Fichier PDF

Partage, hébergement, conversion et archivage facile de documents au format PDF

Partager un fichier Mes fichiers Convertir un fichier Boite à outils PDF Recherche PDF Aide Contact



ZHPDiag .pdf



Nom original: ZHPDiag.pdf

Ce document au format PDF 1.6 a été généré par Microsoft® Office Word 2007, et a été envoyé sur fichier-pdf.fr le 07/12/2011 à 11:34, depuis l'adresse IP 79.91.x.x. La présente page de téléchargement du fichier a été vue 1138 fois.
Taille du document: 357 Ko (47 pages).
Confidentialité: fichier public




Télécharger le fichier (PDF)









Aperçu du document


Rapport de ZHPDiag v1.28.26 par Nicolas Coolman, Update du 06/12/2011
Run by Valentin at 07/12/2011 11:18:56
Web site : http://www.premiumorange.com/zeb-help-process/zhpdiag.html
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Business Edition, 32-bit (Build 7600)
Windows Server License Manager Script : OK
~ Windows(R) 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : 7TP9F
Windows License : OK
~ Windows Remaining Initializations Number : 1
Software Protection Service (Protection logicielle)
Windows Automatic Updates : OK
Windows Activation Technologies : OK

: OK

---\\ System Information
~ Processor: x86 Family 6 Model 23 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1977 MB (48% free)
System Restore: Activé (Enable)
System drive C: has 44 GB (33%) free of 129 GB
---\\ Logged in mode
~ Computer Name: VALENTIN-PC
~ User Name: Valentin
~ All Users Names: Valentin, HomeGroupUser$, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\Valentin\AppData\Roaming\
~ %Desktop% : C:\Users\Valentin\Desktop\
~ %Favorites% : C:\Users\Valentin\Favorites\
~ %LocalAppData% : C:\Users\Valentin\AppData\Local\
~ %StartMenu% : C:\Users\Valentin\AppData\Roaming\Microsoft\Windows\Start
Menu\
~ %Windir% : C:\Windows\
~ %System% : C:\Windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 44 Go of 129 Go)
D:\ CD-ROM drive (Not Inserted)

---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\
Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings]
WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\
Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto
Update\Results\Install] LastSuccessTime : Out Of Date
~ Scan Security Center in 00mn 00s

---\\ Recherche particulière de fichiers génériques
[MD5.2AF58D15EDC06EC6FDACCE1F19482BBF] - (.Microsoft Corporation Explorateur Windows.) (.12/07/2011 - 06:33:07.) -C:\Windows\Explorer.exe [2614784]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (....) (.14/07/2009 - 02:14:31.)
-- C:\Windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation Application de démarrage de Windows.) (.14/07/2009 - 02:14:45.) -C:\Windows\system32\Wininit.exe [96256]
[MD5.D3788D91530CFA005BD516189A4C676E] - (.Microsoft Corporation Extensions Internet pour Win32.) (.14/10/2011 - 03:28:15.) -C:\Windows\system32\wininet.dll [1126912]
[MD5.37CDB7E72EB66BA85A87CBE37E7F03FD] - (.Microsoft Corporation Application d’ouverture de session Windows.) (.12/07/2011 - 07:17:59.) -C:\Windows\system32\Winlogon.exe [285696]
[MD5.58C94EAE54BF0C5E2B80B2E5E7744D4C] - (.Microsoft Corporation Bibliothèque de licences.) (.14/07/2009 - 02:16:15.) -C:\Windows\system32\sppcomapi.dll [193024]
[MD5.D8714A5FB3141F8226D16861F20C5AC4] - (....) (.11/07/2011 - 12:08:45.)
-- C:\Windows\system32\fr-FR\user32.dll.mui [19968]
[MD5.0DB7A48388D54D154EBEC120461A0FCD] - (.Microsoft Corporation Ancillary Function Driver for WinSock.) (.12/07/2011 - 03:35:40.) -C:\Windows\system32\drivers\AFD.sys [338944]

[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation IDE Miniport Driver.) (.14/07/2009 - 02:26:15.) -C:\Windows\system32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation File System Driver.) (.14/07/2009 - 00:11:15.) -C:\Windows\system32\drivers\Cdfs.sys [70656]
[MD5.BA6E70AA0E6091BC39DE29477D866A77] - (.Microsoft Corporation CD-ROM Driver.) (.14/07/2009 - 00:11:26.) -C:\Windows\system32\drivers\Cdrom.sys [108544]
[MD5.83D1ECEA8FAAE75604C0FA49AC7AD996] - (.Microsoft Corporation Namespace Client Driver.) (.12/07/2011 - 03:33:46.) -C:\Windows\system32\drivers\DfsC.sys [78336]
[MD5.717A2207FD6F13AD3E664C7D5A43C7BF] - (.Microsoft Corporation Definition Audio Bus Driver.) (.14/07/2009 - 00:50:56.) -C:\Windows\system32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation de port i8042.) (.14/07/2009 - 00:11:24.) -C:\Windows\system32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation Network Address Translator.) (.14/07/2009 - 00:54:29.) -C:\Windows\system32\drivers\IpNat.sys [101888]
[MD5.CA7570E42522E24324A12161DB14EC02] - (.Microsoft Corporation Windows NT SMB Minirdr.) (.12/07/2011 - 03:43:41.) -C:\Windows\system32\drivers\MRxSmb.sys [123392]
[MD5.DD52A733BF4CA5AF84562A5E2F963B91] - (.Microsoft Corporation Transport driver.) (.14/07/2009 - 00:12:21.) -C:\Windows\system32\drivers\netBT.sys [187904]
[MD5.187002CE05693C306F43C873F821381F] - (.Microsoft Corporation du système de fichiers NT.) (.13/07/2011 - 06:44:01.) -C:\Windows\system32\drivers\ntfs.sys [1210240]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation de port parallèle.) (.14/07/2009 - 00:45:35.) -C:\Windows\system32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation L2TP mini-port/call-manager driver.) (.14/07/2009 - 00:54:34.) -C:\Windows\system32\drivers\Rasl2tp.sys [78848]
[MD5.C5FF95883FFEF704D50C40D21CFB3AB5] - (.Microsoft Corporation Microsoft RDP Device redirector.) (.14/07/2009 - 01:02:58.) -C:\Windows\system32\drivers\rdpdr.sys [133120]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation Transport driver.) (.14/07/2009 - 00:53:41.) -C:\Windows\system32\drivers\smb.sys [71168]
[MD5.CB39E896A2A83702D1737BFD402B3542] - (.Microsoft Corporation Translation Driver.) (.14/07/2009 - 00:12:11.) -C:\Windows\system32\drivers\tdx.sys [74240]
[MD5.58DF9D2481A56EDDE167E51B334D44FD] - (.Microsoft Corporation de cliché instantané du volume.) (.14/07/2009 - 02:19:10.) -C:\Windows\system32\drivers\volsnap.sys [245328]
~ Scan Generic Processes in 00mn 00s

---\\
~ Mes
~ Mes
~ Mes
~ Mes
~ Mon

Etat des fichiers cachés (Caché/Total)
images (My Pictures) : 1/2
musiques (My Musics) : 32/43
Favoris (My Favorites) : 3/48
Documents (My Documents) : 9/899
Bureau (My Desktop) : 4/74

ATAPI
CD-ROM
SCSI
DFS
High
Pilote
IP

MBT
Pilote
Pilote
RAS

SMB
TDI
Pilote

~ Menu demarrer (Programs) : 7/26
~ Scan Hidden Files in 00mn 03s

---\\ Processus lancés
[MD5.5AF1E9600E3FF841E522703A4993ED0C] - (.Intel Corporation - Event
Monitor User Notification Tool.) -- C:\Program Files\Intel\Intel Matrix
Storage Manager\IAAnotif.exe
[186904] [PID.2860]
[MD5.9E63CE05416587923091B61AF2F012D6] - (.Realtek Semiconductor Gestionnaire audio HD Realtek.) -- C:\Program
Files\Realtek\Audio\HDA\RtHDVCpl.exe
[7703072] [PID.2896]
[MD5.48D6FA401BC3C254E07ACEEBE944CA0C] - (.Alps Electric Co., Ltd. - Alps
Pointing-device Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
[217088] [PID.2904]
[MD5.FBFA45B2D8ABB107C79E0CA0F8ED0A6D] - (.Pas de propriétaire DefaultSettingEXE MFC Application.) -- C:\Windows\PLFSetI.exe
[200704]
[PID.2924]
[MD5.1029B84ECBE4B95ACB8491A3FE63D70F] - (.Intel Corporation - igfxTray
Module.) -- C:\Windows\System32\igfxtray.exe
[136216] [PID.2932]
[MD5.3CD5BBDA19A1AB4EBA359E0A14FDF0F0] - (.Intel Corporation - hkcmd
Module.) -- C:\Windows\System32\hkcmd.exe
[171032] [PID.2948]
[MD5.3142195521FEE436088EE8A5748DE1B1] - (.Intel Corporation persistence Module.) -- C:\Windows\System32\igfxpers.exe
[170520]
[PID.3020]
[MD5.36DA4C554A42BC0269C46D06D794F0B2] - (.Dritek System Inc. - Launch
Manager Keyboard Application.) -- C:\Program Files\Launch
Manager\LManager.exe
[1130504] [PID.3424]
[MD5.0EC6BA4F3375882AF9D1AB6CD8A9F81F] - (.Acer Inc. - Acer ePower
Management - DMC.) -- C:\Program Files\Acer\Empowering
Technology\ePower\ePower_DMC.exe
[421888] [PID.3456]
[MD5.3103FE27C967675B019E880AA6DA3D6D] - (.Adobe Systems Incorporated Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
[935288] [PID.3472]
[MD5.53D96678FB89F056D5285101481297D9] - (.Apple Inc. - iTunesHelper.) -[421160] [PID.3488]
C:\Program Files\iTunes\iTunesHelper.exe
[MD5.6E3245DF783E58375B3465F03274743E] - (.Sun Microsystems, Inc. Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java
Update\jusched.exe
[254696] [PID.3512]
[MD5.C7144387E236687F8FB3F26FC845A822] - (.Pas de propriétaire - Pando
Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
[3077528] [PID.3580]
[MD5.EB0AD0BBAB987A31AE6478D576403445] - (.Alps Electric Co., Ltd. ApMsgFwd.) -- C:\Program Files\Apoint2K\ApMsgFwd.exe
[54568] [PID.3612]
[MD5.131E6FE09470F057000B0CC01C14D8B7] - (.Acer Incorporated - Acer VCM.)
-- C:\Program Files\Acer\Acer VCM\AcerVCM.exe
[708608] [PID.3636]
[MD5.09EAABEC4C378C788E3137F0D31D0CFC] - (.Alps Electric Co., Ltd. - Alps
Pointing-device Driver for Windows NT/.) -- C:\Program
Files\Apoint2K\Apntex.exe
[49152] [PID.3708]
[MD5.EA7F750C761E49B544335D9AE39802CD] - (.Alps Electric Co., Ltd. - Alps
Pointing-device Driver.) -- C:\Program Files\Apoint2K\HidFind.exe
[49250] [PID.3716]
[MD5.21DAB47B1CCF97FC64B74729F736E1F0] - (.MediaGet LLC - MediaGet
torrent client.) -C:\Users\Valentin\AppData\Local\MediaGet2\mediaget.exe
[8355840]
[PID.2728]
[MD5.B0DA80FF42A0819D162A86612896AAF2] - (.Microsoft Corporation Windows Update.) -- C:\Windows\system32\wuauclt.exe
[47104] [PID.1756]

[MD5.7D04F8CF659D852BC8D7275BD92DC000] - (.Sun Microsystems, Inc. Java(TM) Update Checker.) -- C:\Program Files\Common Files\Java\Java
Update\jucheck.exe
[507624] [PID.5188]
[MD5.A44D79E70E5E0A95CC5AC2EFE088EC8C] - (.Nicolas Coolman - Diagnostic
Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe
[2209792] [PID.2092]
~ Scan Processes Running in 00mn 01s

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions
(P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (...) -C:\Windows\System32\Macromed\Flash\NPSWF32.dll
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program
Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.)
-- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next
Generation Java Plug-in 1.6.0_27 for Mozilla browsers.) -- C:\Program
Files\Java\jre6\bin\new_plugin\npjp2.dll
P2 - FPN: [HKLM] [@mcafee.com/SAFFPlugin] - (.McAfee, Inc. SiteAdvisor.) -- C:\Program Files\McAfee\SiteAdvisor\NPMcFFPlg32.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft
Corporation - 4.0.60831.0.) -- C:\Program Files\Microsoft
Silverlight\4.0.60831.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo
Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@pandonetworks.com/PandoWebPlugin] - (.Pando Networks Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media
Booster\npPandoWebPlugin.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google
Inc. - Google Update.) -- C:\Program
Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google
Inc. - Google Update.) -- C:\Program
Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
P2 - FPN: [HKCU] [pandonetworks.com/PandoWebPlugin] - (.Pando Networks Pando Web Plugin.) -- C:\Program Files\Pando Networks\Media
Booster\npPandoWebPlugin.dll
~ Scan Firefox Browser in 00mn 00s

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing
(R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://homepage.acer.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://homepage.acer.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page =
about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page =
about:securityrisk

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f29732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -C:\Program Files\Vuze_Remote\prxtbVuze.dll
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.)
(9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -C:\Windows\System32\ieframe.dll
R3 - URLSearchHook: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C8E5A-516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) (3,4,0,135) -c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f29732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) (6.3.2.0) -C:\Program Files\Vuze_Remote\prxtbVuze.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 =
1
~ Scan IE Browser in 00mn 00s

---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn 00s

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to
Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini:
VMApplet=C:\Windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn 00s

---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn 00s

---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} .
(.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B}
. (.Babylon BHO - Pas de description.) -- C:\Program
Files\BabylonToolbar\BabylonToolbar\1.4.35.10\bh\BabylonToolbar.dll
O2 - BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} .
(.Conduit Ltd. - Conduit Toolbar.) -- C:\Program
Files\ConduitEngine\prxConduitEngine.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé
orpheline
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login
Helper.) -- C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7}
. (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google
Toolbar\GoogleToolbar_32.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF}
. (.McAfee, Inc. - SiteAdvisor.) -c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} .
(.Conduit Ltd. - Conduit Toolbar.) -- C:\Program
Files\Vuze_Remote\prxtbVuze.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC749C25C1C588A9} . (.Sun Microsystems, Inc. - Java(TM) Platform SE binary.)
-- C:\Program Files\Java\jre6\bin\jp2ssv.dll
~ Scan BHO in 00mn 00s

---\\ Internet Explorer Toolbars (O3)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A516ABECAE064} . (.McAfee, Inc. - SiteAdvisor.) -c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f29732e92d17cc} . (.Conduit Ltd. - Conduit Toolbar.) -- C:\Program
Files\Vuze_Remote\prxtbVuze.dll
O3 - Toolbar: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} .
(.Conduit Ltd. - Conduit Toolbar.) -- C:\Program
Files\ConduitEngine\prxConduitEngine.dll
O3 - Toolbar: Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} .
(.Babylon Ltd. - Pas de description.) -- C:\Program
Files\BabylonToolbar\BabylonToolbar\1.4.35.10\BabylonToolbarTlbr.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} .
(.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google
Toolbar\GoogleToolbar_32.dll
~ Scan Toolbar in 00mn 00s

---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] . (.Adobe Systems
Incorporated - Adobe Acrobat SpeedLauncher.) -- C:\Program
Files\Adobe\Reader 9.0\Reader\reader_sl.exe
O4 - HKLM\..\Run: [IAAnotif] . (.Intel Corporation - Event Monitor User
Notification Tool.) -- C:\Program Files\Intel\Intel Matrix Storage
Manager\IAAnotif.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] . (.Symantec Corporation Norton Online Backup Service.) -- C:\Program Files\Symantec\Norton Online
Backup\Activation\NobuActivation.exe

O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Gestionnaire
audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [Apoint] . (.Alps Electric Co., Ltd. - Alps Pointingdevice Driver.) -- C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [PLFSetI] . (.Pas de propriétaire - DefaultSettingEXE
MFC Application.) -- C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence
Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Launch Manager
Keyboard Application.) -- C:\Program Files\Launch Manager\LManager.exe
O4 - HKLM\..\Run: [ePower_DMC] . (.Acer Inc. - Acer ePower Management DMC.) -- C:\Program Files\Acer\Empowering
Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe
Reader and Acrobat Manager.) -- C:\Program Files\Common
Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKLM\..\Run: [QuickTime Task] . (.Apple Inc. - QuickTime Task.) -C:\Program Files\QuickTime\QTTask.exe
O4 - HKLM\..\Run: [iTunesHelper] . (.Apple Inc. - iTunesHelper.) -C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] . (.Sun Microsystems, Inc. Java(TM) Update Scheduler.) -- C:\Program Files\Common Files\Java\Java
Update\jusched.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] . (.Malwarebytes
Corporation - Malwarebytes' Anti-Malware.) -- C:\Program
Files\Malwarebytes' Anti-Malware\mbam.exe
O4 - HKCU\..\Run: [Pando Media Booster] . (.Pas de propriétaire - Pando
Media Booster.) -- C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [MediaGet2] . (.MediaGet LLC - MediaGet torrent
client.) -- C:\Users\Valentin\AppData\Local\MediaGet2\mediaget.exe
O4 - HKCU\..\Run: [swg] . (.Google Inc. - GoogleToolbarNotifier.) -C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets
du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets
du Bureau Windows.) -- C:\Program Files\Windows Sidebar\Sidebar.exe
O4 - HKUS\S-1-5-21-2609178103-997041425-1713037095-1001\..\Run: [Pando
Media Booster] . (.Pas de propriétaire - Pando Media Booster.) -C:\Program Files\Pando Networks\Media Booster\PMB.exe
O4 - HKUS\S-1-5-21-2609178103-997041425-1713037095-1001\..\Run:
[MediaGet2] . (.MediaGet LLC - MediaGet torrent client.) -C:\Users\Valentin\AppData\Local\MediaGet2\mediaget.exe
O4 - HKUS\S-1-5-21-2609178103-997041425-1713037095-1001\..\Run: [swg] .
(.Google Inc. - GoogleToolbarNotifier.) -- C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn 00s

---\\ Autres liens utilisateurs (O4)

O4 - Global Startup:
C:\Users\Valentin\AppData\Roaming\Microsoft\Windows\Start
Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valentin\Desktop\ClearProg.lnk . (...) -C:\Program Files\ClearProg\ClearProg.exe
O4 - Global Startup: C:\Users\Valentin\Desktop\Winamax Poker.lnk . (...)
-- C:\Program Files\Winamax Poker\Winamax Poker.exe
O4 - Global Startup: C:\Users\Valentin\AppData\Roaming\Microsoft\Internet
Explorer\Quick Launch\ClearProg.lnk . (...) -- C:\Program
Files\ClearProg\ClearProg.exe
O4 - Global Startup: C:\Users\Valentin\AppData\Roaming\Microsoft\Internet
Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft
Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\Valentin\AppData\Roaming\Microsoft\Internet
Explorer\Quick Launch\Vuze.lnk . (.Vuze Inc..) -- C:\Program
Files\Vuze\Azureus.exe
~ Scan Global Startup in 00mn 00s

---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer
(O8)
O8 - Extra context menu item: E&xport to Microsoft Excel . (.Microsoft
Corporation - Microsoft Office Excel.) -- C:\Program
Files\MICROS~3\Office12\EXCEL.exe
~ Scan IE Menu Contextuel in 00mn 00s

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer
(O9)
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C34168CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live
Writer Blog This Extension.) -- C:\Program Files\Windows
Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B2518CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft
Office\Office12\REFBARH.ICO
~ Scan IE Extra Buttons in 00mn 00s

---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - Broken Internet access because of LSP provider (.not file.) -mswsock.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation Fournisseur Shim d’affectation de noms de messagerie.) -C:\Windows\system32\napinsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corp. Microsoft® Windows Live ID Namespace Provider.) -- C:\Program
Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corp. Microsoft® Windows Live ID Namespace Provider.) -- C:\Program
Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
O10 - WLSP:\000000000009\Winsock LSP File . (.Apple Inc. - Bonjour
Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
~ Scan Winsock in 00mn 00s

---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{84C1C06B-8A29-4D42-872869ABA16709D6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{84C1C06B-8A29-4D42-872869ABA16709D6}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{84C1C06B-8A29-4D42-872869ABA16709D6}: DhcpNameServer = 192.168.1.1
~ Scan Domain in 00mn 00s

---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft
Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} .
(.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) -C:\Windows\System32\msvidctl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft
Corporation - Microsoft® InfoTech Storage System Library.) -C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} .
(.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} .
(.Microsoft Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll

O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} .
(.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -C:\Windows\system32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft
Corporation - Extensions OLE32 pour Win32.) -C:\Windows\system32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} .
(.Microsoft Corporation - Microsoft® Help Data Services Module.) -C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} .
(.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -C:\Windows\System32\itss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} .
(.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL
O18 - Handler: mso-offdap11 - {32505114-5902-49B2-880A-1F7738E5A384} .
(.Microsoft Corporation - Microsoft Office Web Components 2003.) -C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft
Corporation - Visionneuse HTML Microsoft (R).) -C:\Windows\System32\mshtml.dll
O18 - Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} .
(.McAfee, Inc. - SiteAdvisor.) -- c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O18 - Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} .
(.Skype Technologies - Skype for COM API.) -- C:\Program Files\Acer\Acer
VCM\Skype4COM.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft
Corporation - Contrôle ActiveX pour le flux vidéo.) -C:\Windows\System32\msvidctl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} .
(.Microsoft Corporation - Visionneuse HTML Microsoft (R).) -C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} .
(.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows
Live\Mail\mailcomm.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-871000C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime
Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-871000C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime
Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-871000C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime
Execution Engine.) -- C:\Windows\system32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} .
(.Microsoft Corporation - Microsoft Office XML MIME Filter.) -C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
~ Scan Protocole Additionnel in 00mn 00s

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify
(autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) - C:\Windows\system32\igfxdev.dll

~ Scan Winlogon in 00mn 00s

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL)
(O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or
File not found.
~ Scan SSODL in 00mn 00s

---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Apple Mobile Device (Apple Mobile Device) . (.Apple Inc. MobileDeviceService.) - C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) . (.Apple Inc. - Bonjour
Service.) - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Empowering Technology Service (ETService) . (.Pas de
propriétaire - Acer Empowering Technology Framework Servic.) - C:\Program
Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: GRegService (Greg_Service) . (.Acer Incorporated - Global
Registration Service.) - C:\Program Files\Acer\Registration\GregHSRW.exe
O23 - Service: Service Google Update (gupdate) (gupdate) . (.Google Inc.
- Programme d'installation de Google.) - C:\Program
Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) . (.Intel
Corporation - RAID Monitor.) - C:\Program Files\Intel\Intel Matrix
Storage Manager\IAANTmon.exe
O23 - Service: IviRegMgr (IviRegMgr) . (.InterVideo - RegMgr Module.) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: McAfee SiteAdvisor Service (McAfee SiteAdvisor Service) .
(.McAfee, Inc. - SiteAdvisor.) - C:\Program
Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Personal Firewall Service (McMPFSvc) . (...) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe (.not file.)
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) .
(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT Service.)
- C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: O2FLASH (O2FLASH) . (.O2Micro International - O2 Flash
Memory Service.) - C:\Windows\system32\DRIVERS\o2flash.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) . (.Protexis Inc. PsiService PsiService.) - C:\Program Files\Common Files\Protexis\License
Service\PsiService_2.exe
O23 - Service: Raw Socket Service (RS_Service) . (.Acer Incorporated Raw Socket Service.) - C:\Program Files\Acer\Acer VCM\RS_Service.exe
O23 - Service: Updater Service (Updater Service) . (.Acer - Acer Update
Service.) - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
~ Scan Services in 00mn 00s

---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn 00s

---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn 00s

---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT]
[GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program
Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA]
(.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.34EBD4FF6A24D86BB4716D6AFCC1A89B] [APT] [AppleSoftwareUpdate]
(.Apple Inc..) -- C:\Program Files\Apple Software
Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 00mn 03s

---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} .
(.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer
par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-895300A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun
Microsystems, Inc. - Java(TM) Platform SE binary.) -- C:\Program
Files\Java\jre6\bin\regutils.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d094ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player
Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B15300C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -C:\Windows\system32\wmp.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B8500AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation
d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} .
(.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} .
(.Adobe Systems, Inc. - Adobe Flash Player 11.0 r1.) -C:\Windows\System32\Macromed\Flash\Flash11c.ocx
~ Scan Active Setup in 00mn 00s

---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\Windows\system32\drivers\afd.sys (AFD) . (.Microsoft
Corporation - Ancillary Function Driver for WinSock.) C:\Windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) C:\Windows\system32\DRIVERS\blbdrive.sys

O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) C:\Windows\system32\DRIVERS\cdrom.sys
O41 - Driver: C:\Windows\system32\cscsvc.dll (CSC) . (.Microsoft
Corporation - Windows Client Side Caching Driver.) C:\Windows\system32\drivers\csc.sys
O41 - Driver: C:\Windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft
Corporation - DFS Namespace Client Driver.) C:\Windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\Windows\system32\drivers\discache.sys (discache) .
(.Microsoft Corporation - System Indexer/Cache Driver.) C:\Windows\system32\drivers\discache.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management
BIOS Driver.) - C:\Windows\system32\DRIVERS\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface
driver.) - C:\Windows\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.)
- C:\Windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\Windows\system32\drivers\nsiproxy.sys (nsiproxy) .
(.Microsoft Corporation - NSI Proxy.) C:\Windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\Windows\system32\drivers\pacer.sys (Psched) .
(.Microsoft Corporation - Planificateur de paquets QoS.) C:\Windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\Windows\system32\wkssvc.dll (rdbss) . (.Microsoft
Corporation - Pilote du sous-système de mise en mémoire t.) C:\Windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\Windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) .
(.Microsoft Corporation - RDP Miniport.) C:\Windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\Windows\system32\drivers\RDPENCDD.sys (RDPENCDD) .
(.Microsoft Corporation - RDP Encoder Miniport.) C:\Windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\Windows\system32\drivers\RdpRefMp.sys (RDPREFMP) .
(.Microsoft Corporation - RDP Reflector Driver Miniport.) C:\Windows\system32\drivers\rdprefmp.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (Tcpip) . (.Microsoft
Corporation - Pilote TCP/IP.) - C:\Windows\system32\drivers\tcpip.sys
O41 - Driver: C:\Windows\system32\tcpipcfg.dll (tdx) . (.Microsoft
Corporation - TDI Translation Driver.) C:\Windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server
Driver.) - C:\Windows\system32\DRIVERS\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video
Driver.) - C:\Windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter
Driver.) - C:\Windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\Windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft
Corporation - MS Remote Access and Routing ARP Driver.) C:\Windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20
Lightweight Filter Driver.) - C:\Windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 00mn 00s

---\\ Logiciels installés (O42)

O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0015-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0016-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0018-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0019-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001A-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001B-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001F-0409-00000000000FF1CE}_PROHYBRIDR_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001F-040C-00000000000FF1CE}_PROHYBRIDR_{F580DDD5-8D37-4998-968E-EBB76BB86787}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-00000000000FF1CE}_PROHYBRIDR_{187308AB-5FA7-4F14-9AB9-D290383A10D9}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-006E-0409-00000000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0115-0409-00000000000FF1CE}_PROHYBRIDR_{DE5A002D-8122-4278-A7EE-3121E7EA254E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0117-0409-00000000000FF1CE}_PROHYBRIDR_{2FC4457D-409E-466F-861F-FB0CB796B53E}
O42 - Logiciel: 2007 Microsoft Office Suite Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
O42 - Logiciel: 2007 Microsoft Office system - (.Microsoft Corporation.)
[HKLM] -- PROHYBRIDR
O42 - Logiciel: ALPS Touch Pad Driver - (.Alps Electric.) [HKLM] -{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}
O42 - Logiciel: Acer Crystal Eye Webcam - (.Suyin Optronics Corp.) [HKLM]
-- {7760D94E-B1B5-40A0-9AA0-ABF942108755}
O42 - Logiciel: Acer Empowering Technology - (.Acer Incorporated.) [HKLM]
-- {8F1B6239-FEA0-450A-A950-B05276CE177C}
O42 - Logiciel: Acer GridVista - (.Acer Inc..) [HKLM] -- GridVista
O42 - Logiciel: Acer Registration - (.Acer Incorporated.) [HKLM] -- Acer
Registration
O42 - Logiciel: Acer ScreenSaver - (.Acer Incorporated.) [HKLM] -- Acer
Screensaver
O42 - Logiciel: Acer Updater - (.Acer Incorporated.) [HKLM] -- {EE171732BEB4-4576-887D-CB62727F01CA}
O42 - Logiciel: Acer VCM - (.Acer Incorporated.) [HKLM] -- {047F790A7A2A-4B6A-AD02-38092BA63DAC}
O42 - Logiciel: Acer ePower Management - (.Acer Incorporated.) [HKLM] -{58E5844B-7CE2-413D-83D1-99294BF6C74F}

O42 - Logiciel: Acer eRecovery Management - (.Acer Incorporated.) [HKLM]
-- {7F811A54-5A09-4579-90E1-C93498E230D9}
O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM] -{287ECFA4-719A-2143-A09B-D6A12DE54E40}
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -Adobe AIR
O42 - Logiciel: Adobe AIR - (.Adobe Systems Incorporated.) [HKLM] -{ACEB2BAF-96DF-48FD-ADD5-43842D4C443D}
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems
Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Flash Player Plugin - (.Adobe Systems
Incorporated.) [HKLM] -- Adobe Flash Player Plugin
O42 - Logiciel: Adobe Reader 9.2 MUI - (.Adobe Systems Incorporated.)
[HKLM] -- {AC76BA86-7AD7-FFFF-7B44-A91000000001}
O42 - Logiciel: Age of Empires Online - (.Microsoft Studios.) [HKLM] -GFWL_{4D530FA3-9B89-4186-98B7-F51000008100}
O42 - Logiciel: Age of Empires Online - (.Microsoft Studios.) [HKLM] -{4D530FA3-9B89-4186-98B7-F51000008100}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -{B3575D00-27EF-49C2-B9E0-14B3D954E992}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -{C23CD6DA-1958-43A5-ADD0-59396572E02E}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -{C6579A65-9CAE-4B31-8B6B-3306E0630A66}
O42 - Logiciel: Babylon toolbar on IE - (.Pas de propriétaire.) [HKLM] -BabylonToolbar
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {C2E4B5BD-32DB-4817A060-341AB17C3F90}
O42 - Logiciel: Broadcom Gigabit Integrated Controller - (.Broadcom
Corporation.) [HKLM] -- {49F3D04B-B849-4C89-AB31-2366A004EA28}
O42 - Logiciel: ClearProg 1.4.2 Beta 12 - (.Sven Hoffman.) [HKLM] -ClearProg
O42 - Logiciel: Conduit Engine - (.Conduit Ltd..) [HKLM] -- conduitEngine
O42 - Logiciel: FFWorld Triple Triad - (.Pas de propriétaire.) [HKLM] -FFWorld Triple Triad
O42 - Logiciel: Fichiers de prise en charge de l'installation de
Microsoft SQL Server (Français) - (.Microsoft Corporation.) [HKLM] -{3380F354-C5F7-4E71-8F51-EEE6C3F06C62}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft
Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}
O42 - Logiciel: Gestionnaire de contacts professionnels pour Outlook 2007
SP2 - (.Microsoft Corporation.) [HKLM] -- Business Contact Manager
O42 - Logiciel: Gestionnaire de contacts professionnels pour Outlook 2007
SP2 - (.Microsoft Corporation.) [HKLM] -- {69ca8988-1c6c-4285-b8afdb780a6e42af}
O42 - Logiciel: Google Earth Plug-in - (.Google.) [HKLM] -- {2934DCB0F8EE-11E0-A4A5-B8AC6F97B88E}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)
[HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}
O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..)
[HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Conexant
Systems.) [HKLM] -- CNXT_MODEM_HDA_HSF
O42 - Logiciel: Identity Card - (.Acer Incorporated.) [HKLM] -- Identity
Card

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.)
[HKLM] -- WinLiveSuite_Wave3
O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.)
[HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}
O42 - Logiciel: Intel(R) Graphics Media Accelerator Driver - (.Intel
Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.)
[HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
O42 - Logiciel: InterVideo WinDVD 8 - (.InterVideo Inc..) [HKLM] -{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}
O42 - Logiciel: Java(TM) 6 Update 27 - (.Oracle.) [HKLM] -- {26A24AE4039D-4CA4-87B4-2F83216027FF}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.)
[HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}
O42 - Logiciel: Launch Manager - (.Acer Inc..) [HKLM] -- LManager
O42 - Logiciel: League of Legends - (.Riot Games.) [HKLM] -- {918A90826287-4D25-9002-5E5D5E4971CB}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC58E10-9A5E3257BD94}
O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.)
[HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.)
[HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.2.1300 (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft
Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft
Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft Games for Windows - LIVE Redistributable (.Microsoft Corporation.) [HKLM] -- {F2508213-9989-4E85-A07872BE483917EF}
O42 - Logiciel: Microsoft Games for Windows Marketplace - (.Microsoft
Corporation.) [HKLM] -- {4CB0307C-565E-4441-86BE-0DF2E4FB828C}
O42 - Logiciel: Microsoft Office 2003 Web Components - (.Microsoft
Corporation.) [HKLM] -- {90A4040C-6000-11D3-8CFE-0150048383C9}
O42 - Logiciel: Microsoft Office 2007 Primary Interop Assemblies (.Microsoft Corporation.) [HKLM] -- {50120000-1105-0000-00000000000FF1CE}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0019-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}

O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_OMUI.frfr_{B165D3C2-40AE-4D39-86F7-E5C87C4264C0}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office 2007 Service Pack 2 (SP2) (.Microsoft.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}_OMUI.frfr_{AE187E0D-EBA5-4EE1-A397-BF1A577CB24C}
O42 - Logiciel: Microsoft Office Access MUI (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0015-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0015-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Access Setup Metadata MUI (English) 2007
- (.Microsoft Corporation.) [HKLM] -- {90120000-0117-0409-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0016-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Groove MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-00BA-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office InfoPath MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0044-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Language Pack 2007 - French/Français (.Microsoft Corporation.) [HKLM] -- OMUI.fr-fr
O42 - Logiciel: Microsoft Office O MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0100-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001A-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Outlook MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001A-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (English) 2007 (.Microsoft Corporation.) [HKLM] -- {90120000-0018-0409-00000000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Professional Hybrid 2007 - (.Microsoft
Corporation.) [HKLM] -- {91120000-0031-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-002C-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
- (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_OMUI.frfr_{14809F99-C601-4D4A-9391-F1E8FAA964C5}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
- (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_OMUI.frfr_{A0516415-ED61-419A-981D-93596DA74165}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
- (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_OMUI.frfr_{D66D5A44-E480-4BA4-B4F2-C554F6B30EBB}
O42 - Logiciel: Microsoft Office Publisher MUI (English) 2007 (.Microsoft Corporation.) [HKLM] -- {90120000-0019-0409-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Publisher MUI (French) 2007 (.Microsoft Corporation.) [HKLM] -- {90120000-0019-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office SharePoint Designer 2007 Service Pack 2
(SP2) - (.Microsoft.) [HKLM] -- {90120000-0017-040C-00000000000FF1CE}_OMUI.fr-fr_{CCDA3DD6-E33D-4D75-B7C9-FF585580CE83}
O42 - Logiciel: Microsoft Office SharePoint Designer MUI (French) 2007 (.Microsoft Corporation.) [HKLM] -- {90120000-0017-040C-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-006E-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Shared Setup Metadata MUI (English) 2007
- (.Microsoft Corporation.) [HKLM] -- {90120000-0115-0409-00000000000FF1CE}
O42 - Logiciel: Microsoft Office Small Business Connectivity Components (.Microsoft Corporation.) [HKLM] -- {A939D341-5A04-4E0A-BB553E65B386432D}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft
Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (English) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001B-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office X MUI (French) 2007 - (.Microsoft
Corporation.) [HKLM] -- {90120000-0101-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 - (.Microsoft Corporation.)
[HKLM] -- Microsoft SQL Server 2005
O42 - Logiciel: Microsoft SQL Server 2005 Express Edition (MSSMLBIZ) (.Microsoft Corporation.) [HKLM] -- {480DBB60-F0B6-45F2-B26F1A2E11197791}
O42 - Logiciel: Microsoft SQL Server Native Client - (.Microsoft
Corporation.) [HKLM] -- {1E2DA2E2-ABCD-461E-AD01-3D85D61DE5F6}

O42 - Logiciel: Microsoft SQL Server VSS Writer - (.Microsoft
Corporation.) [HKLM] -- {E91E7BCC-C5CD-465A-BB29-AD1EA07F283D}
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]
-- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft
Corporation.) [HKLM] -- {710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft
Corporation.) [HKLM] -- {837b34e3-7c30-493c-8f6a-2b0f04e2912c}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86
9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9BD6F-21E6EC160475}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86
9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06BCB8-725134ADF989}
O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86
9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A988E4-87755C07200F}
O42 - Logiciel: NTI Backup Now 5 - (.NewTech Infosystems.) [HKLM] -InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}
O42 - Logiciel: NTI Media Maker 8 - (.NewTech Infosystems.) [HKLM] -InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}
O42 - Logiciel: NTI Shadow - (.NewTech Infosystems.) [HKLM] -InstallShield_{6F7EA6CA-79F4-44A0-A370-8E82BB16534A}
O42 - Logiciel: NTI Shadow - (.NewTech Infosystems.) [HKLM] -- {6F7EA6CA79F4-44A0-A370-8E82BB16534A}
O42 - Logiciel: Norton Online Backup - (.Symantec.) [HKLM] -- {C57BCDE17CB9-467D-B3BA-7E119916CDC1}
O42 - Logiciel: O2Micro Flash Memory Card Reader Driver - (.O2Micro.)
[HKLM] -- {C631FB9D-81D2-4E4E-A688-901AC748322D}
O42 - Logiciel: Pando Media Booster - (.Pando Networks Inc..) [HKLM] -{980A182F-E0A2-4A40-94C1-AE0C1235902E}
O42 - Logiciel: Quake Live Internet Explorer Plugin - (.id Software.)
[HKLM] -- {FA4BF139-4D09-462E-B4AF-E89C640224C0}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {57752979-A1C9-4C02856B-FBB27AC4E02C}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek
Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: SanctionedMedia - (.SanctionedMedia.) [HKCU] -- Smad
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2288621) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{5C497F0B-2061-4CC9-A61C-6B45B867354D}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2288931) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{CD769337-C8AC-46DB-A7DC-643E50089263}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2345043) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{536FB502-775F-4494-BACE-C02CC90B7A5B}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2553074) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{5729F1AE-5895-468F-9165-BAD161C9E982}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2553089) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{01D4CA59-7070-4420-9BCC-0EFA7C5D76BE}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2553090) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{643C12A2-AF9A-4712-B8BE-3B7650AFE00A}

O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB2584063) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{BF3F1CBD-B05C-4644-AE43-6EE0FCC227A4}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB969559) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
O42 - Logiciel: Security Update for 2007 Microsoft Office System
(KB976321) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{7F207DCA-3399-40CB-A968-6E5991B1421A}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client
Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-34553E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client
Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-34553E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client
Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-34553E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client
Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-34553E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client
Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-34553E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft Office Access 2007
(KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{1142CCEC-ACA9-484B-BA90-C3A5CA1988C5}
O42 - Logiciel: Security Update for Microsoft Office Access 2007
(KB979440) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{5A4E43D5-858F-49BD-BA72-8F30E1793060}
O42 - Logiciel: Security Update for Microsoft Office Excel 2007
(KB2553073) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{65EA4836-B5A3-4C1D-8883-0C35E471003A}
O42 - Logiciel: Security Update for Microsoft Office InfoPath 2007
(KB979441) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{8CCB781A-CF6B-4FCB-B6D8-59C64DF5C6DB}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007
(KB2535818) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{8588DD11-6BD7-4400-B55C-DD5AB74B43E1}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint Viewer
2007 (KB2464623) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{D75E6D0C-BADF-4F41-98B2-0C0F02C15062}
O42 - Logiciel: Security Update for Microsoft Office Publisher 2007
(KB2284697) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{3A4CDE54-2403-483D-8D9A-15E3264410DF}
O42 - Logiciel: Security Update for Microsoft Office Visio Viewer 2007
(KB973709) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{71127777-8B2C-4F97-AF7A-6CF8CAC8224D}
O42 - Logiciel: Security Update for Microsoft Office Word 2007
(KB2344993) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{7A5B74FA-7A92-4FC9-821A-2DD5D4E73E48}
O42 - Logiciel: Security Update for Microsoft Office system 2007 (972581)
- (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{3D019598-7B59-447A-80AE-815B703B84FF}
O42 - Logiciel: Security Update for Microsoft Office system 2007
(KB974234) - (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{FCD742B9-7A55-44BC-A776-F795F21FEDDC}

O42 - Logiciel: TeamSpeak 3 Client - (.TeamSpeak Systems GmbH.) [HKLM] -TeamSpeak 3 Client
O42 - Logiciel: Torrent client MediaGet - (.Media Get LLC.) [HKCU] -MediaGet
O42 - Logiciel: TuneUp Companion 2.2.4 - (.TuneUp Media, Inc..) [HKLM] -TuneUpMedia
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile
(KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0AA214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile
(KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0AA214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 Help for Common Features
(KB963673) - (.Microsoft.) [HKLM] -- {90120000-006E-0409-00000000000FF1CE}_PROHYBRIDR_{AB365889-0395-4FAD-B702-CA5985D53D42}
O42 - Logiciel: Update for Microsoft Office 2007 System (KB2539530) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}
O42 - Logiciel: Update for Microsoft Office Access 2007 Help (KB963663) (.Microsoft.) [HKLM] -- {90120000-0015-0409-00000000000FF1CE}_PROHYBRIDR_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
O42 - Logiciel: Update for Microsoft Office Excel 2007 Help (KB963678) (.Microsoft.) [HKLM] -- {90120000-0016-0409-00000000000FF1CE}_PROHYBRIDR_{199DF7B6-169C-448C-B511-1054101BE9C9}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 (KB2583910) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{BDC21583-5601-4B2B-88F3-7919F6DE8FB1}
O42 - Logiciel: Update for Microsoft Office Outlook 2007 Help (KB963677)
- (.Microsoft.) [HKLM] -- {90120000-001A-0409-00000000000FF1CE}_PROHYBRIDR_{0451F231-E3E3-4943-AB9F-58EB96171784}
O42 - Logiciel: Update for Microsoft Office Powerpoint 2007 Help
(KB963669) - (.Microsoft.) [HKLM] -- {90120000-0018-0409-00000000000FF1CE}_PROHYBRIDR_{397B1D4F-ED7B-4ACA-A637-43B670843876}
O42 - Logiciel: Update for Microsoft Office Publisher 2007 Help
(KB963667) - (.Microsoft.) [HKLM] -- {90120000-0019-0409-00000000000FF1CE}_PROHYBRIDR_{2E40DE55-B289-4C8B-8901-5D369B16814F}
O42 - Logiciel: Update for Microsoft Office Script Editor Help (KB963671)
- (.Microsoft.) [HKLM] -- {90120000-006E-0409-00000000000FF1CE}_PROHYBRIDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
O42 - Logiciel: Update for Microsoft Office Word 2007 Help (KB963665) (.Microsoft.) [HKLM] -- {90120000-001B-0409-00000000000FF1CE}_PROHYBRIDR_{80E762AA-C921-4839-9D7D-DB62A72C0726}
O42 - Logiciel: Update for Outlook 2007 Junk Email Filter (KB2596560) (.Microsoft.) [HKLM] -- {91120000-0031-0000-00000000000FF1CE}_PROHYBRIDR_{2964DDE1-4925-4DF1-AF2C-0A36B3442228}
O42 - Logiciel: VLC media player 1.1.11 - (.VideoLAN.) [HKLM] -- VLC
media player
O42 - Logiciel: Vuze - (.Vuze Inc..) [HKLM] -- 8461-7759-5462-8226
O42 - Logiciel: Vuze Remote Toolbar - (.Vuze Remote.) [HKLM] -Vuze_Remote Toolbar
O42 - Logiciel: Welcome Center - (.Acer Incorporated.) [HKLM] -- Acer
Welcome Center

O42 - Logiciel: WinRAR 4.01 (32-bit) - (.win.rar GmbH.) [HKLM] -- WinRAR
archiver
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -wam.04351C371E530C3762CBA45FA283ED972DCDEFB6.1
O42 - Logiciel: Winamax Poker - (.Table 14.) [HKLM] -- {376C2E1D-F3E71D16-CFA3-9E4850300568}
O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -{82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft
Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.)
[HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft
Corporation.) [HKLM] -- {61AD15B2-50DB-4686-A739-14FE180D4429}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -{5DD76286-9BE7-4894-A990-E905E91AC818}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]
-- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.)
[HKLM] -- {53B20C18-D8D4-4588-8737-9BBFE303C354}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -{4634B21A-CC07-4396-890C-2B8168661FEA}
O42 - Logiciel: eBay Worldwide - (.OEM.) [HKLM] -- {E0B19DF7-B1C7-493782C4-0E4B1E346965}
O42 - Logiciel: eSobi v2 - (.esobi Inc..) [HKLM] -InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {C897FCB3-2F8B-41858035-79E2AF3A92A4}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\932d7bf5]
[HKCU\Software\Acer]
[HKCU\Software\Adobe]
[HKCU\Software\Alps]
[HKCU\Software\AppDataLow\Google]
[HKCU\Software\AppDataLow\Software\Conduit]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software\Vuze_Remote]
[HKCU\Software\AppDataLow\Software\conduitEngine]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow\Toolbar]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Arobas Music]
[HKCU\Software\Azureus]
[HKCU\Software\BabylonToolbar]
[HKCU\Software\Bugsplat]
[HKCU\Software\ClassesB]
[HKCU\Software\Classes]
[HKCU\Software\ClearProg]
[HKCU\Software\Clients]
[HKCU\Software\Conduit]
[HKCU\Software\FFWorld]
[HKCU\Software\Freeware]
[HKCU\Software\Google]
[HKCU\Software\Intel]

[HKCU\Software\InterVideo]
[HKCU\Software\JavaSoft]
[HKCU\Software\Lake]
[HKCU\Software\Local AppWizard-Generated Applications]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Mediaget]
[HKCU\Software\MozillaPlugins]
[HKCU\Software\Netscape]
[HKCU\Software\NewTech Infosystems]
[HKCU\Software\ODBC]
[HKCU\Software\OEM]
[HKCU\Software\Pando Networks]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\SanctionedMedia]
[HKCU\Software\Sonix]
[HKCU\Software\TeamSpeak 3 Client]
[HKCU\Software\Trolltech]
[HKCU\Software\WinRAR SFX]
[HKCU\Software\WinRAR]
[HKCU\Software\Wistron]
[HKCU\Software\YahooPartnerToolbar]
[HKCU\Software\ej-technologies]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Acer Incorporated]
[HKLM\Software\Acer]
[HKLM\Software\Adobe]
[HKLM\Software\Alps]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Azureus]
[HKLM\Software\Babylon]
[HKLM\Software\BrowserChoice]
[HKLM\Software\Bunndle]
[HKLM\Software\CXT]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\Conduit]
[HKLM\Software\Conexant Systems]
[HKLM\Software\Corel]
[HKLM\Software\Digital River]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\Intel]
[HKLM\Software\InterVideo]
[HKLM\Software\JavaSoft]
[HKLM\Software\JreMetrics]
[HKLM\Software\Lake]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\McAfee]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\Mozilla]
[HKLM\Software\NewTech Infosystems]
[HKLM\Software\ODBC]
[HKLM\Software\OEM]

[HKLM\Software\OemSetup]
[HKLM\Software\Pando Networks]
[HKLM\Software\Policies]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\Riot Games]
[HKLM\Software\SRS Labs]
[HKLM\Software\SiteAdvisor]
[HKLM\Software\Sonic]
[HKLM\Software\Suyin Optronics Corp]
[HKLM\Software\VideoLAN]
[HKLM\Software\Volatile]
[HKLM\Software\Vuze_Remote]
[HKLM\Software\Waves Audio]
[HKLM\Software\WinRAR]
[HKLM\Software\Wistron]
[HKLM\Software\Wow6432Node]
[HKLM\Software\ej-technologies]
[HKLM\Software\mcafeeupdater]
[HKLM\Software\nSplitter]
~ Scan Softwares in 00mn 01s

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData
(O43)
O43 - CFD: 11/07/2011 - 02:33:40 - [86,130] ----D- C:\Program Files\Acer
O43 - CFD: 11/07/2011 - 03:26:54 - [0,235] ----D- C:\Program Files\Acer
Accessory Store
O43 - CFD: 30/10/2009 - 01:44:52 - [2,147] ----D- C:\Program Files\Acer
Inc
O43 - CFD: 11/07/2011 - 20:20:18 - [654,185] ----D- C:\Program
Files\Adobe
O43 - CFD: 11/07/2011 - 02:29:22 - [11,659] ----D- C:\Program
Files\Apoint2K
O43 - CFD: 14/07/2011 - 22:01:32 - [2,201] ----D- C:\Program Files\Apple
Software Update
O43 - CFD: 10/10/2011 - 22:09:28 - [1,737] ----D- C:\Program
Files\BabylonToolbar
O43 - CFD: 14/07/2011 - 22:00:34 - [0,592] ----D- C:\Program
Files\Bonjour
O43 - CFD: 11/07/2011 - 02:25:36 - [1,053] ----D- C:\Program
Files\Broadcom
O43 - CFD: 13/07/2011 - 01:04:50 - [0,349] ----D- C:\Program
Files\ClearProg
O43 - CFD: 27/08/2011 - 20:17:36 - [510,317] ----D- C:\Program
Files\Common Files
O43 - CFD: 29/07/2011 - 00:09:10 - [0,606] ----D- C:\Program
Files\Conduit
O43 - CFD: 29/07/2011 - 00:09:08 - [4,261] ----D- C:\Program
Files\ConduitEngine
O43 - CFD: 11/07/2011 - 02:16:42 - [1,066] ----D- C:\Program
Files\CONEXANT
O43 - CFD: 11/07/2011 - 02:34:38 - [0] ----D- C:\Program Files\COREL
O43 - CFD: 11/07/2011 - 12:09:30 - [79,371] ----D- C:\Program Files\DVD
Maker
O43 - CFD: 30/10/2009 - 01:35:06 - [20,905] ----D- C:\Program Files\eSobi

O43 - CFD: 11/07/2011 - 17:54:46 - [37,313] ----D- C:\Program
Files\FFWorld Triple Triad
O43 - CFD: 11/07/2011 - 02:20:54 - [0] -SH-D- C:\Program Files\Fichiers
communs
O43 - CFD: 30/10/2011 - 01:05:38 - [70,127] ----D- C:\Program
Files\Google
O43 - CFD: 31/08/2011 - 23:14:04 - [0] ----D- C:\Program Files\Guitar Pro
6
O43 - CFD: 21/08/2011 - 16:58:44 - [104,724] --H-D- C:\Program
Files\InstallShield Installation Information
O43 - CFD: 30/10/2009 - 03:45:42 - [10,585] ----D- C:\Program Files\Intel
O43 - CFD: 14/10/2011 - 03:10:26 - [6,005] ----D- C:\Program
Files\Internet Explorer
O43 - CFD: 11/07/2011 - 02:39:52 - [116,866] ----D- C:\Program
Files\InterVideo
O43 - CFD: 14/07/2011 - 22:03:38 - [1,771] ----D- C:\Program Files\iPod
O43 - CFD: 29/07/2011 - 00:13:06 - [123,843] ----D- C:\Program
Files\iTunes
O43 - CFD: 27/08/2011 - 20:16:08 - [84,480] ----D- C:\Program Files\Java
O43 - CFD: 11/07/2011 - 02:30:54 - [4,184] ----D- C:\Program Files\Launch
Manager
O43 - CFD: 06/12/2011 - 23:38:46 - [6,679] ----D- C:\Program
Files\Malwarebytes' Anti-Malware
O43 - CFD: 07/12/2011 - 11:07:10 - [9,726] ----D- C:\Program Files\McAfee
O43 - CFD: 19/10/2011 - 22:40:34 - [13,520] ----D- C:\Program
Files\Microsoft Games
O43 - CFD: 19/10/2011 - 22:38:48 - [8,929] ----D- C:\Program
Files\Microsoft Games for Windows - LIVE
O43 - CFD: 11/07/2011 - 02:56:06 - [717,633] ----D- C:\Program
Files\Microsoft Office
O43 - CFD: 30/10/2009 - 03:45:58 - [7,431] ----D- C:\Program
Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 14/10/2011 - 03:11:22 - [36,633] ----D- C:\Program
Files\Microsoft Silverlight
O43 - CFD: 11/07/2011 - 02:56:30 - [30,792] ----D- C:\Program
Files\Microsoft Small Business
O43 - CFD: 12/07/2011 - 22:28:36 - [220,384] ----D- C:\Program
Files\Microsoft SQL Server
O43 - CFD: 30/10/2009 - 03:47:58 - [0,014] ----D- C:\Program
Files\Microsoft Visual Studio
O43 - CFD: 11/07/2011 - 02:49:36 - [0,627] ----D- C:\Program
Files\Microsoft Visual Studio 8
O43 - CFD: 30/10/2009 - 03:50:14 - [3,554] ----D- C:\Program
Files\Microsoft Works
O43 - CFD: 14/07/2011 - 09:19:22 - [9,258] ----D- C:\Program
Files\Microsoft.NET
O43 - CFD: 14/07/2009 - 05:52:32 - [0,025] ----D- C:\Program
Files\MSBuild
O43 - CFD: 14/07/2011 - 07:21:14 - [0] ----D- C:\Program Files\MSXML 4.0
O43 - CFD: 30/10/2009 - 03:58:30 - [1236,859] ----D- C:\Program
Files\NewTech Infosystems
O43 - CFD: 30/10/2009 - 05:26:24 - [3,070] ----D- C:\Program
Files\O2Micro Flash Memory Card Driver
O43 - CFD: 11/07/2011 - 03:26:40 - [0,102] ----D- C:\Program Files\OEM
O43 - CFD: 21/08/2011 - 06:16:48 - [7,120] ----D- C:\Program Files\Pando
Networks
O43 - CFD: 14/07/2011 - 22:02:46 - [72,787] ----D- C:\Program
Files\QuickTime

O43 - CFD: 11/07/2011 - 02:23:48
Files\Realtek
O43 - CFD: 14/07/2009 - 05:52:32
Files\Reference Assemblies
O43 - CFD: 30/10/2009 - 03:58:18
Files\Symantec
O43 - CFD: 30/07/2011 - 21:00:52
Files\TeamSpeak 3 Client
O43 - CFD: 11/07/2011 - 02:25:16
O43 - CFD: 29/07/2011 - 00:13:12
Files\TuneUpMedia
O43 - CFD: 14/07/2009 - 05:53:24
Information
O43 - CFD: 31/07/2011 - 19:06:52
Files\VideoLAN
O43 - CFD: 29/07/2011 - 00:10:08
O43 - CFD: 29/07/2011 - 00:09:04
Files\Vuze_Remote
O43 - CFD: 04/11/2011 - 20:58:14
Files\Winamax Poker
O43 - CFD: 11/07/2011 - 12:09:30
Files\Windows Defender
O43 - CFD: 11/07/2011 - 12:09:30
Files\Windows Journal
O43 - CFD: 12/07/2011 - 19:44:04
Files\Windows Live
O43 - CFD: 12/07/2011 - 22:59:40
Files\Windows Mail
O43 - CFD: 12/07/2011 - 22:59:30
Files\Windows Media Player
O43 - CFD: 11/07/2011 - 02:20:54
Files\Windows NT
O43 - CFD: 11/07/2011 - 12:09:30
Files\Windows Photo Viewer
O43 - CFD: 30/10/2009 - 05:26:32
Files\Windows Portable Devices
O43 - CFD: 11/07/2011 - 12:09:30
Files\Windows Sidebar
O43 - CFD: 05/08/2011 - 05:52:02
O43 - CFD: 06/12/2011 - 23:59:56
Files\ZHPDiag
O43 - CFD: 14/07/2011 - 15:30:58
Files\Common Files\Adobe
O43 - CFD: 20/10/2011 - 21:00:54
Files\Common Files\Adobe AIR
O43 - CFD: 14/07/2011 - 22:03:36
Files\Common Files\Apple
O43 - CFD: 30/10/2009 - 03:47:58
Files\DESIGNER
O43 - CFD: 11/07/2011 - 02:23:40
Files\InstallShield
O43 - CFD: 11/07/2011 - 02:39:52
Files\InterVideo
O43 - CFD: 27/08/2011 - 20:17:36
Files\Java
O43 - CFD: 07/12/2011 - 04:34:38
Files\McAfee

- [13,848] ----D- C:\Program
- [36,809] ----D- C:\Program
- [2,100] ----D- C:\Program
- [50,221] ----D- C:\Program
- [0] --H-D- C:\Program Files\Temp
- [40,585] ----D- C:\Program
- [0] --H-D- C:\Program Files\Uninstall
- [80,790] ----D- C:\Program
- [102,485] ----D- C:\Program Files\Vuze
- [4,339] ----D- C:\Program
- [6,924] ----D- C:\Program
- [2,909] ----D- C:\Program
- [6,689] ----D- C:\Program
- [141,048] ----D- C:\Program
- [5,895] ----D- C:\Program
- [6,302] ----D- C:\Program
- [11,632] ----D- C:\Program
- [4,213] ----D- C:\Program
- [0,181] ----D- C:\Program
- [6,374] ----D- C:\Program
- [3,951] ----D- C:\Program Files\WinRAR
- [9,119] ----D- C:\Program
- [15,676] ----D- C:\Program
- [37,540] ----D- C:\Program
- [87,824] ----D- C:\Program
- [0,089] ----D- C:\Program Files\Common
- [1,943] ----D- C:\Program Files\Common
- [0,171] ----D- C:\Program Files\Common
- [1,201] ----D- C:\Program Files\Common
- [0,784] ----D- C:\Program Files\Common

O43 - CFD: 12/07/2011 - 19:35:18 - [281,556] ----D- C:\Program
Files\Common Files\microsoft shared
O43 - CFD: 11/07/2011 - 02:39:52 - [1,577] ----D- C:\Program Files\Common
Files\Protexis
O43 - CFD: 30/10/2009 - 05:20:54 - [0,003] ----D- C:\Program Files\Common
Files\Services
O43 - CFD: 14/07/2009 - 03:37:06 - [39,200] ----D- C:\Program
Files\Common Files\SpeechEngines
O43 - CFD: 10/11/2011 - 03:22:32 - [42,754] ----D- C:\Program
Files\Common Files\System
O43 - CFD: 11/07/2011 - 02:43:44 - [0] ----D- C:\Program Files\Common
Files\Windows Live
O43 - CFD: 30/10/2009 - 01:45:50 - [0,615] ----D- C:\ProgramData\Acer
O43 - CFD: 14/07/2011 - 15:32:10 - [124,551] ----D- C:\ProgramData\Adobe
O43 - CFD: 14/07/2011 - 22:01:28 - [30,161] ----D- C:\ProgramData\Apple
O43 - CFD: 14/07/2011 - 22:03:36 - [63,551] ----D- C:\ProgramData\Apple
Computer
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Application
Data
O43 - CFD: 10/10/2011 - 22:09:18 - [0] ----D- C:\ProgramData\Babylon
O43 - CFD: 11/07/2011 - 02:20:54 - [0] -SH-D- C:\ProgramData\Bureau
O43 - CFD: 11/07/2011 - 02:40:20 - [1,759] ----D- C:\ProgramData\Corel
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 30/10/2009 - 05:26:38 - [0,000] ----D- C:\ProgramData\eSobi
O43 - CFD: 11/07/2011 - 02:20:54 - [0] -SH-D- C:\ProgramData\Favoris
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 30/10/2009 - 01:45:38 - [0,514] ----D- C:\ProgramData\Google
O43 - CFD: 23/08/2011 - 15:40:28 - [0] ----D- C:\ProgramData\Guitar Pro 6
O43 - CFD: 10/08/2011 - 03:15:18 - [1,252] ----D- C:\ProgramData\id
Software
O43 - CFD: 06/12/2011 - 23:38:44 - [7,152] ----DC:\ProgramData\Malwarebytes
O43 - CFD: 07/12/2011 - 11:07:10 - [0,349] ----D- C:\ProgramData\McAfee
O43 - CFD: 11/07/2011 - 02:23:28 - [0,000] ----DC:\ProgramData\McQcModifier-5c47-a7b0
O43 - CFD: 03/09/2011 - 20:51:22 - [0,001] ----D- C:\ProgramData\Media
Get LLC
O43 - CFD: 11/07/2011 - 02:20:54 - [0] -SH-D- C:\ProgramData\Menu
Démarrer
O43 - CFD: 19/10/2011 - 22:40:38 - [149,774] -S--DC:\ProgramData\Microsoft
O43 - CFD: 14/10/2011 - 02:07:28 - [0,119] ----DC:\ProgramData\Microsoft Help
O43 - CFD: 11/07/2011 - 02:20:54 - [0] -SH-D- C:\ProgramData\Modèles
O43 - CFD: 11/07/2011 - 02:21:42 - [0,004] ----D- C:\ProgramData\OEM
O43 - CFD: 01/08/2011 - 19:20:56 - [0,002] ----D- C:\ProgramData\Partner
O43 - CFD: 05/12/2011 - 23:27:36 - [0,003] ----D- C:\ProgramData\PMB
Files
O43 - CFD: 30/10/2009 - 05:26:48 - [0,000] ----DC:\ProgramData\SiteAdvisor
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 27/08/2011 - 20:17:38 - [0,000] ----D- C:\ProgramData\Sun
O43 - CFD: 30/10/2009 - 03:58:18 - [0,001] ----D- C:\ProgramData\Symantec
O43 - CFD: 14/07/2009 - 05:53:56 - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 14/11/2011 - 21:58:42 - [0,182] ----DC:\ProgramData\TuneUpMedia

O43 - CFD: 14/07/2011 - 22:05:16 - [0,517] ----DC:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 11/07/2011 - 20:20:20 - [19,072] ----DC:\Users\Valentin\AppData\Roaming\Adobe
O43 - CFD: 14/07/2011 - 22:27:40 - [677,076] ----DC:\Users\Valentin\AppData\Roaming\Apple Computer
O43 - CFD: 19/11/2011 - 01:53:46 - [50,997] ----DC:\Users\Valentin\AppData\Roaming\Azureus
O43 - CFD: 10/10/2011 - 22:09:18 - [0,003] ----DC:\Users\Valentin\AppData\Roaming\Babylon
O43 - CFD: 11/07/2011 - 17:55:10 - [84,956] ----DC:\Users\Valentin\AppData\Roaming\FFWorld Triple Triad
O43 - CFD: 11/07/2011 - 02:26:08 - [0,000] ----DC:\Users\Valentin\AppData\Roaming\Google
O43 - CFD: 31/08/2011 - 23:13:44 - [0] ----DC:\Users\Valentin\AppData\Roaming\Guitar Pro 6
O43 - CFD: 11/07/2011 - 02:21:50 - [0] ----DC:\Users\Valentin\AppData\Roaming\Identities
O43 - CFD: 11/07/2011 - 02:29:38 - [0] ----DC:\Users\Valentin\AppData\Roaming\InstallShield
O43 - CFD: 27/10/2011 - 00:45:26 - [0,000] ----DC:\Users\Valentin\AppData\Roaming\LolClient
O43 - CFD: 11/07/2011 - 02:31:06 - [3,056] ----DC:\Users\Valentin\AppData\Roaming\Macromedia
O43 - CFD: 06/12/2011 - 23:39:02 - [0,322] ----DC:\Users\Valentin\AppData\Roaming\Malwarebytes
O43 - CFD: 30/10/2009 - 02:22:02 - [0] ----DC:\Users\Valentin\AppData\Roaming\Media Center Programs
O43 - CFD: 03/09/2011 - 20:50:46 - [0,003] ----DC:\Users\Valentin\AppData\Roaming\Media Get LLC
O43 - CFD: 26/08/2011 - 19:46:36 - [8,797] -S--DC:\Users\Valentin\AppData\Roaming\Microsoft
O43 - CFD: 01/08/2011 - 21:08:00 - [1,294] ----DC:\Users\Valentin\AppData\Roaming\Mozilla
O43 - CFD: 30/07/2011 - 20:59:50 - [0,004] ----DC:\Users\Valentin\AppData\Roaming\TS3Client
O43 - CFD: 14/10/2011 - 19:10:00 - [0,043] ----DC:\Users\Valentin\AppData\Roaming\TuneUpMedia
O43 - CFD: 31/07/2011 - 19:10:32 - [0,076] ----DC:\Users\Valentin\AppData\Roaming\vlc
O43 - CFD: 11/07/2011 - 20:20:22 - [2,496] ----DC:\Users\Valentin\AppData\Roaming\wam.04351C371E530C3762CBA45FA283ED972DC
DEFB6.1
O43 - CFD: 05/08/2011 - 05:52:16 - [0,000] ----DC:\Users\Valentin\AppData\Roaming\WinRAR
O43 - CFD: 14/07/2011 - 15:29:32 - [0,430] ----DC:\Users\Valentin\AppData\Local\Adobe
O43 - CFD: 14/07/2011 - 22:01:38 - [0] ----DC:\Users\Valentin\AppData\Local\Apple
O43 - CFD: 14/07/2011 - 22:05:32 - [18,346] ----DC:\Users\Valentin\AppData\Local\Apple Computer
O43 - CFD: 11/07/2011 - 02:21:10 - [0] -SH-DC:\Users\Valentin\AppData\Local\Application Data
O43 - CFD: 10/10/2011 - 22:09:18 - [3,529] ----DC:\Users\Valentin\AppData\Local\Babylon
O43 - CFD: 29/07/2011 - 00:09:04 - [0,037] ----DC:\Users\Valentin\AppData\Local\Conduit

O43 - CFD: 07/12/2011 - 00:06:04 - [1,623] ----DC:\Users\Valentin\AppData\Local\Diagnostics
O43 - CFD: 16/08/2011 - 11:46:16 - [0] ----DC:\Users\Valentin\AppData\Local\ElevatedDiagnostics
O43 - CFD: 01/12/2011 - 19:00:36 - [0,184] ----DC:\Users\Valentin\AppData\Local\Google
O43 - CFD: 11/07/2011 - 02:21:10 - [0] -SH-DC:\Users\Valentin\AppData\Local\Historique
O43 - CFD: 03/09/2011 - 20:50:00 - [4,981] ----DC:\Users\Valentin\AppData\Local\Media Get LLC
O43 - CFD: 03/09/2011 - 20:50:42 - [21,838] ----DC:\Users\Valentin\AppData\Local\MediaGet2
O43 - CFD: 07/12/2011 - 00:12:52 - [434,865] ----DC:\Users\Valentin\AppData\Local\Microsoft
O43 - CFD: 11/07/2011 - 02:49:08 - [0] ----DC:\Users\Valentin\AppData\Local\Microsoft Help
O43 - CFD: 07/12/2011 - 11:19:42 - [0,276] ----DC:\Users\Valentin\AppData\Local\PMB Files
O43 - CFD: 06/12/2011 - 22:00:02 - [0] ----DC:\Users\Valentin\AppData\Local\SanctionedMedia
O43 - CFD: 07/12/2011 - 11:18:48 - [212,104] ----DC:\Users\Valentin\AppData\Local\Temp
O43 - CFD: 11/07/2011 - 02:21:10 - [0] -SH-DC:\Users\Valentin\AppData\Local\Temporary Internet Files
O43 - CFD: 01/08/2011 - 21:07:56 - [0,227] ----DC:\Users\Valentin\AppData\Local\VirtualStore
O43 - CFD: 12/07/2011 - 19:21:34 - [0] ----DC:\Users\Valentin\AppData\Local\Windows Live
~ Scan Program Folder in 00mn 27s

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.1647E8B1EE68B035B8628F9D88654399] - 07/12/2011 - 11:10:58
---A- . (...) -- C:\Windows\WindowsUpdate.log
[1317676]
O44 - LFC:[MD5.8E693A728A27EC102196A66540B73999] - 07/12/2011 - 11:07:13
---A- . (...) -- C:\Windows\setupact.log
[13734]
O44 - LFC:[MD5.482AEABA5E04AE57C37C5FAD07061FE1] - 07/12/2011 - 11:07:13
-S-A- . (...) -- C:\Windows\bootstat.dat
[67584]
O44 - LFC:[MD5.543FDF4A99301D1E3B31D9F623D7C773] - 07/12/2011 - 04:37:57
---A- . (...) -- C:\Windows\system32\PerfStringBackup.INI
[1693972]
O44 - LFC:[MD5.8CCDC03FE9973FE3EE417730423D2DA5] - 07/12/2011 - 04:37:57
---A- . (...) -- C:\Windows\system32\perfc009.dat
[123910]
O44 - LFC:[MD5.907140DE025F4A0A8F0641FD893553E0] - 07/12/2011 - 04:37:57
---A- . (...) -- C:\Windows\system32\perfc00C.dat
[153596]
O44 - LFC:[MD5.98BE35519E63079BDEB743A24A3123CE] - 07/12/2011 - 04:37:57
---A- . (...) -- C:\Windows\system32\perfh009.dat
[662716]
O44 - LFC:[MD5.F268594CF156D8215F0AC1DB273BB0F1] - 07/12/2011 - 04:37:57
---A- . (...) -- C:\Windows\system32\perfh00C.dat
[758966]
O44 - LFC:[MD5.98E7D94C96ABD70812A225EC578F5E2E] - 07/12/2011 - 04:32:40
---A- . (...) -- C:\Windows\PFRO.log
[751228]
O44 - LFC:[MD5.71F4A690697773F1063703F4D7824699] - 06/12/2011 - 23:59:57
---A- . (...) -- C:\PhysicalDisk0_MBR.bin
[512]
O44 - LFC:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 06/12/2011 - 23:38:38
---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -C:\Windows\system32\drivers\mbam.sys
[22216]
O44 - LFC:[MD5.F69641EFDB19ACB4753B0155F7FDEED5] - 06/12/2011 - 23:38:16
---A- . (...) -- C:\Windows\system32\drivers\TrueSight.sys
[111872]

O44 - LFC:[MD5.9CC8F5C8339B327D99814F96BF6DA5C4] - 06/12/2011 - 21:59:51
---A- . (...) -- C:\Windows\srun.log
[12]
O44 - LFC:[MD5.E33A054A7F0EA3920B7AED4DC6B17219] - 10/11/2011 - 03:24:35
---A- . (...) -- C:\Windows\system32\FNTCACHE.DAT
[409312]
~ Scan Files in 00mn 04s

---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft
Corporation - Microsoft Authentication Package v1.0.) -C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft
Corporation - Moteur du client de l’Éditeur de configuration de sécurité
Windows.) -- C:\Windows\system32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - Package de sécurité Kerberos.) -C:\Windows\system32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - Microsoft Authentication Package v1.0.) -C:\Windows\system32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - TLS / SSL Security Provider.) -C:\Windows\system32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - Microsoft Digest Access.) -C:\Windows\system32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - Web Service Security Package.) -C:\Windows\system32\tspkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft
Corporation - Pku2u Security Package.) -- C:\Windows\system32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp.
- LiveSSP.) -- C:\Windows\system32\livessp.dll
~ Scan Keys in 00mn 00s

---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys .
(.Microsoft Corporation - Pilote de filtre souris série.) -C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft
Corporation - VGA/Super VGA Video Driver.) -C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft
Corporation - Volume Manager Driver.) -C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys .
(.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.)
-- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\Wdf01000.sys .
(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode
noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft
Corporation - IP Network Address Translator.) -C:\Windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys .
(.Microsoft Corporation - NSI Proxy.) -C:\Windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys .
(.Microsoft Corporation - RDP Encoder Miniport.) -C:\Windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys .
(.Microsoft Corporation - Pilote de filtre souris série.) -C:\Windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft
Corporation - VGA/Super VGA Video Driver.) -C:\Windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -C:\Windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft
Corporation - Volume Manager Driver.) -C:\Windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys .
(.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.)
-- C:\Windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\Wdf01000.sys .
(.Microsoft Corporation - Runtime de l’infrastructure de pilotes en mode
noyau.) -- C:\Windows\system32\Drivers\Wdf01000.sys
~ Scan CSB in 00mn 00s

---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" .
(.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec
for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec
Cinepak®.) -- C:\Windows\system32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer
IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn 00s

---\\ ShareTools MSconfig StartupReg (O53) (None)
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) (.Microsoft Corporation - Credential Delegation Security Package.) -C:\Windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) (.Microsoft Corporation - Credential Delegation Security Package.) -C:\Windows\system32\credssp.dll
~ Scan Keys in 00mn 00s

---\\ Microsoft Windows Policies System
O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] O55 - MWPS:[HKLM\...\Policies\System] ~ Scan Keys in 00mn 00s

(O55)
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableUIADesktopToggle"=0
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0

---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 10/06/2009 - 02:26:15
---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -C:\Windows\system32\drivers\adp94xx.sys
[422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 13/07/2009 - 02:26:17
---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -[297552]
C:\Windows\system32\drivers\adpahci.sys
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 13/07/2009 - 02:26:15
---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -C:\Windows\system32\drivers\adpu320.sys
[146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 14/07/2009 - 02:26:15
---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -C:\Windows\system32\drivers\aliide.sys
[14400]
O58 - SDL:[MD5.19CE906B4CDC11FC4FEF5745F33A63B6] - 13/07/2011 - 06:43:46
---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -C:\Windows\system32\drivers\amdsata.sys
[80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 10/06/2009 - 02:26:15
---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible
Controller Driver for Windows fa.) -C:\Windows\system32\drivers\amdsbs.sys
[159312]
O58 - SDL:[MD5.869E67D66BE326A5A9159FBA8746FA70] - 13/07/2011 - 06:43:46
---A- . (.Advanced Micro Devices - Storage Filter Driver.) -[22400]
C:\Windows\system32\drivers\amdxata.sys
O58 - SDL:[MD5.F5621E9033CF5B3DAE91691F74D2C41F] - 11/07/2011 - 04:50:50
---A- . (.Alps Electric Co., Ltd. - Alps Touch Pad Driver.) -C:\Windows\system32\drivers\Apfiltr.sys
[203824]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 13/07/2009 - 02:26:15
---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -C:\Windows\system32\drivers\arc.sys
[76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 13/07/2009 - 02:26:15
---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -C:\Windows\system32\drivers\arcsas.sys
[86608]
O58 - SDL:[MD5.AC4ADAC154563AB41CC79B0257BC685A] - 11/07/2011 - 19:58:28
---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN
device driver.) -- C:\Windows\system32\drivers\athr.sys
[1218048]
O58 - SDL:[MD5.6F41A4C5745BB99F89406F57164F099E] - 11/07/2011 - 00:43:28
---A- . (.Broadcom Corporation - Broadcom NetXtreme Gigabit Ethernet

NDIS6.x Unified Driver..) -- C:\Windows\system32\drivers\b57nd60x.sys
[260648]
O58 - SDL:[MD5.4030BE8AD4EF793D34CC64D783F95F2E] - 11/07/2011 - 14:41:04
---A- . (.Broadcom Corporation - Broadcom NetXtreme Unified Crash Dump
(x86).) -- C:\Windows\system32\drivers\bnxcdx.sys
[192040]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 14/07/2009 - 23:53:28
---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage BulkOnly Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys
[13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 14/07/2009 - 23:53:28
---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage BulkOnly Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys
[5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 14/07/2009 - 01:57:25
---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -C:\Windows\system32\drivers\BrSerId.sys
[272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 14/07/2009 - 23:53:32
---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).)
-- C:\Windows\system32\drivers\BrSerWdm.sys
[62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 14/07/2009 - 23:53:33
---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -C:\Windows\system32\drivers\BrUsbMdm.sys
[12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 14/07/2009 - 23:53:33
---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -C:\Windows\system32\drivers\BrUsbSer.sys
[11904]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 10/06/2009 - 23:02:48
---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -[430080]
C:\Windows\system32\drivers\bxvbdx.sys
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 14/07/2009 - 02:26:21
---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -C:\Windows\system32\drivers\cmdide.sys
[15952]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 10/06/2009 - 02:20:28
---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -C:\Windows\system32\drivers\djsvs.sys
[70720]
O58 - SDL:[MD5.C701324C9E0C25DD9D60311BD87FBC84] - 11/07/2011 - 20:14:34
---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -C:\Windows\system32\drivers\DKbFltr.sys
[21000]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 10/06/2009 - 02:20:28
---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -C:\Windows\system32\drivers\elxstor.sys
[453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 10/06/2009 - 23:02:48
---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -C:\Windows\system32\drivers\evbdx.sys
[3100160]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 14/07/2011 - 12:17:00
---A- . (.GEAR Software Inc. - CD DVD Filter.) -C:\Windows\system32\drivers\GEARAspiWDM.sys
[26600]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 13/07/2009 - 23:54:14
---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer
IR Driver for eHome.) -- C:\Windows\system32\drivers\hcw85cir.sys
[26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 13/07/2009 - 02:20:28
---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media
Driver.) -- C:\Windows\system32\drivers\HpSAMD.sys
[67152]
O58 - SDL:[MD5.4DF5C76302DC2F8F3465966C8426A292] - 11/07/2011 - 19:23:08
---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -C:\Windows\system32\drivers\HSXHWAZL.sys
[207360]

O58 - SDL:[MD5.8B976D4CA270110111DF4F313DA0E6E8] - 11/07/2011 - 19:23:08
---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -C:\Windows\system32\drivers\HSX_CNXT.sys
[661504]
O58 - SDL:[MD5.227C3BA25012752BB7450235392C719F] - 11/07/2011 - 19:23:08
---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -C:\Windows\system32\drivers\HSX_DPV.sys
[980992]
O58 - SDL:[MD5.D483687EACE0C065EE772481A96E05F5] - 30/10/2009 - 02:43:16
---A- . (.Intel Corporation - Intel Matrix Storage Manager driver ia32.) -- C:\Windows\system32\drivers\iaStor.sys
[330264]
O58 - SDL:[MD5.71F1A494FEDF4B33C02C4A6A28D6D9E9] - 13/07/2011 - 06:43:55
---A- . (.Intel Corporation - Intel Matrix Storage Manager driver ia32.) -- C:\Windows\system32\drivers\iaStorV.sys
[332160]
O58 - SDL:[MD5.8266AE06DF974E5BA047B3E9E9E70B3F] - 25/08/2010 - 18:31:30
---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -C:\Windows\system32\drivers\igdkmd32.sys
[9024512]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 13/07/2009 - 02:20:36
---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.)
-- C:\Windows\system32\drivers\iirsp.sys
[41040]
O58 - SDL:[MD5.58FF11C95C3681C9250914521CB9F036] - 30/10/2009 - 18:04:16
---A- . (.Acer, Inc. - int15.) -- C:\Windows\system32\drivers\int15.sys
[12832]
O58 - SDL:[MD5.8C7FA71CB1EBCD3EDE8958D27B1BF0B4] - 30/10/2009 - 17:42:20
---A- . (.Acer, Inc. - int15.) -C:\Windows\system32\drivers\int15_64.sys
[17952]
O58 - SDL:[MD5.8C804B1FFAD1EFA952B747E8285C3B76] - 20/06/2009 - 23:02:47
---A- . (.Atheros Communications, Inc. - Atheros AR8121/AR8113/AR8114
PCI-E Ethernet Controller(NDIS6.20.) -[47104]
C:\Windows\system32\drivers\L1E62x86.sys
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 13/07/2009 - 02:20:36
---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -C:\Windows\system32\drivers\lsi_fc.sys
[95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 13/07/2009 - 02:20:37
---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -C:\Windows\system32\drivers\lsi_sas.sys
[89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 13/07/2009 - 02:20:36
---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -C:\Windows\system32\drivers\lsi_sas2.sys
[54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 13/07/2009 - 02:20:36
---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -C:\Windows\system32\drivers\lsi_scsi.sys
[96848]
O58 - SDL:[MD5.69A6268D7F81E53D568AB4E7E991CAF3] - 06/12/2011 - 17:00:50
---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -C:\Windows\system32\drivers\mbam.sys
[22216]
O58 - SDL:[MD5.0CEA2D0D3FA284B85ED5B68365114F76] - 11/07/2011 - 19:23:08
---A- . (.Conexant - Diagnostic Interface x86 Driver.) -C:\Windows\system32\drivers\mdmxsdk.sys
[12672]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 10/06/2009 - 02:20:36
---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7
for x86.) -- C:\Windows\system32\drivers\megasas.sys
[30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 13/07/2009 - 02:20:36
---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -[235584]
C:\Windows\system32\drivers\MegaSR.sys
O58 - SDL:[MD5.58218EC6B61B1169CF54AAB0D00F5FE2] - 10/06/2009 - 23:02:51
---A- . (.Intel Corporation - Intel® Wireless WiFi Link Driver.) -C:\Windows\system32\drivers\netw5v32.sys
[4231168]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 13/07/2009 - 02:20:44
---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -C:\Windows\system32\drivers\nfrd960.sys
[44624]

O58 - SDL:[MD5.6DCAA65F49EF3B97A5CFFC0CB5DE1C2F] - 30/10/2009 - 01:46:08
---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -C:\Windows\system32\drivers\NTIDrvr.sys
[15360]
O58 - SDL:[MD5.F1B0BED906F97E16F6D0C3629D2F21C6] - 13/07/2011 - 06:44:01
---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) -C:\Windows\system32\drivers\nvraid.sys
[117120]
O58 - SDL:[MD5.4520B63899E867F354EE012D34E11536] - 13/07/2011 - 06:44:01
---A- . (.NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance
Driver.) -- C:\Windows\system32\drivers\nvstor.sys
[143744]
O58 - SDL:[MD5.922046F114AC0C1B2484BCDD5CA43C07] - 30/10/2009 - 23:14:36
---A- . (.O2Micro - o2media.) -- C:\Windows\system32\drivers\o2media.sys
[52128]
O58 - SDL:[MD5.51C368F577513FEB59ED70B45E930076] - 30/10/2009 - 23:22:14
---A- . (.O2Micro - O2Micro SD Reader Driver.) -C:\Windows\system32\drivers\o2sd.sys
[42144]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 10/06/2009 - 02:19:04
---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport
Driver.) -- C:\Windows\system32\drivers\ql2300.sys
[1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 13/07/2009 - 02:19:04
---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -C:\Windows\system32\drivers\ql40xx.sys
[106064]
O58 - SDL:[MD5.001B4278407F4303EFC902A2B16F2453] - 11/07/2011 - 19:09:28
---A- . (.InterVideo - regi driver.) -C:\Windows\system32\drivers\regi.sys
[11032]
O58 - SDL:[MD5.B29E79C67F3779E70BA187E31B639EBC] - 11/07/2011 - 02:42:00
---A- . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio
Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys
[2745760]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 14/07/2009 - 21:50:20
---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision
SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys
[20480]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 10/06/2009 - 02:19:04
---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport
Driver.) -- C:\Windows\system32\drivers\sisraid2.sys
[40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 13/07/2009 - 02:19:04
---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -[77888]
C:\Windows\system32\drivers\sisraid4.sys
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 13/07/2009 - 02:19:04
---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for
Windows.) -- C:\Windows\system32\drivers\stexstor.sys
[21072]
O58 - SDL:[MD5.F69641EFDB19ACB4753B0155F7FDEED5] - 06/12/2011 - 23:38:16
---A- . (...) -- C:\Windows\system32\drivers\TrueSight.sys
[111872]
O58 - SDL:[MD5.D79C0B9BB011218B93705CBF77FA3E5E] - 30/10/2009 - 01:46:08
---A- . (.NewTech Infosystems Corporation - NTI CDROM Filter Driver.) -C:\Windows\system32\drivers\UBHelper.sys
[14336]
O58 - SDL:[MD5.83CAFCB53201BBAC04D822F32438E244] - 14/07/2011 - 07:06:08
---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -C:\Windows\system32\drivers\usbaapl.sys
[42496]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 14/07/2009 - 02:19:10
---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -C:\Windows\system32\drivers\viaide.sys
[16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 10/06/2009 - 02:19:11
---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -C:\Windows\system32\drivers\vsmraid.sys
[141904]
O58 - SDL:[MD5.E00FDFAFF025E94F9821153750C35A6D] - 13/07/2009 - 23:13:45
---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -C:\Windows\system32\drivers\VSTAZL3.SYS
[207360]

O58 - SDL:[MD5.BC0C7EA89194C299F051C24119000E17] - 13/07/2009 - 23:13:45
---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -C:\Windows\system32\drivers\VSTCNXT3.SYS
[661504]
O58 - SDL:[MD5.CEB4E3B6890E1E42DCA6694D9E59E1A0] - 13/07/2009 - 23:13:46
---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -C:\Windows\system32\drivers\VSTDPV3.SYS
[980992]
O58 - SDL:[MD5.894F963BE999BA9DB5AAC3AED55B115D] - 11/07/2011 - 19:23:08
---A- . (.Conexant Systems, Inc. - Modem Audio Device Driver.) -C:\Windows\system32\drivers\XAudio32.sys
[8704]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 13/07/2009 - 22:40:41
---A- . (...) -- C:\Windows\system32\ANSI.SYS
[9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 13/07/2009 - 22:40:44
---A- . (...) -- C:\Windows\system32\country.sys
[27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 13/07/2009 - 22:40:40
---A- . (...) -- C:\Windows\system32\HIMEM.SYS
[4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 13/07/2009 - 22:40:43
---A- . (...) -- C:\Windows\system32\KEY01.SYS
[42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 13/07/2009 - 22:40:43
---A- . (...) -- C:\Windows\system32\KEYBOARD.SYS
[42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 13/07/2009 - 22:40:23
---A- . (...) -- C:\Windows\system32\NTDOS.SYS
[27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 13/07/2009 - 22:40:31
---A- . (...) -- C:\Windows\system32\NTDOS404.SYS
[29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 13/07/2009 - 22:40:35
---A- . (...) -- C:\Windows\system32\NTDOS411.SYS
[29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 13/07/2009 - 22:40:39
---A- . (...) -- C:\Windows\system32\NTDOS412.SYS
[29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 13/07/2009 - 22:40:27
---A- . (...) -- C:\Windows\system32\NTDOS804.SYS
[29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 13/07/2009 - 22:40:11
---A- . (...) -- C:\Windows\system32\NTIO.SYS
[33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 13/07/2009 - 22:40:15
---A- . (...) -- C:\Windows\system32\NTIO404.SYS
[34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 13/07/2009 - 22:40:17
---A- . (...) -- C:\Windows\system32\NTIO411.SYS
[35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 13/07/2009 - 22:40:19
---A- . (...) -- C:\Windows\system32\NTIO412.SYS
[35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 13/07/2009 - 22:40:13
---A- . (...) -- C:\Windows\system32\NTIO804.SYS
[34672]
~ Scan Drivers in 00mn 33s

---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn 00s

---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 01/10/2008 C:\Windows\system32\drivers\int15.sys (int15) .(.Acer, Inc. - int15.) LEGACY_INT15
O64 - Services: CurCS - 17/04/2007 - C:\Windows\system32\drivers\regi.sys
(regi) .(.InterVideo - regi driver.) - LEGACY_REGI
O64 - Services: CurCS - ??\??\???? C:\Windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision

Corporation, Macrovision Europe - Macrovision SECURITY Driver.) LEGACY_SECDRV
O64 - Services: CurCS - 06/12/2011 c:\windows\system32\drivers\TrueSight.sys - TrueSight (TrueSight) .(...)
- LEGACY_TRUESIGHT
O64 - Services: CurCS - 10/06/2009 C:\Windows\system32\DRIVERS\XAudio32.sys (XAudio) .(.Conexant Systems,
Inc. - Modem Audio Device Driver.) - LEGACY_XAUDIO
~ Scan Services in 00mn 03s

---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -"%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command]
(.Microsoft Corporation - Windows Control Panel.) -C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -"%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command]
(.Microsoft Corporation - Internet Explorer.) -- C:\Program
Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft
Corporation - Microsoft ® Windows Based Script Host.) -C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft
Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -"%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command]
(.Microsoft Corporation - Windows Control Panel.) -C:\Windows\System32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft
Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (.Microsoft
Corporation - Windows Control Panel.) -- "%1" %*
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -"%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command]
(.Microsoft Corporation - Internet Explorer.) -- C:\Program
Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft
Corporation - Microsoft ® Windows Based Script Host.) -C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft
Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn 00s

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet
Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet
Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet
Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet
Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet
Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -C:\Windows\System32\ie4uinit.exe
~ Scan Keys in 00mn 00s

---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
[DefaultScope] - (Search the web (Babylon)) - http://search.babylon.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} (Google) - http://www.google.com
~ Scan Keys in 00mn 00s

---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft
Corporation - Service Expérience d’application.) -C:\Windows\System32\aelupsvc.dll
[62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft
Corporation - Service de propagation de certificats de cartes à puce
Microsoft.) -- C:\Windows\System32\certprop.dll
[67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft
Corporation - Service de propagation de certificats de cartes à puce
Microsoft.) -- C:\Windows\System32\certprop.dll
[67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft
Corporation - DLL du service Serveur.) -- C:\Windows\system32\srvsvc.dll
[168448]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation Client de stratégie de groupe.) -- C:\Windows\System32\gpsvc.dll
[591360]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation
- Extension IKE.) -- C:\Windows\System32\ikeext.dll
[667136]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft
Corporation - Service Audio Windows.) -- C:\Windows\System32\Audiosrv.dll
[473088]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft
Corporation - Gestionnaire de numérotation automatique d’accès distant.)
-- C:\Windows\System32\rasauto.dll
[90624]

O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation
- Gestionnaire de connexions d’accès distant.) -C:\Windows\System32\rasmans.dll
[285184]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft
Corporation - Gestionnaire d’interface dynamique.) -C:\Windows\System32\mprdim.dll
[75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation Service de notification d’événements système (SENS).) -C:\Windows\System32\sens.dll
[49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft
Corporation - Composants de l’application d’assistance à Microsoft NAT.)
[300544]
-- C:\Windows\System32\ipnathlp.dll
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft
Corporation - Serveur de téléphonie Microsoft® Windows(TM).) -C:\Windows\System32\tapisrv.dll
[241664]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft
Corporation - Gestionnaire des connexions distantes du serveur hôte de
session Burea.) -- C:\Windows\System32\termsrv.dll
[543232]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft
Corporation - Agent de mise à jour automatique Windows Update.) -C:\Windows\system32\wuaueng.dll
[1912832]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation Service de transfert intelligent en arrière-plan.) -C:\Windows\System32\qmgr.dll
[589312]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) .
(.Microsoft Corporation - Dll des services Windows Shell.) -C:\Windows\System32\shsvcs.dll
[328192]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft
Corporation - DLL de service d’ouverture de session secondaire.) -[21504]
C:\Windows\system32\seclogon.dll
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft
Corporation - Service Informations d’application.) -C:\Windows\System32\appinfo.dll
[46592]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft
Corporation - Service de découverte iSCSI.) -[114688]
C:\Windows\system32\iscsiexe.dll
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation Service Planificateur de classes multimédias.) -C:\Windows\system32\mmcss.dll
[49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) .
(.Microsoft Corporation - Rapports et solutions aux problèmes.) -C:\Windows\System32\wercplsupport.dll
[61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft
Corporation - Service EAPHost Microsoft.) -C:\Windows\System32\eapsvc.dll
[98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft
Corporation - ProfSvc.) -- C:\Windows\system32\profsvc.dll
[162816]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft
Corporation - Service du Planificateur de tâches.) -C:\Windows\system32\schedsvc.dll
[749056]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation
- Service Gestion des clés.) -- C:\Windows\system32\kmsvc.dll
[71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft
Corporation - Service Configuration des services Bureau à distance.) -C:\Windows\system32\sessenv.dll
[99328]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft
Corporation - WMI.) -- C:\Windows\system32\wbem\WMIsvc.dll
[168960]

O83 - Search Svchost Services: browser (browser) . (.Microsoft
Corporation - DLL du service Explorateur d’ordinateurs.) -C:\Windows\System32\browser.dll
[102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation
- DLL du service des thèmes Windows Shell.) -C:\Windows\system32\themeservice.dll
[37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation
- Service BDE.) -- C:\Windows\System32\bdesvc.dll
[76800]
O83 - Search Svchost Services: AppMgmt (AppMgmt) . (.Microsoft
Corporation - Service Installation de logiciels.) -C:\Windows\System32\appmgmts.dll
[149504]
~ Scan Services in 00mn 00s

---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.496F03DCA0EFF43EA168ED20ACCC6EFF] [SPRF][14/03/2011] (...) -C:\Users\Valentin\AppData\Local\Temp\GLF6FA0.tmp.ConduitEngineSetup.exe
[158048]
[MD5.08AF557C8E6E74D7D92314F6B2C86273] [SPRF][19/11/2011] (...) -C:\Users\Valentin\AppData\Local\Temp\i4jdel0.exe
[4608]
[MD5.352A620C285711220073F9F9B4CEFCD1] [SPRF][06/12/2011] (.Adobe
Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller 11.1 r102.) -C:\Users\Valentin\AppData\Local\Temp\InstallFlashPlayer.exe
[3800224]
[MD5.B92293778555CE3DABE7F0A7E98B34C0] [SPRF][17/01/2011] (.Conduit Ltd.
- Conduit Toolbar.) -C:\Users\Valentin\AppData\Local\Temp\prxGLF6FA0.tmp.tbVuze.dll
[175912]
[MD5.37AA624A0B2C6F762FFEBC6AF47CA51C] [SPRF][09/10/2011] (.Microsoft
Corporation - Microsoft .NET Assembly Registration Utility.) -[53248]
C:\Users\Valentin\AppData\Local\Temp\RegAsm.exe
[MD5.B2C46C7064C867F4722A0F51CF18FB62] [SPRF][01/10/2011] (.McAfee, Inc.
- McAfee Security Scan Plus Installer.) -C:\Users\Valentin\AppData\Local\Temp\SecurityScan_Release.exe
[3598224]
[MD5.3FD65D2D6E4C65AEA3C983FC74C95681] [SPRF][06/12/2011] (...) -C:\Users\Valentin\AppData\Local\Temp\smowxrcnea.exe
[80896]
[MD5.1D70BE6C8303EB57079B005BA6B399AD] [SPRF][21/08/2011] (.Eclipse
Foundation - SWT for Windows native library.) -C:\Users\Valentin\AppData\Local\Temp\swt-win32-3349.dll
[139672]
[MD5.26CBF402F11B3D7A786654A5325C11A6] [SPRF][09/10/2011] (.CatenaLogic Updater copy help tool.) -C:\Users\Valentin\AppData\Local\Temp\UpdaterCopy.exe
[868600]
[MD5.9C5E3159A29A90ABA7C45BFA6C7B8E84] [SPRF][29/07/2011] (.Neva Object
Technology - C4J native.) -- C:\Users\Valentin\AppData\Local\Temp\vzf3553325527891339797.dll
[306296]
[MD5.113A7A662B1F4D8A55E40F4EBD2B5209] [SPRF][29/07/2011] (.Bunndle, Inc.
- Bunndle Offer Manager v1.1.0.1.) -C:\Users\Valentin\AppData\Local\Temp\vzf-620762514159142053.dll
[341944]
[MD5.FA501837510CC22D174667A2F7BAC20B] [SPRF][06/12/2011] (...) -C:\Users\Valentin\Desktop\RogueKiller.exe
[754176]
~ Scan Files in 00mn 01s

---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{7E6347E6-31E2-448F-8AAE-E54A751A71F4}" | In - Public - P6 TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT

Service.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now
5\SchedulerSvc.exe
O87 - FAEL: "{950E058D-588B-4281-96CB-EC1A74959401}" | In - Public - P6 TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc
Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now
5\BackupSvc.exe
O87 - FAEL: "{082AB99F-7665-4776-AD23-E8862C7EE7E0}" | In - Public - P17
- TRUE | .(.NewTech Infosystems, Inc. - NTI Backup Now 5 SchedulerSvc NT
Service.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now
5\SchedulerSvc.exe
O87 - FAEL: "{1C5000AF-C95A-40AF-9D09-EB50E3993709}" | In - Public - P17
- TRUE | .(.NewTech InfoSystems, Inc. - NTI Backup Now 5 BackupSvc
Application.) -- C:\Program Files\NewTech Infosystems\NTI Backup Now
5\BackupSvc.exe
O87 - FAEL: "{E05FA299-8A95-49DB-BEC8-F65A76A49DE6}" |In - Domain - P17 TRUE | .(...) -- C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
(.not file.)
O87 - FAEL: "{8BC37F59-9228-4609-B50F-EB0947902CD6}" | In - None - P6 TRUE | .(.Acer Incorporated - Raw Socket Service.) -- C:\Program
Files\Acer\Acer VCM\RS_Service.exe
O87 - FAEL: "{448D29B8-E660-46C1-B8D1-13F8AE3CDC0C}" | In - None - P6 TRUE | .(.Acer Incoporated - Acer Video Quality Enhancement.) -C:\Program Files\Acer\Acer VCM\VC.exe
O87 - FAEL: "{650E6001-824F-415F-8C7E-B45E971F8537}" | In - Private - P6
- TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program
Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{0505B6E4-7B8B-4BA0-8223-309570B766D3}" | In - Private - P17
- TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program
Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{31B686FE-AE54-424B-8298-5D22BCFB6751}" | In - None - P17 TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{8EFF85ED-2964-4D2A-93B5-A70C09D9E6BE}" | In - Private - P6
- TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program
Files\Vuze\Azureus.exe
O87 - FAEL: "{FD4528C1-AAB2-4CF2-99EA-DA292D471963}" | In - Private - P17
- TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program
Files\Vuze\Azureus.exe
O87 - FAEL: "{0A003C5B-269D-444E-AAEB-9D6BBC9D0F6E}" | In - Domain - P6 TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program
Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{F0FA8290-8566-4AFE-A4B0-C58C6CF82C63}" | In - Domain - P17
- TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program
Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{2362B46D-13B9-4CA9-85D1-49E2E433DEE7}" | In - Private - P6
- TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program
Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{435A83E3-5BED-4C3D-B497-762375EFAB40}" | In - Private - P17
- TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program
Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{BAC45764-C047-4A75-AB95-20AB7F3C1429}" | In - None - P17 TRUE | .(.Pas de propriétaire - Pando Media Booster.) -- C:\Program
Files\Pando Networks\Media Booster\PMB.exe
O87 - FAEL: "{CA25A9A6-8899-4F9F-BB5C-8C4A91876B9C}" |In - Private - P6 TRUE | .(...) -- C:\Program Files\Common
Files\McAfee\McSvcHost\McSvHost.exe (.not file.)
O87 - FAEL: "{391ECA66-36B8-4CF0-BEF5-5AC294B88F08}" |In - Private - P17
- TRUE | .(...) -- C:\Program Files\Common
Files\McAfee\McSvcHost\McSvHost.exe (.not file.)

O87 - FAEL: "TCP Query User{C8C29976-538F-4C20-AA5093FFD47F0C0F}C:\program files\vuze\azureus.exe" | In - Public - P6 - TRUE
| .(.Vuze Inc. - Pas de description.) -- C:\Program
Files\Vuze\Azureus.exe
O87 - FAEL: "UDP Query User{DCF904E7-EDBE-438D-9C9E2660053980B6}C:\program files\vuze\azureus.exe" | In - Public - P17 TRUE | .(.Vuze Inc. - Pas de description.) -- C:\Program
Files\Vuze\Azureus.exe
O87 - FAEL: "{5C59F42C-8D1A-49E4-8297-B9D66E7EE30E}" | In - Private - P6
- TRUE | .(.Microsoft Studios - Age of Empires Online.) -- C:\Program
Files\Microsoft Games\Age of Empires Online\Spartan.exe
O87 - FAEL: "{710491F1-7085-406C-B9DD-CBD5B5325BC2}" | In - Private - P17
- TRUE | .(.Microsoft Studios - Age of Empires Online.) -- C:\Program
Files\Microsoft Games\Age of Empires Online\Spartan.exe
~ Scan Firewall in 00mn 04s

---\\ Scan Additionnel (O88)
Database Version : 8872 - (06/12/2011)
Clés trouvées (Keys found) : 68
Valeurs trouvées (Values found) : 1
Dossiers trouvés (Folders found) : 19
Fichiers trouvés (Files found) : 0
[HKLM\Software\Classes\AppID\esrv.EXE]
=>Toolbar.Babylon
[HKLM\Software\Classes\b]
=>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd]
=>Toolbar.Babylon
[HKLM\Software\Classes\Babylon.dskBnd.1]
=>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore]
=>Toolbar.Babylon
[HKLM\Software\Classes\bbylnApp.appCore.1]
=>Toolbar.Babylon
[HKLM\Software\Classes\Conduit.Engine]
=>Toolbar.Conduit
[HKLM\Software\Classes\escort.escortIEPane]
=>Toolbar.Babylon
[HKLM\Software\Classes\escort.escortIEPane.1]
=>Toolbar.Babylon
[HKLM\Software\Classes\escort.escrtBtn.1]
=>Toolbar.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc]
=>Toolbar.Babylon
[HKLM\Software\Classes\esrv.BabylonESrvc.1]
=>Toolbar.Babylon
[HKLM\Software\Classes\Toolbar.ct2504091]
=>Adware.Agent
[HKLM\Software\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}]
=>Adware.Agent
[HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ecdf796-c2dc4d79-a620-cce0c0a66cc9}]
=>Adware.MyWebSearch
[HKLM\Software\Classes\CLSID\{291BCCC1-6890-484a-89D3-318C928DAC1B}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-58444a99-B4B6-146BF802613B}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD7385844-4a99-B4B6-146BF802613B}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{2EECD738-5844-4a99-B4B6-146BF802613B}]
=>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B7554826-820B-08FBA6BD249D}]
=>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915B755-4826-820B-08FBA6BD249D}]
=>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}]
=>Toolbar.Conduit

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
=>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}]
=>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}]
=>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
=>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
=>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}]
=>Toolbar.Babylon
[HKLM\Software\Microsoft\Internet Explorer\Low
Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B260C-4ccf-834A-2DDA4E29E39E}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{97F2FF5B-260C-4ccf-834A-2DDA4E29E39E}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D49dd-99D7-DC866BE87DBC}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811442D-49dd-99D7-DC866BE87DBC}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{98889811-442D-49dd-99D7-DC866BE87DBC}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}]
=>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}]
=>Toolbar.Babylon
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-95504989-b3f2-9732e92d17cc}]
=>Toolbar.Conduit
[HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e9550-4989-b3f2-9732e92d17cc}]
=>Toolbar.Conduit
[HKLM\Software\Classes\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
=>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
=>Toolbar.Conduit
[HKLM\Software\Classes\AppID\{BDB69379-802F-4eaf-B541-F8DE92DD98DB}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}]
=>Toolbar.Babylon

[HKLM\Software\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}]
=>Toolbar.Babylon
[HKLM\Software\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]
=>Toolbar.Babylon
[HKLM\Software\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{E46C8196-B634-44a1-AF6E-957C64278AB1}]
=>Toolbar.Babylon
[HKLM\Software\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}]
=>Toolbar.Babylon
[HKLM\Software\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}]
=>Toolbar.Babylon
[HKCU\Software\BabylonToolbar]
=>Toolbar.Babylon
[HKLM\Software\BabylonToolbar]
=>Toolbar.Babylon
[HKCU\Software\AppDataLow\Software\conduitEngine]
=>Toolbar.Conduit
[HKLM\Software\conduitEngine]
=>Toolbar.Conduit
[HKCU\Software\MediaGet]
=>PUP.MediaGet
[HKCU\Software\AppDataLow\Toolbar]
=>Toolbar.Conduit
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar]
=>Toolbar.Babylon
[HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine]
=>Toolbar.Conduit
[HKLM\Software\Microsoft\Internet Explorer\Toolbar]:{30F9B915-B755-4826820B-08FBA6BD249D}
=>Toolbar.Conduit
C:\Program Files\BabylonToolbar
=>Toolbar.Babylon
C:\Program Files\Conduit
=>Toolbar.Conduit
C:\Program Files\ConduitEngine
=>Toolbar.Conduit
C:\Program Files\Vuze_Remote
=>Toolbar.Conduit
C:\ProgramData\Babylon
=>Toolbar.Babylon
=>PUP.MediaGet
C:\ProgramData\Media Get LLC
C:\Users\Valentin\AppData\Roaming\Babylon
=>Toolbar.Babylon
C:\Users\Valentin\AppData\Roaming\Media Get LLC
=>PUP.MediaGet
C:\Users\Valentin\AppData\Local\Babylon
=>Toolbar.Babylon
C:\Users\Valentin\AppData\Local\Conduit
=>Toolbar.Conduit
C:\Users\Valentin\AppData\Local\Media Get LLC
=>PUP.MediaGet
C:\Users\Valentin\AppData\Local\MediaGet2
=>PUP.MediaGet
C:\Users\Valentin\AppData\LocalLow\Conduit
=>Toolbar.Conduit
C:\Users\Valentin\AppData\LocalLow\ConduitEngine
=>Toolbar.Conduit
C:\Users\Valentin\AppData\LocalLow\Vuze_Remote
=>Toolbar.Conduit
~ Scan Additionnel in 00mn 20s

---\\ Etat général des services non Microsoft (EGS) (SR=Running,
SS=Stopped)
SR - | Auto 14/07/2011 37664 | (Apple Mobile Device) . (.Apple Inc..) C:\Program Files\Common Files\Apple\Mobile Device
Support\AppleMobileDeviceService.exe
SR - | Auto 14/07/2011 349472 | (Bonjour Service) . (.Apple Inc..) C:\Program Files\Bonjour\mDNSResponder.exe
SR - | Auto 24576 | (ETService) . (...) - C:\Program
Files\Acer\Empowering Technology\Service\ETService.exe

SR - | Auto 30/10/2009 1150496 | (Greg_Service) . (.Acer Incorporated.)
- C:\Program Files\Acer\Registration\GregHSRW.exe
SS - | Auto 11/07/2011 135664 | (gupdate) . (.Google Inc..) - C:\Program
Files\Google\Update\GoogleUpdate.exe
SS - | Demand 11/07/2011 135664 | (gupdatem) . (.Google Inc..) C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 30/10/2009 182768 | (gusvc) . (.Google.) - C:\Program
Files\Google\Common\Google Updater\GoogleUpdaterService.exe
SR - | Auto 30/10/2009 354840 | (IAANTMON) . (.Intel Corporation.) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
SR - | Demand 14/07/2011 820520 | (iPod Service) . (.Apple Inc..) C:\Program Files\iPod\bin\iPodService.exe
SR - | Auto 11/07/2011 112152 | (IviRegMgr) . (.InterVideo.) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
SR - | Auto 10/08/2011 94880 | (McAfee SiteAdvisor Service) . (.McAfee,
Inc..) - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
SS - | Auto 0 | (McMPFSvc) . (...) - C:\Program Files\Common
Files\Mcafee\McSvcHost\McSvHost.exe
SS - | Demand 30/10/2009 50432 | (NTIBackupSvc) . (.NewTech InfoSystems,
Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now
5\BackupSvc.exe
SR - | Auto 30/10/2009 144640 | (NTISchedulerSvc) . (.NewTech
Infosystems, Inc..) - C:\Program Files\NewTech Infosystems\NTI Backup Now
5\SchedulerSvc.exe
SR - | Auto 30/10/2009 65536 | (O2FLASH) . (.O2Micro International.) C:\Windows\System32\drivers\o2flash.exe
SR - | Auto 11/07/2011 185632 | (PSI_SVC_2) . (.Protexis Inc..) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
SS - | Auto 11/07/2011 253952 | (RS_Service) . (.Acer Incorporated.) C:\Program Files\Acer\Acer VCM\RS_Service.exe
SR - | Auto 30/10/2009 240160 | (Updater Service) . (.Acer.) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
SR - | Auto 14/07/2009 20992 | C:\Windows\system32\wuaueng.dll (wuauserv)
. (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 00mn 23s

---\\ Recherche Master Boot Record Infection (MBR)(O80)
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer,
http://www.gmer.net
Run by Valentin at 07/12/2011 11:21:09
device: opened successfully
user: MBR read successfully
Disk trace:
called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN
[0x8E18DF10]<<
1 ntkrnlpa!IofCallDriver[0x83281458] -> \Device\Harddisk0\DR0[0x868E57C8]
3 CLASSPNP[0x8917159E] -> ntkrnlpa!IofCallDriver[0x83281458] ->
[0x86BFDB88]
\Driver\00000543[0x86BFDCC0] -> IRP_MJ_CREATE -> 0x8E18DF10
kernel: MBR read successfully
user & kernel MBR OK
~ Scan MBR in 00mn 02s

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)
Written by ad13, http://ad13.geekstog
Run by Valentin at 07/12/2011 11:21:11
********* Dump file Name *********
C:\PhysicalDisk0_MBR.bin
~ Scan MBR in 00mn 04s

End of the scan (1381 lines in 02mn 14s)(0)


Documents similaires


analyser
how to force uninstall a program you cannot uninstall
qmvjbsa
zhpdiag
tec st a10 windows setup
installation instructions


Sur le même sujet..