windows\System32\swxcacls.exe [79360]

O44 - LFC:[MD5.7397F6EE4A9601A123B645C0CD428017] - 03/01/2013 - 11:10:00 ---A- . (.http://www.beyondlogic.org - Command Line Process Utility.) -- C:\Windows\SysNative\Process.exe [53248]

O44 - LFC:[MD5.7397F6EE4A9601A123B645C0CD428017] - 03/01/2013 - 11:10:00 ---A- . (.http://www.beyondlogic.org - Command Line Process Utility.) -- C:\Windows\System32\Process.exe [53248]

O44 - LFC:[MD5.4E8F2BB3A5A87E75C35533723B50E685] - 02/01/2013 - 20:04:04 ---A- . (...) -- C:\Windows\SysNative\user_gensett.xml [385]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/2013 - 20:03:15 . (...) -- C:\Windows\System32\Drivers\Msft_Kernel_avchv_01009.Wdf []

O44 - LFC:[MD5.4DA5DA193E0E4F86F6F8FD43EF25329A] - 02/01/2013 - 20:02:33 . (.S!Ri - VC CLSID Cleaner.) -- C:\Windows\System32\WdfCoInstaller01009.dll [289144]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 02/01/2013 - 16:55:35 ---A- . (...) -- C:\Windows\setuperr.log [0]

O44 - LFC:[MD5.3CF3D4A45CC2AF973DBC30EC8D33252B] - 02/01/2013 - 15:30:06 ---A- . (...) -- C:\Windows\system.ini [215]

O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 02/01/2013 - 15:01:06 . (.http://www.beyondlogic.org - Command Line Process Utility.) -- C:\Windows\System32\sdnclean64.exe [53248]

O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 02/01/2013 - 15:01:06 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\SysNative\sdnclean64.exe [17272]

O44 - LFC:[MD5.E185BDA84E5F03F4E1D8DCA30E209277] - 02/01/2013 - 11:52:19 ---A- . (...) -- C:\Windows\epplauncher.mif [1912]

O44 - LFC:[MD5.86786BCFD5086AE07AFEC400CA6A5962] - 02/01/2013 - 10:57:16 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [525808]

O44 - LFC:[MD5.B90F29828689EF3EC72FBDC42CFE7172] - 02/01/2013 - 10:57:16 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\java.exe [172528]

O44 - LFC:[MD5.3F4A753331D439749535257FE8D446F6] - 02/01/2013 - 10:57:16 ---A- . (.Oracle Corporation - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [172528]

O44 - LFC:[MD5.5CDB2EFE72CD6F486AE4D345F3690C64] - 02/01/2013 - 10:57:16 ---A- . (.Oracle Corporation - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [191984]

O44 - LFC:[MD5.39176BE464C88F7A4D09F5815710E257] - 02/01/2013 - 10:57:16 ---A- . (.Oracle Corporation - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\System32\npdeployJava1.dll [544240]

O44 - LFC:[MD5.86786BCFD5086AE07AFEC400CA6A5962] - 02/01/2013 - 10:57:16 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\deployJava1.dll [525808]

O44 - LFC:[MD5.B90F29828689EF3EC72FBDC42CFE7172] - 02/01/2013 - 10:57:16 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\java.exe [172528]

O44 - LFC:[MD5.3F4A753331D439749535257FE8D446F6] - 02/01/2013 - 10:57:16 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\SysNative\javaw.exe [172528]

O44 - LFC:[MD5.5CDB2EFE72CD6F486AE4D345F3690C64] - 02/01/2013 - 10:57:16 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\SysNative\javaws.exe [191984]

O44 - LFC:[MD5.39176BE464C88F7A4D09F5815710E257] - 02/01/2013 - 10:57:16 ---A- . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java(T.) -- C:\Windows\SysNative\npdeployJava1.dll [544240]

O44 - LFC:[MD5.F146E2BA475893DD77B2370DC1211FC6] - 02/01/2013 - 10:38:40 . (...) -- C:\Windows\System32\Drivers\15036885.sys []

O44 - LFC:[MD5.68B8102E189B5725A922BD5CE27B3083] - 31/12/2012 - 17:45:13 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\PerfStringBackup.INI [80384]

O44 - LFC:[MD5.124585E6F15362149A89B0F80578AD41] - 31/12/2012 - 17:45:13 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\perfc009.dat [80384]

O44 - LFC:[MD5.30012602E6658B8136FBD5D558DD96BA] - 31/12/2012 - 17:45:13 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\perfc00C.dat [80384]

O44 - LFC:[MD5.CA245D879DBBDC32CD786EE16496AA84] - 31/12/2012 - 17:45:13 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\perfh009.dat [80384]

O44 - LFC:[MD5.3D4082E0FC1F79766150BF2AA65F0F00] - 31/12/2012 - 17:45:13 . (.S!Ri.URZ - o4Patch.) -- C:\Windows\System32\perfh00C.dat [80384]

O44 - LFC:[MD5.68B8102E189B5725A922BD5CE27B3083] - 31/12/2012 - 17:45:13 ---A- . (...) -- C:\Windows\SysNative\PerfStringBackup.INI [1584954]

O44 - LFC:[MD5.124585E6F15362149A89B0F80578AD41] - 31/12/2012 - 17:45:13 ---A- . (...) -- C:\Windows\SysNative\perfc009.dat [111148]

O44 - LFC:[MD5.30012602E6658B8136FBD5D558DD96BA] - 31/12/2012 - 17:45:13 ---A- . (...) -- C:\Windows\SysNative\perfc00C.dat [136146]

O44 - LFC:[MD5.CA245D879DBBDC32CD786EE16496AA84] - 31/12/2012 - 17:45:13 ---A- . (...) -- C:\Windows\SysNative\perfh009.dat [623020]

O44 - LFC:[MD5.3D4082E0FC1F79766150BF2AA65F0F00] - 31/12/2012 - 17:45:13 ---A- . (...) -- C:\Windows\SysNative\perfh00C.dat [721314]

O44 - LFC:[MD5.DC390B824C4AF183F5DA17FCB596013C] - 01/01/2013 - 14:26:27 ---A- . (...) -- C:\Windows\win.ini [493]

O44 - LFC:[MD5.6B527A4E50A48B3F592B63D7A9519919] - 01/01/2013 - 14:18:29 . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\custmon64i.dll [46080]

O44 - LFC:[MD5.98FB2850E58E26C8F1DFF3A10F031991] - 01/01/2013 - 14:08:34 ---A- . (...) -- C:\Windows\RegBootClean64.exe [234544]

O44 - LFC:[MD5.3579A760CF72F2F083BA00DBB7C3C048] - 22/12/2012 - 09:35:07 . (...) -- C:\Windows\System32\FNTCACHE.DAT [51200]

O44 - LFC:[MD5.3579A760CF72F2F083BA00DBB7C3C048] - 22/12/2012 - 09:35:07 ---A- . (...) -- C:\Windows\SysNative\FNTCACHE.DAT [5175896]

O44 - LFC:[MD5.2ED72B3F76C9368ABC01464DA64DB7AE] - 16/12/2012 - 18:11:22 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\SysNative\atmlib.dll [46080]

O44 - LFC:[MD5.2ED72B3F76C9368ABC01464DA64DB7AE] - 16/12/2012 - 18:11:22 ---A- . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\atmlib.dll [46080]

O44 - LFC:[MD5.CB2ABB2DA1E9C977302A78D86D4AE3B0] - 16/12/2012 - 15:45:03 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\SysNative\atmfd.dll [367616]

O44 - LFC:[MD5.CB2ABB2DA1E9C977302A78D86D4AE3B0] - 16/12/2012 - 15:45:03 ---A- . (.Adobe Systems Incorporated - Windows NT OpenType/Type 1 Font Driver.) -- C:\Windows\System32\atmfd.dll [367616]

O44 - LFC:[MD5.92EB844D90615CB266F84C3202B8786E] - 14/12/2012 - 16:49:28 . (...) -- C:\Windows\System32\Drivers\mbam.sys []

O44 - LFC:[MD5.7F9F8267C5768B81995A4CD59934949E] - 13/12/2012 - 11:45:49 ---A- . (...) -- C:\Windows\SysNative\MRT.INI [129]

O44 - LFC:[MD5.C58923115CDE6071C3BF2FF063546E9F] - 13/12/2012 - 11:04:48 . (.S!Ri - VC CLSID Cleaner.) -- C:\Windows\System32\win32k.sys [289144]

O44 - LFC:[MD5.3326166011C9BC13D6A8EFD856E9921C] - 13/12/2012 - 11:04:34 . (.Adobe Systems - Windows NT OpenType/Type 1 API Library..) -- C:\Windows\System32\conhost.exe [46080]

O44 - LFC:[MD5.3B32CAA07D672F8A2E0DF5CB3A873F45] - 22/06/2012 - 12:01:30 . (...) -- C:\Windows\System32\Drivers\EsgScanner.sys []

O44 - LFC:[MD5.6B527A4E50A48B3F592B63D7A9519919] - 04/10/2011 - 22:43:20 ---A- . (...) -- C:\Windows\SysNative\custmon64i.dll [87552]

O44 - LFC:[MD5.91F0EBA7F304838C694DE7FA23298894] - 30/04/2009 - 01:36:37 ---A- . (...) -- C:\Windows\SysNative\WS2Fix.exe [75776]

O44 - LFC:[MD5.91F0EBA7F304838C694DE7FA23298894] - 30/04/2009 - 01:36:37 ---A- . (...) -- C:\Windows\System32\WS2Fix.exe [75776]

O44 - LFC:[MD5.D2600D5000CFD439AA791E56BD763AD8] - 12/03/2005 - 00:07:00 ---A- . (...) -- C:\Windows\SysNative\pdfcmnnt.dll [87040]

O44 - LFC:[MD5.21868B2D22C726D94D98F15825D4134B] - 31/07/2004 - 18:50:36 ---A- . (...) -- C:\Windows\SysNative\dumphive.exe [51200]

O44 - LFC:[MD5.21868B2D22C726D94D98F15825D4134B] - 31/07/2004 - 18:50:36 ---A- . (...) -- C:\Windows\System32\dumphive.exe [51200]

~ Scan Files in 00mn 10s

 

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - Groove GFS Stub Execution Hook [64Bits] - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL

~ Scan ShellExecuteHooks in 00mn 00s

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Déni du service (Local Security Authority) (O48)

O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\tspkg.dll

O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\Windows\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\Windows\System32\Drivers\nsiproxy.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\Windows\System32\Drivers\rdpencdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\Windows\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\Windows\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\Windows\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\Windows\System32\Drivers\volmgr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\Windows\System32\Drivers\volmgrx.sys

~ Scan CSB in 00mn 00s

 

 

 

---\\ MountPoints2 Shell Key (O51) (None)

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

~ Scan Keys in 00mn 00s

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\AdobeAAMUpdater-1.0 [Key] . (.Adobe Systems Incorporated - Adobe Updater Startup Utility.) -- C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

~ Scan SMSR Keys in 00mn 00s

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\Windows\System32\credssp.dll

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=0

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=0

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

~ Scan Keys in 00mn 00s

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.F146E2BA475893DD77B2370DC1211FC6] - 02/01/2013 - 10:38:40 ---A- . (.Kaspersky Lab, GERT - Kaspersky Lab Mini Driver.) -- C:\Windows\System32\Drivers\15036885.sys [208216]

O58 - SDL:[MD5.FB1A6C8826BD6454FEDC8F12E8CE63CD] - 29/03/2008 - 19:32:42 ---A- . (.ALWIL Software - avast! File System Minifilter for Windows 2003/Vista.) -- C:\Windows\SysWOW64\drivers\aswMonFlt.sys [50768]

~ Scan Drivers in 00mn 00s

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: UsbFix By El Desaparecido - (.El Desaparecido.) [HKLM] -- Usbfix

O63 - Logiciel: ZHPDiag 1.32 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

~ Scan ADS in 00mn 00s

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 29/03/2008 - C:\Windows\System32\DRIVERS\aswFsBlk.sys (aswFsBlk) .(.ALWIL Software - avast! File System Access Blocking Driver.) - LEGACY_ASWFSBLK

O64 - Services: CurCS - 29/03/2008 - C:\Windows\System32\DRIVERS\aswMonFlt.sys (aswMonFlt) .(.ALWIL Software - avast! File System Minifilter for Windows 2.) - LEGACY_ASWMONFLT

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswRdr.sys (aswRdr) .(.ALWIL Software - avast! TDI RDR Driver.) - LEGACY_ASWRDR

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswSP.sys (aswSP) .(.ALWIL Software - avast! self protection module.) - LEGACY_ASWSP

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\aswTdi.sys (aswTdi) .(.ALWIL Software - avast! TDI Filter Driver.) - LEGACY_ASWTDI

O64 - Services: CurCS - 29/06/2011 - C:\Windows\System32\Drivers\AVGIDSwa.sys (AVGIDSErHrw7a) .(.AVG Technologies CZ, s.r.o. - IDS Application Activity Monitor Helper Dri.) - LEGACY_AVGIDSERHRW7A

O64 - Services: CurCS - 29/06/2011 - C:\Windows\system32\Drivers\avgldx64.sys (AvgLdx64) .(.AVG Technologies CZ, s.r.o. - AVG AVI Loader Driver.) - LEGACY_AVGLDX64

O64 - Services: CurCS - 29/06/2011 - C:\Windows\system32\Drivers\avgmfx64.sys (AvgMfx64) .(.AVG Technologies CZ, s.r.o. - AVG Resident Shield Minifilter Driver.) - LEGACY_AVGMFX64

O64 - Services: CurCS - 29/06/2011 - C:\Windows\System32\Drivers\avgrkx64.sys (AvgRkx64) .(.AVG Technologies CZ, s.r.o. - AVG Anti-Rootkit Driver.) - LEGACY_AVGRKX64

O64 - Services: CurCS - 30/06/2011 - C:\Windows\system32\Drivers\avgtdia.sys (AvgTdiA) .(.AVG Technologies CZ, s.r.o. - AVG Network connection watcher.) - LEGACY_AVGTDIA

O64 - Services: CurCS - 19/01/2011 - C:\Windows\system32\drivers\cpuz135_x64.sys (cpuz135) .(.CPUID - CPUID Driver.) - LEGACY_CPUZ135

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\DefragFS.sys (DefragFS) .(.Raxco Software, Inc. - Defragmentation Support Driver.) - LEGACY_DEFRAGFS

O64 - Services: CurCS - ??\??\???? - (DrvAgent64) .(. - .) - LEGACY_DRVAGENT64

O64 - Services: CurCS - 02/03/2011 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys - esgiguard (esgiguard) .(...) - LEGACY_ESGIGUARD

O64 - Services: CurCS - 22/06/2012 - C:\Windows\System32\DRIVERS\EsgScanner.sys - EsgScanner (EsgScanner) .(...) - LEGACY_ESGSCANNER

O64 - Services: CurCS - 14/12/2012 - C:\Windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - LEGACY_MBAMPROTECTOR

O64 - Services: CurCS - 20/11/2010 - C:\Windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT

O64 - Services: CurCS - 11/03/2011 - C:\Windows\System32\DRIVERS\nvraid.sys (nvraid) .(.NVIDIA Corporation - NVIDIA® nForce RAID Driver.) - LEGACY_NVRAID

O64 - Services: CurCS - 22/07/2011 - C:\Program Files\SUPERAntiSpyware\SASDIFSV64.sys (SASDIFSV) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASDIFSV64.SYS.) - LEGACY_SASDIFSV

O64 - Services: CurCS - 12/07/2011 - C:\Program Files\SUPERAntiSpyware\SASKUTIL64.sys (SASKUTIL) .(.SUPERAdBlocker.com and SUPERAntiSpyware.com - SASKUTIL64.SYS.) - LEGACY_SASKUTIL

O64 - Services: CurCS - ??\??\???? - C:\Windows\System32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV

O64 - Services: CurCS - 08/01/2013 - C:\Windows\System32\DRIVERS\stflt.sys (sp_rsdrv2) .(.Windows ® Win 7 DDK provider - Spyware Terminator 2012 driver.) - LEGACY_SP_RSDRV2

O64 - Services: CurCS - ??\??\???? - (TuneUpUtilitiesDrv) .(. - .) - LEGACY_TUNEUPUTILITIESDRV

~ Scan Services in 00mn 00s

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\Windows\System32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <jsfile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

~ Scan Keys in 00mn 00s

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Users\JC\AppData\Local\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files (x86)\Internet Explorer\iexplore.exe

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Users\JC\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Users\JC\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe (.not file.)

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Users\JC\AppData\Local\Google\Chrome\Application\chrome.exe (.not file.)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (...) -- C:\Windows\System32\ie4uinit.exe (.not file.)

~ Scan Keys in 00mn 00s

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {2A9E906D-582E-48E8-AD53-6D9B28212D52} - (Ask Search) - http://websearch.ask.com

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Goo) - Google

O69 - SBI: SearchScopes [HKCU] {814C76CB-2623-43F4-AAD0-58A0E5190A20} - (Orange) - http://r.orange.fr

O69 - SBI: SearchScopes [HKCU] {8B6D15B8-08C9-46DD-937D-FF96EB9EF090} - (AOL Search) - AOL Search

O69 - SBI: SearchScopes [HKCU] {8F8853E6-AC2A-41E8-A25F-EEAD9D5233CD} - (Search The Web(vGrabber)) - Babylon Search

O69 - SBI: SearchScopes [HKCU] {b167b83b-348e-4f8a-a00d-693f28ede787} - (Private Search) - Download Free VPN for iPhone, Mac and Windows to Access Blocked Sites & Surf Anonymously

O69 - SBI: SearchScopes [HKCU] {CC1AE9A7-3D33-4632-B85E-F9D0539B4FED} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo!) - Yahoo! Search - Recherche Web

~ Scan Keys in 00mn 00s

 

 

 

---\\ Recherche des services démarrés par Svchost (O83)

O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\Windows\System32\aelupsvc.dll [72192]

O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\Windows\System32\certprop.dll [80384]

O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\Windows\System32\srvsvc.dll [236032]

O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll [777728]

O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\Windows\System32\ikeext.dll [853504]

O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll [679424]

O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\Windows\System32\rasauto.dll [99328]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\Windows\System32\rasmans.dll [344064]

O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\Windows\System32\mprdim.dll [97792]

O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\Windows\System32\sens.dll [64512]

O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\Windows\System32\ipnathlp.dll [359424]

O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows.) -- C:\Windows\System32\tapisrv.dll [316928]

O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\Windows\System32\termsrv.dll [680960]

O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\Windows\system32\wuaueng.dll [2428952]

O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\Windows\System32\qmgr.dll [849920]

O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\Windows\System32\shsvcs.dll [370688]

O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\Windows\System32\iphlpsvc.dll [569344]

O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\Windows\system32\seclogon.dll [30720]

O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\Windows\System32\appinfo.dll [70656]

O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\Windows\System32\iscsiexe.dll [156672]

O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\Windows\System32\mmcss.dll [67584]

O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\Windows\System32\wbem\WMIsvc.dll [242688]

O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\Windows\System32\sessenv.dll [121856]

O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\Windows\System32\browser.dll [136704]

O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\Windows\System32\eapsvc.dll [111104]

O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\Windows\System32\schedsvc.dll [1110016]

O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\Windows\System32\kmsvc.dll [90624]

O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\Windows\System32\wercplsupport.dll [84480]

O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\Windows\System32\profsvc.dll [209920]

O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\Windows\System32\themeservice.dll [44544]

O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\Windows\System32\bdesvc.dll [100864]

~ Scan Services in 00mn 00s

 

 

 

---\\ Recherche particuliere à la racine de certains dossiers (O84)

[MD5.048ACF4DAFD535FF0E64D8922C2F3394] [sPRF][14/09/2012] (...) -- C:\ProgramData\KGyGaAvL.sys [2828]

[MD5.94A17AE82C808F8D80807983DC9CDEFB] [sPRF][09/01/2013] (...) -- C:\Users\JC\AppData\Local\Temp\dump.dat [1744896]

[MD5.854BA8341B0468B6B68BE1FD40A6361D] [sPRF][03/01/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\JC\AppData\Local\Temp\uninst1.exe [378368]

[MD5.E152C2E083BB18DF3770DE4040E3F391] [sPRF][07/01/2013] (...) -- C:\Users\JC\AppData\Roaming\SetValue.bat [35]

~ Scan Files in 00mn 00s

 

 

 

---\\ Firewall Active Exception List (FirewallRules) (O87)

O87 - FAEL: "WMPNSS-In-UDP-NoScope" |In - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP-NoScope" |Out - Domain - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP-NoScope" |In - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP-NoScope" |Out - Domain - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-UDP" |In - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-UDP" |Out - Public - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-In-TCP" |In - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "WMPNSS-Out-TCP" |Out - Public - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{26A0C8E1-4351-4FBE-885D-71454B5A8077}" |Out - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{D64AC856-C3E3-4F8A-8D4F-6313FA5D1788}" |In - Private - P6 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{B60CC67C-1C94-4430-8FDD-4243EBEC9B2F}" |Out - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{970EED5D-69E9-4E34-8C4F-E18F86556606}" |In - Private - P17 - FALSE | .(...) -- C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (.not file.)

O87 - FAEL: "{A3AF6372-773D-4EA0-9BB1-BF3B7DE47A3A}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe

O87 - FAEL: "{0F9B8022-A49E-4FBD-92E1-FC3D16446724}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - Render Manager.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe

O87 - FAEL: "{41584BF7-CCA5-43D7-ACDA-08416B972974}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe

O87 - FAEL: "{32EAE813-4330-49E8-A7C6-C9A06D931F02}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - Studio program file.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe

O87 - FAEL: "{FABAC21A-3C9F-4D03-8CBB-F1DEFB50CDF5}" | In - Private - P6 - TRUE | .(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe

O87 - FAEL: "{20AD8562-9A3B-4575-904A-C279F8649469}" | In - Private - P17 - TRUE | .(.Pinnacle Systems - umi.) -- C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe

O87 - FAEL: "TCP Query User{B5810654-53C4-4602-BAFF-A87DD54EC786}C:\program files\le robert\le petit robert 2009\prnet.exe" | In - Private - P6 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\prnet.exe

O87 - FAEL: "UDP Query User{67560993-84A1-4E6E-9CB7-DE3D2763B913}C:\program files\le robert\le petit robert 2009\prnet.exe" | In - Private - P17 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\prnet.exe

O87 - FAEL: "TCP Query User{CF830047-FCEF-4807-8B1B-66E38D317BED}C:\program files\le robert\le petit robert 2009\robertha.exe" | In - Private - P6 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\robertha.exe

O87 - FAEL: "UDP Query User{D9EF242A-5DAF-4F60-963E-875CF134B353}C:\program files\le robert\le petit robert 2009\robertha.exe" | In - Private - P17 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\robertha.exe

O87 - FAEL: "{24B2B1FE-B0AB-4274-9820-01FD359E571E}" | In - Private - P6 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe

O87 - FAEL: "{55F2E391-A418-4F44-8BAE-E0AF706D2CDB}" | In - Private - P17 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe

O87 - FAEL: "{D5C69375-E524-44E0-9A6E-4FA85CEC3A77}" | In - Domain - P6 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe

O87 - FAEL: "{DD0B8E90-015F-4B3B-AD56-B42874BF8DBB}" | In - Domain - P17 - TRUE | .(.FileZilla Project - FileZilla FTP Client.) -- C:\Program Files (x86)\FileZilla FTP Client\filezilla.exe

O87 - FAEL: "TCP Query User{F3111EBF-4C5A-4B1D-AAD3-720101FE6DC1}C:\program files (x86)\emule\emule.exe" | In - Private - P6 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe

O87 - FAEL: "UDP Query User{6C6111E9-01B9-4335-9202-425FE1531A1E}C:\program files (x86)\emule\emule.exe" | In - Private - P17 - TRUE | .(.http://www.emule-project.net - eMule.) -- C:\program files (x86)\emule\emule.exe

O87 - FAEL: "{7A5F2E92-4F71-4DB2-98CF-C6F7A9253EED}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe

O87 - FAEL: "{39E7D3CF-F376-4DF9-ACA6-F76FE548B6A0}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe

O87 - FAEL: "{8433F7B0-3D89-4D81-9EC8-37362230A1E4}" | In - Domain - P6 - FALSE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe

O87 - FAEL: "{151F661F-37CC-4013-9A16-38D3FCFBA9FA}" | In - Domain - P17 - FALSE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe

O87 - FAEL: "{066A6D13-3C68-4319-9E11-9E9A67EFC72E}" | In - Private - P6 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "{E4DBB702-EE8B-483E-9C73-D11648CC0B63}" | In - Private - P17 - FALSE | .(.Adobe Systems Incorporated.) -- C:\Program Files (x86)\Adobe\Elements Organizer 8.0\AdobePhotoshopElementsMediaServer.exe

O87 - FAEL: "TCP Query User{6D4CCF89-6826-4D07-9C63-5915547FAC9F}C:\program files (x86)\adobe\adobe flash builder 4\flashbuilder.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\adobe\adobe flash builder 4\flashbuilder.exe

O87 - FAEL: "UDP Query User{02594151-6113-439F-A5A0-69ABBCA30437}C:\program files (x86)\adobe\adobe flash builder 4\flashbuilder.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\adobe\adobe flash builder 4\flashbuilder.exe

O87 - FAEL: "TCP Query User{FD9E17D9-6DE6-4A36-9435-8B8611775A5A}C:\program files (x86)\adobe\adobe flash cs5\flash.exe" | In - Private - P6 - TRUE | .(.Adobe Systems Incorporated..) -- C:\program files (x86)\adobe\adobe flash cs5\flash.exe

O87 - FAEL: "UDP Query User{AEF1F8F7-8069-447B-A732-A2A29A07C43B}C:\program files (x86)\adobe\adobe flash cs5\flash.exe" | In - Private - P17 - TRUE | .(.Adobe Systems Incorporated..) -- C:\program files (x86)\adobe\adobe flash cs5\flash.exe

O87 - FAEL: "{3BA9A25F-2157-4E18-B0BE-44A1059EDCEB}" | In - Private - P6 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "{02E1866A-193D-4F58-8674-B103B47F3B60}" | In - Private - P17 - TRUE | .(.Yahoo! Inc. - Yahoo! Messenger.) -- C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

O87 - FAEL: "TCP Query User{2F3F9C1B-C37C-4510-A806-3F6A4D3BF52D}C:\program files (x86)\encyclopaedia universalis 2010\encyclopaedia universalis 2010\universalis2010.exe" | In - Private - P6 - TRUE | .(...) -- C:\program files (x86)\encyclopaedia univers

O87 - FAEL: "UDP Query User{2D2FA07C-E7CC-4482-94DE-A71BB81645CF}C:\program files (x86)\encyclopaedia universalis 2010\encyclopaedia universalis 2010\universalis2010.exe" | In - Private - P17 - TRUE | .(...) -- C:\program files (x86)\encyclopaedia univer

O87 - FAEL: "{1752A538-39CD-4D1B-97BD-E2B2463953DA}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "{6A16EA37-211C-422F-A8C1-B6E1BB8A9826}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O87 - FAEL: "TCP Query User{79E8D9AC-8BFB-4AB0-8A09-BBB33580A175}C:\program files\le robert\le petit robert 2009\prnet.exe" | In - Public - P6 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\prnet.exe

O87 - FAEL: "UDP Query User{2EB0E504-81DF-4038-AFCA-9C7F3A3F7EF6}C:\program files\le robert\le petit robert 2009\prnet.exe" | In - Public - P17 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\prnet.exe

O87 - FAEL: "TCP Query User{72D19E50-C376-4F38-8A71-3BCC47C9400D}C:\program files\le robert\le petit robert 2009\robertha.exe" | In - Public - P6 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\robertha.exe

O87 - FAEL: "UDP Query User{904F71F3-F6BB-4428-9A87-4E1EC9512E09}C:\program files\le robert\le petit robert 2009\robertha.exe" | In - Public - P17 - TRUE | .(.Dictionnaire Le Robert.) -- C:\program files\le robert\le petit robert 2009\robertha.exe

O87 - FAEL: "{1B16BFCD-68B8-4A9D-9562-90FDA49C5AF6}" |In - Public - P6 - TRUE | .(...) -- G:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{74A07670-86F0-43A6-9932-C35C69FFED6D}" |In - Public - P17 - TRUE | .(...) -- G:\fscommand\CKSocketServer.exe (.not file.)

O87 - FAEL: "{C66671FD-C0CB-42E0-AA92-F908FB74089D}" | In - Public - P6 - TRUE | .(.France Telecom SA - Orange [email protected]) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "{6E682912-6D43-48DF-9851-37E774525AA6}" | In - Public - P17 - TRUE | .(.France Telecom SA - Orange [email protected]) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "TCP Query User{72FBBD6B-2AB4-4BF7-BC7F-E3A2DF12B381}C:\program files (x86)\orange\assistance livebox\dist\st2.exe" | In - Public - P6 - TRUE | .(...) -- C:\program files (x86)\orange\assistance livebox\dist\st2.exe

O87 - FAEL: "UDP Query User{E72F1FEB-FBB9-4DA2-9C0E-D59FF1F141D4}C:\program files (x86)\orange\assistance livebox\dist\st2.exe" | In - Public - P17 - TRUE | .(...) -- C:\program files (x86)\orange\assistance livebox\dist\st2.exe

O87 - FAEL: "{5F930029-DEB8-447F-A3A8-96A80B3E4F53}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{50CB88AE-9CD6-439B-9469-DA41B02957A9}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{68582ADF-343A-4A3D-A793-7478FF58887C}" | In - Private - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

O87 - FAEL: "{D37AB62E-071C-492D-82B9-CBE81A868BAF}" | In - Private - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

O87 - FAEL: "{2BD2118F-38C4-4BE9-8CAD-B795C0492CD3}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{E1F8017B-7962-4809-9840-4BDBC5E838BB}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\dmwu.exe

O87 - FAEL: "{AF65D76C-2747-4DE3-A308-07BAE5D77358}" | In - Public - P6 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

O87 - FAEL: "{759D62F7-1F6B-41CB-89D9-4DD2B4E9A104}" | In - Public - P17 - TRUE | .(...) -- C:\Windows\System32\ARFC\wrtc.exe

O87 - FAEL: "{A89B1504-3545-4F63-840F-E099A3C0C9BB}" | In - None - P17 - TRUE | .(.Apple Inc. - WebKit2WebProcess.exe.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe

O87 - FAEL: "{77724FD7-982B-4B18-95E9-1D628C7A5BDE}" | In - Private - P6 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O87 - FAEL: "{F9CA530A-E837-4917-ACBC-182B6AD97D0E}" | In - Private - P17 - FALSE | .(.NVIDIA Corporation - NVIDIA Settings Update Manager.) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O87 - FAEL: "{AD5A2BC3-DB92-4CF2-93BE-3118ECCC828B}" | In - Private - P6 - TRUE | .(.France Telecom SA - Orange [email protected]) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "{54BDB65F-ADB7-4ABE-975E-0E24C3B42363}" | In - Private - P17 - TRUE | .(.France Telecom SA - Orange [email protected]) -- C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

O87 - FAEL: "TCP Query User{360EA6D5-AC8F-46B4-AF69-214D11EC8658}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" | In - Private - P6 - TRUE | .(.Safer-Networking Ltd..) -- C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe

O87 - FAEL: "UDP Query User{9CF3D2A3-0B1E-4473-8D1D-35E324CCA16B}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" | In - Private - P17 - TRUE | .(.Safer-Networking Ltd..) -- C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe

O87 - FAEL: "{DC4C57AB-952D-4DCC-B4DF-4A7C91E762E2}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

O87 - FAEL: "{93BC5333-2A73-4E16-8FA1-9DA6C9558DC8}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminator.exe

O87 - FAEL: "{527C46A4-2A19-46D7-8E25-BBFB56B4B32F}" | In - Private - P6 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

O87 - FAEL: "{57074F19-D4DB-464E-A794-CCBD2B36B328}" | In - Private - P17 - TRUE | .(.Crawler.com - Spyware Terminator 2012 Update Support.) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe

O87 - FAEL: "TCP Query User{94ABAFA0-735B-46BB-86A5-70DF7D1C69ED}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" | In - Public - P6 - TRUE | .(.Crawler.com.) -- C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe

O87 - FAEL: "UDP Query User{385D4303-E6F1-4FCE-A175-AF6D32B6EEF4}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" | In - Public - P17 - TRUE | .(.Crawler.com.) -- C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe

~ Scan Firewall in 00mn 01s

 

 

 

---\\ Scan Additionnel (O88)

Database Version : v2.10033 - (09/01/2013)

Clés trouvées (Keys found) : 29

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 5

Fichiers trouvés (Files found) : 0

 

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] =>Adware.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] =>Adware.Agent

[HKLM\Software\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] =>Adware.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] =>Adware.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] =>Adware.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] =>Toolbar.Agent

[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent

[HKLM\Software\Wow6432Node\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] =>Adware.Agent

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] =>Adware.AdRotator

[HKLM\Software\Wow6432Node\Google\Chrome\Extensions\niogeckbkdcabhnapjbkeiklablhjoca] =>Adware.IncrediBar

[HKLM\Software\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM

[HKLM\Software\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM

[HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM

[HKLM\Software\Wow6432Node\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM

[HKLM\Software\Wow6432Node\Classes\Installer\Products\758F5690DAAD39F40845E0E23C8C5C0B] =>PUP.SweetIM

[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] =>Crapware.SpyHunter

[HKCU\Software\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\Wow6432Node\SpeedMaxPc] =>PUP.SpeedMaxPc

[HKLM\Software\WNLT] =>Adware.IncrediBar

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] =>Adware.Bandoo

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] =>Adware.Bandoo

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] =>Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8848B3CD-4464-414F-953C-966678634540}] =>PUP.NetSpyProtector

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}] =>PUP.SpeedMaxPc

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] =>Hijacker.Proxy

[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASAPI32] =>PUP.OfferBox

[HKLM\Software\Wow6432Node\Microsoft\Tracing\offerbox_RASMANCS] =>PUP.OfferBox

[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASAPI32] =>PUP.OfferBox

[HKLM\Software\Wow6432Node\Microsoft\Tracing\OfferBoxHTTPProxy_RASMANCS] =>PUP.OfferBox

C:\Program Files (x86)\SpeedMaxPc =>PUP.SpeedMaxPc

C:\Program Files (x86)\Common Files\SpeedMaxPc =>PUP.SpeedMaxPc

C:\ProgramData\hssff =>Toolbar.Conduit

C:\ProgramData\SpeedMaxPc =>PUP.SpeedMaxPc

C:\Users\JC\AppData\Roaming\SpeedMaxPc =>PUP.SpeedMaxPc

~ Scan Additionnel in 00mn 07s

 

 

 

---\\ Product Upgrade Codes (O90)

O90 - PUC: "0000009F100000000000709475387300" . (.ABBYY FineReader 9.0 Professional Edition.) -- C:\Windows\Installer\{F9000000-0001-0000-0000-074957833700}\ARPPRODUCTICON.exe

O90 - PUC: "00B0C546944AC9A49952442A4170D13E" . (.Nitro PDF Reader.) -- C:\Windows\Installer\{645C0B00-A449-4A9C-9925-44A214071DE3}\Reader.ico

O90 - PUC: "057978BEDBCC3104FB5D20494DADB50D" . (.Apple Application Support.) -- C:\Windows\Installer\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}\WinInstall.ico

O90 - PUC: "096603D93713DC24496CE99F13A82FB4" . (.CorelDRAW Graphics Suite X4 - Lang FR.) -- c:\Windows\Installer\{9D306690-3173-42CD-94C6-9EF9318AF24B}\ARPPRODUCTICON.exe

O90 - PUC: "0AAC118621FB4D11E91A0005AB3E711E" . (.PowerDVD.) -- C:\Windows\Installer\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\ARPPRODUCTICON.exe

O90 - PUC: "0BCD4392EE8F0E114A5A8BCAF6798BE8" . (.Google Earth Plug-in.) -- C:\Windows\Installer\{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}\ARPPRODUCTICON.exe

O90 - PUC: "0C7EC0FA4E3A37D489B82B1978CEE6A9" . (.QuickTime.) -- C:\Windows\Installer\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}\Installer.ico

O90 - PUC: "0D8970D9C6FA26E4491BEAFBA1340EA0" . (.CorelDRAW Graphics Suite X4 - IPM.) -- c:\Windows\Installer\{9D0798D0-AF6C-4E62-94B1-AEBF1A43E00A}\ARPPRODUCTICON.exe

O90 - PUC: "121E2D80A6F7BE3479DF26B944094330" . (.Microsoft_VC90_CRT_x86.) -- C:\Windows\Installer\{08D2E121-7F6A-43EB-97FD-629B44903403}\ARPPRODUCTICON.exe

O90 - PUC: "14B934FB2520ED84B8B84003BC621A18" . (.CorelDRAW Graphics Suite X4 - VBA.) -- c:\Windows\Installer\{BF439B41-0252-48DE-8B8B-0430CB26A181}\ARPPRODUCTICON.exe

O90 - PUC: "19DA96544F74E9D4F89C17E73CD2A71E" . (.Microsoft_VC80_CRT_x86_x64.) -- C:\Windows\Installer\{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}\ARPPRODUCTICON.exe

O90 - PUC: "1D385E0A7F3253C469021B967D17E5B4" . (.Adobe Premiere Elements 8.0.) -- C:\Windows\Installer\{A0E583D1-23F7-4C35-9620-B169D7715E4B}\ARPPRODUCTICON.exe

O90 - PUC: "1F1CA1BF74F8ECD41ADED0BF0A4F554B" . (.Driver Mender.) -- C:\Windows\Installer\{FB1AC1F1-8F47-4DCE-A1ED-0DFBA0F455B4}\ARPPRODUCTICON.exe

O90 - PUC: "206E263152693D245BF7DC9A2DF6D98A" . (.Pinnacle Studio 15.) -- C:\Windows\Installer\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}\Studio.exe

O90 - PUC: "20B91A1DE71869244AB57058F37DD475" . (.Microsoft_VC80_MFC_x86.) -- C:\Windows\Installer\{D1A19B02-817E-4296-A45B-07853FD74D57}\ARPPRODUCTICON.exe

O90 - PUC: "254796BF4AC84B64891B61C529A2E23F" . (.Update Manager for SweetPacks 1.0.) -- C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}\ARPPRODUCTICON.exe

O90 - PUC: "25BBB29DFF28DE24A8C3E460F249A47B" . (.Microsoft_VC80_MFCLOC_x86.) -- C:\Windows\Installer\{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}\ARPPRODUCTICON.exe

O90 - PUC: "25DBD7E0790BB2F47A7C1F500B2DF0BD" . (.LightScribe System Software 1.14.17.1.) -- C:\Windows\Installer\{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}\ARPPRODUCTICON.exe

O90 - PUC: "2EA85713E61DE1E44A8449E56FB1848A" . (.calibre.) -- C:\Windows\Installer\{31758AE2-D16E-4E1E-A448-945EF61B48A8}\main_icon

O90 - PUC: "3975E07B219F26C4FA2E4C0F0B87DF13" . (.Reader Library by Sony.) -- C:\Windows\Installer\{B70E5793-F912-4C62-AFE2-C4F0B078FD31}\ARPPRODUCTICON.exe

O90 - PUC: "3DD0610D26F6E1F49B99C6863DEA3709" . (.CorelDRAW Graphics Suite X4 - Lang IT.) -- c:\Windows\Installer\{D0160DD3-6F62-4F1E-B999-6C68D3AE7390}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F01" . (.CorelDRAW Graphics SUite X4 - ICA.) -- C:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF010}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F21" . (.CorelDRAW Graphics Suite X4 - Capture.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF012}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F31" . (.CorelDRAW Graphics Suite X4 - Draw.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF013}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F41" . (.CorelDRAW Graphics Suite X4 - PP.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF014}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F61" . (.CorelDRAW Graphics Suite X4 - Content.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF016}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F71" . (.CorelDRAW Graphics Suite X4 - Filters.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF017}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F70F91" . (.CorelDRAW Graphics Suite X4 - FontNav.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF019}\ARPPRODUCTICON.exe

O90 - PUC: "407E50F76A03A124797AE8BEC1F71F00" . (.CorelDRAW Graphics Suite X4 - Lang EN.) -- c:\Windows\Installer\{7F05E704-30A6-421A-97A7-8EEB1C7FF100}\ARPPRODUCTICON.exe

O90 - PUC: "41DC8ECD5FBF46449B4A1EE87453647C" . (.Assistant de connexion Windows Live.) -- C:\Windows\Installer\{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}\prodicon.ico

O90 - PUC: "443A586481763294AAD951A8A0E2C1BF" . (.SmartSound Quicktracks for Premiere Elements 8.0.) -- C:\Windows\Installer\{4685A344-6718-4923-AA9D-158A0A2E1CFB}\ARPPRODUCTICON.exe

O90 - PUC: "4E9B274AFFA0B7F42BD56FF4E829A8BA" . (.Microsoft_VC90_MFC_x86_x64.) -- C:\Windows\Installer\{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}\ARPPRODUCTICON.exe

O90 - PUC: "5BC030CF6A649224DAE6A08C965F908C" . (.Pinnacle Studio Bonus Content.) -- C:\Windows\Installer\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}\ARPPRODUCTICON.exe

O90 - PUC: "5DAB1C8C6E456414DA70A3A83D56963C" . (.Microsoft_VC80_MFC_x86_x64.) -- C:\Windows\Installer\{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}\ARPPRODUCTICON.exe

O90 - PUC: "68AB67CA3301004F7706000000000040" . (.Adobe Acrobat 9 Pro - English, Français, Deutsch.) -- C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000004}\_SC_Acrobat.exe

O90 - PUC: "68AB67CA7DA746454382090000000040" . (.Spelling Dictionaries Support For Adobe Reader 9.) -- C:\Windows\Installer\{AC76BA86-7AD7-5464-3428-900000000004}\ARPPRODUCTICON.exe

O90 - PUC: "68AB67CA7DA76301B744AA0100000010" . (.Adobe Reader X (10.1.4) - Français.) -- C:\Windows\Installer\{AC76BA86-7AD7-1036-7B44-AA1000000001}\SC_Reader.ico

O90 - PUC: "6B12D16BD96432441B1626BD028B7AE0" . (.Visual Basic for Applications ® Core - English.) -- c:\Windows\Installer\{B61D21B6-469D-4423-B161-62DB20B8A70E}\vbasdk.ico,0

O90 - PUC: "758F5690DAAD39F40845E0E23C8C5C0B" . (.SweetIM for Messenger 3.6.) -- C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}\ARPPRODUCTICON.exe

O90 - PUC: "7C43C21609E58D74B9C5F017D78D7262" . (.swMSM.) -- C:\Windows\Installer\{612C34C7-5E90-47D8-9B5C-0F717DD82726}\ARPPRODUCTICON.exe

O90 - PUC: "811CF9E1D156439479EB5EC3EAC5D754" . (.Microsoft_VC80_MFCLOC_x86_x64.) -- C:\Windows\Installer\{1E9FC118-651D-4934-97BE-E53CAE5C7D45}\ARPPRODUCTICON.exe

O90 - PUC: "8487282DA2D77454A91D9C56BFE33644" . (.CorelDRAW Graphics Suite X4 - Lang ES.) -- c:\Windows\Installer\{D2827848-7D2A-4547-9AD1-C965FB3E6344}\ARPPRODUCTICON.exe

O90 - PUC: "85CABFEADDD2FEC4DBDF255A5A4F23DE" . (.CorelDRAW Graphics Suite X4 - Lang DE.) -- c:\Windows\Installer\{AEFBAC58-2DDD-4CEF-BDFD-52A5A5F432ED}\ARPPRODUCTICON.exe

O90 - PUC: "8F7463F0D15ECCF48826A9D8C0A5FC52" . (.Microsoft_VC80_ATL_x86.) -- C:\Windows\Installer\{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}\ARPPRODUCTICON.exe

O90 - PUC: "91785D291CBB3CC40AB8659C8E48CCC2" . (.Microsoft_VC80_CRT_x86.) -- C:\Windows\Installer\{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}\ARPPRODUCTICON.exe

O90 - PUC: "98DEB7CBB81698E4A8FD574DF7722632" . (.Pinnacle Studio 15 Ultimate Collection Plugins.) -- C:\Windows\Installer\{BC7BED89-618B-4E89-8ADF-75D47F276223}\ARPPRODUCTICON.exe

O90 - PUC: "9DC837B7701D7C84E856E266933AC9D8" . (.PerfectDisk 10 Professional.) -- C:\Windows\Installer\{7B738CD9-D107-48C7-8E65-2E6639A39C8D}\ARPPRODUCTICON.exe

O90 - PUC: "A11AD2ECF7195FC4BA5557E51C51DD01" . (.CorelDRAW® Graphics Suite X4 - Windows Shell Extension.) -- c:\Windows\Installer\{CE2DA11A-917F-4CF5-AB55-755EC115DD10}\ARPPRODUCTICON.exe

O90 - PUC: "A560EE688F26DE54B9A453114CD28ACF" . (.Power Disc Lock 7.0.) -- C:\Windows\Installer\{86EE065A-62F8-45ED-9B4A-3511C42DA8FC}\controlPanelIcon.exe

O90 - PUC: "B5DEF536D6C2EB94786EA7F6DC22CBA5" . (.Microsoft_VC90_MFC_x86.) -- C:\Windows\Installer\{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}\ARPPRODUCTICON.exe

O90 - PUC: "B850D529A465A3444B2BE7096C34E255" . (.Microsoft_VC80_ATL_x86_x64.) -- C:\Windows\Installer\{925D058B-564A-443A-B4B2-7E90C6432E55}\ARPPRODUCTICON.exe

O90 - PUC: "C7937558D24AF684793B2ABC2C735239" . (.Microsoft_VC90_ATL_x86_x64.) -- C:\Windows\Installer\{8557397C-A42D-486F-97B3-A2CBC2372593}\ARPPRODUCTICON.exe

O90 - PUC: "D0AC3A29DC55D5C4AB59C562002CF062" . (.Microsoft_VC90_CRT_x86_x64.) -- C:\Windows\Installer\{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}\ARPPRODUCTICON.exe

O90 - PUC: "D366E3D3E7E477545A06E7DCDD5445A8" . (.PVSonyDll.) -- C:\Windows\Installer\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}\ARPPRODUCTICON.exe

O90 - PUC: "D381B5441F4F8C549BBD1F3155AC56B7" . (.Windows Live Messenger.) -- C:\Windows\Installer\{445B183D-F4F1-45C8-B9DB-F11355CA657B}\MsblIco.Exe

O90 - PUC: "D4BAD9A1DC64FBC49ACF828DAAD8F2FC" . (.CorelDRAW Graphics Suite X4 - Lang BR.) -- c:\Windows\Installer\{1A9DAB4D-46CD-4CBF-A9FC-28D8AA8D2FCF}\ARPPRODUCTICON.exe

O90 - PUC: "DC3B84884644F41459C3696687365404" . (.eDownloader.) -- C:\Windows\Installer\{8848B3CD-4464-414F-953C-966678634540}\softwareinstaller.exe

O90 - PUC: "DDB6C50237B7ED245850A990F3532A83" . (.Outil de téléchargement Windows Live.) -- C:\Windows\Installer\{205C6BDD-7B73-42DE-8505-9A093F35A238}\RichUpload.ico

O90 - PUC: "E8660735FA4D5A14088928F6535BD058" . (.Visual Basic for Applications ® Core - French.) -- c:\Windows\Installer\{5370668E-D4AF-41A5-8098-826F35B50D85}\vbasdk.ico,0

O90 - PUC: "E873E3303DA65DA4DBBEBC6DB91340C6" . (.Microsoft_VC90_ATL_x86.) -- C:\Windows\Installer\{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}\ARPPRODUCTICON.exe

O90 - PUC: "E97718BD5CC70364CBCF570440594644" . (.Visual Basic for Applications ® Core.) -- c:\Windows\Installer\{DB81779E-7CC5-4630-BCFC-754004956444}\vbasdk.ico,0

O90 - PUC: "F6071111A6667304777712318267D401" . (.JavaFX 2.1.1.) -- C:\Windows\Installer\{1111706F-666A-4037-7777-211328764D10}\javaIcon.ico

O90 - PUC: "FFF72C6AFE57B5B46AE49F1E82999480" . (.CorelDRAW Graphics Suite X4 - Lang NL.) -- c:\Windows\Installer\{A6C27FFF-75EF-4B5B-A64E-F9E128994908}\ARPPRODUCTICON.exe

~ Scan Files in 00mn 00s

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 11/07/2012 140672 | (!SASCORE) . (.SUPERAntiSpyware.com.) - C:\Program Files\SUPERAntiSpyware\SASCORE64.exe

SS - | Disabled 27/10/2008 759072 | (ABBYY.Licensing.FineReader.Professional.9.0) . (.ABBYY (BIT Software).) - C:\Program Files (x86)\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

SR - | Auto 27/07/2012 63960 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

SS - | Demand 02/01/2013 250808 | (AdobeFlashPlayerUpdateSvc) . (.Adobe Systems Incorporated.) - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

SR - | Auto 29/03/2008 17272 | (aswUpdSv) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

SR - | Auto 29/03/2008 144760 | (avast! Antivirus) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashServ.exe

SS - | Demand 29/03/2008 247160 | (avast! Mail Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

SS - | Demand 29/03/2008 345464 | (avast! Web Scanner) . (.ALWIL Software.) - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

SR - | Auto 28/02/2006 229376 | (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files (x86)\Bonjour\mDNSResponder.exe

SS - | Disabled 0 | (Crypkey License) . (...) - crypserv.exe

SR - | Auto 331608 | (ExpatShieldService) . (...) - C:\Program Files (x86)\Expat Shield\bin\openvpnas.exe

SR - | Auto 05/01/2012 363336 | (ExpatSrv) . (.AnchorFree Inc..) - C:\Program Files (x86)\Expat Shield\HssWPR\hsssrv.exe

SS - | Demand 77520 | (ExpatTrayService) . (...) - C:\Program Files (x86)\Expat Shield\bin\ExpatTrayService.exe

SR - | Auto 329544 | (ExpatWd) . (...) - C:\Program Files (x86)\Expat Shield\bin\hsswd.exe

SS - | Demand 09/07/2011 867080 | (FLEXnet Licensing Service) . (.Acresso Software Inc..) - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Auto 06/08/2011 136176 | (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 06/08/2011 136176 | (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

SS - | Demand 08/02/2011 136120 | (gusvc) . (.Google.) - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

SS - | Demand 09/06/2008 73728 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

SR - | Auto 14/12/2012 398184 | (MBAMScheduler) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

SS - | Auto 14/12/2012 682344 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

SS - | Demand 09/01/2013 115168 | (MozillaMaintenance) . (.Mozilla Foundation.) - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

SR - | Auto 24/09/2008 935208 | (Nero BackItUp Scheduler 4.0) . (.Nero AG.) - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

SS - | Demand 04/02/2011 341296 | (NitroReaderDriverReadSpool) . (.Nitro PDF Software.) - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe

SR - | Auto 28/12/2012 54912 | (Notation) . (.Advernet.) - C:\Program Files (x86)\Notation\Notation.exe

SR - | Auto 28/12/2012 33920 | (NotationMonitor) . (.Advernet.) - C:\Program Files (x86)\Notation\NotationMonitor.exe

SS - | Demand 06/03/2012 889664 | (nvsvc) . (.NVIDIA Corporation.) - C:\Windows\system32\nvvsvc.exe

SS - | Auto 07/03/2012 2458944 | (nvUpdatusService) . (.NVIDIA Corporation.) - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

SS - | Auto 18/09/2012 1082016 | (Orange update Core Service) . (.France Telecom SA.) - C:\Program Files (x86)\Orange\OrangeUpdate\Service\OUCore.exe

SR - | Auto 26/01/2010 1503496 | (PDAgent) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk10\PDAgent.exe

SR - | Demand 26/01/2010 1486088 | (PDEngine) . (.Raxco Software, Inc..) - C:\Program Files\Raxco\PerfectDisk10\PDEngine.exe

SR - | Auto 10/09/2009 185632 | (PSI_SVC_2) . (.Protexis Inc..) - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

SR - | Auto 171040 | (RichVideo) . (...) - C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe

SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

SS - | Demand 02/04/2010 73728 | (Sony SCSI Helper Service) . (.Sony Corporation.) - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

SR - | Auto 10/10/2012 1021888 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe

SR - | Auto 09/11/2012 1148664 | (ST2012_Svc) . (.Crawler.com.) - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe

SS - | Demand 19/02/2010 517096 | (SwitchBoard) . (.Adobe Systems Incorporated.) - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

SR - | Auto 20/04/2012 92592 | (TomTomHOMEService) . (.TomTom.) - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

SS - | Auto 14/07/2009 27136 | C:\Program Files (x86)\Windows Defender\mpsvc.dll (WinDefend) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Demand 0 | (WMPNetworkSvc) . (...) - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe

SS - | Disabled 916992 | (WTService) . (...) - C:\Windows\system32\atwtusb.exe

SR - | Auto 14/07/2009 27136 | C:\Windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe

SR - | Auto 09/11/2008 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe

~ Scan Services in 00mn 01s

 

 

 

End of the scan (1920 lines in 02mn 03s)(0)

Lien vers le commentaire
Partager sur d’autres sites

Spybot, totalement obsolète doit être désinstallé.

Vous pourriez utiliser Mbam (Malewares Bytes)pour le remplacer.

 

Téléchargez MBAM

Pour désactiver TeaTimer qui ne sert à rien et peut faire échouer une désinfection:!

Sous Vista, exécuter avec privilèges Administrateur

Afficher d'abord le Mode Avancé dans SpyBot

->Options Avancées :

- >menu Mode, Mode Avancé.

Une colonne de menus apparaît dans la partie gauche :

- >cliquer sur Outils,

- >cliquer sur Résident,

Dans Résident :

- >décocher Résident "TeaTimer" pour le désactiver.

Effacer le contenu du dossier Snapshots(le contenu de snapshots, pas le fichier snapshots) , sous XP :

C:\Documents and Settings\All Users\Application Data\Spybot - Search &Destroy\Snapshots

Et sous Vista :

C:\ProgramData\Spybot - Search & Destroy\Snapshots

Si vous ne trouvez pas Snapshots, poursuivez la procédure sans vous en préoccuper

 

 

Vous devez trouver sur le bureau ou ,sinon, dans le dossier où vous avez installé Zhpdiag ces 3 icônes .

zhp0710.png

Cliquer sur l'icône Zhpfix

Sous Vista/7 clic-droit, "Exécuter En tant qu'Administrateur

Copiez/Collez les lignes vertes dans le cadre ci dessous:

pour cela;

Clic gauche maintenu enfoncé, Balayer l'ensemble du texte à copier avec la souris pour le mettre en surbrillance ,de gauche à droite et de haut en bas

Ctrl+c mettre le tout en mémoire

Ctrl+v pour inscrire le texte dans le Document ou, mieux, en cliquant le bouton Coller le presse papier au milieu,en haut, à gauche[1]

zhpfix16.png

 

[MD5.7C886F0E504B5280EEC45777056133EF] - (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe [269440] [PID.3960] => Infection Proxy (Hijacker.Proxy)

[MD5.940E626BC470367D5407C839B2CA696A] - (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\Notation.exe [54912] [PID.2100] => Infection Proxy (Hijacker.Proxy)

[MD5.79AFB20A741152D24D967C75407E0332] - (.Advernet - SavdmMonitor.) -- C:\Program Files (x86)\Notation\NotationMonitor.exe [33920] [PID.2196] => Infection Proxy (Hijacker.Proxy)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8877;https=127.0.0.1:8877 => Infection DNS (Détournement Proxy)

O4 - HKCU\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe => Infection Proxy (Hijacker.Proxy)

O4 - HKUS\S-1-5-18\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe => Infection Proxy (Hijacker.Proxy)

O4 - HKUS\S-1-5-21-85900175-3947571270-1107209466-1001\..\Run: [systray] . (.Advernet - Notation.) -- C:\Program Files (x86)\Notation\NotationSysTray.exe => Infection Proxy (Hijacker.Proxy)

O23 - Service: (Notation) . (.Advernet - Notation.) - C:\Program Files (x86)\Notation\Notation.exe => Infection Proxy (Hijacker.Proxy)

O23 - Service: NotationMonitor (NotationMonitor) . (.Advernet - SavdmMonitor.) - C:\Program Files (x86)\Notation\NotationMonitor.exe => Infection Proxy (Hijacker.Proxy)

O23 - Service: SpyHunter 4 Service (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC. - Service scanner interface.) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe => Infection FakeAlert (Crapware.SpyHunter)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_DEFAULT.job => Infection Rogue (Rogue.RegistryPowerCleaner)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\RegClean Pro_UPDATES.job => Infection Rogue (Rogue.RegistryPowerCleaner)

[MD5.4EE51F2AAC8DB7B1973C9D7F5B8DCB81] [APT] [speedMaxPc] (.SpeedMaxPc.) -- C:\Program Files (x86)\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe =>

[MD5.35DD2A44BA05F0D447520BB265E91810] [APT] [speedMaxPc Update3] (.SpeedMaxPc.) -- C:\Program Files (x86)\Common Files\SpeedMaxPc\UUS3\Update3.exe =>

[MD5.00000000000000000000000000000000] [APT] [spyHunter4Startup] (...) -- C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe (.not file.) => Infection FakeAlert (Crapware.SpyHunter)

O42 - Logiciel: Notation - (.Advernet.) [HKLM][64Bits] -- {29633E53-BF13-41B5-9E10-19D7843BD9C3} => Infection Proxy (Hijacker.Proxy)

O42 - Logiciel: SpeedMaxPc - (.SpeedMaxPc.) [HKLM][64Bits] -- {D894938C-8EE1-4854-9254-8F9AEF2BFE46} => Infection PUP (PUP.SpeedMaxPC)

O42 - Logiciel: SpyHunter - (.Enigma Software Group USA, LLC.) [HKLM][64Bits] -- {83B952C7-F8F3-4CA3-B4C5-33C85B24E478} => Infection FakeAlert (Crapware.SpyHunter)

O42 - Logiciel: eDownloader - (.eDownloader.) [HKLM][64Bits] -- eDownloader 1.0.0 => Infection PUP (PUP.SoftwareEngine)

O42 - Logiciel: eDownloader - (.eDownloader.) [HKLM][64Bits] -- {8848B3CD-4464-414F-953C-966678634540} => Infection PUP (PUP.SoftwareEngine)

[HKCU\Software\SpeedMaxPc] => Infection PUP (PUP.SpeedMaxPC)

[HKLM\Software\IB Updater] => Infection BT (Adware.IncrediBar)

[HKLM\Software\WNLT] => Infection BT (Adware.IncrediBar)

[HKLM\Software\Wow6432Node\SpeedMaxPc] => Infection PUP (PUP.SpeedMaxPC)

[HKLM\Software\Wow6432Node\eDownloader] => Infection PUP (PUP.SoftwareEngine)

O43 - CFD: 09/01/2013 - 16:30:01 - [34,052] ----D C:\Program Files (x86)\NoAdware5.0 => Infection Rogue (Rogue.NoAdware)

O43 - CFD: 08/01/2013 - 18:13:46 - [9,120] ----D C:\Program Files (x86)\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O43 - CFD: 08/01/2013 - 18:13:46 - [1,561] ----D C:\Program Files (x86)\Common Files\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O43 - CFD: 08/01/2013 - 17:06:06 - [0] ----D C:\ProgramData\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O43 - CFD: 08/01/2013 - 16:07:34 - [0] ----D C:\Users\JC\AppData\Roaming\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O43 - CFD: 08/01/2013 - 18:13:46 - [0,001] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O43 - CFD: 07/01/2013 - 12:16:10 - [0,003] ----D C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter => Infection FakeAlert (Crapware.SpyHunter)

O64 - Services: CurCS - 02/03/2011 - C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys - esgiguard (esgiguard) .(...) - LEGACY_ESGIGUARD => Infection FakeAlert (Crapware.SpyHunter)

O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo!) - Yahoo! Search - Recherche Web => Infection Diverse (Adware.AdRotator)

[MD5.854BA8341B0468B6B68BE1FD40A6361D] [sPRF][03/01/2013] (.Babylon Ltd. - Uninstaller Application.) -- C:\Users\JC\AppData\Local\Temp\uninst1.exe [378368] => Infection BT (Toolbar.Babylon)

O87 - FAEL: "{7A5F2E92-4F71-4DB2-98CF-C6F7A9253EED}" | In - Private - P6 - TRUE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe => Infection Roogue (Rogue.NoAdware)

O87 - FAEL: "{39E7D3CF-F376-4DF9-ACA6-F76FE548B6A0}" | In - Private - P17 - TRUE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe => Infection Roogue (Rogue.NoAdware)

O87 - FAEL: "{8433F7B0-3D89-4D81-9EC8-37362230A1E4}" | In - Domain - P6 - FALSE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe => Infection Roogue (Rogue.NoAdware)

O87 - FAEL: "{151F661F-37CC-4013-9A16-38D3FCFBA9FA}" | In - Domain - P17 - FALSE | .(.Pas de propriétaire - Noadware Application.) -- C:\Program Files (x86)\NoAdware5.0\NoAdware5.exe => Infection Roogue (Rogue.NoAdware)

[HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] => Infection BT (Toolbar.Agent)

[HKLM\Software\Wow6432Node\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}] => Infection BT (Toolbar.Agent)

[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}] => Infection Diverse (Adware.AdRotator)

[HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service] => Infection FakeAlert (Crapware.SpyHunter)

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32] => Infection PUP (Adware.Bandoo)

[HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS] => Infection PUP (Adware.Bandoo)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8848B3CD-4464-414F-953C-966678634540}] => Infection PUP (PUP.SoftwareEngine)

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}] => Infection Proxy (Hijacker.Proxy)

C:\Program Files (x86)\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

C:\Program Files (x86)\Common Files\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

C:\ProgramData\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

C:\Users\JC\AppData\Roaming\SpeedMaxPc => Infection PUP (PUP.SpeedMaxPC)

O90 - PUC: "758F5690DAAD39F40845E0E23C8C5C0B" . (.SweetIM for Messenger 3.6.) -- C:\Windows\Installer\{0965F857-DAAD-4F93-8054-0E2EC3C8C5B0}\ARPPRODUCTICON.exe => Infection PUP (PUP.SweetIM)

O90 - PUC: "DC3B84884644F41459C3696687365404" . (.eDownloader.) -- C:\Windows\Installer\{8848B3CD-4464-414F-953C-966678634540}\softwareinstaller.exe => Infection PUP (PUP.SoftwareEngine)

SR - | Auto 10/10/2012 1021888 | (SpyHunter 4 Service) . (.Enigma Software Group USA, LLC..) - C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe => Infection FakeAlert (Crapware.SpyHunter)

[MD5.206387AB881E93A1A6EB89966C8651F1] - (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392] [PID.2388]

[MD5.A529CFE32565C0B145578FFB2B32C9A5] - (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624] [PID.2732]

[MD5.CB63BDB77BB86549FC3303C2F11EDC18] - (.Safer-Networking Ltd. - Windows Security Center integration..) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384] [PID.3068]

C:\Users\JC\AppData\Roaming\Mozilla\Firefox\Profiles\ii5omqwu.default\prefs.js (.not file.) => Fichier absent

O4 - Global Startup: C:\Users\JC\Desktop\C.lnk - Clé orpheline => Orphean Key not necessary

O4 - Global Startup: C:\Users\JC\Desktop\D.lnk - Clé orpheline => Orphean Key not necessary

O4 - Global Startup: C:\Users\JC\Desktop\Lecteur de CD.lnk - Clé orpheline => Orphean Key not necessary

O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => Safer-Networking Ltd%Spybot-S&D 2 Scanner Service

O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) . (.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => Safer-Networking Ltd%Spybot-S&D 2 Background update service

O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) . (.Safer-Networking Ltd. - Windows Security Center integration..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => Safer-Networking Ltd - Spybot Search & Destroy

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Google Update Task

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Google Update Task

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => Safer-Networking Ltd - Spybot Search & Destroy

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => Safer-Networking Ltd - Spybot Search & Destroy

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [Google Updater and Installer] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.F02A533F517EB38333CB12A9E8963773] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001Core] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.506708142BC63DABA64F2D3AD1DCD5BF] [APT] [GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001UA] (.Google Inc..) -- C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) => Systweak Inc RegClean Pro

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_DEFAULT] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) => Systweak Inc RegClean Pro

[MD5.00000000000000000000000000000000] [APT] [RegClean Pro_UPDATES] (...) -- C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe (.not file.) => Systweak Inc RegClean Pro

[MD5.00000000000000000000000000000000] [APT] [{0EEC9130-5653-4991-BCFF-7C43A3FEEAFD}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{1B7DBD10-55E2-4ABA-8A52-5A109AD96403}] (...) -- C:\Hahneman\hahneman.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{20462EBF-B212-43E2-B44D-79E77CAACB0F}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{3BE1A0B6-0F88-4FEF-B956-1B58F09DF4DC}] (...) -- C:\Hahneman\hahneman.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{3C182F72-B6BE-421A-88F7-8A63D97B46EC}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{3C99C734-9CA1-49D0-9480-05CE90EDCCF8}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{4182F12F-8786-44D4-82DD-8FF9AFF6559E}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{565A9461-03CE-4FA2-AA2F-F2C513EA9C64}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{5ACB7F14-DA72-477E-89F0-65C5D0D28C84}] (...) -- L:\programmes\winrar\Crack.exe (.not file.) => Crack, KeyGen, Keymaker - Possible Malware

[MD5.00000000000000000000000000000000] [APT] [{5E8C670D-8A96-40BA-B1F3-58E4DDAB301C}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{7DA551D3-5541-4067-B390-38AE05302049}] (...) -- C:\Hahneman\hahneman.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{933BC85E-7BBF-4458-930C-7D09F290344A}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{AE82027C-C5B8-4BB9-8A53-D5436A836B6E}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{B6C8D19E-974A-4592-8057-E2EBE82F3690}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{BA3291D2-D096-4C40-975F-5ACDBBD04D97}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{C0490A7C-8085-4AD9-8087-ECDCD5FB416D}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{C32E47AF-F29E-4073-88BE-6F32C322233C}] (...) -- N:\avast\KeyMaker.exe (.not file.) => Crack, KeyGen, Keymaker - Possible Malware

[MD5.00000000000000000000000000000000] [APT] [{C3840F15-E0C1-4C23-B99A-384E87DDC12F}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{C80C17E1-387A-4E6B-AD79-3B33664F0733}] (...) -- N:\Autodesk 3Ds Maxsign 2011.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{D0A79E50-D36B-4021-8BC4-4496CF15EB66}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{DBA2962D-0676-4349-A18F-88FC8B6EF1B2}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{E2A6B52B-9D2A-4F9B-8585-AADC15415CA7}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

[MD5.00000000000000000000000000000000] [APT] [{E9C03FC7-4E75-4B77-9106-D8CDF7A43F66}] (...) -- G:\INSTexeC.exe (.not file.) => Fichier absent

O41 - Driver: (NetworkX) . (. - .) - C:\Windows\system32\ckldrv.sys (.not file.) => Fichier absent

O42 - Logiciel: Spybot - Search & Destroy - (.Safer-Networking Ltd..) [HKLM][64Bits] -- {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1

[HKCU\Software\PerformerSoft LLC] => PerformerSoft LLC

[HKLM\Software\Wow6432Node\IncrediMail] => IncrediMail

O43 - CFD: 02/01/2013 - 15:01:12 - [152,667] ----D C:\Program Files (x86)\Spybot - Search & Destroy 2 => Spybot Search & Destroy

O43 - CFD: 05/01/2013 - 20:08:51 - [11,118] ----D C:\ProgramData\Spybot - Search & Destroy => Spybot - Search & Destroy

O43 - CFD: 19/06/2011 - 14:48:12 - [0] ----D C:\Users\JC\AppData\Local\PackageAware => Empty Folder not necessary

O43 - CFD: 02/01/2013 - 15:00:30 - [0] ----D C:\Users\JC\AppData\Local\Programs => Empty Folder not necessary

O43 - CFD: 29/11/2011 - 12:50:59 - [0] ---AD C:\Users\JC\AppData\Local\snq4ermq => Empty Folder not necessary

O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 02/01/2013 - 15:01:06 . (.http://www.beyondlogic.org - Command Line Process Utility.) -- C:\Windows\System32\sdnclean64.exe [53248]

O44 - LFC:[MD5.23948829C6D049B8ADE0E0FB87305AC3] - 02/01/2013 - 15:01:06 ---A- . (.Safer Networking Limited - Pas de description.) -- C:\Windows\SysNative\sdnclean64.exe [17272]

O44 - LFC:[MD5.91F0EBA7F304838C694DE7FA23298894] - 30/04/2009 - 01:36:37 ---A- . (...) -- C:\Windows\SysNative\WS2Fix.exe [75776]

O44 - LFC:[MD5.91F0EBA7F304838C694DE7FA23298894] - 30/04/2009 - 01:36:37 ---A- . (...) -- C:\Windows\System32\WS2Fix.exe [75776]

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot - Search & Destroy tray access.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Scanner Service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" [Enabled] .(.Safer-Networking Ltd. - Update.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

O47 - AAKE:Key Export SP - "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" [Enabled] .(.Safer-Networking Ltd. - Spybot-S&D 2 Background update service.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

O87 - FAEL: "{1B16BFCD-68B8-4A9D-9562-90FDA49C5AF6}" |In - Public - P6 - TRUE | .(...) -- G:\fscommand\CKSocketServer.exe (.not file.) => Fichier absent

O87 - FAEL: "{74A07670-86F0-43A6-9932-C35C69FFED6D}" |In - Public - P17 - TRUE | .(...) -- G:\fscommand\CKSocketServer.exe (.not file.) => Fichier absent

O87 - FAEL: "TCP Query User{360EA6D5-AC8F-46B4-AF69-214D11EC8658}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" | In - Private - P6 - TRUE | .(.Safer-Networking Ltd..) -- C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe

O87 - FAEL: "UDP Query User{9CF3D2A3-0B1E-4473-8D1D-35E324CCA16B}C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe" | In - Private - P17 - TRUE | .(.Safer-Networking Ltd..) -- C:\program files (x86)\spybot - search & destroy 2\sdfiles.exe

SR - | Auto 13/11/2012 1103392 | (SDScannerService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => Safer-Networking Ltd%Spybot-S&D 2 Scanner Service

SR - | Auto 13/11/2012 1369624 | (SDUpdateService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => Safer-Networking Ltd%Spybot-S&D 2 Background update service

SR - | Auto 13/11/2012 168384 | (SDWSCService) . (.Safer-Networking Ltd..) - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

O2 - BHO: Expat Shield Class [64Bits] - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} . (.AnchorFree Inc. - Pas de description.) -- C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE.dll => Toolbar.Agent

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM][64Bits] -- {56C049BE-79E9-4502-BEA7-9754A3E60F9B} => Toolbar.Agent

[HKCU\Software\YahooPartnerToolbar] => Toolbar.Yahoo

O43 - CFD: 02/01/2013 - 20:31:51 - [0] ----D C:\ProgramData\hssff => Toolbar.Conduit

O69 - SBI: SearchScopes [HKCU] {2A9E906D-582E-48E8-AD53-6D9B28212D52} - (Ask Search) - http://websearch.ask.com => Toolbar.Ask

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] => Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] => Toolbar.Agent

[HKLM\Software\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] => Toolbar.Agent

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] => Toolbar.Agent

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}] => Toolbar.Agent

[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}] => Toolbar.Orange

[HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}] => Toolbar.Agent

C:\ProgramData\hssff => Toolbar.Conduit

O90 - PUC: "254796BF4AC84B64891B61C529A2E23F" . (.Update Manager for SweetPacks 1.0.) -- C:\Windows\Installer\{FB697452-8CA4-46B4-98B1-165C922A2EF3}\ARPPRODUCTICON.exe => Toolbar.Agent

EmptyFlash

EmptyTemp

FirewallRaz

Proxyfix

Hostfix

SysRestore

 

Cliquer sur "Go" |2]

 

Si vous ne voyez pas le boutonGo, cliquez sur le bouton du milieu, en haut, à gauche.[1]

Redémarrer pour achever le nettoyage.

 

Copier-coller,dans la réponse, le contenu du rapport ZHPFixReport.txt qui s'affiche .

Si besoin; il est enregistré sous C:\ZHP\ZHPFixReport.txt

Lien vers le commentaire
Partager sur d’autres sites

bonjour

Merci pour votre aide, je vous en suis vraiment reconnaissant; je vois qu'il y avait de sérieux problèmes.

J'ai désinstallé Spybot.

voici le rapport:

Rapport de ZHPFix 1.3.11 par Nicolas Coolman, Update du 30/12/2012

Fichier d'export Registre : C:\ZHP\ZHPExportRegistry-10-01-2013-10-40-13.txt

Run by JC at 10/01/2013 10:40:11

Windows 7 Home Premium Edition, 64-bit Service Pack 1 (Build 7601)

 

 

 

========== Logiciel(s) ==========

SUPPRIME Notation

ABSENT Uninstall Process: c:\program files (x86)\speedmaxpc\speedmaxpc\uninstall.exe

ABSENT Software Key: {83B952C7-F8F3-4CA3-B4C5-33C85B24E478}

SUPPRIME eDownloader

ABSENT Software Key: {8848B3CD-4464-414F-953C-966678634540}

ABSENT Software Key: {B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1

SUPPRIME neroxml

 

========== Processus mémoire ==========

SUPPRIME Memory Process: C:\Program Files (x86)\Notation\NotationSysTray.exe

SUPPRIME Memory Process: C:\Program Files (x86)\Notation\Notation.exe

SUPPRIME Memory Process: C:\Program Files (x86)\Notation\NotationMonitor.exe

SUPPRIME Memory Process: C:\Users\JC\AppData\Local\Temp\uninst1.exe

SUPPRIME Memory Process: C:\Users\JC\AppData\Local\Google\Update\GoogleUpdate.exe

SUPPRIME Memory Process: C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

========== Clé(s) du Registre ==========

SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}]

SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{D894938C-8EE1-4854-9254-8F9AEF2BFE46}]

SUPPRIME [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}]

SUPPRIME Key: Service: Notation

SUPPRIME Key: Service: NotationMonitor

SUPPRIME Key: Service: SpyHunter 4 Service

SUPPRIME Key: HKCU\Software\SpeedMaxPc

SUPPRIME Key*: HKLM\Software\IB Updater

SUPPRIME Key*: HKLM\Software\WNLT

SUPPRIME Key: HKLM\Software\Wow6432Node\SpeedMaxPc

ABSENT Key: HKLM\Software\Wow6432Node\eDownloader

SUPPRIME Key: Service Legacy: LEGACY_ESGIGUARD

SUPPRIME Key: SearchScopes :{DECA3892-BA8F-44b8-A993-A466AD694AE4}

SUPPRIME Key*: HKLM\Software\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}

ABSENT Key: HKLM\Software\Wow6432Node\Classes\Interface\{db885111-f39f-4d88-9ee5-c88460b6df7b}

ABSENT Key: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DECA3892-BA8F-44b8-A993-A466AD694AE4}

ABSENT Key: HKLM\SYSTEM\CurrentControlSet\Services\SpyHunter 4 Service

SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32

SUPPRIME Key: HKLM\Software\Wow6432Node\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8848B3CD-4464-414F-953C-966678634540}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{29633E53-BF13-41B5-9E10-19D7843BD9C3}

SUPPRIME Key: \Software\Classes\Installer\Products\\758F5690DAAD39F40845E0E23C8C5C0B

SUPPRIME Key: \Software\Classes\Installer\Features\758F5690DAAD39F40845E0E23C8C5C0B

ABSENT Key: [HKLM\\Software\Classes\Installer\Products\\DC3B84884644F41459C3696687365404]

ABSENT Key: Service: SpyHunter 4 Service

ABSENT Key: Service: SDScannerService

ABSENT Key: Service: SDUpdateService

ABSENT Key: Service: SDWSCService

SUPPRIME Driver Key: NetworkX

SUPPRIME Key: HKCU\Software\PerformerSoft LLC

SUPPRIME Key: HKLM\Software\Wow6432Node\IncrediMail

SUPPRIME Key: CLSID BHO: {3706EE7C-3CAD-445D-8A43-03EBC3B75908}

SUPPRIME Key: CLSID: [HKLM\SOFTWARE\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}]

SUPPRIME Key: HKCU\Software\YahooPartnerToolbar

SUPPRIME Key: SearchScopes :{2A9E906D-582E-48E8-AD53-6D9B28212D52}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}

ABSENT Key: HKLM\Software\Classes\CLSID\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}

SUPPRIME Key*: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3706EE7C-3CAD-445D-8A43-03EBC3B75908}

SUPPRIME Key: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9A6357B-25CC-4BCF-96C1-78736985D412}

ABSENT Key: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{56C049BE-79E9-4502-BEA7-9754A3E60F9B}

SUPPRIME Key: \Software\Classes\Installer\Products\\254796BF4AC84B64891B61C529A2E23F

SUPPRIME Key: \Software\Classes\Installer\Features\254796BF4AC84B64891B61C529A2E23F

 

========== Valeur(s) du Registre ==========

ABSENT RunValue: systray

SUPPRIME RunValue: systray

SUPPRIME {7A5F2E92-4F71-4DB2-98CF-C6F7A9253EED}

SUPPRIME {39E7D3CF-F376-4DF9-ACA6-F76FE548B6A0}

SUPPRIME {8433F7B0-3D89-4D81-9EC8-37362230A1E4}

SUPPRIME {151F661F-37CC-4013-9A16-38D3FCFBA9FA}

ABSENT AAKE KeyValue: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

ABSENT AAKE KeyValue: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

ABSENT AAKE KeyValue: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

ABSENT AAKE KeyValue: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

SUPPRIME {1B16BFCD-68B8-4A9D-9562-90FDA49C5AF6}

SUPPRIME {74A07670-86F0-43A6-9932-C35C69FFED6D}

ABSENT TCP Query User{360EA6D5-AC8F-46B4-AF69-214D11EC8658}C:/program files (x86)/spybot - search & destroy 2/sdfiles.exe

ABSENT UDP Query User{9CF3D2A3-0B1E-4473-8D1D-35E324CCA16B}C:/program files (x86)/spybot - search & destroy 2/sdfiles.exe

ABSENT Valeur Standard Profile: FirewallRaz :

ABSENT Valeur Domain Profile: FirewallRaz :

SUPPRIME FirewallRaz (None) : {027A8ECE-806B-45F5-8A86-43CCD2AB7B07}

ProxyFix : Configuration proxy supprimée avec succès

SUPPRIME ProxyServer Value

SUPPRIME ProxyEnable Value

SUPPRIME EnableHttp1_1 Value

SUPPRIME ProxyHttp1.1 Value

SUPPRIME ProxyOverride Value

 

========== Elément(s) de donnée du Registre ==========

SUPPRIME R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer

 

========== Dossier(s) ==========

SUPPRIME Folder: C:\Program Files (x86)\NoAdware5.0

ABSENT C:\Program Files (x86)\SpeedMaxPc

ABSENT C:\Program Files (x86)\Common Files\SpeedMaxPc

SUPPRIME Folder: C:\ProgramData\SpeedMaxPc

SUPPRIME Folder: C:\Users\JC\AppData\Roaming\SpeedMaxPc

ABSENT C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedMaxPc

SUPPRIME Folder: C:\Users\JC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter

SUPPRIME Reboot Folder**: C:\Program Files (x86)\Spybot - Search & Destroy 2

SUPPRIME Folder: C:\ProgramData\Spybot - Search & Destroy

SUPPRIME Folder: C:\Users\JC\AppData\Local\PackageAware

SUPPRIME Folder: C:\Users\JC\AppData\Local\Programs

SUPPRIME Folder: C:\Users\JC\AppData\Local\snq4ermq

SUPPRIME Folder: C:\ProgramData\hssff

SUPPRIME Flash Cookies:

SUPPRIME Temporaires Windows:

 

========== Fichier(s) ==========

SUPPRIME File***: c:\program files (x86)\notation\notationsystray.exe

ABSENT File: c:\program files (x86)\notation\notationsystray.exe

SUPPRIME Reboot c:\program files\enigma software group\spyhunter\sh4service.exe

SUPPRIME File: c:\windows\tasks\regclean pro_default.job

SUPPRIME File: c:\windows\tasks\regclean pro_updates.job

ABSENT Folder/File: c:\program files (x86)\speedmaxpc\speedmaxpc\speedmaxpc.exe

SUPPRIME File: c:\users\jc\appdata\local\temp\uninst1.exe

ABSENT Folder/File: c:\programdata\speedmaxpc

ABSENT Folder/File: c:\users\jc\appdata\roaming\speedmaxpc

SUPPRIME File: c:\program files\enigma software group\spyhunter\sh4service.exe

ABSENT Folder/File: c:\users\jc\appdata\roaming\mozilla\firefox\profiles\ii5omqwu.default\prefs.js (.not file.)

SUPPRIME File: c:\users\jc\desktop\c.lnk

SUPPRIME File: c:\users\jc\desktop\d.lnk

SUPPRIME File: c:\users\jc\desktop\lecteur de cd.lnk

SUPPRIME File: c:\windows\tasks\check for updates (spybot - search & destroy).job

SUPPRIME File: c:\windows\tasks\googleupdatetaskmachinecore.job

SUPPRIME File: c:\windows\tasks\googleupdatetaskmachineua.job

SUPPRIME File: c:\windows\tasks\refresh immunization (spybot - search & destroy).job

SUPPRIME File: c:\windows\tasks\scan the system (spybot - search & destroy).job

SUPPRIME File: c:\users\jc\appdata\local\google\update\googleupdate.exe

SUPPRIME File: c:\program files (x86)\google\update\googleupdate.exe

ABSENT Folder/File: c:\users\jc\appdata\local\google\update\googleupdate.exe

ABSENT File: c:\windows\system32\sdnclean64.exe

SUPPRIME File: c:\windows\sysnative\ws2fix.exe

ABSENT File: c:\windows\system32\ws2fix.exe

ABSENT Folder/File: c:\programdata\hssff

SUPPRIME Flash Cookies:

SUPPRIME Temporaires Windows:

 

========== Fichier HOSTS ==========

Le fichier Hosts est sain

 

========== Tache planifiée ==========

SUPPRIME Task: SpeedMaxPc

SUPPRIME Task: SpeedMaxPc Update3

SUPPRIME Task: SpyHunter4Startup

SUPPRIME Task: Google Updater and Installer

SUPPRIME Task: GoogleUpdateTaskMachineCore

SUPPRIME Task: GoogleUpdateTaskMachineUA

SUPPRIME Task: GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001Core

SUPPRIME Task: GoogleUpdateTaskUserS-1-5-21-85900175-3947571270-1107209466-1001UA

SUPPRIME Task: RegClean Pro

SUPPRIME Task: RegClean Pro_DEFAULT

SUPPRIME Task: RegClean Pro_UPDATES

SUPPRIME Task: {0EEC9130-5653-4991-BCFF-7C43A3FEEAFD}

SUPPRIME Task: {1B7DBD10-55E2-4ABA-8A52-5A109AD96403}

SUPPRIME Task: {20462EBF-B212-43E2-B44D-79E77CAACB0F}

SUPPRIME Task: {3BE1A0B6-0F88-4FEF-B956-1B58F09DF4DC}

SUPPRIME Task: {3C182F72-B6BE-421A-88F7-8A63D97B46EC}

SUPPRIME Task: {3C99C734-9CA1-49D0-9480-05CE90EDCCF8}

SUPPRIME Task: {4182F12F-8786-44D4-82DD-8FF9AFF6559E}

SUPPRIME Task: {565A9461-03CE-4FA2-AA2F-F2C513EA9C64}

SUPPRIME Task: {5ACB7F14-DA72-477E-89F0-65C5D0D28C84}

SUPPRIME Task: {5E8C670D-8A96-40BA-B1F3-58E4DDAB301C}

SUPPRIME Task: {7DA551D3-5541-4067-B390-38AE05302049}

SUPPRIME Task: {933BC85E-7BBF-4458-930C-7D09F290344A}

SUPPRIME Task: {AE82027C-C5B8-4BB9-8A53-D5436A836B6E}

SUPPRIME Task: {B6C8D19E-974A-4592-8057-E2EBE82F3690}

SUPPRIME Task: {BA3291D2-D096-4C40-975F-5ACDBBD04D97}

SUPPRIME Task: {C0490A7C-8085-4AD9-8087-ECDCD5FB416D}

SUPPRIME Task: {C32E47AF-F29E-4073-88BE-6F32C322233C}

SUPPRIME Task: {C3840F15-E0C1-4C23-B99A-384E87DDC12F}

SUPPRIME Task: {C80C17E1-387A-4E6B-AD79-3B33664F0733}

SUPPRIME Task: {D0A79E50-D36B-4021-8BC4-4496CF15EB66}

SUPPRIME Task: {DBA2962D-0676-4349-A18F-88FC8B6EF1B2}

SUPPRIME Task: {E2A6B52B-9D2A-4F9B-8585-AADC15415CA7}

SUPPRIME Task: {E9C03FC7-4E75-4B77-9106-D8CDF7A43F66}

 

========== Restauration Système ==========

Point de restauration du système créé avec succès

 

 

========== Récapitulatif ==========

6 : Processus mémoire

44 : Clé(s) du Registre

23 : Valeur(s) du Registre

1 : Elément(s) de donnée du Registre

15 : Dossier(s)

28 : Fichier(s)

7 : Logiciel(s)

1 : Fichier HOSTS

34 : Tache planifiée

1 : Restauration Système

 

 

End of clean in 02mn 51s

 

========== Chemin de fichier rapport ==========

C:\ZHP\ZHPFix[R1].txt - 09/01/2013 11:19:53 [747]

C:\ZHP\ZHPFix[R2].txt - 10/01/2013 10:40:13 [11050]

Lien vers le commentaire
Partager sur d’autres sites

Autre Chose ?

 

Si vous pensez que votre problème a trouvé une solution, et afin que ceux qui la cherchent en profitent,

éditez votre premier message (Edition complète)et, dans le titre, inscrivez Résolu.

resolu.jpg

[1] En bas de votre premier message, cliquer sur [Modifier]

[2] En bas de l'éditeur qui s'ouvre, cliquer sur [utiliser l'éditeur complet]

[3] En haut de l'éditeur complet, ajouter [Résolu] au début du titre de votre sujet.

Lien vers le commentaire
Partager sur d’autres sites

Malheureusement, après toutes ces manips, mon problème n'est pas résolu; mes ports USB restent bloqués au niveau du stockage : "impossible d'installer le pilote", le programme de réparation ne peut démarrer a cause d'un problème.

Je ne crois pas qu'ici ce soit le bon endroit pour résoudre ces problèmes, pourriez vous m'indiquez à qui je dois m'adresser.J'avais été envoyé ici par LEMINOU.

Dans tous les cas, merci pour votre aide.

Lien vers le commentaire
Partager sur d’autres sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

 Share

  • En ligne récemment   0 membre est en ligne

    Aucun utilisateur enregistré regarde cette page.

×
×
  • Créer...