Trouver mon contenu
Homme
Il me reste un ff à installer toussa, le reste est fait, et voici les rapports:
Spoiler
# AdwCleaner v1.409 - Rapport créé le 19/02/2012 à 12:30:15
# Mis à jour le 12/02/2012 par Xplode
# Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits)
# Nom d'utilisateur : eed - LOLO-PC (Administrateur)
# Exécuté depuis : C:\Users\eed\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\eed\AppData\LocalLow\BabylonToolbar
***** [Registre] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [803 octets] - [19/02/2012 12:30:15]
*************************
Dossier Temporaire : 10 dossier(s) et 27 fichier(s) supprimés
########## EOF - C:\AdwCleaner[S1].txt - [1024 octets] ##########
# AdwCleaner v1.409 - Rapport créé le 19/02/2012 à 12:30:15
# Mis à jour le 12/02/2012 par Xplode
# Système d'exploitation : Windows 7 Starter Service Pack 1 (32 bits)
# Nom d'utilisateur : eed - LOLO-PC (Administrateur)
# Exécuté depuis : C:\Users\eed\Desktop\adwcleaner.exe
# Option [Suppression]
***** [Services] *****
***** [Fichiers / Dossiers] *****
Dossier Supprimé : C:\Users\eed\AppData\LocalLow\BabylonToolbar
***** [Registre] *****
Clé Supprimée : HKLM\SOFTWARE\Classes\AppID\SoftwareUpdate.exe
Clé Supprimée : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8856F961-340A-11D0-A96B-00C04FD705A2}
***** [Navigateurs] *****
-\\ Internet Explorer v8.0.7601.17514
[OK] Le registre ne contient aucune entrée illégitime.
*************************
AdwCleaner[S1].txt - [803 octets] - [19/02/2012 12:30:15]
*************************
Dossier Temporaire : 10 dossier(s) et 27 fichier(s) supprimés
########## EOF - C:\AdwCleaner[S1].txt - [1024 octets] ##########
Spoiler
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.02.18.07
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
eed :: LOLO-PC [administrateur]
Protection: Activé
18.02.12 19:30:50
mbam-log-2012-02-18 (19-30-50).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 177131
Temps écoulé: 10 minute(s), 10 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Malwarebytes Anti-Malware (Essai) 1.60.1.1000
www.malwarebytes.org
Version de la base de données: v2012.02.18.07
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
eed :: LOLO-PC [administrateur]
Protection: Activé
18.02.12 19:30:50
mbam-log-2012-02-18 (19-30-50).txt
Type d'examen: Examen rapide
Options d'examen activées: Mémoire | Démarrage | Registre | Système de fichiers | Heuristique/Extra | Heuristique/Shuriken | PUP | PUM
Options d'examen désactivées: P2P
Elément(s) analysé(s): 177131
Temps écoulé: 10 minute(s), 10 seconde(s)
Processus mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Module(s) mémoire détecté(s): 0
(Aucun élément nuisible détecté)
Clé(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Valeur(s) du Registre détectée(s): 0
(Aucun élément nuisible détecté)
Elément(s) de données du Registre détecté(s): 0
(Aucun élément nuisible détecté)
Dossier(s) détecté(s): 0
(Aucun élément nuisible détecté)
Fichier(s) détecté(s): 0
(Aucun élément nuisible détecté)
(fin)
Spoiler
Rapport de ZHPDiag v1.28.32 par Nicolas Coolman, Update du 05/02/2012
Run by eed at 2/19/2012 4:18:11 PM
Web site : http://www.premiumor...ss/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013.3 MB (31% free)
System Restore: Activé (Enable)
System drive C: has 83 GB (76%) free of 109 GB
---\\ Logged in mode
~ Computer Name: LOLO-PC
~ User Name: eed
~ All Users Names: eed, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\eed\AppData\Roaming\
~ %Desktop% : C:\Users\eed\Desktop\
~ %Favorites% : C:\Users\eed\Favorites\
~ %LocalAppData% : C:\Users\eed\AppData\Local\
~ %StartMenu% : C:\Users\eed\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\windows\
~ %System% : C:\windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 109 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 76 Go of 105 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Scan Security Center in 00mn AMs
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.2/25/2011 - 6:30:54 AM.) -- C:\windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.7/14/2009 - 2:14:31 AM.) -- C:\windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:14:45 AM.) -- C:\windows\system32\Wininit.exe [96256]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2/19/2012 - 1:26:22 PM.) -- C:\windows\system32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/20/2010 - 1:17:54 PM.) -- C:\windows\system32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.11/20/2010 - 1:21:24 PM.) -- C:\windows\system32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.11/20/2010 - 1:08:50 PM.) -- C:\windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.4/25/2011 - 3:18:03 AM.) -- C:\windows\system32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:26:15 AM.) -- C:\windows\system32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/14/2009 - 12:11:15 AM.) -- C:\windows\system32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 9:38:10 AM.) -- C:\windows\system32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 9:42:32 AM.) -- C:\windows\system32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:59:29 AM.) -- C:\windows\system32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.7/14/2009 - 12:11:24 AM.) -- C:\windows\system32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 12:54:29 AM.) -- C:\windows\system32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 3:17:22 AM.) -- C:\windows\system32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 9:39:44 AM.) -- C:\windows\system32\drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.3/11/2011 - 6:39:00 AM.) -- C:\windows\system32\drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.7/14/2009 - 12:45:35 AM.) -- C:\windows\system32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/14/2009 - 12:54:34 AM.) -- C:\windows\system32\drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 12:53:41 AM.) -- C:\windows\system32\drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 9:39:17 AM.) -- C:\windows\system32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/20/2010 - 1:30:16 PM.) -- C:\windows\system32\drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn AMs
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 41/71
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : Non accessible (Not found)
~ Mes Documents (My Documents) : 8/15
~ Mon Bureau (My Desktop) : 1/94
~ Menu demarrer (Programs) : 6/25
~ Scan Hidden Files in 00mn AMs
---\\ Processus lancés
[MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [835072] [PID.3372]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912] [PID.3188]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.2972]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800] [PID.3484]
[MD5.01546BF0647BA0CB253A5F38A4B8FBC4] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.3892]
[MD5.3EE8375B1063CF4A0C4353123F4129C5] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280] [PID.3944]
[MD5.981E3DCB80E50011EB2D528BEC9AD782] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2247168] [PID.3932]
[MD5.0BA966FD5349BDF9895F40C045A7C7EC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3700]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3960]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3888]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.3708]
[MD5.428F4A9D4CB5816030F88F3DD7595675] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2388]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.2228]
[MD5.E9E2FA0896ABDBBE1CBD9E5D421511D7] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe [250016] [PID.1156]
[MD5.4309B75F125067EF805F3125B01FCC30] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2210816] [PID.1904]
~ Scan Processes Running in 01mn AMs
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10111.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn AMs
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn AMs
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn AMs
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
~ Scan BHO in 00mn AMs
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3948093705-1484294097-1952622497-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn AMs
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\Desktop\Configure Hyperspace.lnk . (.Phoenix Technologies.) -- C:\Program Files\HyperSpace\HSControlCenter.exe
O4 - Global Startup: C:\Users\eed\Desktop\CyberLink YouCam.lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\YouCam\YouCam.exe
O4 - Global Startup: C:\Users\eed\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\Desktop\Pid.lnk . (.SOFIRUN.) -- C:\Program Files\SOFIRUN\PID\Pid.exe
O4 - Global Startup: C:\Users\eed\Desktop\Switch to Hyperspace.lnk . (.Phoenix Technologies.) -- C:\Program Files\HyperSpace\SwitchToHyperSpace.exe
O4 - Global Startup: C:\Users\eed\Desktop\Votre avis nous intéresse.lnk - Clé orpheline
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk . (.http://winmerge.org.) -- C:\Program Files\WinMerge\WinMergeU.exe
~ Scan Global Startup in 00mn AMs
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn AMs
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
~ Scan IE Menu Contextuel in 00mn AMs
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\System32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn AMs
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.ad...Plus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn AMs
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn AMs
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn AMs
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn AMs
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn AMs
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
~ Scan Services in 00mn AMs
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn AMs
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn AMs
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.981E3DCB80E50011EB2D528BEC9AD782] [APT] [advSRS4] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
[MD5.081DBA7C93F21B61DF1C5CE9E8AD0522] [APT] [APSchedulerC] (.DoctorSoft.) -- C:\Program Files\AnyPC Client\APLanMgrC.exe
[MD5.21E26DC6538C0C255467312559BEB107] [APT] [BatteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
[MD5.A46796CCF032D35720347262998D1F90] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 06mn AMs
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\windows\system32\wmp.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.1 r102.) -- C:\Windows\System32\Macromed\Flash\Flash11f.ocx
~ Scan Active Setup in 00mn AMs
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\windows\system32\drivers\cdrom.sys
O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\windows\system32\drivers\discache.sys
O41 - Driver: (DRToggleSleep) . (.Windows ® Codename Longhorn DDK provider - Dual-Resume Toggle Sleep.) - C:\Program Files\HyperSpace\DRToggleSleep.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\windows\system32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl2008c4b5) . (.Microsoft Corporation - KSLDriver.) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7492FDC-DA7F-40C6-B4D5-099077405A36}\MpKsl2008c4b5.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\windows\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\windows\system32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 01mn AMs
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: AnyPC Client - (.Doctorsoft.) [HKLM] -- {1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D1434266-0486-4469-B338-A60082CC04E1}
O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPUID HWMonitor 1.19 - (.Pas de propriétaire.) [HKLM] -- CPUID HWMonitor_is1
O42 - Logiciel: ChargeableUSB - (.SAMSUNG.) [HKLM] -- {92D50865-FC60-4EA8-BA7A-5581B0D13EFB}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}
O42 - Logiciel: Easy Resolution Manager - (.Samsung.) [HKLM] -- {45535A5E-1F81-4F35-BE1D-43D10A7D03B4}
O42 - Logiciel: Easy SpeedUp Manager - (.Samsung Electronics Co.,Ltd..) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}
O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HyperSpace - (.Phoenix Technologies.) [HKLM] -- HyperSpace
O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.60.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Motion Perfect 2 - (.Trio Motion Technology Ltd.) [HKLM] -- {1E965CB7-5879-4311-BA45-EED4FA395E37}
O42 - Logiciel: PANATERM - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1
O42 - Logiciel: PID - (.Pas de propriétaire.) [HKLM] -- PID
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: PreSetup HyperSpace - (.Samsung.) [HKLM] -- {4725E135-CF7D-4906-B4D0-D9F5FED44254}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 - Logiciel: REALTEK Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {F2BC3383-F000-410C-A038-3846ADBE8D90}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung Recovery Solution 4 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C20964A7-5181-45E5-9E82-72F5D400DEBF}
O42 - Logiciel: Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{567103D1-96CD-4B76-93B9-2681A187DEFF}
O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: WinMerge 2.12.4 - (.Thingamahoochie Software.) [HKLM] -- WinMerge_is1
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) - (.Broadcom.) [HKLM] -- 755087041320E005CB1E8A67C5C55A260EB81B90
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {C861504E-2F57-4F95-AB0A-C7C7D8E46A4E}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {350FB27C-CF62-4EF3-AF9D-70FF313FE221}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ask.com.tmp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\PID]
[HKCU\Software\Phoenix]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Thingamahoochie]
[HKCU\Software\TrioMotion]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKLM\Software\ASK]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CHECKINSTALLER]
[HKLM\Software\CPUID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\Dr.Soft]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Marvell]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Phoenix Technologies]
[HKLM\Software\Phoenix]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SOFIRUN]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Synaptics]
[HKLM\Software\Thingamahoochie]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 01mn AMs
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2/19/2012 - 3:11:30 PM - [113.052] ----D- C:\Program Files\Adobe
O43 - CFD: 12/10/2009 - 2:36:30 AM - [35.541] ----D- C:\Program Files\AnyPC Client
O43 - CFD: 5/4/2010 - 1:51:58 AM - [2.200] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 12/10/2009 - 2:32:06 AM - [0.001] ----D- C:\Program Files\Atheros Client Installation Program
O43 - CFD: 9/11/2010 - 2:14:12 PM - [0.572] ----D- C:\Program Files\Bonjour
O43 - CFD: 2/18/2012 - 10:11:14 PM - [4.161] ----D- C:\Program Files\CCleaner
O43 - CFD: 2/19/2012 - 3:11:30 PM - [426.030] ----D- C:\Program Files\Common Files
O43 - CFD: 2/19/2012 - 4:12:44 PM - [2.056] ----D- C:\Program Files\CPUID
O43 - CFD: 3/26/2010 - 5:27:42 AM - [76.778] ----D- C:\Program Files\CyberLink
O43 - CFD: 3/26/2010 - 4:50:36 AM - [0.520] ----D- C:\Program Files\DIFX
O43 - CFD: 2/18/2012 - 9:47:52 PM - [3.997] ----D- C:\Program Files\DVD Maker
O43 - CFD: 2/19/2012 - 12:31:28 PM - [5.618] ----D- C:\Program Files\Google
O43 - CFD: 12/11/2009 - 12:39:08 AM - [678.742] ---AD- C:\Program Files\hsinstall
O43 - CFD: 3/28/2010 - 2:25:22 PM - [26.507] ----D- C:\Program Files\HyperSpace
O43 - CFD: 9/20/2010 - 12:11:40 PM - [59.239] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 12/10/2009 - 2:26:18 AM - [4.797] ----D- C:\Program Files\Intel
O43 - CFD: 2/19/2012 - 2:01:48 PM - [6.189] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 9/11/2010 - 2:22:50 PM - [1.770] ----D- C:\Program Files\iPod
O43 - CFD: 9/11/2010 - 2:24:10 PM - [116.182] ----D- C:\Program Files\iTunes
O43 - CFD: 2/18/2012 - 7:28:58 PM - [11.404] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 12/10/2009 - 2:28:18 AM - [2.983] ----D- C:\Program Files\Marvell
O43 - CFD: 11/22/2010 - 9:02:52 PM - [9.300] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 2/19/2012 - 12:24:56 PM - [0.479] ----D- C:\Program Files\Microsoft
O43 - CFD: 7/14/2009 - 5:52:32 AM - [44.813] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 2/18/2012 - 8:03:28 PM - [363.007] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 3/26/2010 - 5:16:10 AM - [7.431] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/13/2011 - 7:48:30 PM - [18.414] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 2/18/2012 - 9:14:48 PM - [36.634] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 3/26/2010 - 5:20:50 AM - [1.745] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 1/1/2011 - 10:32:58 AM - [138.685] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 2/8/2011 - 5:05:38 PM - [7.789] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 7/14/2009 - 5:52:32 AM - [0.025] ----D- C:\Program Files\MSBuild
O43 - CFD: 9/21/2010 - 9:23:00 AM - [5.614] ----D- C:\Program Files\PANATERM
O43 - CFD: 12/10/2009 - 3:02:58 AM - [2.275] ----D- C:\Program Files\Phoenix Technologies Ltd
O43 - CFD: 9/11/2010 - 2:19:18 PM - [72.799] ----D- C:\Program Files\QuickTime
O43 - CFD: 12/10/2009 - 2:27:26 AM - [14.932] ----D- C:\Program Files\Realtek
O43 - CFD: 12/10/2009 - 2:30:28 AM - [7.141] ----D- C:\Program Files\REALTEK Wireless LAN Software
O43 - CFD: 7/14/2009 - 5:52:32 AM - [37.345] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 12/10/2009 - 3:20:00 AM - [408.024] ----D- C:\Program Files\Samsung
O43 - CFD: 2/19/2011 - 7:42:16 PM - [36.236] ----D- C:\Program Files\Samsung Casual Games
O43 - CFD: 9/30/2010 - 2:15:58 PM - [4.723] ----D- C:\Program Files\SOFIRUN
O43 - CFD: 12/10/2009 - 2:32:30 AM - [26.222] ----D- C:\Program Files\Synaptics
O43 - CFD: 12/10/2009 - 2:28:14 AM - [0] --H-D- C:\Program Files\Temp
O43 - CFD: 9/20/2010 - 12:13:54 PM - [15.087] ----D- C:\Program Files\TrioMotion
O43 - CFD: 7/14/2009 - 5:53:24 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 3/26/2010 - 4:50:40 AM - [82.614] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 2/18/2012 - 9:47:48 PM - [2.909] ----D- C:\Program Files\Windows Defender
O43 - CFD: 2/19/2012 - 9:19:26 AM - [186.666] ----D- C:\Program Files\Windows Live
O43 - CFD: 2/18/2012 - 9:47:52 PM - [5.895] ----D- C:\Program Files\Windows Mail
O43 - CFD: 2/18/2012 - 9:47:52 PM - [6.298] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 5:52:32 AM - [11.632] ----D- C:\Program Files\Windows NT
O43 - CFD: 2/18/2012 - 9:47:52 PM - [4.213] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2/18/2012 - 9:47:52 PM - [0.181] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 2/18/2012 - 9:47:52 PM - [5.717] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 9/20/2010 - 12:16:58 PM - [4.347] ----D- C:\Program Files\WinMerge
O43 - CFD: 2/19/2012 - 4:18:30 PM - [10.100] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 2/19/2012 - 3:12:20 PM - [3.651] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 9/11/2010 - 2:22:48 PM - [76.319] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 3/26/2010 - 5:08:50 AM - [0.089] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 12/10/2009 - 2:27:16 AM - [3.452] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2/19/2012 - 1:21:02 PM - [256.112] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 3/26/2010 - 4:56:06 AM - [0.197] ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD: 12/10/2009 - 2:40:34 AM - [4.403] ----D- C:\Program Files\Common Files\Samsung
O43 - CFD: 7/14/2009 - 3:37:06 AM - [0.003] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 3:37:06 AM - [39.200] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/16/2011 - 7:39:30 PM - [0] ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 2/18/2012 - 9:47:50 PM - [42.210] ----D- C:\Program Files\Common Files\System
O43 - CFD: 9/20/2010 - 12:13:56 PM - [0.395] ----D- C:\Program Files\Common Files\TrioMotion
O43 - CFD: 3/26/2010 - 5:16:52 AM - [0] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2/19/2012 - 3:11:52 PM - [136.725] ----D- C:\ProgramData\Adobe
O43 - CFD: 5/4/2010 - 1:51:48 AM - [49.723] ----D- C:\ProgramData\Apple
O43 - CFD: 5/4/2010 - 9:28:58 AM - [61.978] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 9/10/2010 - 6:39:30 PM - [0.008] ----D- C:\ProgramData\CyberLink
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 2/19/2012 - 12:25:30 PM - [0.486] ----D- C:\ProgramData\Google
O43 - CFD: 2/18/2012 - 7:28:34 PM - [6.159] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 9/16/2010 - 5:43:58 PM - [0.006] ----D- C:\ProgramData\McAfee
O43 - CFD: 6/16/2011 - 8:33:16 PM - [0.001] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2/19/2012 - 12:24:56 PM - [478.244] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 2/19/2012 - 1:22:58 PM - [0.054] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 4/16/2010 - 8:09:58 AM - [0.001] ----D- C:\ProgramData\Partner
O43 - CFD: 12/10/2009 - 3:20:48 AM - [0.511] ----D- C:\ProgramData\SAMSUNG
O43 - CFD: 12/10/2009 - 2:59:54 AM - [0.000] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 2/16/2011 - 7:44:46 PM - [0.035] ---AD- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 6/16/2011 - 8:33:16 PM - [14.744] ----D- C:\ProgramData\WinClon
O43 - CFD: 5/4/2010 - 9:31:30 AM - [0.516] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 2/16/2011 - 7:44:48 PM - [0] -SH-D- C:\Users\eed\AppData\Roaming\.#
O43 - CFD: 5/4/2010 - 1:02:48 AM - [3.726] ----D- C:\Users\eed\AppData\Roaming\Adobe
O43 - CFD: 5/4/2010 - 9:36:44 AM - [2.591] ----D- C:\Users\eed\AppData\Roaming\Apple Computer
O43 - CFD: 2/16/2011 - 7:44:14 PM - [0.001] ----D- C:\Users\eed\AppData\Roaming\Go Go Gourmet
O43 - CFD: 3/25/2010 - 11:14:28 PM - [0] ----D- C:\Users\eed\AppData\Roaming\Google
O43 - CFD: 3/26/2010 - 5:29:02 AM - [0] ----D- C:\Users\eed\AppData\Roaming\Identities
O43 - CFD: 3/26/2010 - 8:24:32 AM - [0.001] ----D- C:\Users\eed\AppData\Roaming\Macromedia
O43 - CFD: 2/18/2012 - 7:29:12 PM - [0.004] ----D- C:\Users\eed\AppData\Roaming\Malwarebytes
O43 - CFD: 8/5/2011 - 8:12:50 AM - [7.436] -S--D- C:\Users\eed\AppData\Roaming\Microsoft
O43 - CFD: 2/19/2012 - 12:22:00 PM - [45.351] ----D- C:\Users\eed\AppData\Local\Adobe
O43 - CFD: 5/4/2010 - 1:52:02 AM - [0] ----D- C:\Users\eed\AppData\Local\Apple
O43 - CFD: 5/4/2010 - 9:32:26 AM - [15.554] ----D- C:\Users\eed\AppData\Local\Apple Computer
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Application Data
O43 - CFD: 3/26/2010 - 4:53:08 AM - [0] ----D- C:\Users\eed\AppData\Local\Broadcom
O43 - CFD: 9/2/2011 - 2:03:38 PM - [0] ----D- C:\Users\eed\AppData\Local\Diagnostics
O43 - CFD: 6/8/2011 - 10:05:56 AM - [0] ----D- C:\Users\eed\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2/19/2012 - 12:25:30 PM - [0.353] ----D- C:\Users\eed\AppData\Local\Google
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Historique
O43 - CFD: 2/19/2012 - 12:24:34 PM - [152.451] ----D- C:\Users\eed\AppData\Local\Microsoft
O43 - CFD: 3/26/2010 - 5:05:52 AM - [0] ----D- C:\Users\eed\AppData\Local\Microsoft Help
O43 - CFD: 2/19/2012 - 4:18:46 PM - [9.765] ----D- C:\Users\eed\AppData\Local\Temp
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Temporary Internet Files
O43 - CFD: 10/19/2010 - 4:52:14 PM - [5.000] ----D- C:\Users\eed\AppData\Local\TrioMotion
O43 - CFD: 9/20/2010 - 3:47:56 PM - [0.033] ----D- C:\Users\eed\AppData\Local\VirtualStore
O43 - CFD: 2/19/2012 - 9:26:08 AM - [0.059] ----D- C:\Users\eed\AppData\Local\Windows Live
O43 - CFD: 11/8/2011 - 9:01:32 AM - [0] ----D- C:\Users\eed\AppData\Local\{0E68168D-F0E1-4656-95E0-62A6C92B40E5}
O43 - CFD: 12/10/2011 - 10:16:40 AM - [0] ----D- C:\Users\eed\AppData\Local\{1125E34B-F225-47E3-B9DE-A2909B4C3C57}
O43 - CFD: 2/19/2012 - 9:25:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{151D1C34-5E11-4843-B0E6-2CBA142FF26D}
O43 - CFD: 1/25/2012 - 6:28:52 PM - [0] ----D- C:\Users\eed\AppData\Local\{16455036-9622-4A8C-B708-05DB8F4374F7}
O43 - CFD: 2/4/2012 - 10:30:46 AM - [0] ----D- C:\Users\eed\AppData\Local\{2F71FC75-E231-48A1-950E-900C5B8983FC}
O43 - CFD: 2/19/2012 - 9:26:00 AM - [0] ----D- C:\Users\eed\AppData\Local\{329136AE-3C72-4F1C-9D62-122C4D49AFA5}
O43 - CFD: 2/19/2012 - 8:54:40 AM - [0] ----D- C:\Users\eed\AppData\Local\{3B8023EB-C57F-42A8-873A-394E56A15B9D}
O43 - CFD: 2/19/2012 - 9:01:32 AM - [0] ----D- C:\Users\eed\AppData\Local\{43773723-26AF-4D6B-A905-CCDCB6D74547}
O43 - CFD: 11/11/2011 - 12:35:42 PM - [0] ----D- C:\Users\eed\AppData\Local\{45A4C29D-8232-4FFE-91B0-CEE7AE9F80BC}
O43 - CFD: 12/14/2011 - 5:52:34 PM - [0] ----D- C:\Users\eed\AppData\Local\{5578B24B-AE2C-4536-B5AC-5D667B7DF4D6}
O43 - CFD: 9/25/2011 - 10:41:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{6D14703F-6653-4334-B6E8-4FBD47800FB8}
O43 - CFD: 11/29/2011 - 8:57:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{A8C1B90B-5E2B-4C62-A9FA-B5DCDAE122A7}
O43 - CFD: 9/24/2011 - 12:54:26 PM - [0] ----D- C:\Users\eed\AppData\Local\{AC37CA50-AFA3-4B7A-8369-5860408BD55E}
O43 - CFD: 2/18/2012 - 10:05:48 PM - [0] ----D- C:\Users\eed\AppData\Local\{CA897BB5-B9C3-41DC-9636-1EAB2AFE4687}
~ Scan Program Folder in 13mn AMs
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.24097AF73562086C5DC1B48412F02DA0] - 2/18/2012 - 10:05:24 PM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\windows\system32\FlashPlayerCPLApp.cpl [414368]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/18/2012 - 10:18:14 PM ---A- . (...) -- C:\windows\setuperr.log [0]
O44 - LFC:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 2/18/2012 - 7:28:26 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbam.sys [20464]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 2/19/2012 - 1:26:16 PM ---A- . (...) -- C:\windows\system32\ieuinit.inf [72822]
O44 - LFC:[MD5.0E3723B34B3AAE2C6DE81335E616949C] - 2/19/2012 - 1:27:55 PM ---A- . (...) -- C:\windows\IE9_main.log [4135]
O44 - LFC:[MD5.006271718FE712B0DBF6A1FB5CAD467E] - 2/19/2012 - 2:03:18 PM ---A- . (...) -- C:\windows\PFRO.log [6668]
O44 - LFC:[MD5.FD7E6F9DCCD7FEEBDD6E8D3F14AD24F8] - 2/19/2012 - 3:28:10 PM ---A- . (...) -- C:\windows\setupact.log [392]
O44 - LFC:[MD5.7F83667EB04C005F699CD335634CC15D] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\PerfStringBackup.INI [1556228]
O44 - LFC:[MD5.AA9B823195F79775B12B175C44162840] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfc009.dat [107388]
O44 - LFC:[MD5.A0F48C209AE3D20F313C7F88395375E2] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfc00C.dat [131754]
O44 - LFC:[MD5.695EBACCDD16896E6E136093ABFD3647] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfh009.dat [618108]
O44 - LFC:[MD5.C88AB0BFF5F4E6A3D93F01B1C68D9A89] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfh00C.dat [706580]
O44 - LFC:[MD5.A02F182F97D41E16DE774C74DA389A3B] - 2/19/2012 - 4:02:46 PM -S-A- . (...) -- C:\windows\bootstat.dat [67584]
O44 - LFC:[MD5.8D7AD6E32A9ABA416EBCC83D89A68609] - 2/19/2012 - 4:02:52 PM ---A- . (...) -- C:\windows\WindowsUpdate.log [1076544]
O44 - LFC:[MD5.3411FDF098AA20193EEE5FFA36BA43B2] - 2/19/2012 - 4:12:43 PM ---A- . (.CPUID - CPUID Driver.) -- C:\windows\system32\drivers\cpuz135_x32.sys [21992]
O44 - LFC:[MD5.CB7B54150C2CF8915CE80FF207ED8F2D] - 2/19/2012 - 8:59:24 AM ---A- . (...) -- C:\windows\system32\FNTCACHE.DAT [334696]
~ Scan Files in 19mn AMs
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll
~ Scan Keys in 00mn AMs
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn AMs
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn AMs
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APLangApp [Key] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe
O53 - SMSR:HKLM\...\startupreg\hscontrolcenter [Key] . (.Phoenix Technologies - HyperSpace Control Center Application.) -- C:\Program Files\HyperSpace\HSControlCenter.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O53 - SMSR:HKLM\...\startupreg\UCam_Menu [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
~ Scan SMSR Keys in 00mn AMs
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll
~ Scan Keys in 00mn AMs
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn AMs
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 7/14/2009 - 2:26:17 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 7/14/2009 - 2:26:15 AM ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.D320BF87125326F996D4904FE24300FC] - 3/11/2011 - 6:38:37 AM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 7/14/2009 - 2:26:15 AM ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 3/11/2011 - 6:38:37 AM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.49F17A2E79469BE6581D491706720671] - 12/13/2011 - 3:32:24 AM ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\windows\system32\drivers\athr.sys [2228224]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 7/13/2009 - 11:02:49 PM ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 7/14/2009 - 1:57:25 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 7/13/2009 - 11:53:32 PM ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.92C5B845803F3662637EB691AC0B250F] - 7/1/2009 - 9:46:20 PM ---A- . (.Broadcom Corporation. - Widcomm Bluetooth USB Filter for Windows XP.) -- C:\windows\system32\drivers\btusbflt.sys [43944]
O58 - SDL:[MD5.7E826BE3B3558208D5C9B00034E51BE5] - 10/2/2009 - 5:47:40 PM ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\system32\drivers\btwaudio.sys [86056]
O58 - SDL:[MD5.AF9148C3E844131AC954CB53FF43D971] - 8/29/2009 - 4:15:16 AM ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\system32\drivers\btwavdt.sys [108072]
O58 - SDL:[MD5.AAFD7CB76BA61FBB08E302DA208C974A] - 4/8/2009 - 12:32:50 AM ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\system32\drivers\btwl2cap.sys [29472]
O58 - SDL:[MD5.480B3D195854B2E55299CDDDDC50BCF9] - 8/29/2009 - 4:15:12 AM ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\system32\drivers\btwrchid.sys [18472]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 7/14/2009 - 2:26:21 AM ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.3411FDF098AA20193EEE5FFA36BA43B2] - 9/21/2011 - 10:25:34 AM ---A- . (.CPUID - CPUID Driver.) -- C:\windows\system32\drivers\cpuz135_x32.sys [21992]
O58 - SDL:[MD5.C914D18AB66B132E9C73F19F8F805F1F] - 5/1/2009 - 3:41:06 PM ---A- . (.Phoenix Technologies Ltd. - CryptOSD Device Driver.) -- C:\windows\system32\drivers\CryptOSD.sys [384896]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 7/14/2009 - 2:20:28 AM ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 7/14/2009 - 2:20:28 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 5/18/2009 - 12:17:00 PM ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 7/13/2009 - 11:54:14 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 7/14/2009 - 2:20:28 AM ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.D483687EACE0C065EE772481A96E05F5] - 6/4/2009 - 10:43:16 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStor.sys [330264]
O58 - SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 3/11/2011 - 6:38:51 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.BA41E1BBA410212CE6D30E0DAC47972B] - 10/25/2010 - 4:10:06 AM ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\system32\drivers\igdkmd32.sys [4807168]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 7/14/2009 - 2:20:36 AM ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 7/14/2009 - 2:20:37 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 12/10/2011 - 3:24:06 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbam.sys [20464]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 7/14/2009 - 2:20:44 AM ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 3/11/2011 - 6:39:00 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 3/11/2011 - 6:39:00 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.7DFD48E24479B68B258D8770121155A0] - 7/13/2009 - 11:02:52 PM ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\windows\system32\drivers\Rt86win7.sys [139776]
O58 - SDL:[MD5.7CB41A5E5C24F9F50E6533693E2BB74D] - 11/18/2009 - 5:02:32 AM ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\windows\system32\drivers\RTKVHDA.sys [2807392]
O58 - SDL:[MD5.4B575EA3FE9781DDBCE04DE0A6D3E715] - 11/13/2009 - 11:58:20 PM ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\windows\system32\drivers\rtl819xp.sys [546816]
O58 - SDL:[MD5.6E5FBB7CBAEC47038B945D5E9B144A64] - 5/28/2009 - 7:38:12 AM ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\windows\system32\drivers\SABI.sys [10752]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 7/13/2009 - 9:50:20 PM ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.AC1F2A09B76B57356F906EEDA43CCC2A] - 3/12/2010 - 5:22:18 PM ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\windows\system32\drivers\ser2pl.sys [81920]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 7/14/2009 - 2:19:04 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.215A45246C6E2D0A9C263CE1786C8D8A] - 10/10/2009 - 4:16:30 AM ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\windows\system32\drivers\SynTP.sys [229424]
O58 - SDL:[MD5.919EA416C810C2CD536C1554551620DE] - 10/6/2009 - 7:30:24 AM ---A- . (.Trio Motion Technology Ltd - PCI Motion Coordinator Kernel Driver.) -- C:\windows\system32\drivers\TrioPCI.sys [22784]
O58 - SDL:[MD5.9AF9A740FFD591ACB459DE6AEF5196FA] - 10/6/2009 - 7:30:22 AM ---A- . (.Trio Motion Technology - Trio Motion Technology USB Link.) -- C:\windows\system32\drivers\TrioUSB.sys [9984]
O58 - SDL:[MD5.E8C1B9EBAC65288E1B51E8A987D98AF6] - 4/16/2010 - 7:33:36 AM ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\windows\system32\drivers\usbaapl.sys [41472]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 7/14/2009 - 2:19:10 AM ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 7/14/2009 - 2:19:11 AM ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 9/28/2009 - 10:22:00 AM ---A- . (...) -- C:\windows\system32\drivers\yk62x86.sys [315392]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 7/13/2009 - 10:40:41 PM ---A- . (...) -- C:\windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 7/13/2009 - 10:40:44 PM ---A- . (...) -- C:\windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 7/13/2009 - 10:40:40 PM ---A- . (...) -- C:\windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 7/13/2009 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 7/13/2009 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 7/13/2009 - 10:40:23 PM ---A- . (...) -- C:\windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 7/13/2009 - 10:40:31 PM ---A- . (...) -- C:\windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 7/13/2009 - 10:40:35 PM ---A- . (...) -- C:\windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 7/13/2009 - 10:40:39 PM ---A- . (...) -- C:\windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 7/13/2009 - 10:40:27 PM ---A- . (...) -- C:\windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 7/13/2009 - 10:40:11 PM ---A- . (...) -- C:\windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 7/13/2009 - 10:40:15 PM ---A- . (...) -- C:\windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 7/13/2009 - 10:40:17 PM ---A- . (...) -- C:\windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 7/13/2009 - 10:40:19 PM ---A- . (...) -- C:\windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 7/13/2009 - 10:40:13 PM ---A- . (...) -- C:\windows\system32\NTIO804.SYS [34672]
O58 - SDL:[MD5.A16FB34E56C781DC56BE7492315655B9] - 8/3/2005 - 3:05:02 PM ---A- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\windows\system32\SER9PL.sys [35892]
~ Scan Drivers in 45mn AMs
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn AMs
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 4/25/2011 - C:\windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 11/17/2011 - C:\windows\system32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 9/21/2011 - C:\windows\system32\drivers\cpuz135_x32.sys (cpuz135) .(.CPUID - CPUID Driver.) - LEGACY_CPUZ135
O64 - Services: CurCS - 12/7/2009 - C:\Program Files\HyperSpace\DRToggleSleep.sys (DRToggleSleep) .(.Windows ® Codename Longhorn DDK provider - Dual-Resume Toggle Sleep.) - LEGACY_DRTOGGLESLEEP
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 12/10/2011 - C:\windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\DRIVERS\parvdm.sys (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM
O64 - Services: CurCS - 12/7/2009 - C:\Program Files\HyperSpace\PhnxBldr.sys (PhnxBldr) .(.Phoenix Technologies Ltd. - Windows 2K/XP Virtual CD.) - LEGACY_PHNXBLDR
O64 - Services: CurCS - 7/14/2009 - C:\windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 5/28/2009 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - 12/30/1899 - C:\windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 4/29/2011 - C:\windows\system32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
~ Scan Services in 00mn AMs
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\system32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\system32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn AMs
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
~ Scan Keys in 00mn AMs
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Scan Keys in 00mn AMs
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\windows\system32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\system32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\system32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\windows\system32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\windows\system32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\windows\system32\ikeext.dll [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\windows\system32\Audiosrv.dll [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\windows\system32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\windows\system32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\windows\system32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\windows\system32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\windows\system32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\windows\system32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\windows\system32\termsrv.dll [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\windows\system32\wuaueng.dll [1914368]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\windows\system32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\windows\system32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\windows\system32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\windows\system32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\windows\system32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\windows\system32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\windows\system32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\windows\system32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\windows\system32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\windows\system32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\windows\system32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\windows\system32\browser.dll [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\windows\system32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\windows\system32\bdesvc.dll [76800]
~ Scan Services in 00mn AMs
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.197215658B8015182192E1EBCA3BBCC3] [SPRF][1/7/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\eed\AppData\Local\Temp\AskSLib.dll [246440]
[MD5.A9093D00852BCFD65906C653331093EC] [SPRF][2/19/2012] (...) -- C:\Users\eed\AppData\Local\Temp\Uninst.bat [466]
[MD5.938DE7D5FA2E16401475390994ACB89A] [SPRF][2/19/2012] (...) -- C:\Users\eed\Desktop\adwcleaner.exe [593083]
~ Scan Files in 00mn AMs
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{F2C2C0C8-F330-4465-80B6-DB75DAFE8CB0}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{8D9B9979-0D13-474F-B710-804A4A0399A7}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{AD0865A5-3C08-40B7-825A-91E682D4BF5F}" | In - Public - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{E18921A2-C643-4598-80FC-A8CECBC79BF6}" | In - Public - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{8A54E6F2-51D3-4F61-88E6-2F4A566BF76B}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{10FAB8A6-A85B-4E0E-BFD2-18808BEB3F4F}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
~ Scan Firewall in 02mn AMs
---\\ Scan Additionnel (O88)
Database Version : 9066 - (05/02/2012)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Ask.com.tmp] =>Toolbar.Ask
~ Scan Additionnel in 20mn AMs
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 1/3/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 8/13/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Disabled 7/27/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 10/2/2009 595232 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Disabled 3/25/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 3/25/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 13824 | (HS Service Launcher) . (...) - C:\Program Files\HyperSpace\HSServiceLauncher.exe
SS - | Disabled 9/1/2010 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Demand 1/13/2012 652360 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 1/15/2010 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SS - | Disabled 311296 | (Rezip) . (...) - C:\Windows\System32\Rezip.exe
SR - | Auto 7/14/2009 20992 | C:\windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 22mn AMs
End of the scan (1125 lines in 27mn AMs)(0)
Rapport de ZHPDiag v1.28.32 par Nicolas Coolman, Update du 05/02/2012
Run by eed at 2/19/2012 4:18:11 PM
Web site : http://www.premiumor...ss/zhpdiag.html
Web site : http://nicolascoolman.skyrock.com/
State : Version à jour.
---\\ Web Browser
MSIE: Internet Explorer v9.0.8112.16421 (Defaut)
---\\ Windows Product Information
~ Langage: Français
Windows 7 Starter Edition, 32-bit Service Pack 1 (Build 7601)
Windows Server License Manager Script : OK
~ Windows® 7, OEM_SLP channel
System Locked Preinstallation (OEM_SLP) : OK
Windows ID Activation : OK
~ Windows Partial Key : X8XG7
Windows License : OK
~ Windows Remaining Initializations Number : 4
Software Protection Service (Protection logicielle) : OK
Windows Automatic Updates : OK
Windows Activation Technologies : OK
---\\ System Information
~ Processor: x86 Family 6 Model 28 Stepping 10, GenuineIntel
~ Operating System: 32 Bits
Boot mode: Normal (Normal boot)
Total RAM: 1013.3 MB (31% free)
System Restore: Activé (Enable)
System drive C: has 83 GB (76%) free of 109 GB
---\\ Logged in mode
~ Computer Name: LOLO-PC
~ User Name: eed
~ All Users Names: eed, Administrateur,
~ Unselected Option: O45,O61,O62,O65,O66,O80,O82,O89
Logged in as Administrator
---\\ Environnement Variables
~ System Unit : C:\
~ %AppData% : C:\Users\eed\AppData\Roaming\
~ %Desktop% : C:\Users\eed\Desktop\
~ %Favorites% : C:\Users\eed\Favorites\
~ %LocalAppData% : C:\Users\eed\AppData\Local\
~ %StartMenu% : C:\Users\eed\AppData\Roaming\Microsoft\Windows\Start Menu\
~ %Windir% : C:\windows\
~ %System% : C:\windows\system32\
---\\ DOS/Devices
C:\ Hard drive, Flash drive, Thumb drive (Free 83 Go of 109 Go)
D:\ Hard drive, Flash drive, Thumb drive (Free 76 Go of 105 Go)
---\\ Security Center & Tools Informations
[HKLM\SOFTWARE\Microsoft\Security Center] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UpdatesDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Security Center\Svc] UacDisableNotify: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System] NoActiveDesktopChanges: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowSearch: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced] Start_ShowMyComputer: OK
[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] Load: OK
[HKLM\SYSTEM\CurrentControlSet\Services] wscsvc : OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install] LastSuccessTime : Out Of Date
~ Scan Security Center in 00mn AMs
---\\ Recherche particulière de fichiers génériques
[MD5.8B88EBBB05A0E56B7DCC708498C02B3E] - (.Microsoft Corporation - Explorateur Windows.) (.2/25/2011 - 6:30:54 AM.) -- C:\windows\Explorer.exe [2616320]
[MD5.51138BEEA3E2C21EC44D0932C71762A8] - (.Microsoft Corporation - Processus hôte Windows (Rundll32).) (.7/14/2009 - 2:14:31 AM.) -- C:\windows\system32\rundll32.exe [44544]
[MD5.B5C5DCAD3899512020D135600129D665] - (.Microsoft Corporation - Application de démarrage de Windows.) (.7/14/2009 - 2:14:45 AM.) -- C:\windows\system32\Wininit.exe [96256]
[MD5.1D94FA7C81D2FFE494AF094619BA706F] - (.Microsoft Corporation - Extensions Internet pour Win32.) (.2/19/2012 - 1:26:22 PM.) -- C:\windows\system32\wininet.dll [1127424]
[MD5.6D13E1406F50C66E2A95D97F22C47560] - (.Microsoft Corporation - Application d’ouverture de session Windows.) (.11/20/2010 - 1:17:54 PM.) -- C:\windows\system32\Winlogon.exe [286720]
[MD5.E3AE23569749DE12D45BA3B489A036AE] - (.Microsoft Corporation - Bibliothèque de licences.) (.11/20/2010 - 1:21:24 PM.) -- C:\windows\system32\sppcomapi.dll [193536]
[MD5.129F80D7868E30DF3E3DE33A1D3132B4] - (.Microsoft Corporation - DLL client de l’API uilisateur de Windows multi-utilisateurs.) (.11/20/2010 - 1:08:50 PM.) -- C:\windows\system32\fr-FR\user32.dll.mui [20480]
[MD5.9EBBBA55060F786F0FCAA3893BFA2806] - (.Microsoft Corporation - Ancillary Function Driver for WinSock.) (.4/25/2011 - 3:18:03 AM.) -- C:\windows\system32\drivers\AFD.sys [338944]
[MD5.338C86357871C167A96AB976519BF59E] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.7/14/2009 - 2:26:15 AM.) -- C:\windows\system32\drivers\atapi.sys [21584]
[MD5.77EA11B065E0A8AB902D78145CA51E10] - (.Microsoft Corporation - CD-ROM File System Driver.) (.7/14/2009 - 12:11:15 AM.) -- C:\windows\system32\drivers\Cdfs.sys [70656]
[MD5.BE167ED0FDB9C1FA1133953C18D5A6C9] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.11/20/2010 - 9:38:10 AM.) -- C:\windows\system32\drivers\Cdrom.sys [108544]
[MD5.F024449C97EC1E464AAFFDA18593DB88] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.11/20/2010 - 9:42:32 AM.) -- C:\windows\system32\drivers\DfsC.sys [78336]
[MD5.9036377B8A6C15DC2EEC53E489D159B5] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.11/20/2010 - 10:59:29 AM.) -- C:\windows\system32\drivers\HDAudBus.sys [108544]
[MD5.F151F0BDC47F4A28B1B20A0818EA36D6] - (.Microsoft Corporation - Pilote de port i8042.) (.7/14/2009 - 12:11:24 AM.) -- C:\windows\system32\drivers\i8042prt.sys [80896]
[MD5.A5FA468D67ABCDAA36264E463A7BB0CD] - (.Microsoft Corporation - IP Network Address Translator.) (.7/14/2009 - 12:54:29 AM.) -- C:\windows\system32\drivers\IpNat.sys [101888]
[MD5.5D16C921E3671636C0EBA3BBAAC5FD25] - (.Microsoft Corporation - Windows NT SMB Minirdr.) (.4/27/2011 - 3:17:22 AM.) -- C:\windows\system32\drivers\MRxSmb.sys [123904]
[MD5.280122DDCF04B378EDD1AD54D71C1E54] - (.Microsoft Corporation - MBT Transport driver.) (.11/20/2010 - 9:39:44 AM.) -- C:\windows\system32\drivers\netBT.sys [187904]
[MD5.81189C3D7763838E55C397759D49007A] - (.Microsoft Corporation - Pilote du système de fichiers NT.) (.3/11/2011 - 6:39:00 AM.) -- C:\windows\system32\drivers\ntfs.sys [1211264]
[MD5.2EA877ED5DD9713C5AC74E8EA7348D14] - (.Microsoft Corporation - Pilote de port parallèle.) (.7/14/2009 - 12:45:35 AM.) -- C:\windows\system32\drivers\Parport.sys [79360]
[MD5.D9F91EAFEC2815365CBE6D167E4E332A] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.7/14/2009 - 12:54:34 AM.) -- C:\windows\system32\drivers\Rasl2tp.sys [78848]
[MD5.3E21C083B8A01CB70BA1F09303010FCE] - (.Microsoft Corporation - SMB Transport driver.) (.7/14/2009 - 12:53:41 AM.) -- C:\windows\system32\drivers\smb.sys [71168]
[MD5.B459575348C20E8121D6039DA063C704] - (.Microsoft Corporation - TDI Translation Driver.) (.11/20/2010 - 9:39:17 AM.) -- C:\windows\system32\drivers\tdx.sys [74752]
[MD5.F497F67932C6FA693D7DE2780631CFE7] - (.Microsoft Corporation - Pilote de cliché instantané du volume.) (.11/20/2010 - 1:30:16 PM.) -- C:\windows\system32\drivers\volsnap.sys [245632]
~ Scan Generic Processes in 00mn AMs
---\\ Etat des fichiers cachés (Caché/Total)
~ Mes musiques (My Musics) : 41/71
~ Mes Videos (My Videos) : 1/2
~ Mes Favoris (My Favorites) : Non accessible (Not found)
~ Mes Documents (My Documents) : 8/15
~ Mon Bureau (My Desktop) : 1/94
~ Menu demarrer (Programs) : 6/25
~ Scan Hidden Files in 00mn AMs
---\\ Processus lancés
[MD5.A46796CCF032D35720347262998D1F90] - (.Samsung Electronics Co., Ltd. - Easy Display Manager.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [835072] [PID.3372]
[MD5.06F7D67EC4D15F11A2923268BAA937D3] - (...) -- C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [300912] [PID.3188]
[MD5.8A0B0E4102C2CCA25DA3134FE12FCC3E] - (.SAMSUNG Electronics - SSCKbdHk.) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [91136] [PID.2972]
[MD5.E3735DC796E5183D63F35921B058934C] - (.Samsung Electronics Co., Ltd. - EasySpeedUpManager.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [716800] [PID.3484]
[MD5.01546BF0647BA0CB253A5F38A4B8FBC4] - (.Intel Corporation - igfxext Module.) -- C:\windows\system32\igfxext.exe [173080] [PID.3892]
[MD5.3EE8375B1063CF4A0C4353123F4129C5] - (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1578280] [PID.3944]
[MD5.981E3DCB80E50011EB2D528BEC9AD782] - (.SEC - Samsung Recovery Solution 4.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2247168] [PID.3932]
[MD5.0BA966FD5349BDF9895F40C045A7C7EC] - (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe [141848] [PID.3700]
[MD5.13B671D7253F29DA148569288CECF74B] - (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe [173592] [PID.3960]
[MD5.052F402E557C9EC01B188AD56E336029] - (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe [150552] [PID.3888]
[MD5.2B3DB9C9D7E206CFCF3E327709BEF3AD] - (.Intel Corporation - igfxsrvc Module.) -- C:\windows\system32\igfxsrvc.exe [252952] [PID.3708]
[MD5.428F4A9D4CB5816030F88F3DD7595675] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [103720] [PID.2388]
[MD5.904E13BA41AF2E353A32CF351CA53639] - (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe [748336] [PID.2228]
[MD5.E9E2FA0896ABDBBE1CBD9E5D421511D7] - (.Adobe Systems, Inc. - Adobe® Flash® Player Installer/Uninstaller.) -- C:\windows\system32\Macromed\Flash\FlashUtil11f_ActiveX.exe [250016] [PID.1156]
[MD5.4309B75F125067EF805F3125B01FCC30] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [2210816] [PID.1904]
~ Scan Processes Running in 01mn AMs
---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)
P2 - FPN: [HKLM] [@Apple.com/iTunes,version=1.0] - (...) -- C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.1.10111.0.) -- C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3502.0922] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=15.4.3538.0513] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll
P2 - FPN: [HKLM] [Adobe Reader] - (.Adobe Systems Inc. - Adobe PDF Plug-In For Firefox and Netscape 10.1.2.) -- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
~ Scan Firefox Browser in 00mn AMs
---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Navigateur Internet.) (9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)) -- C:\Windows\System32\ieframe.dll
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 1
~ Scan IE Browser in 00mn AMs
---\\ Internet Explorer, Proxy Management (R5)
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll
~ Scan Proxy management in 00mn AMs
---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,
F2 - REG:system.ini: VMApplet=C:\windows\system32\SystemPropertiesPerformance.exe
~ Scan Keys in 00mn AMs
---\\ Redirection du fichier Hosts (O1)
~ Le fichier hosts est sain (The hosts file is clean).
~ Scan Hosts File in 00mn AMs
~ Nombre de lignes (Lines number): 21
---\\ Browser Helper Objects de navigateur (O2)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} . (.Adobe Systems Incorporated - Adobe PDF Helper for Internet Explorer.) -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corp. - Microsoft® Windows Live ID Login Helper.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} . (.Microsoft Corporation - Windows Live Messenger Companion Core.) -- C:\Program Files\Windows Live\Companion\companioncore.dll
~ Scan BHO in 00mn AMs
---\\ Applications démarrées par registre & par dossier (O4)
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- C:\Program Files\Microsoft Security Client\msseces.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] . (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
O4 - HKLM\..\Run: [IgfxTray] . (.Intel Corporation - igfxTray Module.) -- C:\Windows\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] . (.Intel Corporation - hkcmd Module.) -- C:\Windows\System32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] . (.Intel Corporation - persistence Module.) -- C:\Windows\System32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe ARM] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
O4 - HKCU\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] . (.Microsoft Corporation - Gadgets du Bureau Windows.) -- C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-21-3948093705-1484294097-1952622497-1000\..\Run: [msnmsgr] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] . (.Microsoft Corporation - MCTAdmin.) -- C:\Windows\System32\mctadmin.exe
~ Scan Application in 00mn AMs
---\\ Autres liens utilisateurs (O4)
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\Desktop\Configure Hyperspace.lnk . (.Phoenix Technologies.) -- C:\Program Files\HyperSpace\HSControlCenter.exe
O4 - Global Startup: C:\Users\eed\Desktop\CyberLink YouCam.lnk . (.CyberLink Corp..) -- C:\Program Files\CyberLink\YouCam\YouCam.exe
O4 - Global Startup: C:\Users\eed\Desktop\Internet Explorer.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\Desktop\Pid.lnk . (.SOFIRUN.) -- C:\Program Files\SOFIRUN\PID\Pid.exe
O4 - Global Startup: C:\Users\eed\Desktop\Switch to Hyperspace.lnk . (.Phoenix Technologies.) -- C:\Program Files\HyperSpace\SwitchToHyperSpace.exe
O4 - Global Startup: C:\Users\eed\Desktop\Votre avis nous intéresse.lnk - Clé orpheline
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk . (.Microsoft Corporation.) -- C:\Program Files\Internet Explorer\iexplore.exe
O4 - Global Startup: C:\Users\eed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WinMerge.lnk . (.http://winmerge.org.) -- C:\Program Files\WinMerge\WinMergeU.exe
~ Scan Global Startup in 00mn AMs
---\\ Invisibilité de l'icône d'options IE dans le panneau de Configuration (O5)
O5 - control.ini: [HKLM\..\Control Panel] inetcpl.cpl=no
~ Scan IE Control Panel in 00mn AMs
---\\ Lignes supplémentaires dans le menu contextuel d'Internet Explorer (O8)
O8 - Extra context menu item: E&xporter vers Microsoft Excel . (.Microsoft Corporation - Microsoft Office Excel.) -- C:\Program Files\MICROS~3\Office12\EXCEL.exe
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Google Sidewiki... - (.not file.) - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll
~ Scan IE Menu Contextuel in 00mn AMs
---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} . (.Microsoft Corporation - Windows Live Messenger Companion core resources.) -- C:\Program Files\Windows Live\Companion\companion
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBro
O9 - Extra button: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} . (.Microsoft Corporation - Microsoft Office OneNote Internet Explorer Add-in.) -- C:\Program Files\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Envoyer à OneNote - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\Program Files\Microsoft Office\Office12\REFBARH.ICO
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} . (...) -- C:\Program Files\WIDCOMM\Bluetooth Software\bt_hot_icon.ico
~ Scan IE Extra Buttons in 00mn AMs
---\\ Winsock hijacker (Layered Service Provider) (O10)
O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\System32\nlaapi.dll
O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d’affectation de noms de messagerie.) -- C:\Windows\System32\NapiNSP.dll
O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\System32\pnrpnsp.dll
O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\Windows\System32\wshbth.dll
O10 - WLSP:\000000000006\Winsock LSP File . (.Apple Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll
O10 - WLSP:\000000000007\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\System32\mswsock.dll
O10 - WLSP:\000000000008\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\System32\winrnr.dll
O10 - WLSP:\000000000009\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.dll
O10 - WLSP:\000000000010\Winsock LSP File . (.Microsoft Corp. - Microsoft® Windows Live ID Namespace Provider.) -- C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.dll
~ Scan Winsock in 00mn AMs
---\\ Objets ActiveX (Downloaded Program Files)(O16)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.ad...Plus/1.6/gp.cab
~ Scan Objets ActiveX in 00mn AMs
---\\ Modification Domaine/Adresses DNS (O17)
O17 - HKLM\System\CCS\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{B00A59B9-048B-4036-90A5-8A7E381BCD62}: DhcpNameServer = 192.168.0.1
~ Scan Domain in 00mn AMs
---\\ Protocole additionnel (O18)
O18 - Handler: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\System32\inetcomm.dll
O18 - Handler: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - Extensions OLE32 pour Win32.) -- C:\Windows\System32\urlmon.dll
O18 - Handler: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} . (.Microsoft Corporation - Microsoft® Help Data Services Module.) -- C:\Program Files\Common Files\microsoft shared\Help\hxds.dll
O18 - Handler: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Windows\System32\itss.dll
O18 - Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} . (.Microsoft Corporation - Microsoft® InfoTech Storage System Library.) -- C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll
O18 - Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} . (.Microsoft Corporation - Windows Live Messenger Protocol Handler Mod.) -- C:\Program Files\Windows Live\Messenger\msgrapp.dll
O18 - Handler: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - Contrôle ActiveX pour le flux vidéo.) -- C:\Windows\System32\MSVidCtl.dll
O18 - Handler: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Visionneuse HTML Microsoft ®.) -- C:\Windows\System32\mshtml.dll
O18 - Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} . (.Microsoft Corporation - Windows Live Mail.) -- C:\Program Files\Windows Live\Mail\mailcomm.dll
O18 - Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (.Microsoft Corporation - Windows Live Album Download Protocol Handle.) -- C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/octet-stream - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-complus - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: application/x-msdownload - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll
O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} . (.Microsoft Corporation - Microsoft Office XML MIME Filter.) -- C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.dll
~ Scan Protocole Additionnel in 00mn AMs
---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)
O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\windows\system32\igfxdev.dll
~ Scan Winlogon in 00mn AMs
---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
~ Scan SSODL in 00mn AMs
---\\ Liste des services NT non Microsoft et non désactivés (O23)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) . (.Adobe Systems Incorporated - Adobe Acrobat Update Service.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
~ Scan Services in 00mn AMs
---\\ Enumération Active Desktop & MHTML Editor (O24)
O24 - Default MHTML Editor: Last - .(...) - (.not file.)
~ Scan Desktop Component in 00mn AMs
---\\ BootExecute (O34)
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
~ Scan Keys in 00mn AMs
---\\ Tâches planifiées en automatique (O39)
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[MD5.981E3DCB80E50011EB2D528BEC9AD782] [APT] [advSRS4] (.SEC.) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
[MD5.081DBA7C93F21B61DF1C5CE9E8AD0522] [APT] [APSchedulerC] (.DoctorSoft.) -- C:\Program Files\AnyPC Client\APLanMgrC.exe
[MD5.21E26DC6538C0C255467312559BEB107] [APT] [BatteryLifeExtender] (.Samsung Electronics. Co. Ltd..) -- C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe
[MD5.A46796CCF032D35720347262998D1F90] [APT] [EasyDisplayMgr] (.Samsung Electronics Co., Ltd..) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.8F0DE4FEF8201E306F9938B0905AC96A] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe
[MD5.187E0D2AB859AD03393DDD731076BE81] [APT] [AppleSoftwareUpdate] (.Apple Inc..) -- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
~ Scan Scheduled Task in 06mn AMs
---\\ Composants installés (ActiveSetup Installed Components) (O40)
O40 - ASIC: Internet Explorer - >{26923b43-4d38-484f-9b9e-de460746276c} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: Browser Customizations - >{60B49E34-C7CC-11D0-8953-00A0C90347FF} . (.Microsoft Corporation - Personnalisation d’IEAK.) -- C:\Windows\System32\iedkcs32.dll
O40 - ASIC: Microsoft Windows Media Player 12.0 - {22d6f312-b0f6-11d0-94ab-0080c74c7e95} . (.Microsoft Corporation - Windows Media Player Extension.) -- C:\Windows\System32\wmpdxm.dll
O40 - ASIC: Microsoft Windows Media Player - {6BF52A52-394A-11d3-B153-00C04F79FAA6} . (.Microsoft Corporation - Windows Media Player.) -- C:\windows\system32\wmp.dll
O40 - ASIC: Web Platform Customizations - {89820200-ECBD-11cf-8B85-00AA005B4383} . (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O40 - ASIC: (no name) - {89B4C1CD-B018-4511-B0A1-5476DBF70820} . (.Microsoft Corporation - Microsoft .NET IE SECURITY REGISTRATION.) -- C:\Windows\system32\mscories.dll
O40 - ASIC: Adobe Flash Player - {D27CDB6E-AE6D-11CF-96B8-444553540000} . (.Adobe Systems, Inc. - Adobe Flash Player 11.1 r102.) -- C:\Windows\System32\Macromed\Flash\Flash11f.ocx
~ Scan Active Setup in 00mn AMs
---\\ Pilotes lancés au démarrage (O41)
O41 - Driver: C:\windows\system32\drivers\afd.sys (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\windows\system32\drivers\afd.sys
O41 - Driver: (blbdrive) . (.Microsoft Corporation - BLB Drive Driver.) - C:\windows\system32\DRIVERS\blbdrive.sys
O41 - Driver: (cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\windows\system32\drivers\cdrom.sys
O41 - Driver: C:\windows\system32\drivers\dfsc.sys (DfsC) . (.Microsoft Corporation - DFS Namespace Client Driver.) - C:\windows\system32\Drivers\dfsc.sys
O41 - Driver: C:\windows\system32\drivers\discache.sys (discache) . (.Microsoft Corporation - System Indexer/Cache Driver.) - C:\windows\system32\drivers\discache.sys
O41 - Driver: (DRToggleSleep) . (.Windows ® Codename Longhorn DDK provider - Dual-Resume Toggle Sleep.) - C:\Program Files\HyperSpace\DRToggleSleep.sys
O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\windows\system32\DRIVERS\MpFilter.sys
O41 - Driver: (MpKsl2008c4b5) . (.Microsoft Corporation - KSLDriver.) - c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D7492FDC-DA7F-40C6-B4D5-099077405A36}\MpKsl2008c4b5.sys
O41 - Driver: (mssmbios) . (.Microsoft Corporation - System Management BIOS Driver.) - C:\windows\system32\drivers\mssmbios.sys
O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\windows\system32\DRIVERS\netbios.sys
O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\windows\system32\DRIVERS\netbt.sys
O41 - Driver: C:\windows\system32\drivers\nsiproxy.sys (nsiproxy) . (.Microsoft Corporation - NSI Proxy.) - C:\windows\system32\drivers\nsiproxy.sys
O41 - Driver: C:\windows\system32\drivers\pacer.sys (Psched) . (.Microsoft Corporation - Planificateur de paquets QoS.) - C:\windows\system32\DRIVERS\pacer.sys
O41 - Driver: C:\windows\system32\wkssvc.dll (rdbss) . (.Microsoft Corporation - Pilote du sous-système de mise en mémoire t.) - C:\windows\system32\DRIVERS\rdbss.sys
O41 - Driver: C:\windows\system32\DRIVERS\RDPCDD.sys (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\windows\system32\DRIVERS\RDPCDD.sys
O41 - Driver: C:\windows\system32\drivers\RDPENCDD.sys (RDPENCDD) . (.Microsoft Corporation - RDP Encoder Miniport.) - C:\windows\system32\drivers\rdpencdd.sys
O41 - Driver: C:\windows\system32\drivers\RdpRefMp.sys (RDPREFMP) . (.Microsoft Corporation - RDP Reflector Driver Miniport.) - C:\windows\system32\drivers\rdprefmp.sys
O41 - Driver: (SABI) . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - C:\windows\system32\Drivers\SABI.sys
O41 - Driver: C:\windows\system32\tcpipcfg.dll (tdx) . (.Microsoft Corporation - TDI Translation Driver.) - C:\windows\system32\DRIVERS\tdx.sys
O41 - Driver: (TermDD) . (.Microsoft Corporation - Remote Desktop Server Driver.) - C:\windows\system32\drivers\termdd.sys
O41 - Driver: (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\windows\system32\drivers\vga.sys
O41 - Driver: (vwififlt) . (.Microsoft Corporation - Virtual WiFi Filter Driver.) - C:\windows\system32\DRIVERS\vwififlt.sys
O41 - Driver: C:\windows\system32\rascfg.dll (Wanarpv6) . (.Microsoft Corporation - MS Remote Access and Routing ARP Driver.) - C:\windows\system32\DRIVERS\wanarp.sys
O41 - Driver: (WfpLwf) . (.Microsoft Corporation - WFP NDIS 6.20 Lightweight Filter Driver.) - C:\windows\system32\DRIVERS\wfplwf.sys
~ Scan Drivers in 01mn AMs
---\\ Logiciels installés (O42)
O42 - Logiciel: Adobe Flash Player 11 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX
O42 - Logiciel: Adobe Reader X (10.1.2) - Français - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-1036-7B44-AA1000000001}
O42 - Logiciel: Alice Greenfingers - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}
O42 - Logiciel: AnyPC Client - (.Doctorsoft.) [HKLM] -- {1AFA1FEF-8CF9-4A51-AC46-64FAA7F3D9E2}
O42 - Logiciel: Apple Application Support - (.Apple Inc..) [HKLM] -- {DAEAFD68-BB4A-4507-A241-C8804D2EA66D}
O42 - Logiciel: Apple Mobile Device Support - (.Apple Inc..) [HKLM] -- {CCA1EEA3-555E-4D05-AC46-4B49C6C5D887}
O42 - Logiciel: Apple Software Update - (.Apple Inc..) [HKLM] -- {C41300B9-185D-475E-BFEC-39EF732F19B1}
O42 - Logiciel: Atheros Client Installation Program - (.Atheros.) [HKLM] -- {D1434266-0486-4469-B338-A60082CC04E1}
O42 - Logiciel: BatteryLifeExtender - (.Samsung.) [HKLM] -- {853F8A41-A3C9-43FA-87FA-1AE74FC6F3F7}
O42 - Logiciel: Bonjour - (.Apple Inc..) [HKLM] -- {FF1C31AE-0CDC-40CE-AB85-406F8B70D643}
O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner
O42 - Logiciel: CPUID HWMonitor 1.19 - (.Pas de propriétaire.) [HKLM] -- CPUID HWMonitor_is1
O42 - Logiciel: ChargeableUSB - (.SAMSUNG.) [HKLM] -- {92D50865-FC60-4EA8-BA7A-5581B0D13EFB}
O42 - Logiciel: Complément Messenger - (.Microsoft Corporation.) [HKLM] -- {6E5324C1-84FC-4F76-9A3A-C65E07F80EE6}
O42 - Logiciel: Contrôle ActiveX Windows Live Mesh pour connexions à distance - (.Microsoft Corporation.) [HKLM] -- {55D003F4-9599-44BF-BA9E-95D060730DD3}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: CyberLink YouCam - (.CyberLink Corp..) [HKLM] -- {01FB4998-33C4-4431-85ED-079E3EEFE75D}
O42 - Logiciel: D3DX10 - (.Microsoft.) [HKLM] -- {E09C4DB7-630C-4F06-A631-8EA7239923AF}
O42 - Logiciel: Dairy Dash - (.Oberon Media.) [HKLM] -- {82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}
O42 - Logiciel: Easy Display Manager - (.Samsung Electronics Co., Ltd..) [HKLM] -- {17283B95-21A8-4996-97DA-547A48DB266F}
O42 - Logiciel: Easy Network Manager - (.Samsung.) [HKLM] -- {B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}
O42 - Logiciel: Easy Resolution Manager - (.Samsung.) [HKLM] -- {45535A5E-1F81-4F35-BE1D-43D10A7D03B4}
O42 - Logiciel: Easy SpeedUp Manager - (.Samsung Electronics Co.,Ltd..) [HKLM] -- {EF367AA4-070B-493C-9575-85BE59D789C9}
O42 - Logiciel: EasyBatteryManager - (.Samsung.) [HKLM] -- {178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}
O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {488F0347-C4A7-4374-91A7-30818BEDA710}
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
O42 - Logiciel: HyperSpace - (.Phoenix Technologies.) [HKLM] -- HyperSpace
O42 - Logiciel: Intel® Graphics Media Accelerator Driver - (.Intel Corporation.) [HKLM] -- HDMI
O42 - Logiciel: Intel® Matrix Storage Manager - (.Intel Corporation.) [HKLM] -- {9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}
O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}
O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}
O42 - Logiciel: Malwarebytes Anti-Malware version 1.60.1.1000 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1
O42 - Logiciel: Marvell Miniport Driver - (.Marvell.) [HKLM] -- Marvell Miniport Driver
O42 - Logiciel: McAfee Security Scan Plus - (.McAfee, Inc..) [HKLM] -- McAfee Security Scan
O42 - Logiciel: Mesh Runtime - (.Microsoft Corporation.) [HKLM] -- {8C6D6116-B724-4810-8F2D-D047E6B7D68E}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}
O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}
O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {05BFB060-4F22-4710-B0A2-2801A1B606C5}
O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {32E9C1A5-0FDA-4483-987D-DBABF9CC1DD8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}
O42 - Logiciel: Microsoft Office 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}
O42 - Logiciel: Microsoft Office Excel MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0016-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- HOMESTUDENTR
O42 - Logiciel: Microsoft Office Home and Student 2007 - (.Microsoft Corporation.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
O42 - Logiciel: Microsoft Office OneNote MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-00A1-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0018-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office PowerPoint Viewer 2007 (French) - (.Microsoft Corporation.) [HKLM] -- {95120000-00AF-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Arabic) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Dutch) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (English) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (German) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proof (Spanish) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-002C-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}
O42 - Logiciel: Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) - (.Microsoft.) [HKLM] -- {90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}
O42 - Logiciel: Microsoft Office Shared MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-006E-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft Office Suite Activation Assistant - (.Microsoft Corporation.) [HKLM] -- {E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}
O42 - Logiciel: Microsoft Office Word MUI (French) 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-001B-040C-0000-0000000FF1CE}
O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {54B6DC7D-8C5B-4DFB-BC15-C010A3326B2B}
O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {50779A29-834E-4E36-BBEB-B7CABC67A825}
O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client
O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
O42 - Logiciel: Microsoft Works - (.Microsoft Corporation.) [HKLM] -- {3B160861-7250-451E-B5EE-8B92BF30A710}
O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}
O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 4 Client Profile FRA Language Pack
O42 - Logiciel: Motion Perfect 2 - (.Trio Motion Technology Ltd.) [HKLM] -- {1E965CB7-5879-4311-BA45-EED4FA395E37}
O42 - Logiciel: PANATERM - (.Pas de propriétaire.) [HKLM] -- ST6UNST #1
O42 - Logiciel: PID - (.Pas de propriétaire.) [HKLM] -- PID
O42 - Logiciel: PL-2303 USB-to-Serial - (.Prolific Technology INC.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}
O42 - Logiciel: PreSetup HyperSpace - (.Samsung.) [HKLM] -- {4725E135-CF7D-4906-B4D0-D9F5FED44254}
O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {EB900AF8-CC61-4E15-871B-98D1EA3E8025}
O42 - Logiciel: REALTEK Wireless LAN Software - (.REALTEK Semiconductor Corp..) [HKLM] -- {F2BC3383-F000-410C-A038-3846ADBE8D90}
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}
O42 - Logiciel: Samsung Recovery Solution 4 - (.Samsung.) [HKLM] -- {145DE957-0679-4A2A-BB5C-1D3E9808FAB2}
O42 - Logiciel: Samsung Support Center - (.Samsung.) [HKLM] -- {CCC2B140-B47A-45FA-AAE3-BD60DA41AE00}
O42 - Logiciel: Samsung Update Plus - (.Samsung Electronics Co., Ltd..) [HKLM] -- {D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2446708
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2478663
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2518870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2539636
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2572078
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2633870
O42 - Logiciel: Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2656351
O42 - Logiciel: Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A0D5F849-D9D5-48ED-99D0-C74D7BFA6A09}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{AEA16A27-0B97-4670-818F-A98D06EC0A6F}
O42 - Logiciel: Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0EF0D4FB-BB23-4515-AAEA-1240AC2DA525}
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2478663) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2478663
O42 - Logiciel: Security Update for Module linguistique Microsoft .NET Framework 4 Client Profile FRA (KB2518870) - (.Microsoft Corporation.) [HKLM] -- {0F5B4A82-9DAF-3D13-8CB8-AEB25E4A614E}.KB2518870
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM] -- SynTPDeinstKey
O42 - Logiciel: Update for 2007 Microsoft Office System (KB967642) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2468871) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2533523) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523
O42 - Logiciel: Update for Microsoft .NET Framework 4 Client Profile (KB2600217) - (.Microsoft Corporation.) [HKLM] -- {3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217
O42 - Logiciel: Update for Microsoft Office 2007 (KB2508958) - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{B7873DF5-9E1C-45EE-8895-D29C6AE01202}
O42 - Logiciel: Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C20964A7-5181-45E5-9E82-72F5D400DEBF}
O42 - Logiciel: Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition - (.Microsoft.) [HKLM] -- {91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{567103D1-96CD-4B76-93B9-2681A187DEFF}
O42 - Logiciel: User Guide - (.Pas de propriétaire.) [HKLM] -- {BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}
O42 - Logiciel: WIDCOMM Bluetooth Software - (.Broadcom Corporation.) [HKLM] -- {9E9D49A4-1DF4-4138-B7DB-5D87A893088E}
O42 - Logiciel: WinMerge 2.12.4 - (.Thingamahoochie Software.) [HKLM] -- WinMerge_is1
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) - (.Broadcom.) [HKLM] -- A6A8668C0A13640CA28FE2A7D9654BE4AE478B13
O42 - Logiciel: Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) - (.Broadcom.) [HKLM] -- 755087041320E005CB1E8A67C5C55A260EB81B90
O42 - Logiciel: Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) - (.Broadcom.) [HKLM] -- BF20603967CFDCB2BBF91950E8A56DFBC5C833FE
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite
O42 - Logiciel: Windows Live - (.Microsoft Corporation.) [HKLM] -- {34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}
O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {D45240D3-B6B3-4FF9-B243-54ECE3E10066}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {BCF16F16-AC0E-4ABE-A9EF-412CF484BA51}
O42 - Logiciel: Windows Live Family Safety - (.Microsoft Corporation.) [HKLM] -- {C861504E-2F57-4F95-AB0A-C7C7D8E46A4E}
O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}
O42 - Logiciel: Windows Live ID Sign-in Assistant - (.Microsoft Corporation.) [HKLM] -- {C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}
O42 - Logiciel: Windows Live Installer - (.Microsoft Corporation.) [HKLM] -- {0B0F231F-CE6A-483D-AA23-77B364F75917}
O42 - Logiciel: Windows Live MIME IFilter - (.Microsoft Corporation.) [HKLM] -- {AF844339-2F8A-4593-81B3-9F4C54038C4E}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9D56775A-93F3-44A3-8092-840E3826DE30}
O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {9FAE6E8D-E686-49F5-A574-0A58DFD9580C}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}
O42 - Logiciel: Windows Live Mesh - (.Microsoft Corporation.) [HKLM] -- {DECDCB7C-58CC-4865-91AF-627F9798FE48}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}
O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {E5B21F11-6933-4E0B-A25C-7963E3C07D11}
O42 - Logiciel: Windows Live Messenger Companion Core - (.Microsoft Corporation.) [HKLM] -- {78A96B4C-A643-4D0F-98C2-A8E16A6669F9}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}
O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM] -- {92EA4134-10D1-418A-91E1-5A0453131A38}
O42 - Logiciel: Windows Live PIMT Platform - (.Microsoft Corporation.) [HKLM] -- {83C292B7-38A5-440B-A731-07070E81A64F}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {A9BDCA6B-3653-467B-AC83-94367DA3BFE3}
O42 - Logiciel: Windows Live Photo Common - (.Microsoft Corporation.) [HKLM] -- {C893D8C0-1BA0-4517-B11C-E89B65E72F70}
O42 - Logiciel: Windows Live Photo Gallery - (.Microsoft Corporation.) [HKLM] -- {3336F667-9049-4D46-98B6-4C743EEBC5B1}
O42 - Logiciel: Windows Live Remote Client - (.Microsoft Corporation.) [HKLM] -- {19A4A990-5343-4FF7-B3B5-6F046C091EDF}
O42 - Logiciel: Windows Live Remote Client Resources - (.Microsoft Corporation.) [HKLM] -- {DFDBE1F9-04CE-4645-BB6C-4590EABC7A9C}
O42 - Logiciel: Windows Live Remote Service - (.Microsoft Corporation.) [HKLM] -- {227E8782-B2F4-4E97-B0EE-49DE9CC1C0C0}
O42 - Logiciel: Windows Live Remote Service Resources - (.Microsoft Corporation.) [HKLM] -- {AB93C51F-71F9-4A28-8134-FE1B5B9373E9}
O42 - Logiciel: Windows Live SOXE - (.Microsoft Corporation.) [HKLM] -- {682B3E4F-696A-42DE-A41C-4C07EA1678B4}
O42 - Logiciel: Windows Live SOXE Definitions - (.Microsoft Corporation.) [HKLM] -- {200FEC62-3C34-4D60-9CE8-EC372E01C08F}
O42 - Logiciel: Windows Live UX Platform - (.Microsoft Corporation.) [HKLM] -- {CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}
O42 - Logiciel: Windows Live UX Platform Language Pack - (.Microsoft Corporation.) [HKLM] -- {05E379CC-F626-4E7D-8354-463865B303BF}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {3B9A92DA-6374-4872-B646-253F18624D5F}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {A726AE06-AAA3-43D1-87E3-70F510314F04}
O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {AAAFC670-569B-4A2F-82B4-42945E0DE3EF}
O42 - Logiciel: Windows Live Writer Resources - (.Microsoft Corporation.) [HKLM] -- {62687B11-58B5-4A18-9BC3-9DF4CE03F194}
O42 - Logiciel: iTunes - (.Apple Inc..) [HKLM] -- {350FB27C-CF62-4EF3-AF9D-70FF313FE221}
---\\ HKCU & HKLM Software Keys
[HKCU\Software\Adobe]
[HKCU\Software\AppDataLow\Software\Google]
[HKCU\Software\AppDataLow\Software\Microsoft]
[HKCU\Software\AppDataLow\Software]
[HKCU\Software\AppDataLow]
[HKCU\Software\Apple Computer, Inc.]
[HKCU\Software\Apple Inc.]
[HKCU\Software\Ask.com.tmp]
[HKCU\Software\Classes]
[HKCU\Software\Clients]
[HKCU\Software\CyberLink]
[HKCU\Software\Google]
[HKCU\Software\IM Providers]
[HKCU\Software\Intel]
[HKCU\Software\Macromedia]
[HKCU\Software\Malwarebytes' Anti-Malware]
[HKCU\Software\Netscape]
[HKCU\Software\Northcode Inc]
[HKCU\Software\ODBC]
[HKCU\Software\Oberon Media]
[HKCU\Software\PID]
[HKCU\Software\Phoenix]
[HKCU\Software\Piriform]
[HKCU\Software\Policies]
[HKCU\Software\Realtek]
[HKCU\Software\Samsung]
[HKCU\Software\Skype]
[HKCU\Software\Synaptics]
[HKCU\Software\Thingamahoochie]
[HKCU\Software\TrioMotion]
[HKCU\Software\VB and VBA Program Settings]
[HKCU\Software\Widcomm]
[HKLM\Software\ASK]
[HKLM\Software\ATI Technologies]
[HKLM\Software\Adobe]
[HKLM\Software\AdwCleaner]
[HKLM\Software\America Online]
[HKLM\Software\Apple Computer, Inc.]
[HKLM\Software\Apple Inc.]
[HKLM\Software\Atheros]
[HKLM\Software\BrowserChoice]
[HKLM\Software\CHECKINSTALLER]
[HKLM\Software\CPUID]
[HKLM\Software\Classes]
[HKLM\Software\Clients]
[HKLM\Software\CyberLink]
[HKLM\Software\Digital River]
[HKLM\Software\Dr.Soft]
[HKLM\Software\GEAR Software]
[HKLM\Software\Google]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\Macromedia]
[HKLM\Software\Malwarebytes' Anti-Malware (Trial)]
[HKLM\Software\Malwarebytes' Anti-Malware]
[HKLM\Software\Marvell]
[HKLM\Software\McAfeeInstaller]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Oberon Media]
[HKLM\Software\Phoenix Technologies]
[HKLM\Software\Phoenix]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Prolific Technology INC]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\Realtek]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\RtWLan]
[HKLM\Software\SOFIRUN]
[HKLM\Software\SRS Labs]
[HKLM\Software\Samsung Electronics Co., Ltd.]
[HKLM\Software\Samsung]
[HKLM\Software\Synaptics]
[HKLM\Software\Thingamahoochie]
[HKLM\Software\Waves Audio]
[HKLM\Software\Widcomm]
[HKLM\Software\Wow6432Node]
~ Scan Softwares in 01mn AMs
---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)
O43 - CFD: 2/19/2012 - 3:11:30 PM - [113.052] ----D- C:\Program Files\Adobe
O43 - CFD: 12/10/2009 - 2:36:30 AM - [35.541] ----D- C:\Program Files\AnyPC Client
O43 - CFD: 5/4/2010 - 1:51:58 AM - [2.200] ----D- C:\Program Files\Apple Software Update
O43 - CFD: 12/10/2009 - 2:32:06 AM - [0.001] ----D- C:\Program Files\Atheros Client Installation Program
O43 - CFD: 9/11/2010 - 2:14:12 PM - [0.572] ----D- C:\Program Files\Bonjour
O43 - CFD: 2/18/2012 - 10:11:14 PM - [4.161] ----D- C:\Program Files\CCleaner
O43 - CFD: 2/19/2012 - 3:11:30 PM - [426.030] ----D- C:\Program Files\Common Files
O43 - CFD: 2/19/2012 - 4:12:44 PM - [2.056] ----D- C:\Program Files\CPUID
O43 - CFD: 3/26/2010 - 5:27:42 AM - [76.778] ----D- C:\Program Files\CyberLink
O43 - CFD: 3/26/2010 - 4:50:36 AM - [0.520] ----D- C:\Program Files\DIFX
O43 - CFD: 2/18/2012 - 9:47:52 PM - [3.997] ----D- C:\Program Files\DVD Maker
O43 - CFD: 2/19/2012 - 12:31:28 PM - [5.618] ----D- C:\Program Files\Google
O43 - CFD: 12/11/2009 - 12:39:08 AM - [678.742] ---AD- C:\Program Files\hsinstall
O43 - CFD: 3/28/2010 - 2:25:22 PM - [26.507] ----D- C:\Program Files\HyperSpace
O43 - CFD: 9/20/2010 - 12:11:40 PM - [59.239] --H-D- C:\Program Files\InstallShield Installation Information
O43 - CFD: 12/10/2009 - 2:26:18 AM - [4.797] ----D- C:\Program Files\Intel
O43 - CFD: 2/19/2012 - 2:01:48 PM - [6.189] ----D- C:\Program Files\Internet Explorer
O43 - CFD: 9/11/2010 - 2:22:50 PM - [1.770] ----D- C:\Program Files\iPod
O43 - CFD: 9/11/2010 - 2:24:10 PM - [116.182] ----D- C:\Program Files\iTunes
O43 - CFD: 2/18/2012 - 7:28:58 PM - [11.404] ----D- C:\Program Files\Malwarebytes' Anti-Malware
O43 - CFD: 12/10/2009 - 2:28:18 AM - [2.983] ----D- C:\Program Files\Marvell
O43 - CFD: 11/22/2010 - 9:02:52 PM - [9.300] ----D- C:\Program Files\McAfee Security Scan
O43 - CFD: 2/19/2012 - 12:24:56 PM - [0.479] ----D- C:\Program Files\Microsoft
O43 - CFD: 7/14/2009 - 5:52:32 AM - [44.813] ----D- C:\Program Files\Microsoft Games
O43 - CFD: 2/18/2012 - 8:03:28 PM - [363.007] ----D- C:\Program Files\Microsoft Office
O43 - CFD: 3/26/2010 - 5:16:10 AM - [7.431] ----D- C:\Program Files\Microsoft Office Suite Activation Assistant
O43 - CFD: 12/13/2011 - 7:48:30 PM - [18.414] ----D- C:\Program Files\Microsoft Security Client
O43 - CFD: 2/18/2012 - 9:14:48 PM - [36.634] ----D- C:\Program Files\Microsoft Silverlight
O43 - CFD: 3/26/2010 - 5:20:50 AM - [1.745] ----D- C:\Program Files\Microsoft SQL Server Compact Edition
O43 - CFD: 1/1/2011 - 10:32:58 AM - [138.685] ----D- C:\Program Files\Microsoft Works
O43 - CFD: 2/8/2011 - 5:05:38 PM - [7.789] ----D- C:\Program Files\Microsoft.NET
O43 - CFD: 7/14/2009 - 5:52:32 AM - [0.025] ----D- C:\Program Files\MSBuild
O43 - CFD: 9/21/2010 - 9:23:00 AM - [5.614] ----D- C:\Program Files\PANATERM
O43 - CFD: 12/10/2009 - 3:02:58 AM - [2.275] ----D- C:\Program Files\Phoenix Technologies Ltd
O43 - CFD: 9/11/2010 - 2:19:18 PM - [72.799] ----D- C:\Program Files\QuickTime
O43 - CFD: 12/10/2009 - 2:27:26 AM - [14.932] ----D- C:\Program Files\Realtek
O43 - CFD: 12/10/2009 - 2:30:28 AM - [7.141] ----D- C:\Program Files\REALTEK Wireless LAN Software
O43 - CFD: 7/14/2009 - 5:52:32 AM - [37.345] ----D- C:\Program Files\Reference Assemblies
O43 - CFD: 12/10/2009 - 3:20:00 AM - [408.024] ----D- C:\Program Files\Samsung
O43 - CFD: 2/19/2011 - 7:42:16 PM - [36.236] ----D- C:\Program Files\Samsung Casual Games
O43 - CFD: 9/30/2010 - 2:15:58 PM - [4.723] ----D- C:\Program Files\SOFIRUN
O43 - CFD: 12/10/2009 - 2:32:30 AM - [26.222] ----D- C:\Program Files\Synaptics
O43 - CFD: 12/10/2009 - 2:28:14 AM - [0] --H-D- C:\Program Files\Temp
O43 - CFD: 9/20/2010 - 12:13:54 PM - [15.087] ----D- C:\Program Files\TrioMotion
O43 - CFD: 7/14/2009 - 5:53:24 AM - [0] --H-D- C:\Program Files\Uninstall Information
O43 - CFD: 3/26/2010 - 4:50:40 AM - [82.614] ----D- C:\Program Files\WIDCOMM
O43 - CFD: 2/18/2012 - 9:47:48 PM - [2.909] ----D- C:\Program Files\Windows Defender
O43 - CFD: 2/19/2012 - 9:19:26 AM - [186.666] ----D- C:\Program Files\Windows Live
O43 - CFD: 2/18/2012 - 9:47:52 PM - [5.895] ----D- C:\Program Files\Windows Mail
O43 - CFD: 2/18/2012 - 9:47:52 PM - [6.298] ----D- C:\Program Files\Windows Media Player
O43 - CFD: 7/14/2009 - 5:52:32 AM - [11.632] ----D- C:\Program Files\Windows NT
O43 - CFD: 2/18/2012 - 9:47:52 PM - [4.213] ----D- C:\Program Files\Windows Photo Viewer
O43 - CFD: 2/18/2012 - 9:47:52 PM - [0.181] ----D- C:\Program Files\Windows Portable Devices
O43 - CFD: 2/18/2012 - 9:47:52 PM - [5.717] ----D- C:\Program Files\Windows Sidebar
O43 - CFD: 9/20/2010 - 12:16:58 PM - [4.347] ----D- C:\Program Files\WinMerge
O43 - CFD: 2/19/2012 - 4:18:30 PM - [10.100] ----D- C:\Program Files\ZHPDiag
O43 - CFD: 2/19/2012 - 3:12:20 PM - [3.651] ----D- C:\Program Files\Common Files\Adobe
O43 - CFD: 9/11/2010 - 2:22:48 PM - [76.319] ----D- C:\Program Files\Common Files\Apple
O43 - CFD: 3/26/2010 - 5:08:50 AM - [0.089] ----D- C:\Program Files\Common Files\DESIGNER
O43 - CFD: 12/10/2009 - 2:27:16 AM - [3.452] ----D- C:\Program Files\Common Files\InstallShield
O43 - CFD: 2/19/2012 - 1:21:02 PM - [256.112] ----D- C:\Program Files\Common Files\microsoft shared
O43 - CFD: 3/26/2010 - 4:56:06 AM - [0.197] ----D- C:\Program Files\Common Files\Oberon Media
O43 - CFD: 12/10/2009 - 2:40:34 AM - [4.403] ----D- C:\Program Files\Common Files\Samsung
O43 - CFD: 7/14/2009 - 3:37:06 AM - [0.003] ----D- C:\Program Files\Common Files\Services
O43 - CFD: 7/14/2009 - 3:37:06 AM - [39.200] ----D- C:\Program Files\Common Files\SpeechEngines
O43 - CFD: 2/16/2011 - 7:39:30 PM - [0] ----D- C:\Program Files\Common Files\SWF Studio
O43 - CFD: 2/18/2012 - 9:47:50 PM - [42.210] ----D- C:\Program Files\Common Files\System
O43 - CFD: 9/20/2010 - 12:13:56 PM - [0.395] ----D- C:\Program Files\Common Files\TrioMotion
O43 - CFD: 3/26/2010 - 5:16:52 AM - [0] ----D- C:\Program Files\Common Files\Windows Live
O43 - CFD: 2/19/2012 - 3:11:52 PM - [136.725] ----D- C:\ProgramData\Adobe
O43 - CFD: 5/4/2010 - 1:51:48 AM - [49.723] ----D- C:\ProgramData\Apple
O43 - CFD: 5/4/2010 - 9:28:58 AM - [61.978] ----D- C:\ProgramData\Apple Computer
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Application Data
O43 - CFD: 9/10/2010 - 6:39:30 PM - [0.008] ----D- C:\ProgramData\CyberLink
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Desktop
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Documents
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Favorites
O43 - CFD: 2/19/2012 - 12:25:30 PM - [0.486] ----D- C:\ProgramData\Google
O43 - CFD: 2/18/2012 - 7:28:34 PM - [6.159] ----D- C:\ProgramData\Malwarebytes
O43 - CFD: 9/16/2010 - 5:43:58 PM - [0.006] ----D- C:\ProgramData\McAfee
O43 - CFD: 6/16/2011 - 8:33:16 PM - [0.001] ----D- C:\ProgramData\McAfee Security Scan
O43 - CFD: 2/19/2012 - 12:24:56 PM - [478.244] -S--D- C:\ProgramData\Microsoft
O43 - CFD: 2/19/2012 - 1:22:58 PM - [0.054] ----D- C:\ProgramData\Microsoft Help
O43 - CFD: 4/16/2010 - 8:09:58 AM - [0.001] ----D- C:\ProgramData\Partner
O43 - CFD: 12/10/2009 - 3:20:48 AM - [0.511] ----D- C:\ProgramData\SAMSUNG
O43 - CFD: 12/10/2009 - 2:59:54 AM - [0.000] ----D- C:\ProgramData\SiteAdvisor
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Start Menu
O43 - CFD: 2/16/2011 - 7:44:46 PM - [0.035] ---AD- C:\ProgramData\Temp
O43 - CFD: 7/14/2009 - 5:53:56 AM - [0] -SH-D- C:\ProgramData\Templates
O43 - CFD: 6/16/2011 - 8:33:16 PM - [14.744] ----D- C:\ProgramData\WinClon
O43 - CFD: 5/4/2010 - 9:31:30 AM - [0.516] ----D- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
O43 - CFD: 2/16/2011 - 7:44:48 PM - [0] -SH-D- C:\Users\eed\AppData\Roaming\.#
O43 - CFD: 5/4/2010 - 1:02:48 AM - [3.726] ----D- C:\Users\eed\AppData\Roaming\Adobe
O43 - CFD: 5/4/2010 - 9:36:44 AM - [2.591] ----D- C:\Users\eed\AppData\Roaming\Apple Computer
O43 - CFD: 2/16/2011 - 7:44:14 PM - [0.001] ----D- C:\Users\eed\AppData\Roaming\Go Go Gourmet
O43 - CFD: 3/25/2010 - 11:14:28 PM - [0] ----D- C:\Users\eed\AppData\Roaming\Google
O43 - CFD: 3/26/2010 - 5:29:02 AM - [0] ----D- C:\Users\eed\AppData\Roaming\Identities
O43 - CFD: 3/26/2010 - 8:24:32 AM - [0.001] ----D- C:\Users\eed\AppData\Roaming\Macromedia
O43 - CFD: 2/18/2012 - 7:29:12 PM - [0.004] ----D- C:\Users\eed\AppData\Roaming\Malwarebytes
O43 - CFD: 8/5/2011 - 8:12:50 AM - [7.436] -S--D- C:\Users\eed\AppData\Roaming\Microsoft
O43 - CFD: 2/19/2012 - 12:22:00 PM - [45.351] ----D- C:\Users\eed\AppData\Local\Adobe
O43 - CFD: 5/4/2010 - 1:52:02 AM - [0] ----D- C:\Users\eed\AppData\Local\Apple
O43 - CFD: 5/4/2010 - 9:32:26 AM - [15.554] ----D- C:\Users\eed\AppData\Local\Apple Computer
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Application Data
O43 - CFD: 3/26/2010 - 4:53:08 AM - [0] ----D- C:\Users\eed\AppData\Local\Broadcom
O43 - CFD: 9/2/2011 - 2:03:38 PM - [0] ----D- C:\Users\eed\AppData\Local\Diagnostics
O43 - CFD: 6/8/2011 - 10:05:56 AM - [0] ----D- C:\Users\eed\AppData\Local\ElevatedDiagnostics
O43 - CFD: 2/19/2012 - 12:25:30 PM - [0.353] ----D- C:\Users\eed\AppData\Local\Google
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Historique
O43 - CFD: 2/19/2012 - 12:24:34 PM - [152.451] ----D- C:\Users\eed\AppData\Local\Microsoft
O43 - CFD: 3/26/2010 - 5:05:52 AM - [0] ----D- C:\Users\eed\AppData\Local\Microsoft Help
O43 - CFD: 2/19/2012 - 4:18:46 PM - [9.765] ----D- C:\Users\eed\AppData\Local\Temp
O43 - CFD: 3/26/2010 - 4:49:42 AM - [0] -SH-D- C:\Users\eed\AppData\Local\Temporary Internet Files
O43 - CFD: 10/19/2010 - 4:52:14 PM - [5.000] ----D- C:\Users\eed\AppData\Local\TrioMotion
O43 - CFD: 9/20/2010 - 3:47:56 PM - [0.033] ----D- C:\Users\eed\AppData\Local\VirtualStore
O43 - CFD: 2/19/2012 - 9:26:08 AM - [0.059] ----D- C:\Users\eed\AppData\Local\Windows Live
O43 - CFD: 11/8/2011 - 9:01:32 AM - [0] ----D- C:\Users\eed\AppData\Local\{0E68168D-F0E1-4656-95E0-62A6C92B40E5}
O43 - CFD: 12/10/2011 - 10:16:40 AM - [0] ----D- C:\Users\eed\AppData\Local\{1125E34B-F225-47E3-B9DE-A2909B4C3C57}
O43 - CFD: 2/19/2012 - 9:25:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{151D1C34-5E11-4843-B0E6-2CBA142FF26D}
O43 - CFD: 1/25/2012 - 6:28:52 PM - [0] ----D- C:\Users\eed\AppData\Local\{16455036-9622-4A8C-B708-05DB8F4374F7}
O43 - CFD: 2/4/2012 - 10:30:46 AM - [0] ----D- C:\Users\eed\AppData\Local\{2F71FC75-E231-48A1-950E-900C5B8983FC}
O43 - CFD: 2/19/2012 - 9:26:00 AM - [0] ----D- C:\Users\eed\AppData\Local\{329136AE-3C72-4F1C-9D62-122C4D49AFA5}
O43 - CFD: 2/19/2012 - 8:54:40 AM - [0] ----D- C:\Users\eed\AppData\Local\{3B8023EB-C57F-42A8-873A-394E56A15B9D}
O43 - CFD: 2/19/2012 - 9:01:32 AM - [0] ----D- C:\Users\eed\AppData\Local\{43773723-26AF-4D6B-A905-CCDCB6D74547}
O43 - CFD: 11/11/2011 - 12:35:42 PM - [0] ----D- C:\Users\eed\AppData\Local\{45A4C29D-8232-4FFE-91B0-CEE7AE9F80BC}
O43 - CFD: 12/14/2011 - 5:52:34 PM - [0] ----D- C:\Users\eed\AppData\Local\{5578B24B-AE2C-4536-B5AC-5D667B7DF4D6}
O43 - CFD: 9/25/2011 - 10:41:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{6D14703F-6653-4334-B6E8-4FBD47800FB8}
O43 - CFD: 11/29/2011 - 8:57:48 AM - [0] ----D- C:\Users\eed\AppData\Local\{A8C1B90B-5E2B-4C62-A9FA-B5DCDAE122A7}
O43 - CFD: 9/24/2011 - 12:54:26 PM - [0] ----D- C:\Users\eed\AppData\Local\{AC37CA50-AFA3-4B7A-8369-5860408BD55E}
O43 - CFD: 2/18/2012 - 10:05:48 PM - [0] ----D- C:\Users\eed\AppData\Local\{CA897BB5-B9C3-41DC-9636-1EAB2AFE4687}
~ Scan Program Folder in 13mn AMs
---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)
O44 - LFC:[MD5.24097AF73562086C5DC1B48412F02DA0] - 2/18/2012 - 10:05:24 PM ---A- . (.Adobe Systems Incorporated - Adobe Flash Player Control Panel Applet.) -- C:\windows\system32\FlashPlayerCPLApp.cpl [414368]
O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 2/18/2012 - 10:18:14 PM ---A- . (...) -- C:\windows\setuperr.log [0]
O44 - LFC:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 2/18/2012 - 7:28:26 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbam.sys [20464]
O44 - LFC:[MD5.4B333D3CC96AE66BD754329FD2989EE2] - 2/19/2012 - 1:26:16 PM ---A- . (...) -- C:\windows\system32\ieuinit.inf [72822]
O44 - LFC:[MD5.0E3723B34B3AAE2C6DE81335E616949C] - 2/19/2012 - 1:27:55 PM ---A- . (...) -- C:\windows\IE9_main.log [4135]
O44 - LFC:[MD5.006271718FE712B0DBF6A1FB5CAD467E] - 2/19/2012 - 2:03:18 PM ---A- . (...) -- C:\windows\PFRO.log [6668]
O44 - LFC:[MD5.FD7E6F9DCCD7FEEBDD6E8D3F14AD24F8] - 2/19/2012 - 3:28:10 PM ---A- . (...) -- C:\windows\setupact.log [392]
O44 - LFC:[MD5.7F83667EB04C005F699CD335634CC15D] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\PerfStringBackup.INI [1556228]
O44 - LFC:[MD5.AA9B823195F79775B12B175C44162840] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfc009.dat [107388]
O44 - LFC:[MD5.A0F48C209AE3D20F313C7F88395375E2] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfc00C.dat [131754]
O44 - LFC:[MD5.695EBACCDD16896E6E136093ABFD3647] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfh009.dat [618108]
O44 - LFC:[MD5.C88AB0BFF5F4E6A3D93F01B1C68D9A89] - 2/19/2012 - 3:32:33 PM ---A- . (...) -- C:\windows\system32\perfh00C.dat [706580]
O44 - LFC:[MD5.A02F182F97D41E16DE774C74DA389A3B] - 2/19/2012 - 4:02:46 PM -S-A- . (...) -- C:\windows\bootstat.dat [67584]
O44 - LFC:[MD5.8D7AD6E32A9ABA416EBCC83D89A68609] - 2/19/2012 - 4:02:52 PM ---A- . (...) -- C:\windows\WindowsUpdate.log [1076544]
O44 - LFC:[MD5.3411FDF098AA20193EEE5FFA36BA43B2] - 2/19/2012 - 4:12:43 PM ---A- . (.CPUID - CPUID Driver.) -- C:\windows\system32\drivers\cpuz135_x32.sys [21992]
O44 - LFC:[MD5.CB7B54150C2CF8915CE80FF207ED8F2D] - 2/19/2012 - 8:59:24 AM ---A- . (...) -- C:\windows\system32\FNTCACHE.DAT [334696]
~ Scan Files in 19mn AMs
---\\ Déni du service (Local Security Authority) (O48)
O48 - LSA:Local Security Authority Authentication Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Notification Packages . (.Microsoft Corporation - Moteur du client de l’Éditeur de configuration de sécurité Windows.) -- C:\Windows\System32\scecli.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Package de sécurité Kerberos.) -- C:\Windows\System32\kerberos.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Authentication Package v1.0.) -- C:\Windows\System32\msv1_0.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\Windows\System32\schannel.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Microsoft Digest Access.) -- C:\Windows\System32\wdigest.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Web Service Security Package.) -- C:\Windows\System32\TSpkg.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corporation - Pku2u Security Package.) -- C:\Windows\System32\pku2u.dll
O48 - LSA:Local Security Authority Security Packages . (.Microsoft Corp. - LiveSSP.) -- C:\Windows\System32\LIVESSP.dll
~ Scan Keys in 00mn AMs
---\\ Contrôle du Safe Boot (CSB) (O49)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\windows\system32\Drivers\volmgrx.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\windows\system32\Drivers\ipnat.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\nsiproxy.sys . (.Microsoft Corporation - NSI Proxy.) -- C:\windows\system32\Drivers\nsiproxy.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpencdd.sys . (.Microsoft Corporation - RDP Encoder Miniport.) -- C:\windows\system32\Drivers\rdpencdd.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\windows\system32\Drivers\sermouse.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\windows\system32\Drivers\vga.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\windows\system32\Drivers\vgasave.sys (.not file.)
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgr.sys . (.Microsoft Corporation - Volume Manager Driver.) -- C:\windows\system32\Drivers\volmgr.sys
O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\volmgrx.sys . (.Microsoft Corporation - Pilote d’extension du gestionnaire de volumes.) -- C:\windows\system32\Drivers\volmgrx.sys
~ Scan CSB in 00mn AMs
---\\ MountPoints2 Shell Key (O51) (None)
---\\ Trojan Driver Search Data (HKLM) (O52)
O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll
O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm
~ Scan Keys in 00mn AMs
---\\ ShareTools MSconfig StartupReg (O53)
O53 - SMSR:HKLM\...\startupreg\Adobe Reader Speed Launcher [Key] . (...) -- C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (.not file.)
O53 - SMSR:HKLM\...\startupreg\APLangApp [Key] . (.DoctorSoft - AnyPC Language Application.) -- C:\Program Files\AnyPC Client\APLangApp.exe
O53 - SMSR:HKLM\...\startupreg\hscontrolcenter [Key] . (.Phoenix Technologies - HyperSpace Control Center Application.) -- C:\Program Files\HyperSpace\HSControlCenter.exe
O53 - SMSR:HKLM\...\startupreg\iTunesHelper [Key] . (.Apple Inc. - iTunesHelper.) -- C:\Program Files\iTunes\iTunesHelper.exe
O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe
O53 - SMSR:HKLM\...\startupreg\RtHDVCpl [Key] . (.Realtek Semiconductor - Gestionnaire audio HD Realtek.) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O53 - SMSR:HKLM\...\startupreg\UCam_Menu [Key] . (.CyberLink Corp. - MUI StartMenu Application.) -- C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe
~ Scan SMSR Keys in 00mn AMs
---\\ Microsoft Control Security Providers (O54)
O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll
O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Credential Delegation Security Package.) -- C:\windows\system32\credssp.dll
~ Scan Keys in 00mn AMs
---\\ Microsoft Windows Policies System (O55)
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=5
O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=3
O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1
O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0
O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1
O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1
O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0
O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=
O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=
O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0
O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1
O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0
~ Scan Keys in 00mn AMs
---\\ Liste des Drivers Système (O58)
O58 - SDL:[MD5.21E785EBD7DC90A06391141AAC7892FB] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\windows\system32\drivers\adp94xx.sys [422976]
O58 - SDL:[MD5.0C676BC278D5B59FF5ABD57BBE9123F2] - 7/14/2009 - 2:26:17 AM ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\windows\system32\drivers\adpahci.sys [297552]
O58 - SDL:[MD5.7C7B5EE4B7B822EC85321FE23A27DB33] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\windows\system32\drivers\adpu320.sys [146512]
O58 - SDL:[MD5.0D40BCF52EA90FC7DF2AEAB6503DEA44] - 7/14/2009 - 2:26:15 AM ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\windows\system32\drivers\aliide.sys [14400]
O58 - SDL:[MD5.D320BF87125326F996D4904FE24300FC] - 3/11/2011 - 6:38:37 AM ---A- . (.Advanced Micro Devices - AHCI 1.2 Device Driver.) -- C:\windows\system32\drivers\amdsata.sys [80256]
O58 - SDL:[MD5.EA43AF0C423FF267355F74E7A53BDABA] - 7/14/2009 - 2:26:15 AM ---A- . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller Driver for Windows fa.) -- C:\windows\system32\drivers\amdsbs.sys [159312]
O58 - SDL:[MD5.46387FB17B086D16DEA267D5BE23A2F2] - 3/11/2011 - 6:38:37 AM ---A- . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\windows\system32\drivers\amdxata.sys [22400]
O58 - SDL:[MD5.2932004F49677BD84DBC72EDB754FFB3] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\windows\system32\drivers\arc.sys [76368]
O58 - SDL:[MD5.5D6F36C46FD283AE1B57BD2E9FEB0BC7] - 7/14/2009 - 2:26:15 AM ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\windows\system32\drivers\arcsas.sys [86608]
O58 - SDL:[MD5.49F17A2E79469BE6581D491706720671] - 12/13/2011 - 3:32:24 AM ---A- . (.Atheros Communications, Inc. - Atheros Extensible Wireless LAN device driver.) -- C:\windows\system32\drivers\athr.sys [2228224]
O58 - SDL:[MD5.BD8869EB9CDE6BBE4508D869929869EE] - 7/13/2009 - 11:02:49 PM ---A- . (.Broadcom Corporation - Pilote unifié NDIS6.x Broadcom NetXtreme Gigabit Ethernet..) -- C:\windows\system32\drivers\b57nd60x.sys [229888]
O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\windows\system32\drivers\BrFiltLo.sys [13568]
O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 7/13/2009 - 11:53:28 PM ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\windows\system32\drivers\BrFiltUp.sys [5248]
O58 - SDL:[MD5.845B8CE732E67F3B4133164868C666EA] - 7/14/2009 - 1:57:25 AM ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\windows\system32\drivers\BrSerId.sys [272128]
O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 7/13/2009 - 11:53:32 PM ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\windows\system32\drivers\BrSerWdm.sys [62336]
O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\windows\system32\drivers\BrUsbMdm.sys [12160]
O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 7/13/2009 - 11:53:33 PM ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\windows\system32\drivers\BrUsbSer.sys [11904]
O58 - SDL:[MD5.92C5B845803F3662637EB691AC0B250F] - 7/1/2009 - 9:46:20 PM ---A- . (.Broadcom Corporation. - Widcomm Bluetooth USB Filter for Windows XP.) -- C:\windows\system32\drivers\btusbflt.sys [43944]
O58 - SDL:[MD5.7E826BE3B3558208D5C9B00034E51BE5] - 10/2/2009 - 5:47:40 PM ---A- . (.Broadcom Corporation. - Bluetooth Audio Device.) -- C:\windows\system32\drivers\btwaudio.sys [86056]
O58 - SDL:[MD5.AF9148C3E844131AC954CB53FF43D971] - 8/29/2009 - 4:15:16 AM ---A- . (.Broadcom Corporation. - Broadcom Bluetooth AVDT Service.) -- C:\windows\system32\drivers\btwavdt.sys [108072]
O58 - SDL:[MD5.AAFD7CB76BA61FBB08E302DA208C974A] - 4/8/2009 - 12:32:50 AM ---A- . (.Broadcom Corporation. - Broadcom Bluetooth L2CAP Service.) -- C:\windows\system32\drivers\btwl2cap.sys [29472]
O58 - SDL:[MD5.480B3D195854B2E55299CDDDDC50BCF9] - 8/29/2009 - 4:15:12 AM ---A- . (.Broadcom Corporation. - Bluetooth Remote Control HID Minidriver.) -- C:\windows\system32\drivers\btwrchid.sys [18472]
O58 - SDL:[MD5.1A231ABEC60FD316EC54C66715543CEC] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\windows\system32\drivers\bxvbdx.sys [430080]
O58 - SDL:[MD5.C537B1DB64D495B9B4717B4D6D9EDBF2] - 7/14/2009 - 2:26:21 AM ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\windows\system32\drivers\cmdide.sys [15952]
O58 - SDL:[MD5.3411FDF098AA20193EEE5FFA36BA43B2] - 9/21/2011 - 10:25:34 AM ---A- . (.CPUID - CPUID Driver.) -- C:\windows\system32\drivers\cpuz135_x32.sys [21992]
O58 - SDL:[MD5.C914D18AB66B132E9C73F19F8F805F1F] - 5/1/2009 - 3:41:06 PM ---A- . (.Phoenix Technologies Ltd. - CryptOSD Device Driver.) -- C:\windows\system32\drivers\CryptOSD.sys [384896]
O58 - SDL:[MD5.8B30250D573A8F6B4BD23195160D8707] - 7/14/2009 - 2:20:28 AM ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\windows\system32\drivers\djsvs.sys [70720]
O58 - SDL:[MD5.0ED67910C8C326796FAA00B2BF6D9D3C] - 7/14/2009 - 2:20:28 AM ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\windows\system32\drivers\elxstor.sys [453712]
O58 - SDL:[MD5.024E1B5CAC09731E4D868E64DBFB4AB0] - 7/13/2009 - 11:02:48 PM ---A- . (.Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) -- C:\windows\system32\drivers\evbdx.sys [3100160]
O58 - SDL:[MD5.8182FF89C65E4D38B2DE4BB0FB18564E] - 5/18/2009 - 12:17:00 PM ---A- . (.GEAR Software Inc. - CD DVD Filter.) -- C:\windows\system32\drivers\GEARAspiWDM.sys [26600]
O58 - SDL:[MD5.C44E3C2BAB6837DB337DDEE7544736DB] - 7/13/2009 - 11:54:14 PM ---A- . (.Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) -- C:\windows\system32\drivers\hcw85cir.sys [26624]
O58 - SDL:[MD5.295FDC419039090EB8B49FFDBB374549] - 7/14/2009 - 2:20:28 AM ---A- . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Driver.) -- C:\windows\system32\drivers\HpSAMD.sys [67152]
O58 - SDL:[MD5.D483687EACE0C065EE772481A96E05F5] - 6/4/2009 - 10:43:16 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStor.sys [330264]
O58 - SDL:[MD5.5CD5F9A5444E6CDCB0AC89BD62D8B76E] - 3/11/2011 - 6:38:51 AM ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver - ia32.) -- C:\windows\system32\drivers\iaStorV.sys [332160]
O58 - SDL:[MD5.BA41E1BBA410212CE6D30E0DAC47972B] - 10/25/2010 - 4:10:06 AM ---A- . (.Intel Corporation - Intel Graphics Kernel Mode Driver.) -- C:\windows\system32\drivers\igdkmd32.sys [4807168]
O58 - SDL:[MD5.4173FF5708F3236CF25195FECD742915] - 7/14/2009 - 2:20:36 AM ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\windows\system32\drivers\iirsp.sys [41040]
O58 - SDL:[MD5.EB119A53CCF2ACC000AC71B065B78FEF] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT FC Driver (StorPort).) -- C:\windows\system32\drivers\lsi_fc.sys [95824]
O58 - SDL:[MD5.8ADE1C877256A22E49B75D1CC9161F9C] - 7/14/2009 - 2:20:37 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas.sys [89168]
O58 - SDL:[MD5.DC9DC3D3DAA0E276FD2EC262E38B11E9] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\windows\system32\drivers\lsi_sas2.sys [54864]
O58 - SDL:[MD5.0A036C7D7CAB643A7F07135AC47E0524] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - LSI Fusion-MPT SCSI Driver (StorPort).) -- C:\windows\system32\drivers\lsi_scsi.sys [96848]
O58 - SDL:[MD5.B7CA8CC3F978201856B6AB82F40953C3] - 12/10/2011 - 3:24:06 PM ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\windows\system32\drivers\mbam.sys [20464]
O58 - SDL:[MD5.0FFF5B045293002AB38EB1FD1FC2FB74] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows 7 for x86.) -- C:\windows\system32\drivers\megasas.sys [30800]
O58 - SDL:[MD5.DCBAB2920C75F390CAF1D29F675D03D6] - 7/14/2009 - 2:20:36 AM ---A- . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\windows\system32\drivers\MegaSR.sys [235584]
O58 - SDL:[MD5.1D85C4B390B0EE09C7A46B91EFB2C097] - 7/14/2009 - 2:20:44 AM ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\windows\system32\drivers\nfrd960.sys [44624]
O58 - SDL:[MD5.B3E25EE28883877076E0E1FF877D02E0] - 3/11/2011 - 6:39:00 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) -- C:\windows\system32\drivers\nvraid.sys [117120]
O58 - SDL:[MD5.4380E59A170D88C4F1022EFF6719A8A4] - 3/11/2011 - 6:39:00 AM ---A- . (.NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) -- C:\windows\system32\drivers\nvstor.sys [143744]
O58 - SDL:[MD5.AB95ECF1F6659A60DDC166D8315B0751] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\windows\system32\drivers\ql2300.sys [1383488]
O58 - SDL:[MD5.B4DD51DD25182244B86737DC51AF2270] - 7/14/2009 - 2:19:04 AM ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\windows\system32\drivers\ql40xx.sys [106064]
O58 - SDL:[MD5.7DFD48E24479B68B258D8770121155A0] - 7/13/2009 - 11:02:52 PM ---A- . (.Realtek Corporation - Realtek 8101E/8168/8169 NDIS 6.20 32-bit Driver.) -- C:\windows\system32\drivers\Rt86win7.sys [139776]
O58 - SDL:[MD5.7CB41A5E5C24F9F50E6533693E2BB74D] - 11/18/2009 - 5:02:32 AM ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\windows\system32\drivers\RTKVHDA.sys [2807392]
O58 - SDL:[MD5.4B575EA3FE9781DDBCE04DE0A6D3E715] - 11/13/2009 - 11:58:20 PM ---A- . (.Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) -- C:\windows\system32\drivers\rtl819xp.sys [546816]
O58 - SDL:[MD5.6E5FBB7CBAEC47038B945D5E9B144A64] - 5/28/2009 - 7:38:12 AM ---A- . (.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) -- C:\windows\system32\drivers\SABI.sys [10752]
O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 7/13/2009 - 9:50:20 PM ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\windows\system32\drivers\secdrv.sys [20480]
O58 - SDL:[MD5.AC1F2A09B76B57356F906EEDA43CCC2A] - 3/12/2010 - 5:22:18 PM ---A- . (.Prolific Technology Inc. - USB-to-Serial Cable Driver.) -- C:\windows\system32\drivers\ser2pl.sys [81920]
O58 - SDL:[MD5.A9F0486851BECB6DDA1D89D381E71055] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\windows\system32\drivers\sisraid2.sys [40016]
O58 - SDL:[MD5.3727097B55738E2F554972C3BE5BC1AA] - 7/14/2009 - 2:19:04 AM ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\windows\system32\drivers\sisraid4.sys [77888]
O58 - SDL:[MD5.DB32D325C192B801DF274BFD12A7E72B] - 7/14/2009 - 2:19:04 AM ---A- . (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) -- C:\windows\system32\drivers\stexstor.sys [21072]
O58 - SDL:[MD5.215A45246C6E2D0A9C263CE1786C8D8A] - 10/10/2009 - 4:16:30 AM ---A- . (.Synaptics Incorporated - Synaptics Touchpad Driver.) -- C:\windows\system32\drivers\SynTP.sys [229424]
O58 - SDL:[MD5.919EA416C810C2CD536C1554551620DE] - 10/6/2009 - 7:30:24 AM ---A- . (.Trio Motion Technology Ltd - PCI Motion Coordinator Kernel Driver.) -- C:\windows\system32\drivers\TrioPCI.sys [22784]
O58 - SDL:[MD5.9AF9A740FFD591ACB459DE6AEF5196FA] - 10/6/2009 - 7:30:22 AM ---A- . (.Trio Motion Technology - Trio Motion Technology USB Link.) -- C:\windows\system32\drivers\TrioUSB.sys [9984]
O58 - SDL:[MD5.E8C1B9EBAC65288E1B51E8A987D98AF6] - 4/16/2010 - 7:33:36 AM ---A- . (.Apple, Inc. - Apple Mobile Device USB Driver.) -- C:\windows\system32\drivers\usbaapl.sys [41472]
O58 - SDL:[MD5.E43574F6A56A0EE11809B48C09E4FD3C] - 7/14/2009 - 2:19:10 AM ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\windows\system32\drivers\viaide.sys [16976]
O58 - SDL:[MD5.9DFA0CC2F8855A04816729651175B631] - 7/14/2009 - 2:19:11 AM ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\windows\system32\drivers\vsmraid.sys [141904]
O58 - SDL:[MD5.30B73EB97218A16CBC6DE535782A1B35] - 9/28/2009 - 10:22:00 AM ---A- . (...) -- C:\windows\system32\drivers\yk62x86.sys [315392]
O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 7/13/2009 - 10:40:41 PM ---A- . (...) -- C:\windows\system32\ANSI.SYS [9029]
O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 7/13/2009 - 10:40:44 PM ---A- . (...) -- C:\windows\system32\country.sys [27097]
O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 7/13/2009 - 10:40:40 PM ---A- . (...) -- C:\windows\system32\HIMEM.SYS [4768]
O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 7/13/2009 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEY01.SYS [42809]
O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 7/13/2009 - 10:40:43 PM ---A- . (...) -- C:\windows\system32\KEYBOARD.SYS [42537]
O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 7/13/2009 - 10:40:23 PM ---A- . (...) -- C:\windows\system32\NTDOS.SYS [27866]
O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 7/13/2009 - 10:40:31 PM ---A- . (...) -- C:\windows\system32\NTDOS404.SYS [29146]
O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 7/13/2009 - 10:40:35 PM ---A- . (...) -- C:\windows\system32\NTDOS411.SYS [29370]
O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 7/13/2009 - 10:40:39 PM ---A- . (...) -- C:\windows\system32\NTDOS412.SYS [29274]
O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 7/13/2009 - 10:40:27 PM ---A- . (...) -- C:\windows\system32\NTDOS804.SYS [29146]
O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 7/13/2009 - 10:40:11 PM ---A- . (...) -- C:\windows\system32\NTIO.SYS [33952]
O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 7/13/2009 - 10:40:15 PM ---A- . (...) -- C:\windows\system32\NTIO404.SYS [34672]
O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 7/13/2009 - 10:40:17 PM ---A- . (...) -- C:\windows\system32\NTIO411.SYS [35776]
O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 7/13/2009 - 10:40:19 PM ---A- . (...) -- C:\windows\system32\NTIO412.SYS [35536]
O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 7/13/2009 - 10:40:13 PM ---A- . (...) -- C:\windows\system32\NTIO804.SYS [34672]
O58 - SDL:[MD5.A16FB34E56C781DC56BE7492315655B9] - 8/3/2005 - 3:05:02 PM ---A- . (.Prolific Technology Inc. - USB-Serial USB Driver.) -- C:\windows\system32\SER9PL.sys [35892]
~ Scan Drivers in 45mn AMs
---\\ Liste des outils de nettoyage (O63)
O63 - Logiciel: ZHPDiag 1.28 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1
~ Scan ADS in 00mn AMs
---\\ Liste des services Legacy (O64)
O64 - Services: CurCS - 4/25/2011 - C:\windows\system32\drivers\afd.sys (AFD) .(.Microsoft Corporation - Ancillary Function Driver for WinSock.) - LEGACY_AFD
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\clfs.sys (CLFS) .(.Microsoft Corporation - Common Log File System Driver.) - LEGACY_CLFS
O64 - Services: CurCS - 11/17/2011 - C:\windows\system32\Drivers\cng.sys (CNG) .(.Microsoft Corporation - Kernel Cryptography, Next Generation.) - LEGACY_CNG
O64 - Services: CurCS - 9/21/2011 - C:\windows\system32\drivers\cpuz135_x32.sys (cpuz135) .(.CPUID - CPUID Driver.) - LEGACY_CPUZ135
O64 - Services: CurCS - 12/7/2009 - C:\Program Files\HyperSpace\DRToggleSleep.sys (DRToggleSleep) .(.Windows ® Codename Longhorn DDK provider - Dual-Resume Toggle Sleep.) - LEGACY_DRTOGGLESLEEP
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\dxgkrnl.sys (DXGKrnl) .(.Microsoft Corporation - DirectX Graphics Kernel.) - LEGACY_DXGKRNL
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\fvevol.sys (fvevol) .(.Microsoft Corporation - BitLocker Drive Encryption Driver.) - LEGACY_FVEVOL
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\hwpolicy.sys (hwpolicy) .(.Microsoft Corporation - Hardware Policy Driver.) - LEGACY_HWPOLICY
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\rascfg.dll (IpFilterDriver) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_IPFILTERDRIVER
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\DRIVERS\lltdio.sys (lltdio) .(.Microsoft Corporation - Link-Layer Topology Mapper I/O Driver.) - LEGACY_LLTDIO
O64 - Services: CurCS - 12/10/2011 - C:\windows\system32\drivers\mbam.sys (MBAMProtector) .(.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) - LEGACY_MBAMPROTECTOR
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\msahci.sys (msahci) .(.Microsoft Corporation - MS AHCI 1.0 Standard Driver.) - LEGACY_MSAHCI
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\ndis.sys (NDIS) .(.Microsoft Corporation - Pilote NDIS 6.20.) - LEGACY_NDIS
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\netbt.sys (NetBT) .(.Microsoft Corporation - MBT Transport driver.) - LEGACY_NETBT
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\DRIVERS\parvdm.sys (Parvdm) .(.Microsoft Corporation - Pilote parallèle VDM.) - LEGACY_PARVDM
O64 - Services: CurCS - 12/7/2009 - C:\Program Files\HyperSpace\PhnxBldr.sys (PhnxBldr) .(.Phoenix Technologies Ltd. - Windows 2K/XP Virtual CD.) - LEGACY_PHNXBLDR
O64 - Services: CurCS - 7/14/2009 - C:\windows\System32\drivers\pacer.sys (Psched) .(.Microsoft Corporation - Planificateur de paquets QoS.) - LEGACY_PSCHED
O64 - Services: CurCS - 5/28/2009 - C:\windows\system32\Drivers\SABI.sys (SABI) .(.SAMSUNG ELECTRONICS - SAMSUNG Kernel Driver.) - LEGACY_SABI
O64 - Services: CurCS - 12/30/1899 - C:\windows\system32\Drivers\secdrv.sys (secdrv) .(.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) - LEGACY_SECDRV
O64 - Services: CurCS - 4/29/2011 - C:\windows\system32\DRIVERS\srvnet.sys (srvnet) .(.Microsoft Corporation - Server Network driver.) - LEGACY_SRVNET
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\drivers\vga.sys (VgaSave) .(.Microsoft Corporation - VGA/Super VGA Video Driver.) - LEGACY_VGASAVE
O64 - Services: CurCS - 11/20/2010 - C:\windows\system32\drivers\volsnap.sys (volsnap) .(.Microsoft Corporation - Pilote de cliché instantané du volume.) - LEGACY_VOLSNAP
O64 - Services: CurCS - 7/14/2009 - C:\windows\system32\rascfg.dll (Wanarpv6) .(.Microsoft Corporation - Objets de configuration RAS.) - LEGACY_WANARPV6
~ Scan Services in 00mn AMs
---\\ File Associations Shell Spawning (O67)
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\system32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\windows\system32\control.exe
O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d’événements.) -- C:\windows\system32\eventvwr.exe
O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe
O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe
~ Scan Keys in 00mn AMs
---\\ Start Menu Internet (O68)
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Utilitaire d'initialisation d'Internet Explorer par utilisateur.) -- C:\Windows\System32\ie4uinit.exe
~ Scan Keys in 00mn AMs
---\\ Search Browser Infection (O69)
O69 - SBI: SearchScopes [HKCU] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} - (Bing) - http://www.bing.com
O69 - SBI: SearchScopes [HKCU] {67A2568C-7A0A-4EED-AECC-B5405DE63B64} [DefaultScope] - (Google) - http://www.google.com
O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - http://www.google.com
~ Scan Keys in 00mn AMs
---\\ Recherche des services démarrés par Svchost (O83)
O83 - Search Svchost Services: AeLookupSvc (AeLookupSvc) . (.Microsoft Corporation - Service Expérience d’application.) -- C:\windows\system32\aelupsvc.dll [62464]
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\system32\certprop.dll [67584]
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Service de propagation de certificats de cartes à puce Microsoft.) -- C:\windows\system32\certprop.dll [67584]
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL du service Serveur.) -- C:\windows\system32\srvsvc.dll [168960]
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Client de stratégie de groupe.) -- C:\windows\system32\gpsvc.dll [593408]
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - Extension IKE.) -- C:\windows\system32\ikeext.dll [674304]
O83 - Search Svchost Services: AudioSrv (AudioSrv) . (.Microsoft Corporation - Service Audio Windows.) -- C:\windows\system32\Audiosrv.dll [473600]
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Gestionnaire de numérotation automatique d’accès distant.) -- C:\windows\system32\rasauto.dll [90624]
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Gestionnaire de connexions d’accès distant.) -- C:\windows\system32\rasmans.dll [286208]
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Gestionnaire d’interface dynamique.) -- C:\windows\system32\mprdim.dll [75264]
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - Service de notification d’événements système (SENS).) -- C:\windows\system32\sens.dll [49664]
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Composants de l’application d’assistance à Microsoft NAT.) -- C:\windows\system32\ipnathlp.dll [300544]
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Serveur de téléphonie Microsoft® Windows™.) -- C:\windows\system32\tapisrv.dll [242176]
O83 - Search Svchost Services: TermService (TermService) . (.Microsoft Corporation - Gestionnaire des connexions distantes du serveur hôte de session Burea.) -- C:\windows\system32\termsrv.dll [521216]
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Agent de mise à jour automatique Windows Update.) -- C:\windows\system32\wuaueng.dll [1914368]
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Service de transfert intelligent en arrière-plan.) -- C:\windows\system32\qmgr.dll [585728]
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - Dll des services Windows Shell.) -- C:\windows\system32\shsvcs.dll [328192]
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service offrant une connectivité IPv6 sur un réseau IPv4..) -- C:\windows\system32\iphlpsvc.dll [499712]
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - DLL de service d’ouverture de session secondaire.) -- C:\windows\system32\seclogon.dll [21504]
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Service Informations d’application.) -- C:\windows\system32\appinfo.dll [47104]
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - Service de découverte iSCSI.) -- C:\windows\system32\iscsiexe.dll [114688]
O83 - Search Svchost Services: MMCSS (MMCSS) . (.Microsoft Corporation - Service Planificateur de classes multimédias.) -- C:\windows\system32\mmcss.dll [49664]
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Rapports et solutions aux problèmes.) -- C:\windows\system32\wercplsupport.dll [61440]
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Service EAPHost Microsoft.) -- C:\windows\system32\eapsvc.dll [98304]
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - ProfSvc.) -- C:\windows\system32\profsvc.dll [164352]
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Service du Planificateur de tâches.) -- C:\windows\system32\schedsvc.dll [750592]
O83 - Search Svchost Services: hkmsvc (hkmsvc) . (.Microsoft Corporation - Service Gestion des clés.) -- C:\windows\system32\kmsvc.dll [71168]
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service Configuration des services Bureau à distance.) -- C:\windows\system32\sessenv.dll [113664]
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\windows\system32\wbem\WMIsvc.dll [168960]
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL du service Explorateur d’ordinateurs.) -- C:\windows\system32\browser.dll [102400]
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL du service des thèmes Windows Shell.) -- C:\windows\system32\themeservice.dll [37376]
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - Service BDE.) -- C:\windows\system32\bdesvc.dll [76800]
~ Scan Services in 00mn AMs
---\\ Recherche particuliere à la racine de certains dossiers (O84)
[MD5.197215658B8015182192E1EBCA3BBCC3] [SPRF][1/7/2012] (.Ask.com - AskIC Dynamic Link Library.) -- C:\Users\eed\AppData\Local\Temp\AskSLib.dll [246440]
[MD5.A9093D00852BCFD65906C653331093EC] [SPRF][2/19/2012] (...) -- C:\Users\eed\AppData\Local\Temp\Uninst.bat [466]
[MD5.938DE7D5FA2E16401475390994ACB89A] [SPRF][2/19/2012] (...) -- C:\Users\eed\Desktop\adwcleaner.exe [593083]
~ Scan Files in 00mn AMs
---\\ Firewall Active Exception List (FirewallRules) (O87)
O87 - FAEL: "{F2C2C0C8-F330-4465-80B6-DB75DAFE8CB0}" | In - Public - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{8D9B9979-0D13-474F-B710-804A4A0399A7}" | In - Public - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{AD0865A5-3C08-40B7-825A-91E682D4BF5F}" | In - Public - P6 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{E18921A2-C643-4598-80FC-A8CECBC79BF6}" | In - Public - P17 - TRUE | .(.Apple Inc. - iTunes.) -- C:\Program Files\iTunes\iTunes.exe
O87 - FAEL: "{8A54E6F2-51D3-4F61-88E6-2F4A566BF76B}" | In - Private - P6 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
O87 - FAEL: "{10FAB8A6-A85B-4E0E-BFD2-18808BEB3F4F}" | In - Private - P17 - TRUE | .(.Apple Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe
~ Scan Firewall in 02mn AMs
---\\ Scan Additionnel (O88)
Database Version : 9066 - (05/02/2012)
Clés trouvées (Keys found) : 1
Valeurs trouvées (Values found) : 0
Dossiers trouvés (Folders found) : 0
Fichiers trouvés (Files found) : 0
[HKCU\Software\Ask.com.tmp] =>Toolbar.Ask
~ Scan Additionnel in 20mn AMs
---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)
SR - | Auto 1/3/2012 63928 | (AdobeARMservice) . (.Adobe Systems Incorporated.) - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
SS - | Disabled 8/13/2010 144672 | (Apple Mobile Device) . (.Apple Inc..) - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
SS - | Disabled 7/27/2010 345376 | (Bonjour Service) . (.Apple Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe
SS - | Disabled 10/2/2009 595232 | (btwdins) . (.Broadcom Corporation..) - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
SS - | Disabled 3/25/2010 135664 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Demand 3/25/2010 135664 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe
SS - | Disabled 13824 | (HS Service Launcher) . (...) - C:\Program Files\HyperSpace\HSServiceLauncher.exe
SS - | Disabled 9/1/2010 820008 | (iPod Service) . (.Apple Inc..) - C:\Program Files\iPod\bin\iPodService.exe
SR - | Demand 1/13/2012 652360 | (MBAMService) . (.Malwarebytes Corporation.) - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
SS - | Demand 1/15/2010 227232 | (McComponentHostService) . (.McAfee, Inc..) - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe
SS - | Disabled 311296 | (Rezip) . (...) - C:\Windows\System32\Rezip.exe
SR - | Auto 7/14/2009 20992 | C:\windows\system32\wuaueng.dll (wuauserv) . (.Microsoft Corporation.) - C:\Windows\System32\svchost.exe
~ Scan Services in 22mn AMs
End of the scan (1125 lines in 27mn AMs)(0)
Bon courage !
